39 Extradition
Any offence in terms of this Act shall be subject to extradition in terms of the Extradition Act
[Chapter 9:08] provided that a person may not be extradited to or from Zimbabwe unless his or her
conduct is criminal in both Zimbabwe and the other country.
40 Admissibility of electronic evidence
(1) In any criminal proceedings for an offence in terms of this Act, evidence generated from a
computer system or by means of information and communications technologies or electronic
communications systems shall be admissible in court.
(2) In assessing the admissibility or evidential weight of the evidence, regard shall be given
to—
(a) the reliability of the manner in which the evidence was generated, stored or communicated;
(b) the integrity of the manner in which the evidence was maintained;
(c) the manner in which the originator or recipient of the evidence was identified; and
(d) any other relevant factors.
(4) The authentication of electronically generated documents shall be as prescribed in rules
of evidence regulating the integrity and correctness of any other documents presented as evidence
in a court of law.
(5) This section shall apply in addition to and not in substitution of any other law in terms of
which evidence generated by computer systems or information and communications technologies
or electronic communications systems or devices may be admissible in evidence.
41 Forfeiture
A court convicting any person of an offence under this Act may order the forfeiture to the State
of-(a) any money, asset or property constituting or traceable to the gross proceeds of such
offence; and
(b) any computer or information system, software or other devices used or intended to be
used to commit or to facilitate the commission of such offence.
42 Regulations
(1) The Minister may, in consultation with the Cybersecurity Committee, make regulations
providing for all matters which by this Act are required or permitted to be prescribed or which, in
his or her opinion, are necessary or convenient to be provided for in order to carry out or give effect
to the provisions of this Act.
(2) Regulations made in terms of subsection (1) may provide for—
(a) the declaration of critical information infrastructure, including but not limited to the
identification, securing the integrity and authenticity of, registration, and other procedures
relating to, critical information infrastructure;
Page 23 of 24