South Africa’s Cybercrimes And Cybersecurity Bill (2014) has been met with apprehension among civil society due to its vague definitions, its limited safeguards for access to information and freedom of expression. In many ways, it resonates with the equally stifling Draft Online Regulation Policy gazetted in March 2015, which contains clauses that have the potential of blocking online content including films, games and certain publications.
Civil society welcomed the invitation by the Department of Justice and Constitutional Development to provide comment to the draft document. However, concerns have been raised across the board including by the Interactive Advertising Bureau South Africa on the grounds that the bill “broadens the definitions of copyright and creates requirements that do not exist in current copyright law.”
The Association for Progressive Communications in their submission stated that the bill does not make sufficient distinction between unlawful intention and a lack of intention by an internet user, such as an inexperienced internet user downloading illegal malware, but being ignorant of this fact. According to APC, given the low levels of digital literacy in South Africa, this is an important concern. it also noted that the Bill lacks a clear perspective on the culpability of minors and the evolving capacity of minor.
The Right2Know campaign in their comments pointed out that the bill gives the state excessive authority by granting “the power to declare any data, database, device, network, infrastructure – publicly or privately owned – to be a ‘National Critical Information Infrastructure.’”
Many clauses in the South African Bill are similar to clauses present in a spate of bills that have emerged in East Africa. In Part V of the Kenya Security Laws (Amendment) Act 2014, the surveillance capabilities of the Kenyan intelligence and law enforcement agencies are expanded without sufficient procedural safeguards. A similar stance is present in the Tanzania Cybercrime Act (2015), which was signed into law with limited public review. The Act makes no indication on the rights the users have of their data nor how it is protected once in the hands of the state, putting citizens’ data at risk especially in the absence of a data privacy and protection law.
Meanwhile in Nigeria, the controversial Social Media Bill was met with criticism as it “completely negated important international conventions to which Nigeria was a signatory”. The Partnership for Media and Democracy in Nigeria (PAMED) raised the concern that “the bill constitutes a threat to democracy because it seeks to repress the social media, the conventional media, the civil society and the citizenry as a whole.”
A recurring theme across many of these new legislations is the continued attempt of states to muzzle opinion of the media, independent social commentators (popular bloggers) and various other non-state actors who are involved in the promotion of freedom of expression, accession to information, increased state transparency and accountability.
Further, the contradictory nature of the new and proposed laws with existing legislation compromises the security and privacy of citizens and their data and leaves gaps for the abuse of internet rights as prescribed in the African Declaration of Internet Rights and Freedoms remain largely ignored.