Abstract
The exponential growth in technology users around the world has subjected citizens and their governments to a plethora of cyberspace threats. Thus, embracing technologies has created an obligation for governments to reinforce their cybersecurity systems to enforce personal privacy and online data safety. This article appraises the institutional and legislative frameworks for online privacy and data protection in Zimbabwe. The paper is based on an extensive documentary review of written records such as cybersecurity legislation, research articles, book chapters, books and newspaper articles. The study is hinged on the Communication Privacy Management theory and the Privacy Calculus theory. The study revealed that the main cybercriminal activities in Zimbabwe include hacking, the dissemination of messages that incite violence, cyberbullying and harassment, the transmission of false and misleading messages, the transmission of intimate messages, the transmission of xenophobic messages, identity manipulation and phishing. The research reveals that in response to counter these cybercrimes, the Government of Zimbabwe has set up institutions as well as enacted key legislation to enhance and safeguard cybersecurity and online data safety or data protection. The study argues that while the country has made notable strides towards enforcing cybersecurity and online data safety, there still is a long way to go to address the vulnerabilities that citizens are exposed to in cyberspace. For example, the implementation of the legislation seems to be taking a slow pace against the exponential rise in cybercrime activities. The paper recommends the need to tighten cybersecurity mechanisms as well as legislative and institutional frameworks in the country and the need for policymakers to raise cybersecurity awareness in the constituencies.