Promoting Effective and Inclusive ICT Policy in Africa

Blog

  HomeCollaboration on International ICT Policy for East and Southern Africa (CIPESA)  /  Blog
09Apr

Centre for Human Rights and CIPESA Conduct Study on Civil Society in the Context of the Digital Age in Africa

Author admin Posted on

By Center for Human Rights and CIPESA |
The study on Civil society in the digital age in Africa: identifying threats and mounting pushbacks was undertaken by the Centre for Human Rights, University of Pretoria and the Collaboration on International ICT Policy in East and Southern Africa (CIPESA) to explore the extent of state-sponsored digital challenges that the civil society in Africa is faced with. It illustrates the challenges faced by civil society organisations and the importance of digital security measures.
Considering the digital threats contributing to the shrinking civic space on the continent, the study highlights the international and regional framework governing the activities of civil society. It further maps the national legislative and policy threats against civil society in selected African countries: Egypt, Sierra Leone, Uganda and Zambia. The study shows how these digital threats not only limit the operations and existence of civic society but also impede the enjoyment of human rights such as the freedoms of association, assembly and the right to freedom of expression.
Based on the findings of the study, it is argued that civil society organisations are significant players in the democratic development and protection and promotion of human rights and thus, their operations and rights should be safeguarded. The study, therefore, calls on African governments to respect their obligations under international human rights law and adopt measures that enable civil society to perform their mandate in promoting good governance, accountability and respect of human rights on the continent, especially in the context of the digital age. The study also recommends the civil society to devise methods of countering digital threats. This could be done through the development and implementation of human rights-sensitive organisational data protection, digital security policies and enhanced organisational understanding of how they can harness digital technologies for digital security purposes. Further, the study encourages the private sector and funders to support and complement the efforts by the civil society in advancing digital rights and opening up the civic space.

Civil society in the digital age in Africa: identifying threats and mounting pushbacks

English

Civil society in the digital age in Africa identifying threats and mounting pushbacks

This report documents the threats to civil society in the digital age by examining the legislative and regulatory framework, as well as state action in four countries in Africa: Egypt, Sierra Leone, Uganda and Zambia. The recommendations emanating from the research call for the states to revise and repeal identified restrictive laws and align them with international standards.
Download the full study here.
04Apr

Joint Civil Society Statement: States Use of Digital Surveillance Technologies to Fight Pandemic Must Respect Human Rights

Author admin Posted on

Joint Statement |

The COVID-19 pandemic is a global public health emergency that requires a coordinated and large-scale response by governments worldwide. However, States’ efforts to contain the virus must not be used as a cover to usher in a new era of greatly expanded systems of invasive digital surveillance.

We, the undersigned organizations, urge governments to show leadership in tackling the pandemic in a way that ensures that the use of digital technologies to track and monitor individuals and populations is carried out strictly in line with human rights.

Technology can and should play an important role during this effort to save lives, such as to spread public health messages and increase access to health care. However, an increase in state digital surveillance powers, such as obtaining access to mobile phone location data, threatens privacy, freedom of expression and freedom of association, in ways that could violate rights and degrade trust in public authorities – undermining the effectiveness of any public health response. Such measures also pose a risk of discrimination and may disproportionately harm already marginalized communities.

These are extraordinary times, but human rights law still applies. Indeed, the human rights framework is designed to ensure that different rights can be carefully balanced to protect individuals and wider societies. States cannot simply disregard rights such as privacy and freedom of expression in the name of tackling a public health crisis. On the contrary, protecting human rights also promotes public health. Now more than ever, governments must rigorously ensure that any restrictions to these rights is in line with long-established human rights safeguards.

This crisis offers an opportunity to demonstrate our shared humanity. We can make extraordinary efforts to fight this pandemic that are consistent with human rights standards and the rule of law. The decisions that governments make now to confront the pandemic will shape what the world looks like in the future.

We call on all governments not to respond to the COVID-19 pandemic with increased digital surveillance unless the following conditions are met:

  1. Surveillance measures adopted to address the pandemic must be lawful, necessary and proportionate. They must be provided for by law and must be justified by legitimate public health objectives, as determined by the appropriate public health authorities, and be proportionate to those needs. Governments must be transparent about the measures they are taking so that they can be scrutinized and if appropriate later modified, retracted, or overturned. We cannot allow the COVID-19 pandemic to serve as an excuse for indiscriminate mass surveillance.
  2. If governments expand monitoring and surveillance powers then such powers must be time-bound, and only continue for as long as necessary to address the current pandemic. We cannot allow the COVID-19 pandemic to serve as an excuse for indefinite surveillance
  3. States must ensure that increased collection, retention, and aggregation of personal data, including health data, is only used for the purposes of responding to the COVID-19 pandemic. Data collected, Fed, and aggregated to respond to the pandemic must be limited in scope, time-bound in relation to the pandemic and must not be used for commercial or any other purposes. We cannot allow the COVID-19 pandemic to serve as an excuse to gut individual’s right to privacy.
  4. Governments must take every effort to protect people’s data, including ensuring sufficient security of any personal data collected and of any devices, applications, networks, or services involved in collection, transmission, processing, and storage. Any claims that data is anonymous must be based on evidence and supported with sufficient information regarding how it has been anonymized. We cannot allow attempts to respond to this pandemic to be used as justification for compromising people’s digital safety.
  5. Any use of digital surveillance technologies in responding to COVID-19, including big data and artificial intelligence systems, must address the risk that these tools will facilitate discrimination and other rights abuses against racial minorities, people living in poverty, and other marginalized populations, whose needs and lived realities may be obscured or misrepresented in large datasets. We cannot allow the COVID-19 pandemic to further increase the gap in the enjoyment of human rights between different groups in society.
  6. If governments enter into data sharing agreements with other public or private sector entities, they must be based on law, and the existence of these agreements and information necessary to assess their impact on privacy and human rights must be publicly disclosed – in writing, with sunset clauses, public oversight and other safeguards by default. Businesses involved in efforts by governments to tackle COVID-19 must undertake due diligence to ensure they respect human rights, and ensure any intervention is firewalled from other business and commercial interests. We cannot allow the COVID-19 pandemic to serve as an excuse for keeping people in the dark about what information their governments are gathering and sharing with third parties.
  7. Any response must incorporate accountability protections and safeguards against abuse. Increased surveillance efforts related to COVID-19 should not fall under the domain of security or intelligence agencies and must be subject to effective oversight by appropriate independent bodies. Further, individuals must be given the opportunity to know about and challenge any COVID-19 related measures to collect, aggregate, and retain, and use data. Individuals who have been subjected to surveillance must have access to effective remedies.
  8. COVID-19 related responses that include data collection efforts should include means for free, active, and meaningful participation of relevant stakeholders, in particular experts in the public health sector and the most marginalized population groups.

Signatories:

7amleh – Arab Center for Social Media Advancement

Access Now

African Declaration on Internet Rights and Freedoms Coalition

AI Now

Algorithm Watch

Alternatif Bilisim

Amnesty International

ApTI

ARTICLE 19

Asociación para una Ciudadanía Participativa, ACI Participa

Association for Progressive Communications (APC)

ASUTIC, Senegal

Athan – Freedom of Expression Activist Organization

Barracón Digital

Big Brother Watch

Bits of Freedom

Center for Advancement of Rights and Democracy (CARD)

Center for Digital Democracy

Center for Economic Justice

Centro De Estudios Constitucionales y de Derechos Humanos de Rosario

Chaos Computer Club – CCC

Citizen D / Državljan D

Civil Liberties Union for Europe

CódigoSur

Coding Rights

Coletivo Brasil de Comunicação Social

Collaboration on International ICT Policy for East and Southern Africa (CIPESA)

Comité por la Libre Expresión (C-Libre)

Committee to Protect Journalists

Consumer Action

Consumer Federation of America

Cooperativa Tierra Común

Creative Commons Uruguay

D3 – Defesa dos Direitos Digitais

Data Privacy Brasil

Democratic Transition and Human Rights Support Center “DAAM”

Derechos Digitales

Digital Rights Lawyers Initiative (DRLI)

Digital Security Lab Ukraine

Digitalcourage

EPIC

epicenter.works

European Digital Rights – EDRi

Fitug

Foundation for Information Policy Research

Foundation for Media Alternatives

Fundación Acceso (Centroamérica)

Fundación Ciudadanía y Desarrollo, Ecuador

Fundación Datos Protegidos

Fundación Internet Bolivia

Fundación Taigüey, República Dominicana

Fundación Vía Libre

Hermes Center

Hiperderecho

Homo Digitalis

Human Rights Watch

Hungarian Civil Liberties Union

ImpACT International for Human Rights Policies

Index on Censorship

Initiative für Netzfreiheit

Innovation for Change – Middle East and North Africa

International Commission of Jurists

International Service for Human Rights (ISHR)

Intervozes – Coletivo Brasil de Comunicação Social

Ipandetec

IPPF

Irish Council for Civil Liberties (ICCL)

IT-Political Association of Denmark

Iuridicum Remedium z.s. (IURE)

Karisma

La Quadrature du Net

Liberia Information Technology Student Union

Liberty

Luchadoras

Majal.org

Masaar “Community for Technology and Law”

Media Rights Agenda (Nigeria)

MENA Rights Group

Metamorphosis Foundation

New America’s Open Technology Institute

Observacom

Open Data Institute

Open Rights Group

OpenMedia

OutRight Action International

Pangea

Panoptykon Foundation

Paradigm Initiative (PIN)

PEN International

Privacy International

Public Citizen

Public Knowledge

R3D: Red en Defensa de los Derechos Digitales

RedesAyuda

SHARE Foundation

Skyline International for Human Rights

Sursiendo

Swedish Consumers’ Association

Tahrir Institute for Middle East Policy (TIMEP)

Tech Inquiry

TechHerNG

TEDIC

The Bachchao Project

Unwanted Witness, Uganda

WITNESS

World Wide Web Foundation

27Mar

How Technology is Aiding the Covid-19 Fight in Africa

Author admin Posted on

By CIPESA staff |

As the coronavirus disease (Covid-19) continues to spread globally, various African governments have imposed sweeping measures such as travel bans, curfews, prohibition of mass gatherings, mandatory quarantines, closure of learning institutions, entertainment spots and borders to curb the pandemic. Some of these measures have boosted the use of digital technologies. But in some countries, responses are marred by pre-existing regressive measures and could affect the enjoyment of digital rights during and post-coronavirus.

Various governments have been quick to encourage mobile money use for local transactions and payment for goods and services in lieu of cash, to stem the contagion. In response, mobile network operators have increased daily limits and waived fees on nominal transfers via mobile money. Effective March 17, for 90 days, Kenya’s Safaricom increased the daily transaction limit via M-Pesa from Kenya Shillings (KES) 140,000 to KES 300,000 (USD 1,400 to USD 3,000) and waived fees off peer-to-peer transfers up to USD 10. Airtel and MTN have done the same in their major markets including Cameroon, Ghana, Rwanda, Sudan, South Africa, Uganda and Zambia.

Other efforts by telecom companies have included doubling internet speeds for home fibre packages at no extra cost to users for at least a month and the deployment of Google Loon to boost 4G network coverage in remote areas in Kenya; promotional ‘work from home’ data bundles and a campaign to educate the public on the pandemic by MTN Uganda; and zero-rating information from the health ministry website and free text messaging services to ‘keep public connected’ by Airtel Uganda

Global mobile operator Vodafone, operational in 10 African countries, is reported to have said that it is offering governments the ability to send text messages free of charge to people living in areas that have been hit by the coronavirus. MTN Cameroon is supporting the national response strategy through dissemination of awareness messages and facilitation of communications between health personnel and the operations of test centres. All providers in Cameroon – Camtel, MTN, Orange and Viettel – are offering subsidised data bundles to facilitate remote work and citizens’ access to information via the internet.

Meanwhile, broadcast media is increasingly being recognised as an essential service alongside more recent digital media forms as a channel for public sensitisation. To ensure access to current information, the pan-African pay TV operator DStv/Multichoice is availing 24-hour news channels to non-subscribers for free. 

The potential of technology to facilitate containment of the spread of the coronavirus notwithstanding, the internet is now also posing a significant threat to fighting the pandemic. Social media in many African countries has been awash with speculation, false and misleading information on Covid-19. In Uganda, unverified reports circulated that a Rwandan national who had tested positive for Covid-19 had escaped to Uganda. In Kenya, vigilantes acting on false information beat a man to death on suspicion of having the coronavirus.

National health authorities and the World Health Organization (WHO) are also  fighting disinformation on the virus through counter-narratives online and offline. For instance, Uganda’s health ministry used its social media accounts to dispel several false reports of positive cases that were circulating prior to confirmation of the first case. Many African governments have set up portals, opened toll-free lines and WhatsApp channels to disseminate reliable information on the pandemic as well as enable citizens to report suspected cases. These channels are available in multiple languages.

In Senegal, the Covid-19.gouv.sn platform set up by the State Information Technology Agency (ADIE), provides reliable information on Covid-19, practical advice and awareness videos, and statistics on the spread of the virus via an interactive dashboard showing data for each locality. Individuals can also report a case of infection via the covid19.gouv.sn platform. Additionally, a “Doctor covid chatbot” accessible on Whatsapp allows dynamic interactions with integrated voice in French and Wolof.

Further, social media platforms have not only served as moderators of content on the virus but also as conduits of information from their users, including those with malicious intent. However, Facebook has indicated that due to its staff working from home, it is currently relying more on automated tools, rather than individuals, to identify problematic content. As a result, mistakes could be made and it may take longer to take down harmful content.

The front line against misinformation online has also shifted to legislative means which have been received with concern. Upon declaring Covid-19 a national disaster, South Africa passed regulations criminalising the spread of false news on the virus, punishable by up to six months imprisonment, a fine, or both.

In Kenya, the health minister said misinformation was jeopardising the government’s efforts to fight Covid-19 and warned that authorities would arrest those spreading false information. Kenya’s cyber crimes law has since been used to prosecute two individuals for spreading false information. Well-known blogger Robert Alai was charged over claims that two individuals had died in the coastal city of Mombasa; while another individual was arrested for claiming the government was lying about the first coronavirus case in Kenya.

Uganda’s communications regulator issued an advisory warning against circulation of false information on Covid-19. In Guinea, Kaka Touda, an independent journalist, was arrested in early March for posting information on social media about a possible Covid-19 case at the National referral hospital.

Nonetheless, some countries have in place measures that undermine citizens’ access to digital communications, which hampers the use of ICT in fighting against the spread of the coronavirus. For instance, Ethiopia still maintains an internet blockade on the Oromia region, denying citizens access to critical information. Uganda’s social media tax of USD 0.05 per day of access is an impediment to access to information for many citizens, notably lower income groups. In most of Africa, internet access remains out of reach for many, with high taxation being a key driver of the high cost of access.

In Cameroon, MTN has committed to “ensure the availability of its network and its services, to allow Cameroonians to stay connected in these difficult times”. This is particularly crucial as Cameroon has in the past initiated two internet shutdowns in the Anglophone region of the country, which together lasted 240 days.

As the situation on the pandemic evolves, governments and telecom companies should refrain from arbitrarily shutting down the internet as a way of containing misinformation and false news, as this would violate citizens’ right to express themselves and to access information, and the resulting information void would provide fertile ground for the virus to spread. Meanwhile, taxes on access to vital platforms such as social media should be scrapped to enhance citizens’ access to information

Follow the CIPESA (@cipesaug) hashtag #InternetFreedomAfrica which has a Twitter thread on Covid-19 developments from around the continent. 

27Mar

Covid-19 in Africa: When is Surveillance Necessary and Proportionate?

Author admin Posted on

By CIPESA staff |

As the world grapples to contain the novel coronavirus disease (Covid-19), the role of Information and Communications Technology (ICT) to enhance disease surveillance, coordinate response mechanisms, and promote public awareness has become more significant. This role of digital technologies is particularly crucial in sub-Saharan Africa where systemic vulnerabilities such as weak health systems and high levels of illiteracy could slow the response to the pandemic.

As of March 25, 2020, the World Health Organization (WHO) reported 2,245 confirmed cases of Covid-19 in 44 countries and 58 deaths in 12 countries in Africa. For a continent of 1.2 billion people across 54 countries, these numbers are still relatively  low, but could potentially escalate. The head of the WHO has advised African governments “to prepare for the worst and prepare today.

In order to stem the spread of the coronavirus, several countries across the world have deployed the use of big data, mobile apps and other digital technologies. Austria, Iran, Israel, Italy, Singapore, South Korea, Taiwan, Province of China, and the USA are among the countries using geo-location technology reliant on data from tech platforms and telecom companies in order to contain the spread of the Covid-19. 

In Austria, A1 Telekom has provided the government with real-time data on its subscribers to enable disease surveillance, while Deutsche Telekom is providing anonymised subscriber data to the Robert Koch Institute which is coordinating the German national response to Covid-19. Singapore’s contact tracing app is purportedly privacy conserving and data protection sensitive. Given the urgency of the pandemic and the dire social and economic costs, countries such as the USA and Israel are triggering emergency powers to institute state-level surveillance previously reserved for counter-terrorism operations. 

China’s approach has seen the country leverage its pervasive and sophisticated digital surveillance infrastructure for disease control. Citizens in provinces such as Hubei – the worst hit by the virus – are required to install mobile apps that track travel and medical history and effect ‘digital quarantines’ to control access to subways, malls, and other public spaces. Drones and robots have also been deployed in the affected areas. In Italy, the second hardest-hit country after China, Vodafone has indicated in a statement that it is “providing Italian officials with anonymised customer data to track and analyse population movements in the hard-hit Lombardy region, where people are in lockdown.”

According to Bloomberg, about a dozen countries are testing a disease surveillance tool developed by Israeli spyware firm NSO Group. The software purportedly collects up to two-weeks of mobile tracking data from an infected person and matches it with geo-location data from mobile operators, which identifies individuals who were in close proximity with the infected person. The NSO Group has over the years been at the centre of spyware schemes in authoritarian and repressive governments in Africa and elsewhere. 

The extent to which African countries are conducting technology-based disease surveillance is not fully known. However, according to an unconfirmed report, Kenya is monitoring the mobile phones of individuals who are under self-isolation, to arrest those who violate the restrictions imposed on their movements. Further, the Kenyan government has announced it will launch a contact tracing app for public transport to provide critical contact data that will help trace back the movements of confirmed or suspected cases. In South Africa, telecom companies have agreed to give the government location data to combat Covid-19. In Uganda, where health authorities struggled to locate several individuals who travelled on the same flights as persons who tested positive for the coronavirus, there has been a suggestion to use information from the immigration department and telecom companies to locate those individuals.

While well intentioned, Covid-19 surveillance and data-based tracking interventions have been effected in haste, and with limited precedent and oversight mechanisms. 

See:   Covid-19 in Africa: A Technology and Digital Rights Response

Indeed, the Covid-19 pandemic has fuelled debate about the ethics and legality of disease surveillance, echoing arguments around the collection and use of refugee data without consent nor agency. Recently, the chair of the European Data Protection Board (EDPB), Andrea Jelinek, stated that data protection rules (such as the General Data Protection Regulation – GDPR) do not hinder measures taken in fighting the pandemic, but added that even in these exceptional times, data controllers must ensure the protection of personal data.

According to Jelinek, the GDPR provides the legal grounds to enable employers and competent public health authorities to process personal data in the context of epidemics, without the need to obtain the consent of the data subject. There are separate rules for processing electronic communication data, such as mobile location data. They require public authorities to first aim for processing of location data in an anonymous way, namely, processing data aggregated in a way that it cannot be reversed to personal data. When this is not possible, states may issue enabling legislation provided this is a necessary, appropriate and proportionate measure within a democratic society.

In a recent statement, renowned freedom of expression defenders similarly expressed support for efforts to confront the pandemic. However, they cautioned that it is crucial that the use of surveillance technology to track the spread of the coronavirus be limited in terms of purpose and time, and that individual rights to privacy, non-discrimination, the protection of journalistic sources, and other freedoms, be rigorously protected. They added that the use of such technology ”abide by the strictest protections and only be available according to domestic law that is consistent with international human rights standards.”

In Africa, there is no GDPR equivalent. However, in 2014 the African Union (AU) adopted the Convention on Cybersecurity and Personal Data Protection which has to-date been signed by only 14 countries and ratified by four countries. Regional blocs have also invested efforts in ensuring that data protection and privacy are prioritised by member states. In 2013, the Southern African Development Community (SADC) adopted a model law on data protection. Also in 2010, the Economic Community of West African States (ECOWAS) adopted the Supplementary Act A/SA.1/01/10 on Personal Data Protection Within ECOWAS. The East African Community, in 2008, developed a Framework for Cyberlaws

See: Challenges and Prospects of the General Data Protection Regulation (GDPR) in Africa

Notwithstanding these efforts, many countries on the continent are still grappling with enacting specific legislation to regulate the collection, storage and processing of individuals’ data. At least 28 African countries had enacted a privacy and data protection law by the end of 2019. But even those with the laws have challenges of implementing them.

Which Way for Data Privacy and Digital Rights?

Undoubtedly, greater availability and processing of data can be instrumental in addressing societal challenges such as the current coronavirus pandemic. However, a study on the use of big data in containing Ebola found plenty of evidence of misuse and abuse of the data and technological tools. It is therefore crucial that a balance is struck between processing data and conducting surveillance for the public good on the one hand, and protecting individuals’ rights on the other. This is essential both in trying times such as these, and in the post-coronavirus era. 

Should governments – and relevant actors such as telecom companies – appropriately navigate the balance between disease surveillance and human rights, it will provide valuable learning on good data governance practices – those that help to solve societal problems and inform policy, while at the same time respecting individuals’ digital rights. The reverse could be true too: If governments abuse data and botch up the coronavirus surveillance effort, they will undermine citizens’ trust in data-based initiatives. This would particularly be true in the African countries where digital rights are under threat, data protection is misunderstood and citizens’ appetite for public participation is low. 

It is therefore important that African governments commit to transparently deal with the use of technology-enabled disease surveillance, with robust legal safeguards and privacy standards. Accordingly, specific data protection principles must be adhered to. For instance, data should be processed for lawful and specific purposes and there must be strict accountability. Similarly, the justifications of public good should not be misused whatsoever, especially in the post-coronavirus era.

Follow the CIPESA (@cipesaug) hashtag #InternetFreedomAfrica which has a Twitter thread on Covid-19 developments from around the continent. 

19Mar

In Search Of Safe Space Online: Research Summary

Author admin Posted on

By WomenAtWebUg |

Efforts to improve digital rights and digital literacy among more women in Africa should be supported by a thorough understanding of the online and offline social structures that influence the extent to which women can be active participants in the digital arena. This is key to realising Goal five of the Sustainable Development Goals which aims to achieve gender equality and empower all women and girls, who have historically been in a position of disadvantage for various reasons including cultural norms, lack of economic opportunity, and low literacy.

Across Africa, various discussions continue to reiterate how obstacles such as unequal access to finance, education and tech devices inhibit many women from participating in the digital society. However, beyond governments, additional efforts are required by other stakeholders including civil society, the tech community, academia, and the private sector to address these gaps. It is against this background that the Women At Web Alliance was initiated in October 2017 with an aim to improve digital literacy among African women, with a focus on Kenya, Tanzania, Rwanda, and Uganda. With support from Deutsche Welle (DW) Akademie, in Uganda an alliance of five organisations is working to strengthen the skills of women through digital security workshops, raising awareness on digital rights, and building digital literacy skills. As part of this work, Chapter Four, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA), the Defenders Protection Initiative (DPI), Not your Body and Unwanted Witness conducted research into the nature of challenges faced by Ugandan women who are active online, and manifestations of  cyber Violence Against Women (VAW). The results of the study are intended to be used to address these challenges, including through the improvement of digital literacy among more Ugandan women, policy development, and informing responsive safety mechanisms.

Women in Uganda face various challenges that undermine their use of the web and other Information and Communications Technology (ICT). These challenges mirror the impediments which women face in the offline world, be it in access to education and economic opportunities, participation in civic processes, or in claiming their freedom of expression and assembly. 

Despite a large gender disparity in digital access, more women face various forms of online violence than their male counterparts, which has continuously undermined their participation online. The absence of laws designed to specifically address the various forms of digital violence (such as revenge pornography, trolling, and threats) and the lack of sufficient in-country reporting mechanisms, exacerbate these challenges and often result in many women being forced to go offline or resorting to self-censorship. Additional consequences of cyber VAW mentioned included psychological, emotional and the physical abuse.

See the In Search Of Safe Space Online: Research summary.

1 69 70 71 72 73 166