Promoting Effective and Inclusive ICT Policy in Africa

Blog

  HomeCollaboration on International ICT Policy for East and Southern Africa (CIPESA)  /  Blog
30Aug

Report Highlights Collaborative Efforts to Counter Disinformation in Africa

Author CIPESA Posted on

By Patricia Ainembabazi |

Disinformation is an escalating challenge across Africa, threatening democratic processes, social cohesion, and undermining trust in the media. However, evidence of the successes and pitfalls of initiatives that are working to counter disinformation remains minimal.

A new report by  CIPESA, in collaboration with Bertelsmann Stiftung, examines the evolving landscape of disinformation in Africa, highlighting key protagonists involved in the pushback against it and the tactics they employ, as well as the challenges. It offers recommendations for a comprehensive, multi-stakeholder approach to tackling the vice. The report includes case studies on the Democratic Republic of Congo, Ethiopia, Kenya, and South Africa.

The disinformation campaigns often exploit existing social and political divisions, including during electoral periods, when false and misleading content is utilised to sow discord and manipulate public opinion. The tactics used are becoming increasingly sophisticated, with technologies such as deep fakes increasingly being employed. The consequences of these campaigns can be particularly severe in fragile democracies, where disinformation undermines election integrity and fuels conflicts.

The study identifies various protagonists fighting disinformation, including country-specific protagonists, multi-country initiatives, pan-African protagonists, international protagonists, media, and coalitions. However, most rely on basic and moderate methods in identifying and pushing back against disinformation despite the increasing sophistication with which it is generated and disseminated. 

Another notable challenge is that some platforms are not doing enough to fight disinformation or moderate harmful content. Although they derive financial benefits from the region, some platforms do not seem to invest appropriately in human resources or respect national laws regarding content. The report notes that some platforms have run election-related adverts containing patent disinformation while making it expensive and cumbersome for African researchers to gain access to data on political advertising, which would be crucial to tackling disinformation in the region.

In addition, many African countries lack comprehensive legal frameworks to combat disinformation effectively. In some cases, existing laws are outdated, while in others they are poorly enforced and end up stifling legitimate expression.

The study highlights the need for more symbiotic approaches where different protagonists such as multi-stakeholder coalitions that include the state, civil society, platforms, and technologists collaboratively reinforce truth and debunk disinformation. An example is Kenya’s National Coalition on Freedom of Expression and Content Moderation (FECOMO) which brings together more than 20 state, civil society, and media entities to ensure that content moderation protects freedom of expression while tackling harmful content. 

In South Africa, ahead of the 2024 elections, the Electoral Commission entered a Framework of Cooperation with social media platforms Google, Meta, TikTok, and the non-profit Media Monitoring Africa (MMA), to curb disinformation. A related initiative is the Real411 run by the MMA, whose Digital Complaints Committee (DCC) receives complaints on disinformation and hate speech from the public and makes public the outcomes of its investigations of such complaints. 

The success of these efforts, however, often hinges on the active participation of local actors uniquely positioned to address their communities’ specific needs and dynamics. It is without a doubt that the fight against disinformation requires a coordinated response from various stakeholders, including governments, civil society, media, and tech companies.

The report makes various recommendations, such as:

  • Strengthening legal frameworks by developing and updating laws so that they balance freedom of expression with disinformation countermeasures.
  • Enhancing media literacy by educating the public on disinformation and promoting critical thinking across various sectors.
  • Rebuilding trust in media by ensuring accurate and unbiased reporting, particularly during elections.
  • Increasing platform accountability by asserting pressure on social media platforms to be transparent in their content moderation and algorithms.
  • Facilitating public reporting by establishing accessible channels for reporting disinformation and ensuring transparency in addressing reports of abuse.
  • Encouraging public discourse by promoting broader public engagement and awareness to enhance critical thinking on disinformation.
  • Investing in skills development by providing continuous training for fact-checkers, journalists, and researchers to effectively counter disinformation.

In conclusion, disinformation is a complex and multifaceted issue that requires a comprehensive and collaborative response from all stakeholders. Governments, civil society, media, and tech companies must work together to build resilient systems that can effectively combat the spread of false information. By promoting media literacy, holding intermediaries accountable, and fostering multi-stakeholder engagement, Africa can take significant steps toward countering disinformation and protecting democratic processes on the continent. The report can be accessed here. To read more about CIPESA’s work on disinformation, see here.

23Aug

Kenyan Journalists Trained on Digital Rights and Addressing Online Harms

Author CIPESA Posted on

By Lyndcey Oriko |

The National Cohesion and Integration Commission (NCIC) and the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) have trained 60 Kenyan journalists on addressing digital harms such as hate speech and disinformation.

The training in Naivasha in June 2024 targeted journalists and media workers based in Nakuru County, which the Commission has identified as a conflict hotspot. The journalists were equipped with the knowledge and skills to navigate the complexities of reporting on digital rights and online harms in a more professional and ethical way, particularly during sensitive periods such as conflicts and protests.

The training happened at a time when Kenya was experiencing protests and demonstrations dubbed the #RejectTheFinanceBill2024. The protests saw significant mobilisation and engagement on social media platforms, predominantly TikTok and X. The country had also experienced internet throttling despite assurances by the communications regulator that they had no plans to switch off the internet and calls by civil society actors for the government not to interrupt internet services.

In his opening remarks, NCIC’s Commissioner, Dr. Danvas Makori, underscored the critical role journalists play in mitigating hate speech and fostering peace, particularly during sensitive periods such as conflicts and protests. He highlighted the importance of ethical reporting, particularly in the face of rising disinformation and online hate speech.

Dr. Wairagala Wakabi from CIPESA discussed the challenges to internet freedom, including increased censorship and harassment of journalists and independent content creators. He challenged participants to engage in research to inform their reporting and to leverage the emerging technologies to always verify and fact-check as a way of combating disinformation and online hate speech.

The workshops included in-depth sessions on balancing freedom of expression,  which is guaranteed by article 33 of the Constitution of Kenya 2010, with necessary limitations, such as those aimed at combating hate speech, which is stipulated in the National and Cohesion Integration (NCI) Act, 2008. The training emphasised the importance of protecting offline and online rights, and the journalists were reminded of their responsibilities to uphold rights and freedoms while avoiding content that could harm others.

Making references to the #RejectTheFinanceBill2024, the discussions also tackled various forms of online harm, emphasising the importance of civic education, policy enforcement, and ethical reporting.

On his part, Kyalo Mwengi, the Director Legal Services at NCIC, emphasised the fundamental role of journalists in fostering peace. The training was essential to equip journalists with the skills to verify information, understand the nuances of conflict-sensitive reporting, and to effectively use social media to promote cohesion rather than division and to ensure that the public receives reliable and truthful information.

Liban Guyo, Director Peace Building and Reconciliation at the Commission highlighted the importance of contextualising stories, especially those about conflicts. He said the media can escalate or de-escalate a conflict through their reporting, which underscored the need for conflict-sensitive reporting.

Mwengi also presented some of the Commission’s recommendations to the Parliamentary Cohesion and Equality Committee, which is considering amendments to the 2008 Act through the National Cohesion and Integration Bill, 2023. He noted that because the NCI Act was enacted prior to the passage of the 2010 Constitution, it lacked constitutional powers, thereby affecting its performance and effectiveness. Accordingly, the Commission was proposing that the NCIC should be anchored within the Constitution, like other Commission, with clear funding mechanisms and guaranteed independence. In addition, the amendments should consider the prevailing digital landscape to craft robust online hate speech regulations.

In her remarks, Lucy Mwangi from the Media Council of Kenya (MCK) urged journalists to apply the training’s teachings daily, emphasising ethical standards and the promotion of peace and accuracy, both online and offline. She stressed the importance of being registered and carrying press cards to uphold professional integrity, including ensuring their personal safety.

Some of the key issues raised by the participants include the high cost of verifying information, low digital literacy, lack of awareness of conflict-sensitive reporting, and the reactive approach by social media platforms to hate speech and misinformation that allows harmful content to spread quickly. The workshop not only provided valuable insights into the responsibilities of journalists in the digital age but also fostered a collaborative spirit among media professionals to address the challenges posed by online harms. Given the recent protests against proposed tax hikes in Kenya, the timing of this training was particularly relevant, underscoring the need for responsible reporting amidst heightened social tensions. Overall, this initiative represents a proactive step towards promoting ethical journalism and safeguarding digital rights in Kenya.

19Aug

Leveraging Digital Technologies to Enhance Data Governance Practices in Africa

Author CIPESA Posted on

By Paul Kimumwe |

Data governance policies and practices in many African countries have continued to attract attention due to their inadequacy in ensuring the protection and respect for the rights of individual data subjects. Key concerns have been raised regarding the data management practices, particularly related to biometrics, that have undermined the safety, confidentiality, accuracy, accessibility, and reliability of personal data, which are critical principles in data governance.

Several studies have documented cases of misuse of digitalised personal data, including data breaches, surveillance, misuse of personal information, unwarranted intrusion, and financial harm. Despite these misgivings, digitisation of data has been recognised within the African Union’s Digital Transformation Strategy for Africa (2020-2030) as critical in promoting and building confidence for the continent’s digital economy. For many governments, the desire to transform service delivery and enhance public participation has been a key driver for the adoption of biometric data collection and digital identities for purposes of issuing National Identity cards and updating of biometric voter registration and identification programmes.

In this blog, we highlight the critical areas in which advances in digital technologies can enhance data governance practices in Africa.

Understanding Data Governance

Data governance refers to the holistic approach to data management that entails the development and implementation of relevant norms, procedures, and standards to ensure that data is secure, accurate, reliable and consistently available, particularly spelling out clear standards and protocols that govern data collection, storage, and management, resulting in accurate, consistent, and up-to-date data. There is a growing concern that without a robust data governance framework, the continent risks missing out on maximising the benefits from its own datasets as they would be prone to abuse and misuse by poorly regulated data collectors and controllers.

Demand for a Robust Data Governance Framework

In Africa, the demand for a robust data governance framework has gained traction as a response to several countries moving away from paper-based to more digitised data management practices, raising concerns about the rights of data subjects, particularly the safety and confidentiality of user data.

While progress has been registered normatively – with the adoption of regional instruments such as the African Union Convention on Cyber Security and Personal Data Protection and the AU Data Policy Framework, both of which provide frameworks for rights’ respecting data protection practices, and with several countries adopting relevant privacy and data protection laws – full implementation remains a challenge.

In addition, the African Union’s Digital Transformation Strategy for Africa (2020-2030) calls upon states to “promote open data policies that can ensure the mandate and sustainability of data exchange platforms or initiatives to enable new local business models, while ensuring data protection and cyber resilience to protect citizens from misuse of data and businesses from cybercrime.”

Unfortunately, several laws contain problematic and vague provisions that provide for sharing of sensitive information and data localisation that are prone to abuse and misinterpretation. For example, provisions such as section 18 of Algeria’s Law No. 18-07 of 2018 on the protection of personal data, sections 44-47 of Kenya’s Data Protection Act 2019, and section 9 of Uganda’s Data Protection and Privacy Act, 2019, provide for circumstances under which sensitive personal information can be accessed, such as safeguarding national security, public interest, enforcement of the law, and conduct of criminal investigations. In addition, in many countries, biometric data collection programmes were initiated before the enactment of relevant data protection laws.

Leveraging Digital Technologies

While for the most part digital technologies have been used by various states to undermine the legitimacy and enjoyment of digital rights through surveillance and interception of communication, internet shutdowns, and data breaches, there is a growing belief that these technologies can be instrumental in building a robust data governance framework if applied correctly.

Ease of Authentication

Recent technological advancements including the multi-factor authentications (MFA) that enable secure access to services on the go are critical in facilitating seamless data collection, processing, verification and enhancing the authenticity and reliability of data compared to paper-based identifiers. Data subjects can easily request access to and verify their digitised data in the possession of data controllers. As technology becomes more accessible and affordable, governments and private entities can leverage biometrics and biometric technologies for functional and foundational identity purposes, and for an expanding array of applications.

Improving Data Storage and Confidentiality

Data storage is a key pillar within the data governance framework as it easily allows data subjects to exercise their individual rights to request and obtain their personal data in the hands of data controllers in a structured, commonly used, and machine-readable format, as well as request that their data be transferred directly to another organisation. With advances in technology, data controllers can easily encrypt, de-identify and destroy personal data in their possession. Technologies such as the Identity Management Systems (IDMS) facilitate interoperability, allowing seamless integration between different data management systems used by data controllers. In addition, new technologies such as blockchain facilitate the secure storage of datasets in blocks that are connected through cryptography.

Ease of Data Rectification

One of the fundamental rights of data subjects is the right to request data controllers to correct any inaccurate and incomplete data the data controller may have collected. Under Principles 5 and 16 of the European Union’s General Data Protection Regulation (GDPR), data controllers are required to keep personal data accurate and up-to-date,  and to take “every reasonable step” to ensure that inaccurate personal data is erased or rectified.

In many countries, data controllers have been accused of collecting and processing inaccurate and incomplete personal data due to the analogue way data is collected. The adoption of digital technologies and use of biometric data identifiers such as fingerprint, facial, or iris recognition become critical forms of authentication in issuing different forms of identities as well as easing on the verification and rectification processes by both data subjects and controllers.

As Africa strives to improve its data governance framework, it is important that we leverage on the new and emerging technologies such as biometric data collection, blockchain, and identify management systems to enhance the safety, security, accuracy, reliability and confidentiality of personal data.

19Aug

CIPESA Engages Ugandan Parliamentarians on Rights-Respecting Digital Laws

Author CIPESA Posted on

By Patricia Ainembabazi |

On August 14, 2024, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) convened a meeting with Uganda’s Members of Parliament, representatives of civil society, and the private sector to discuss laws that impact the digital civic space. In particular, the meeting discussed how the country’s digital laws can be more supportive of human rights.

Digital technologies have become integral to modern life, facilitating communication, access to information, education, and economic activities. They are key enablers of civil, political, social, and economic rights, but also present challenges, including aiding the proliferation of hate speech, disinformation, and cyber-attacks.

In Uganda, the internet faces multiple challenges including repressive controls, limited access and connectivity, and high taxes on data connectivity. Moreover, the country’s laws governing the digital domain contribute to the suppression of digital rights.

Accordingly, the discussions focused on laws such as the Computer Misuse Act 2011, the Anti-Terrorism Act 2002, the Penal Code (Amendment) Act 2007, the Uganda Communications Act 2013, and the Regulation of Interception of Communications Act (RICA). These laws have been widely criticised for their ambiguous and broad provisions that prioritise control as opposed to protection of rights. The laws have also been used to target political dissidents and silence critical voices.

The meeting, which included 20 Members of Parliament, 11 parliamentary staff, as well we 16 civil society and private sector actors, stressed the need for Uganda to align its laws with regional and international frameworks, such as the African Union Convention on Cyber Security and Personal Data Protection (Malabo Convention) and Europe’s General Data Protection Regulation (GDPR). There was also a discussion on key digital rights, including the right to access and connectivity, freedom of expression, privacy and data protection, security, and online safety, all of which are crucial for a rights-respecting digital environment.

Parliament plays a pivotal role in enacting laws that promote good governance, accountability, transparency, and protection of human rights. As such, it should be at the forefront of enacting, revising or repealing regressive laws that stifle the digital civic space to pave the way for progressive legal regimes.

Civil society organisations (CSOs) were recognised as government watchdogs that should be crucial in advocating for digital policy reforms. Their role extends to conducting evidence-based research on digital rights violations, engaging in strategic litigation to challenge repressive laws, and raising awareness among the public and other stakeholders. Furthermore, CSOs were also encouraged to build strong consumer advocacy movements and initiatives to push for progressive changes in the laws and to engage more deeply with Parliament on legislative reforms.

Collaborative engagements and partnerships with stakeholders including the judiciary, CSOs, telecommunication companies, internet service providers, and the Uganda Communications Commission were emphasised as essential for promoting digital policy reforms and the enhancement of progressive legal regimes.

The August convening followed earlier efforts geared towards facilitating a favourable environment for digital rights in the country. For instance, in June 2024, CIPESA conducted a litigation surgery that explored potential litigation related to issues that undermine Uganda’s digital rights space. Participants at the surgery made proposals to engage the parliament on legislative reforms. 

CIPESA remains committed to continuous engagements with the parliament and other stakeholders to push for digital policy reforms that uphold the rights of all its citizens, foster innovation and development, and address the complexities of the digital age.

12Aug

Rollout of Digital Number Plates Poses Privacy Concerns in Uganda

Author CIPESA Posted on

By CIPESA Writer |

The rollout of the digital number plate system in Uganda is well underway. At a press conference last month, the Ministry of Works and Transport announced January 2025 as the deadline for full roll out. The system – over two years in the making – is a joint project between the government of Uganda and Russian company Joint Stock Company Global Security and has caused alarm among rights activists as it introduces another layer of massive personal data collection and processing amidst weak controls.

The stated objective of the Intelligent Transport Monitoring System (ITMS) is to improve the country’s transport management systems and security by enabling the authorities to “swiftly identify vehicles involved in criminal activities and improve traffic management through efficient ticketing and revenue collection”. It will involve the installation of digital number plates on all vehicles and motorcycles in the country, allowing security agencies to track and pinpoint their location at any one time.

  Overview of ITMS
Digital Number Plate ComponentsStatus of Fitment on Government Vehicles as at June 2024Target Installations (Registered Vehicles as at July 2024)
Aluminium plates – front and back1,0912,145, 988
A tracker
A sim chip
Bluetooth beacons – front and back
Snap locks

Once rolled out, the digital plates will add to the catalogue of surveillance apparatus in Uganda. The country already has a plethora of retrogressive laws, such as the Regulation of Interception of Communications Act 2010 and the Anti-Terrorism Act 2002 that require communication service providers to aid in intercepting communication by ensuring that their systems are always technically capable of supporting lawful interception. The laws also grant powers to an authorised officer to intercept the communications of a person and to conduct surveillance of individuals.

The components of the digital number plates will enable the government through its security agencies, such as the police, to swiftly identify vehicles and their owners. Instantaneous data exchanges pose major challenges to data privacy, especially in cases where there are calculated targets such as civil society organisations (CSOs), human rights defenders (HRDs), activists, and political opponents, government critics, or dissidents.

An added concern is that, according to the Uganda Police, the digital number plate system will be integrated with the Closed Circuit Television System (CCTV) system and others such as the motor vehicle registration system, the e-tax system managed by the Uganda Revenue Authority (URA) and the national identity database managed by the National Identification and Registration Authority (NIRA) to “ensure comprehensive vehicle and personal identification.” Given weak controls over data held by public bodies and rare punishment for data breaches and unauthorised access, linking these databases absent clear data-sharing frameworks and robust controls poses grave concerns. Notably, Uganda does not have a law or regulations governing CCTV/ video surveillance.

Whereas there are efforts to localise parts of the system through the establishment of a local production facility for the various components, the partnership with Joint Stock Company Global Security underscores Uganda’s reliance on foreign entities for purposes of conducting surveillance and interception of private communication of its citizens. For example, in August 2022, there were reports that the Uganda Police had purchased UFED, a technology developed by the Israeli firm Cellebrite that enables authorities to hack into password-protected smartphones.

Earlier, starting in 2018, Uganda turned to a Chinese company, Huawei, for the supply and installation of CCTV across major cities. The decision to install the CCTV cameras came on the heels of a spate of murders that had engulfed the country, with the security forces keen on using the CCTV cameras to improve security in the country. Like many other government security procurements, the CCTV deal raised a lot of transparency and accountability issues, including the secrecy that surrounded the entire process.

Additionally, there were reports that security agencies were working with Huawei technicians in Uganda to spy on opposition critics by intercepting encrypted communications and using cell data to track their movements. This appeared to be the continuation of a trend that was documented earlier in 2012, when the Uganda government reportedly relied on a Germany-made spyware, FinFisher, which it is said to have covertly installed in various places, including hotels, the parliament and key government institutions, for purposes of surveilling on its opponents, including politicians, civil society, and the media.

Given the country’s history of repressing the civic space and harassing political opponents, CSOs and HRDs, the ITMS digital number plates could further the suppression of civil liberties, including political participation, freedom of expression, access to information and assembly and association. Moreover, deeper democratic regression could occur since these liberties largely depend on privacy and the ability to express oneself with minimal interruptions or interference.

While the government has a legitimate desire to improve the security of its people and transport management, recent events as discussed above where the same government has used the acquired technologies to surveil its citizens and undermine digital rights, it is critical that any future attempt to enhance its surveillance apparatus is anchored in law with clear oversight mechanisms. This is because the deployment of surveillance technologies such as ITMS, FinFisher, and Huawei’s CCTV present a veritable avenue for economic and political exploitation by collecting extensive data on people’s behaviour, location, activities, and interests online and offline. This makes the risk of violation of privacy apparent, rendering citizens helpless because they essentially have no control over how the data will be used, even when they are aware that data is being collected.

It is, therefore, important that the government reduce its reliance on foreign-manufactured surveillance technologies, particularly from countries whose human rights record is wanting, as these have tended to use these tools to suppress civic spaces. In addition, the government should reconsider its regulatory framework to ensure it conforms to international standards on privacy and data protection, especially during the procurement and deployment of potentially intrusive technology that is prone to abuse.

1 3 4 5 6 7 164