Join us at the Forum on Internet Freedom in Africa 2017 (FIFAfrica17): Register Today!

#FIFAfrica17 |
It is closing in yet again on that time of the year when we convene to explore the many aspects of online rights at the Forum on Internet Freedom in Africa (FIFAfrica).  Between September 27 and 29, 2017 we converge in Johannesburg, South Africa to share ideas, experiences and insights as we continue to build the movement for #InternetFreedomAfrica!
Register and join those who already have set their sights on joining us at #FIFAfrica17 as we continue to advocate for an internet that is free, secure and open. We have received many session proposals and suggestions but are still open to receiving a few more. As you register, you are still welcome to add your suggestion – we’ll try our best to find a way of addressing the topics you raise. Successful session proposals will be listed on the Forum webpage on August 10, 2017.
Travel Support
Last year we received over 400 applications for travel support of which we were able to support less than one-fifth of the applicants. Our vision is to have a Forum with representation from as many countries in Africa as possible. As part of the registration process, we make room for interested participants to submit an application for travel support.
Exhibit at #FIFAfrica17
Participation in the Forum takes various forms. Some want to talk, others want to listen and some want to show what they do. We are expanding exhibition space at the Forum and are thus inviting proposals from individuals,organisations and companies who wish to showcase their work, projects and products at #FIFAfrica17. The exhibition opportunity is free but we encourage a voluntary contribution to enable us ensure that the #FIFAfrica17 experience is as insightful as it is memorable. Please follow this link and let us know your exhibition idea.

#FIFAfrica17 is co-hosted by the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) and the Association for Progressive Communications (APC)
 

What African Countries Can Learn from European Privacy Laws and Policies

By Edrine Wanyama |
The General Data Protection Regulation (GDPR) came into force in the European Union (EU) in May 2016. The 28 EU member states have until May 2018 to apply the Regulation to existing national laws to ensure the protection of citizens with regard to the processing of personal data and its transfer within the EU and beyond.
In Africa, only 14 countries (Angola, Benin, Burkina Faso, Mali, Gabon, Ghana, Ivory Coast, Lesotho, Madagascar, Morocco, Senegal, South Africa, Tunisia and Zimbabwe) have enacted data protection and privacy laws. Others, including Kenya, Niger, Nigeria, Tanzania and Uganda, have bills that are yet to be passed into law.
Whereas a continent-wide convention on Cyber Security and Personal Data protection was adopted by the African Union back in 2014, only eight countries (Benin, Chad, Congo, Guinea-Bissau, Mauritania, Sierra Leone, Sao Tome & Principe and Zambia) are signatories and only one (Senegal) has ratified the convention.
Meanwhile, as part of efforts to ensure data protection within the different regional blocs, the Southern African Development Community (SADC) has developed a model law on data protection while as of 2010, the Economic Community of West African States (ECOWAS) had the  Supplementary Act A/SA.1/01/10 on Personal Data Protection Within ECOWAS. Unlike its regional bloc counterparts in the south and west, the East African Community (EAC) has not adopted legislation on data protection and privacy – it only has a Framework for Cyberlaws which calls for member states to enact laws that protect personal data.
Meanwhile, some of the proposed and existing national laws fall short of comprehensively protecting data and privacy. For instance, Uganda’s Data Protection Bill, 2015 and Ghana’s Data Protection Act, 2012 lack succinct clauses on key areas such as notification of breach and data portability, and also have limitations on the right to access, among others. Despite this, mass collection of personal data continues across the continent, leaving the majority of Africans vulnerable to the violation of their data privacy.
This contrasting state of affairs formed part of the discussions at a July 2017 convening of lawyers, government officials, civil society representatives, academics, and students at the Institute for Information Law at the University of Amsterdam for a five-day training course on issues pertaining to privacy and data protection law relate to the internet and electronic communications.
For over 60 years, the European Convention on Human Rights (1950) has functioned as the framework to guarantee the right of privacy for private and family life. More recently, the European Charter of Fundamental Rights, 2000 has reinforced this right. These instruments are the basis of the robust protections provided for under the GDPR. In Africa similar frameworks which address privacy are less than 15 years old, such as the Declaration of Principles on Freedom of Expression in Africa (2002) (Part V), the  Resolution on the Right to Freedom of Information and Expression on the Internet in Africa – ACHPR/Res. 362(LIX) 2016, and the civil society led African Declaration on Internet Rights and Freedoms.
However, where European instruments have been largely endorsed and supported by member states, many African instruments still struggle to gain similar recognition by member states.  As in the EU, African countries need to uphold the principles laid down in these instruments towards the recognition and enforcement of citizens’ right to privacy and data protection.
Further, per the GDPR, European states are required to establish Data Protection Authorities (DPAs) to ensure that safeguards are in place to protect user data including across different jurisdictions. African states should embrace similar measures to guard against infringement on citizens’ privacy.

Data Protection Authorities are mandated to independently monitor, raise awareness, handle complaints and conduct investigations, among others, to uphold personal data protection.

Overall, the course highlighted the need for a robust privacy regime across the world to ensure that citizens enjoy due protection of their online data. It also highlighted the need for more efforts in citizen sensitisation on data protection and privacy alongside better frameworks in the African context to support these rights.
CIPESA participated in the course together with representatives from Ohio State Moritz College of Law and Capital University Law School; Global Privacy Practice, Covington & Burling; Institute for Information Law, University of Amsterdam; Berkeley Center for Law & Technology, UC Berkeley School of Law; Dutch Data Protection Authority; and the Washington University Law School, among others.
There are lessons for Africa to learn from the European experience, including the establishment of state and regional mechanisms that strengthen data protection frameworks. However, it is integral that more African countries enact data protection laws, and for countries that have with this law, it should be implemented with oversight from independent bodies as more user data is generated and stored online.
 
 

Promoting Youth Participation in Governance Through ICT in Kenya

By Tracy Kadesa |
Youths have emerged at the forefront of online activism and citizen journalism in Kenya. During a December 2016 to March 2017 strike by doctors, young doctors shared their grievances online, ranging from lack of resources in government hospitals to inadequate staffing and poor compensation. One of the stories was that of Dr. Ouma Oluga, the secretary general of the Kenya Medical Practitioners, Pharmacists and Dentists Union, who shared how he had to perform a caesarean section using a torch on his mobile phone due to a power outage. He was only 27 at the time.
Ahead of Kenya’s elections scheduled for August 2017, there have been increased calls for young Kenyans to participate in related processes and vote as a means of positively influencing concerns such as the high rates of unemployment. According to a 2016 World Bank report, Kenya has among the highest youth unemployment rates in Africa.
Against this background, on May 9-10, 2017, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) convened 30 youth and civil society activists to explore rights and responsibilities, as well as effective and secure ways to engage in the country’s governance processes including through ICT.
The workshop raised awareness about various ICT-based initiatives that have given Kenyan youths an opportunity to regularly discuss issues and analyse the manifestos of candidates running for elective posts. For instance, SiasaPlace runs weekly Twitter chats using #SiasaWednesday with the aim of amplifying women and youth voices. Siasa Place is a hub and co-working space that is passionate about engaging youth and women on civic agency.
Tribeless Youth is another vibrant movement that uses Twitter to engage youth in governance. Ongoing discussions facilitated by #TribelessYouth include #MeetTheNewCandidates where first-time political candidates, mostly youthful ones, are given an opportunity to present what they plan to deliver if elected come August.
Other youth-led initiatives that participated in the workshop included Fatuma’s Voice, a youth empowerment organisation, and Centre for Public Engagement & Social Economic Affairs Kenya (CPESEAK), which works on promoting youth participation in social accountability. Irungu Houghton of Society for International Development; Kenya Dialogues Project (KDP) participated as guest speaker and highlighted KDP’s commitment to advancing youth leadership in Kenya.
The workshop also explored government efforts to motivate the youth to participate in the August 2017 general elections through an initiative dubbed Y-VOTE (Youth Vote). The initiative spearheaded by the Independent Electoral and Boundaries Commission (IEBC) in partnership with the International Foundation for Electoral systems (IFES) leverages social media and on-ground activations to mobilise 18-29 year olds to vote come August 8. The campaign was launched on June 20, 2017 and run to late July.
Participants in the workshop explored ways of leveraging the various civic agency and elections-related initiatives to exercise their rights but also champion a peaceful electioneering period through online activism. Furthermore, discussions entailed digital safety tools and practices to facilitate secure communications.
The participants agreed that they were “no longer leaders of tomorrow but of today” and it was therefore their duty to zealously participate in governance processes towards improved livelihoods. See more insights in video below.

The youth in governance in Kenya workshop was organised in the context of the ICT4Democracy in East Africa initiative which is aimed at leveraging ICT to promote civic participation, democratic governance and respect for human rights.

CIPESA Engages Ugandan Members of Parliament on Implementation of Access to Information Law

By Loyce Kyogabirwe |
It is 12 years since Uganda passed an access to information law with the purpose of promoting transparency and accountability in all organs of the state by providing the public with timely, accessible and accurate information. The law also empowers the public to scrutinise and to participate in government decisions. However, the law has remained largely unimplemented as many Ministries, Departments and Agencies (MDAs) ignore citizens’ requests for information and rarely release information pro-actively, which contravenes the law.
“I have sent several information requests to the Ask Your Government (AYG) Uganda portal. It is now three months and I have never received any feedback,” said Cuthbert Abigaba, Member of Parliament (MP) for Kibaale county in Kamwenge district, while speaking at an engagement of Uganda’s MPs on implementing the Access to Information Act 2005. Organised by the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) on July 13, 2017, the convening was a follow up on an earlier engagement with the MPs on their duties and responsibilities in enforcing the access to information law.
Section 43 of the Access to Information Act requires parliament to receive annual reports from each minister detailing all requests received from citizens for access to records or information, and indicating whether access was granted or not, and where access was not given, the reasons for the denial.
However, Parliament has never received any such reports, nor has it asked ministries to comply with this provision of the law. This issue was also raised earlier in April 2017 when CIPESA presented a position paper on the State of Access to Information in Uganda to MPs on the ICT Committee. The paper highlights some government initiatives to promote access to information, identifies gaps in the law, and makes recommendations for amendments to the law in order to enhance citizens’ access to information.
At the this month’s meeting, CIPESA presented to 16 MPs a comparative analysis of access to information legislation in East Africa and urged the lawmakers to pursue the proposed amendments so as to align Uganda’s law with progressive provisions in some of the East African Community (EAC) Member States’ laws, as well as to international human rights instruments.

 “While it is recognised that the EAC region is progressing in promoting the right to information, there are a number of issues that have bottlenecked citizens’ right to information. These include: lack of access to information by non-citizens in Uganda, Kenya and South Sudan; lack of ATI regulations in Rwanda, Kenya, Tanzania and South Sudan; lack of a clear definition of security information by Uganda; lack of provision for transferability of requests in South Sudan; limited scope of bodies the law applies to in Uganda; prohibitive access fees in Uganda, as well as the lack of clear complaints mechanisms in Uganda.” Comparative Analysis of Access to Information Legislation in Africa, June 2017.

During the meeting, the MPs expressed concern over insufficient knowledge among legislators about their duties and responsibilities under the law. They also noted that citizens were not sufficiently aware of their rights and the obligations of public officials. The legislators called for wider awareness raising to increase citizens’ demand for information. “If a Member of Parliament like me did not know the access to information law, what about the citizens who are not even educated?” said Rose Mutonyi, MP for Bubulo West, Manafwa district.
On the other hand, the MPs appreciated the recommendations and proposed amendments contained in the two position papers and suggested an action plan for meaningfully implementing the access to information law. Among the strategies put forward was to engage the Office of the Speaker of Parliament, sensitise more MPs to demand for annual reports from ministers, and engage ministers to submit the annual reports.
Nonetheless, the MPs cited the need for more capacity building on access to information for the majority of legislators to inform their discussions in parliament. As noted by Majegere Kyewalabye, MP for Bunya East, Mayuge district, “We need to be prepared more before we can go on the floor of parliament to present these issues.”
The engagement with MPs was organised by CIPESA in partnership with the Greater Parliamentary North Forum in the context of the ICT4Democracy in East Africa initiative’s objective to engage stakeholders on supportive policies and practices for human rights and democratic governance in East Africa.
 

Young Social Media Enthusiasts in Kenya Trained on Internet Law and Digital Security

By Shitemi Khamadi |
In 2015, Allan Wadi, became the first Kenyan to be convicted of hate speech online. At a May 2017 training on internet and the law, he expressed gratitude for the opportunity to acquire skills and knowledge to avoid future arrest and prosecution. While he is currently facing an incitement to violence charge over a comment he made on Facebook in February 2016, he said he is now more aware of the extent of his rights and limitations with respect to the rights of others.
Wadi is however convinced that the various charges brought against him were unfair as many others who have made similar and according to him, graver comments online have gone unpunished. “I feel it was to set me as an example”, he remarked at the end of the training in Kisumu where 43 other youth including technology enthusiasts, communications students and bloggers were trained in the legal frameworks governing use of the internet in Kenya.

See: Allan Wadi Feels Arrests and Charges are Unfair

The objective of the training hosted by the Bloggers Association of Kenya (BAKE) in partnership with the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) was to build participants’ understanding of rights and offenses related to the internet within the Kenyan legal context. The training was organized in light of shrinking rights of Kenya’s digital citizens in the face of new restrictive laws and increased arraignment of individuals for expressing online opinions which authorities deem in breach of the law, especially given the upcoming electioneering period.

Bake2

Prior to the Kisumu training, a similar training was held in Nairobi where a Senior Prosecutor in the office of the Director of Public Prosecutions (DPP), Duncan Ondimu, was unequivocal that his office would be more vigilant on hate speech cases online, arrest any perpetrator and charge them in court. “We will not spare anyone,” said Ondimu who also serves as the Senior Prosecution Counsel. He added that the DDP had set up a 24 hour toll free line to for citizens to report hate speech offenses from social media posts that the office would follow up with investigations. Kenyans can also report offences to the DPP on Facebook and Twitter.

Furthermore, Ondimu stated that while the country had made gains in removing clauses in various laws that limited freedom of expression, provisions relating to defamation still exist. In 2016, Section 29 of the Kenya Information and Communications Act, Section 194 of the Penal Code and Section 132 of the Penal code were declared unconstitutional.

Nonetheless, a key concern among participants in the two trainings was user safety online. In particular, combating harassment, stalking and cyber bullying especially against women. Digital security trainer Ephraim Muchemi took participants through communications and device protection practices including strong passwords, anti viruses, encryption (email and hard disk) and privacy settings on social media accounts.

Mr. Wadi challenged the bloggers and social media users to become the main source of information even for the mainstream media in documenting events during the election. “You should also act like observers and update electorates of the voting and tallying processes from various tallying centres”, he asserted.

He also urged BAKE and similar actors to continue with capacity building efforts aimed at empowering bloggers and social media activists, as well as supporting them during litigation over offences.

The trainings were organized in the context of the ICT4Democracy in East Africa initiative as part of efforts to promote ICT enabled participation in governance pre and post elections in Kenya.