Electronic
2 4 8 [ N o . 21 o f 2 0 0 9
Register of
cryptography
providers
and
Communications
Transactions
2 3 . (1) T h e Authority shall establish and maintain a Register
of cryptography providers.
(2) T h e Authority shall record the following particulars in
respect of a cryptography provider in the Register referred to under
subsection (1):
(a) the name and address of the cryptography provider;
(b) a d e s c r i p t i o n o f t h e t y p e o f c r y p t o g r a p h s e r v i c e or
cryptograph product being provided; and
(c) such other particulars as m a y be prescribed to identify
and locate the cryptography provider or the products or
services a d e q u a t e l y
(3) Except as o t h e r w i s e provided by law, a c r y p t o g r a p h y
provider shall not be required to disclose confidential information
or trade secrets in respect of the cryptograph products or services.
Restrictions
on disclosure
of
information
in Register
2 4 . (1) Information contained in t h e Register shall not be
disclosed to any person other than to employees of the Authority
w h o are responsible for the keeping of the Register.
(2) A person w h o contravenes subsection (1) c o m m i t s an
offence and is liable, upon conviction, to a fine not exceeding t w o
hundred thousand penalty units or to imprisonment for a period not
exceeding t w o years, or to both.
(3) Subsection (1) does not apply in respect o f information
which is disclosed—
(a) to any relevant authority for purposes of investigating a
criminal offence or for the purposes of any criminal
proceedings;
(b) to Government agencies responsible for safety and security
in Zambia, pursuant to an official request;
(c) to a cyber inspector; or
(d) for the purposes of any civil proceedings which relate to
the provision of cryptograph services or products and to
which a cryptography provider is a party.