Promoting Effective and Inclusive ICT Policy in Africa

Blog

  HomeCollaboration on International ICT Policy for East and Southern Africa (CIPESA)  /  Blog
09Sep

Confronting the Challenges to Journalism in the Digital Age

Author CIPESA Posted on

By Edrine Wanayama |

Across the world, journalists face daily affronts physically and online for the work they do. Although the proliferation of technology has come with benefits for the practice of journalism, it has also adversely affected the media landscape to the extent that in some countries journalism has come under siege under the digital era. 

Technology has served to enable major shifts in how journalism is practiced, in addition to enhancing freedom of expression and access to information in addition to  complementing the promotion of accountability and transparency. However,  negative aspects such as digital surveillance are endangering the practice of journalism. The use of sophisticated technologies by governments is fuelling rights violations as it is now easier to track, arrest, detain, persecute and prosecute media professionals whose content is deemed unacceptable to the authorities.

This year, World Press Freedom Day (WPFD) was commemorated under the theme ‘Journalism Under Siege and recognised  how recent developments in technological means of monitoring and surveillance impact journalism and freedom of expression.

Digitisation offers several  benefits for the journalism sector, including the pace at which content can be collected and shared across online platforms. However, the risks and harms that come with digitisation, such as the elimination of professional gatekeepers who also uphold journalistic ethics, fabrication of content, falsification of information, misinformation and disinformation, hate speech, and online harassment, have become major threats to the sector.  

While in the pre-Internet world, freedom of expression and privacy were thought to only interact when journalists reported on public figures in the name of the right to know, the rights have become increasingly interdependent. This linkage reflects digital business models and the development of new surveillance technologies and large-scale data collection and retention. The changes pose risks in terms of reprisals against media workers and their sources, thereby affecting the free exercise of journalism, UNESCO

Even though the digital space offers broad opportunities for the practice of the journalism profession, various  countries in Africa have taken systematic steps to limit the enjoyment of freedom in the digital space. Many states across the continent including Egypt, Kenya, Lesotho, Mozambique, Nigeria, Rwanda, Tanzania, Uganda, Zambia, and Zimbabwe have enhanced their surveillance capacities including through enactment of enabling legislation which is often used against state critics and journalists.

Furthermore, mass data collection initiatives such as registration of persons for national identification documents, SIM card registration, voter registration and the creation of interlinked databases by the government for various services, have increased the precision with which state authorities can identify their targets. This is of particular concern for the media and their sources.s.

As such, at the WPFD commemoration in Uganda organised by the Uganda’s Media Sector Working Group (UMSWG) in conjunction with the African Centre for Media Excellence (ACME), the Collaboration on International ICT Policy for East and Southern Africa (CIPESA), the Makerere University Department of Journalism and Communication, the Media Council of Uganda, Uganda Communications Commission, and the Uganda Human Rights Commission, attendees discussed the country’s shrinking digital space, surveillance, arrests and persecution amidst growing digitalisation practices across sectors and the population. 

These concerns were echoed at the Africa Media Convention held  in Arusha, Tanzania around the WPFD and organised by UNESCO and the East Africa Editors’ Guild. The convention discussions were largely informed by a research report by CIPESA and UNESCO on journalism under siege in the digital era. In turn, the discussions resulted in the  Arusha Declaration on Journalism Under Digital Siege, which reaffirms the importance of human rights and freedom of the press and states’ commitments to provide an enabling environment for freedom of expression and the press. 

Journalists should use technology responsibly to guard against counter productivity.  There should be deliberate efforts aimed at guarding against online vices such as disinformation and misinformation, false news and hate speech to ensure reporting events and stories is based on truth and objectivity. 

Similarly, states must take all measures to ensure their compliance with universally recognised human rights standards by repealing all laws, policies and practices that limit journalism practice. They should also progressively enact laws that promote digital rights and freedoms including those of journalists. 

Specifically, recommendations in the 2022 Arusha Declaration on the World Press Freedom Day should be adopted by states, media, civil society, technology companies and development partners  if the media sector is to become better and operate with minimal interruptions.

07Sep

Journalists in DR Congo and Rwanda Grapple with Disinformation and Hate Speech. Here’s What They Should Do

Author Evelyn Lirri Posted on

By CIPESA Writer |

As disinformation and hate speech intensify during periods of armed conflict and political unrest, journalists can play a critical role in countering falsehoods by providing accurate, unbiased information to the public. Yet, journalists often lack the skills and resources to identify, fact-check, and call out disinformation.

Last month, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) convened a consultative meeting in Rwanda’s border town of Rubavu for Congolese and Rwandan journalists to discuss how they can play a more effective role in countering disinformation in the conflict between the two countries while providing accurate information in their reporting. The meeting discussed the nature of the disinformation and its key instigators and spreaders, media pluralism, and factual reporting.

The Conflict

In recent months, the governments of the Democratic Republic of Congo (DR Congo) and Rwanda have traded accusations of supporting rebel forces destabilising each other’s country, with disinformation and hate speech taking centre stage in the conflict and fuelling hostilities between the neighbours.

The Congolese government is engaged in armed conflict against the M23 rebel group, which it says is supported by the Rwanda government. A recent United Nations (UN) report corroborated the allegations, indicating that Kigali supports the M23 rebels and other militia operating in the troubled North Kivu province. Rwanda denies the allegations and in turn accuses its neighbour of supporting the Democratic Forces for the Liberation of Rwanda (FDLR) armed rebels that have bases inside eastern Congo from where they purportedly make occasional incursions into Rwanda.

This ongoing conflict has also sucked in the UN peacekeeping force in DR Congo, commonly known as the United Nations Organization Stabilization Mission in the Democratic Republic of the Congo (MONUSCO). There are increased calls for its withdrawal from the central African nation amidst accusations that it has failed to stop the M23 rebel advances and killings by other militia. According to media reports, 36 people including four UN peacekeepers were killed in late July amid protests against MONUSCO.

Information Disorder

The Congolese online space is fraught with calls for a boycott of Rwandan goods and businesses, as well as calls for expulsion of Rwandan nationals. In late May, Congo suspended Rwanda’s national carrier Rwandair’s flights from its territory. The hashtag #RwandaIsKilling trended online in July 2022 as some Congolese citizens and their government accused Rwanda of supporting the resurgence of attacks by the M23 rebels that claim to protect ethnic Rwandans that are native to eastern Congo, especially the Tutsi ethnic group.

The disinformation is particularly pronounced on social networking and sharing platforms such as Facebook, Twitter, and WhatsApp. However, some mainstream media, including private radio and television stations, have played an active role in manipulating information and entrenching hate speech against some members of the Congolese Kinyarwanda-speaking communities and Rwandan nationals.

Yet it is not media actors on one side of the border that are actively promoting disinformation. Journalists and media houses on the Rwandan side were also accused of propagating anti-Congo disinformation, notably that related to the Congolese government’s alleged support for anti-Rwanda armed groups. Often, those who promote the pro-Rwanda narrative are engaged in exchanges with the pro-Congo influencers on social media, with both sides utilising disinformation.

Participants at the Rubavu meeting noted that politicians have been at the forefront of using disinformation to push nationalistic and populist agendas against the Rwandan community living in Congo’s North Kivu and the South-Kivu provinces. As one Congolese journalist explained, “The disinformation and hate speech narratives have been mostly pushed by politicians and this has been done for petty political and personal interests.”

Yet another journalist, who operates from the Congolese city of Goma, noted that some prominent members of the community, “such as religious leaders, influential civil society leaders, and grassroots leaders have also played a major role in peddling and spreading false narratives and fake news.”

Participants also identified political analysts, social media influencers, bloggers, local civic leaders and ordinary citizens, as some of the actors behind the current spate of hate speech and disinformation within the digital space of the two countries.

It was noted that many journalists, both in DR Congo and Rwanda, lacked the capacity to verify the information and had become complicit, knowingly and unknowingly, in spreading disinformation. Furthermore, because most citizens could not easily identify disinformation and tended to believe most information they received through mainstream and social media platforms, fake news was thriving and spreading rapidly.

Nadine Kampire from the Goma-based media network Afia Amani Grands Lacs, said the Rubavu meeting was timely, as fake news and hate speech were rampant on various Congolese and Rwandan social media. It was therefore necessary for journalists to appreciate the extent of the problem, to develop skills in fact-checking, and to build networks for sharing credible information with counterparts across borders.

The Effects

For the residents of Goma and Rubavu, the effects of disinformation and hate speech on regional peace and stability are all clear. The disinformation, escalation of conflict and whipping up of hate speech, have led to a substantial decline in the movement of people and goods and continue to undermine cross-border trade. As a result, this has negatively affected the livelihoods of hundreds of small-scale traders and community members.

Further, the standoff between the two countries has prevented many learners from attending school as they fear crossing the border. Notably, many Rwandans in Rubavu attend schools in the much larger city of Goma across the border.

Fidèle Kitsa, a Congolese journalist working with Star Radio in Goma, noted that hate speech and disinformation have caused negative social, economic and educational consequences within communities in the border towns. He said the price of food and commodities increased, the population has been radicalised, pessimism towards certain information on social media increased, and the peaceful coexistence of the populations in two cities has been harmed. These effects are evident beyond the border towns, all the way to the Congolese capital Kinshasa.

The tension is palpable, even here in the capital [Kinshasa] where we really see acts of xenophobia between the Congolese and Rwandans all day long. All it takes is one click, one video, one publication and it can quickly go viral, because in our minds, our subconscious, the information is there. We are just waiting for something to trigger it. – Dandjes Luyila, Journalick, CongoCeck

A Rwandan editor summed up the effects: “The rampant spread of fake news, political propaganda, and hate speech across social media and through the mainstream media has breached trust and the social relationship between the communities living on both sides of the border.”

Recommendations

At the end of the meeting, a number of recommendations were made that can help to stem the spread of disinformation in DR Congo and Rwanda.

Journalists:

Journalists:

  • Abide by ethical standards that promote accuracy, fairness, and objectivity in the coverage of news.
  • Fact-check every piece of information before disseminating it.
  • Provide news and information in an unbiased way.
  • Actively promote peace and security.

Media development agencies:

  • Hold regular training on fact-checking for journalists.
  • Provide small grants to support journalists to pursue in-depth stories on the ongoing conflict in the region as a way of providing accurate information to the public.
  • Enhance collaboration between journalists within the East and Central African region. This includes the creation of a regional association of journalists and media professionals.
  • Support media initiatives that are working towards identifying and fighting disinformation and fake news.
  • Support fact-checking initiatives for journalists.
02Sep

Lawyers Trained to Defend Digital Freedoms 

Author CIPESA Posted on

By Edrine Wanyama |

On July 28, 2022, 82 practicing advocates in Uganda were trained on defending digital rights and freedoms. The training was organised by the International Senior Lawyers Project, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA), Uganda Law Society, and the Centre for Law and Democracy.

The sessions included an assessment of Uganda’s digital rights landscape, human rights issues affecting women journalists in Uganda, international freedom of expression norms, using international law to defend freedom of expression, and practices for shaping the legal framework for cybersecurity to effectively defend human rights.

In her opening remarks, the Uganda Law Society (ULS) vice president Diana Angwech stressed that it was crucial for the society to promote digital rights as they continued to face challenges.  She added that rights abuses tend to grow during certain seasons such as elections. The ULS Rule of Law Report of 2021 documented abuses such as the state revoking of broadcasting licenses without due process, attacks on journalists, including the assault of over 20 journalists and the shooting of journalists by state security agents while covering opposition campaigns and proceedings in 2021.

In setting the pace for the capacity building training, CIPESA unpacked Uganda’s legal regime for digital rights. The session covered the meaning, scope and importance of digital rights and emerging issues for lawyers’ attention. The rights covered include freedom of expression, access to information, data protection and privacy, rights of children and their protection, intellectual property, assembly and association, the right to be forgotten, anonymity, and equal access to digital technologies.

Uganda’s constitution provides for the rights to privacy, freedom of expression, and the right of access to information. However, the country’s legislation including the Press and Journalist Act, Penal Code Act, Data Protection and Privacy Act, 2019, Anti-Terrorism Act 2002 as amended 2015 and 2016, the Access to Information Act, 2005, the Official Secrets Act, Uganda Communications Act, 2013, Regulation of Interception of Communications Act, 2010, the Computer Misuse Act, 2011, the Anti-Pornography Act, 2014 and the Public Health (Control of COVID-19l) Rules 2021 limit the enjoyment of digital rights. These laws are largely marred by vague provisions and wide limitations which enable communications monitoring and interception, and undermine free expression.

Catherine Anite of the Small Media Foundation spoke about how Uganda was experiencing a deterioration in respect for press freedom. In 2022 Uganda fell seven places on the World Press Freedom Index ranking at 132 out of 180 countries analysed.

According to Anite, while gender equality is a prerequisite for human rights, democracy and social justice, gender disparities remain evident in the media. Female journalists across the globe face similar challenges, in addition to increased and appalling levels of violence both online and offline when compared to their male counterparts. She noted:

“Female journalists have reported suffering physical and online violence perpetrated by colleagues, public figures, strangers, anonymous perpetrators. We might be speaking about journalists but as lawyers some of these things apply to our contexts as well but we don’t speak about them. These trends have negatively impacted on diversity in media because of the exodus of female journalists, which has affected their equal participation in reporting, civil and political participation due to fears of violence.”

Toby Mendel and Raphael Vagliano, from the Centre for Law and Democracy, discussed international and regional laws  on freedom of expression which are applicable to Uganda. They highlighted provisions of such as  the Universal Declaration of Human Rights (Article 19), the International Covenant on Civil and Political Rights (Article 19), the African Charter on Human and Peoples’ Rights (Article 9), and the Declaration of Principles of Freedom of Expression and Access to Information in Africa which, among others, require member states to facilitate the rights to freedom of expression and access to information online. Under these instruments Uganda is obligated to respect, protect, promote and fulfill rights.

Richard Wingfield, the Head of the Media Law Working Group at the International Senior Lawyers Project (ISLP), explored case studies on using international law to defend freedom of expression, including approaches to arguments, support and intervention as well as the filing of amicus briefs to support litigation. He explained that lawyers in Uganda could support litigation, even in cases where they are not directly involved such as by offering professional support towards impactful and successful litigation, so as to contribute to the realisation of justice for freedom of expression rights.

Practices for shaping the legal framework for cybersecurity to effectively defend human rights were discussed. Cybersecurity is critical for ensuring confidentiality of personal data at all levels.

Advanced digital surveillance and forensic tools are needed to deal with modern cyber  threats; but governments can abuse those tools if government authority is not adequately checked by confidence-inducing institutions.

Tools for cyber security such as BitDefender, malware-bytes, full disk encryption with bitlocker or file vault and strong password are critical tools for cyber security. Individuals must always be aware of potential data breaches by state authorities which often compromise individual privacy through surveillance and forensics. Common state excuses for cyber security violations were often justified by a need to protect national security, crime prevention and public order. Similarly, while laws create obligations for collectors and processors of personal data, those actors often violate the laws and, this necessitates legal intervention.

The lawyers were called upon to pay particular attention to problematic laws and policies, bills and practices so as to challenge them with the aim of establishing an enabling environment for the protection and enjoyment of digital rights.

The specific key emerging recommendations for lawyers from the capacity building training included to:

  • Collaborate with other stakeholders like civil society and academia to engage in litigation to promote freedom of expression, data and privacy rights.
  • Analyse bills and laws to establish gaps and push for repeal of regressive laws and amendment of regressive provisions.
  • Constantly write on topical issues on freedom of expression, data protection and privacy so as to raise awareness among individuals of their rights and expose any cases of violation for enhanced accountability and transparency.
  • Push telecommunication companies and internet service providers to comply with human rights when doing business, in compliance with the UN Guiding Principles on Business and Human Rights.
  • Respect individual data protection and privacy rights in their dealings to minimise conflict with the Data Protection and Privacy Act, 2019 and regional and international human rights instruments on freedom of expressions, data protections and other human rights.
  • Make use of human rights reporting mechanisms such as the Universal Periodic Review and Special Rapporteur engagements to hold the government accountable for decisions undertaken in respect to digital rights.
  • Push and demand that the government complies with regional and international human rights standards, and signs and ratifies key instruments such as the African Union Convention on Cyber Security and Personal Data Protection so as to enhance digital rights protection.

Take deliberate efforts aimed at skilling themselves in the digital rights field. This will ensure that they are equipped with knowledge and skills on dealing with issues that affect digital rights.

17Aug

West Nile Journalists and Human Rights Defenders Condemn Cyber-attacks and Internet Abuse By State and Non-state Actors

Author CIPESA Posted on

By Hafiz Bakhit |

Arua District. Internet has broken more barriers than before as the future of media continues to turn digital especially in entertainment, news, and business.

However, Journalists and Human rights defenders drawn across west Nile region during a two-day training in Arua District, noted with concern that though the Internet has brought new and exciting communication methods that allow users to share messages more quickly and across greater distances, there is need to pay much attention to the risks involved.

These Include deliberate targeting and clampdown on human rights organisation defenders by both state and non-state actors, intimidation, arrests, Cyber attacks and harassment of social media users which have all become a serious threat to Internet freedom.

Also Key in the discussions were Digital Rights in Uganda, Combating Dis/Misinformation and Hate Speech, fact-checking to fight fake news, freedom of expression, best digital security practices, laws governing Internet use and related media laws among others.

Edrine Wanyama the Legal Officer from the Collaboration on International ICT Policy in East and Southern Africa (CIPESA) the organization which organized the training called for more vigilance in dealing with the rising cases of Cyberbullying, invasion of privacy, identity theft, and exposure to offensive images.

“We have seen people uploading inappropriate content, embarrassing or provocative photos or videos of themselves or others, sharing personal information with strangers – for example, phone numbers, date of birth or location and other confidential personal data hence falling prey to hackers and scammers”, Wanyama Added.

He also mentioned state and non-state actors who tend to undermine internet freedom by legalizing surveillance and interception of communication, digital taxation, internet disruptions, collection of biometric data among others.

The journalists and human rights defenders noted that Orchestrators of fake news, online scammers and hackers are posing huge threat to the fundamental digital rights.

The participants therefore agreed that there is need to protect Internet Users against hackers, fake and harmful information by unscrupulous individuals or groups intended to abuse rights of others.

“Many women and children have fallen prey to child pornography, fraudsters and kidnappers who persuade their victims through all sorts of enticing posts, and as a result many unsuspecting people have fallen victim to the online scammers” noted Brian Byaruhanga, Technology Officer and human rights advocate working with CIPESA.

The question is who has the mandate to regulate the Digital space I Uganda?” asked William Amanzuru – a renowned environmental activist working with Friends of Zoka Forest in Adjumani who emphasized the urgent need for policy reviews and new laws to check the digital space.

“Government should not invest all its energy on tracking its critics such as we journalists and other human rights defenders as seen in the 2021 Elections and related scenarios but also focus on orchestrators of cyber violence against women, children and fraudsters or scammers online” says one of the Journalists who preferred to stay anonymous.

Brian Byaruhanga, urged online consumers to always practice encryption, data backups to protect data from possible threats while working online.

To limit online virus attacks, Byaruhanga implored the participants to install paid-for antivirus since unpaid for anti-virus can expose users to hackers. Byaruhanga also advises online users to avoid unsolicited email and links.

“Before you click on any link you first cross-check if at all it’s legitimate or owned by real company or group,” Byaruhanga added.

In the past few years, Uganda registered a wave of Gender based online abuse against a number of female celebrities targeted especially by their jilted lovers or unscrupulous people who were all out to blackmail them for money or selfish interests.

Nude Photos of the victims including Fabiola Anita, Martha Kagimba popularly known as Martha Kay, Judith Heard, Cindy Sanyu, Sanyu Robina Mweruka, Desire Luzinda, Zari Hassan, and herbalist Sylvia Namutebi popularly known as Maama Fiina were leaked through the social media.

There has also been increase in cases of fake news about purported death of prominent persons in the country.
Participants therefore agreed that for digital rights to be enjoyed freely, stakeholders need to strengthen Collaboration in advocacy of Digital rights issues at the various levels.

They said, technology presents various challenges to the protection of human rights such as the lack of adequate avenues to verify authenticity of information shared, violation of the right to privacy, respect to copyright issues and the right to anonymity among others hence with a shrinking civic space in Uganda, Human Rights Defenders need to be more vigilant in securing their digital environments.

These require an awareness of the digital security threats faced by Human Rights defenders, a clear understanding and implementation of internet freedom legalization affecting their works and different digital security tools that they can use to protect their online privacy.

This article was first published on the Cross Border Net site on August 14, 2022

16Aug

Privacy Imperilled: Analysis of Surveillance, Encryption and Data Localisation Laws in Africa

Author Evelyn Lirri Posted on

By Evelyn Lirri |

Across Africa, the proliferation of digital technologies is being matched by state measures that negate the right to privacy. The accelerated adoption of digital technologies has come with increased collection and sharing of large quantities of personal data, which is a major concern as several countries lack data privacy laws and many that have them are not implementing the laws. 

As a result, the right to privacy has come under growing siege, which is in turn negatively impacting the enjoyment of other rights, including freedom of expression, association, and access to information online.

In this report, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) analyses country-specific laws that various governments on the continent have enacted and how they impact privacy and data security through surveillance, restrictions on encryption, data localisation, and biometric databases. The report covers 23 countries – Algeria, Angola, Benin, Burkina Faso, Burundi, Cape Verde, the Central Africa Republic (CAR), Congo Brazzaville, the Democratic Republic of Congo (DRC), Gabon, Guinea Conakry, Ivory Coast, Lesotho, Liberia, Madagascar, Mauritania, Morocco, Niger, Sao Tome and Principe, Sierra Leone, South Sudan, and Togo.

According to the report, governments across the continent continue to collect and process personal data, intercept communications and permit surveillance without putting in place the requisite oversight mechanisms and adequate remedies, despite being signatories to regional and international conventions that recognise the right to privacy and provide safeguards for data protection, such as the revised Declaration of Principles of Freedom of Expression and Access to Information in Africa, the International Covenant on Civil and Political Rights, and the Universal Declaration of Human Rights.

Weak Oversight of Surveillance Operations 

One of the emerging concerns is the lack of independent judicial oversight over surveillance operations. In some countries, surveillance operations are entirely carried out and overseen by bodies within the executive, with parliaments and courts of law excluded. In Lesotho, interception warrants may be issued by the Minister responsible for the National Security Services, while in Niger, interception is ordered by the President. In South Sudan, this responsibility is vested with the Director General of the National Security Service, while in The Gambia it lies with the Minister of Interior. In Togo, the Prime Minister, and the Ministers responsible for the economy and finance, defence, justice, and security and civil protection can trigger interception of communications.

In countries such as Benin, the Democratic Republic of the Congo (DRC), Morocco, Niger, and Togo, justification for surveillance is specified under the law. The reasons provided include the preservation of national security or defence, investigation of crimes, prevention of terrorism, organised crime, and activities that undermine public peace or public order. However, these crimes are not defined or are vaguely defined, which gives latitude to state authorities to broadly interpret the laws in undermining the rights of critics and opponents.

 Limitations on Encryption

The use of encryption is critical in helping citizens to protect their data and communications while enjoying the right to privacy and freedom of expression. In several countries, however, this right is being threatened as governments impose restrictions that require the registration of encryption service providers, ban certain types of encryptions, and compel service providers to hand over decrypted data.

In Algeria, individuals and organisations that want to acquire and use encryption services must be granted authorisation by the country’s Regulatory Authority of Post and Electronic Communications. On the other hand, in countries such as the Democratic Republic of Congo, the Central Africa Republic, Niger, Benin, Guinea Conakry, Ivory Coast, Congo-Brazzaville, Morocco, Togo and Burkina Faso, an authorisation may be sought if the encryption is not exclusively for providing authentication or integrity control functions. Failure to seek authorisation or using prohibited encryption could attract a heavy penalty including jail time, a fine, or both.

Countries like Mali, Tanzania, and Malawi also require service providers to disclose specific software to be used for encryption. Such prohibitive provisions undermine privacy and freedom of expression that access to encryption accords.

Compelled Assistance by Service Providers

Governments are also using compelled assistance – where state agencies seek access to data from service providers, including through courts of law and regulators, to gain access to individuals’ private data. This includes access to the secret code of encrypted data, or to decrypted data, and generally requiring service providers to render assistance to state agencies in the interception of communications.     

Laws in countries like Benin, Ivory Coast, Congo-Brazzaville, Gabon, Guinea Conakry, and Sierra Leone specify grounds on which the state can access encrypted data of individuals and also facilitate lawful interception of communications. Laws in several countries require intermediaries such as telecom companies and Internet Service Providers (ISPs) to facilitate surveillance.

 As the report notes, compelled service provider assistance as stipulated in some countries’ laws is quite worrisome as it gives governments and their agencies unfettered access to individuals’ private data beyond limits prescribed by law or permissible by international standards.

Data Localisation

Various countries have enacted laws to control the cross-border transfer of personal data for a multitude of reasons, including national security, personal data protection, and data sovereignty. Algeria, Niger, Morocco, Benin, Cape Verde, Madagascar, Guinea Conakry, Ivory Coast, Congo Brazzaville, Sao Tome & Principe and Togo have laws that prohibit cross-border transfer of personal data unless authorised by data protection authorities.

However, as the report’s findings show, despite having laws in place, enforcement remains weak. Further, data localisation requirements could, in the absence of robust legal and practical safeguards, further facilitate efforts by state and non-state actors to undermine privacy-related rights. Morocco, Algeria, and Ivory Coast are some of the countries where data localisation measures are being implemented.

 Biometric Data Collection

Recent years have seen a number of African countries undertake mass collection, processing and storage of personal data through initiatives such as mandatory SIM card registration, electronic biometric passports, IDs, and driving licences. Although many countries have also passed laws on data protection and privacy, weak implementation mechanisms, coupled with the absence of the requisite safeguards, remain a threat to individual privacy. This is particularly so in instances where regulatory authorities have the power to direct telecom operators to hand over information such as that contained in the SIM card databases.  

Furthermore, the existing oversight mechanisms and provisions for remedies in the case of data breaches have not been effective enough to protect the personal information and communication of individuals in line with internationally recognised human rights standards.    Many countries have enacted data protection laws but have additional legislation that gives the state and its agencies power to access citizens’ biometric information, often under the guise of protecting national security. This is the case with countries such as Kenya, Gabon, Uganda, Lesotho, Mauritius, Morocco, Niger, Sao Tome, Togo, Algeria, Congo Brazzaville, and Ivory Coast.

 Recommendations

 Government:

  • Enact data protection laws in countries such as Liberia, Sierra Leone and South Sudan to provide for and guarantee protection of personal data.
  • Review existing laws, policies and practices on surveillance, including COVID-19 surveillance, biometric data collection, encryption and data localisation, to ensure they comply with article 9 of the African Charter and with the principles in the African Commission on Human and Peoples’ Rights Declaration of Principles on Freedom of Expression and Access to Information in Africa 2019.
  • Cease blanket compelled service provider assistance and provide for clear, activity-bound and court-mandated assistance.
  • Submit periodic reports to the different international human rights treaty body monitoring mechanisms such as the African Commission on Human and Peoples’ Rights, the Human Rights Committee and the Universal Periodic Review process, on the measures taken to guarantee the right to privacy and data protection.

Civil Society:

  • Work collaboratively with stakeholders such as the private sector and academia, including through litigation to challenge laws and measures that violate privacy rights.
  • Monitor and document privacy rights violations through evidence-based research.
  • Conduct regular analysis of proposed laws to identify the gaps and propose revisions before they are enacted into law.
  • Advocate for the promotion and protection of the right to privacy and data protection through various advocacy engagements.

Private Sector: 

  • Develop, publish and implement internal privacy and data protection policies and best practices in handling customer data so as to guarantee customers’ data protection and privacy.
  • Regularly publish transparency reports that highlight all cases of personal data and information disclosure to government agencies as well as other assistance offered to governments to enable communication interception and monitoring.
  • Develop technologies and solutions and use privacy-enhancing technologies that embed and integrate privacy principles by design and default.
  • Comply with the United Nations Business and Human Rights Principles by conducting human rights impact assessments to ensure that measures undertaken do not harm individual rights to privacy and data protection.

Find the full report here: Privacy Imperilled: Analysis of Surveillance, Encryption And Data Localization Laws in Africa  

See another CIPESA report Mapping and Analysis of Privacy Laws in Africa that maps privacy-related laws in 19 other countries.

1 23 24 25 26 27 158