FIFAfrica21: Africa Must be Assertive in International Cybercrime Negotiations

By Apolo Kakaire |

Local nuances, technology neutrality and cross-border cooperation should be at the heart of multi-stakeholder negotiations by African states as part of the United Nations (UN) process on elaborating an international convention on cybercrime. This is according to experts who brainstormed on how African stakeholders can contribute to the planned negotiations, and the role African civil society organisations can play in this process.

Speaking at a session on Africa and the Future of International Cybercrime Cooperation as part of the eighth edition of the Forum on Internet Freedom in Africa (FIFAfrica), Dr. Katherine Getao, the Chief Executive Officer of the Information and Communication Technology Authority of Kenya, stated that African countries have grown some capacity and are better equipped to negotiate in international norm-setting fora. However, she urged states not to “just send lawyers and diplomats” but assemble balanced teams including technical experts that enrich the negotiations. 

According to Dr. Getao, while contexts vary between the different countries on the continent, given the complexity of cybercrime, it is imperative that African countries strategically focus on what works for their countries to ensure clarity on priorities. Moreover,  she called for a local process to coordinate participation in the international process but also to ensure eventual implementation of the agreed conventions. 

George-Maria Tyendezwa, the Africa Group Vice Chair of the Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes, urged African countries to engage with the negotiations “irrespective of their installed capacity”. Since countries are at different levels of growth in the area of cybercrime, cooperation would enable continued peer learning. 

Globally, Ransomware attacks have surged drastically with damage estimated to hit USD 6 trillion in 2021. Such attacks and other cybercrimes affect all countries, but in Africa, weak network infrastructure security especially within financial institutions, governments, and e-commerce companies makes countries especially vulnerable. In March 2021 Interpol established the African Joint Operation Against Cybercrime (AFJOC), a project to drive intelligence-led, coordinated actions against cybercrime and its perpetrators in African member countries.

Speakers at the FIFAfrica21 session acknowledged that the African cybercrimes landscape presents unique challenges related to detection and investigations, and poor technical capacity among law enforcement officials to retrieve evidence to support criminal prosecution. Given the transnational nature of cybercrime, international cooperation at infrastructure level is key in the recovery of evidence to prosecute perpetrators.

However, the regulatory framework for international cooperation on cybercrime remains weak and fraught with lack of commitment. For instance, while the Budapest Convention is 20 years old, only 66 countries have ratified it across the world. Similarly, the Malabo Convention whose implementation in Africa requires 15 ratifications has only registered eight so far. 

Citing the example of the cost of cybercrime in Africa, which in comparison to other economies and the monetary threshold of cybercrime under international law may seem paltry, Michael Ilishebo, a Digital Forensic Analyst and Cyber Crime Investigator with the Zambia Police Service, emphasised that the legal framework governing cybercrime on the continent should be home- grown and resonate with the region’s crime patterns. To strengthen their bargaining power during negotiations, however, African states need to develop national and regional positions and synchronise these with the UN ad hoc committee. “We should have a consensus on [the] Malabo [Convention] before we start talking about Budapest. We should first ensure that African cyberspace is safe before we rush to the UN,” said Ilishebo. 

For her part, Tatiana Tropina from Leiden University said negotiations should ensure that frameworks are technology neutral so as to deal with emerging unanticipated aspects. By defining illegal conduct irrespective of the medium, technology neutral legislation would give some certainty to criminal justice. “When the instrument at the global level says this is what should be stopped, this should trigger domestication which can vary in as much as it does not violate the agreed principles,” said Tropina.

On the multi-faceted approach to tackling cybercrime, Dr. Getao emphasised that focus should not only be on individual perpetrators but also technology service providers who expose consumers to crimes.  “There are civil and criminal aspects that should be taken into account,” she said. As such, a truly global solution must be developed in a participatory way, balancing law enforcement, foreign policy and human rights interests. 

Among the suggested ways to achieve the balance was consensus on key principles, clarity that emerging concerns resonate with existing principles, and human rights due diligence as part of the processes. “Vulnerable communities take the main brunt of cybercrime and this must be taken into consideration as duties of states to guarantee non-discrimination, fair trial, respect for human rights law, access to information and to legal attorney,” said Klara Jordan, the Chief Public Policy Officer of the Cyber Peace Institute. The Institute has recently launched a Multi-stakeholder Manifesto as a guide ahead of treaty negotiations at the UN. 

Ultimately, cybercrime should be considered beyond law enforcement and include the perspectives of civil society who also have a role to play in the implementation of conventions and yet also happen to be victims. “Civil society and individuals being part of the solution is very key and governments must open up,” said Jordan.

How State Surveillance is Stifling Democratic Participation in Africa: State of Internet Freedom in Africa Study Findings

FIFAfrica21 |

As African countries embrace digital technologies, there is growing concern that the rising state surveillance, which is partly being enabled by the same digital technologies, is undermining African citizens’ digital rights and hindering their willingness to meaningfully participate in democratic processes.

One of the “democratising effects” of the internet was that it had provided a safe and alternative engagement platform that could help circumvent and diminish the repressive state’s control over the means of communication, thereby enabling greater organising and expression of dissenting opinions. However, autocrats in the region have appropriated the power of digital technologies to stifle dissent and to ramp up their capabilities to snoop on, punish, and silence critical and dissenting forces.

According to the 2021 State of Internet Freedom in Africa report by the Collaboration on International ICT Policy for East and Southern Africa (CIPESA),  surveillance has become a principal threat to digital rights in Africa, a weakening force to civil society and independent voices, and ultimately a driver of authoritarianism. The study maps the prevalent forms of surveillance, the laws that aid surveillance, and the impact of state surveillance on the ability of individuals and organisations to organise, mobilise, and engage in democratic processes.

Both physical surveillance and digital surveillance have for several years been prevalent in the countries studied. However, the study shows that  digital surveillance is expanding in scope, with several countries now deploying spyware, drones, and video surveillance (CCTV), as well as social media monitoring, mobile phone location tracking, and the hacking of mobile phones, messaging, and email applications.

The abuse of surveillance is rife in countries with high levels of impunity for rights violations and a low level of accountability for the actions of the government and its institutions. In virtually all countries studied, not only has surveillance become commonplace but the right to communicate anonymously in digital spaces has been profoundly eroded through mandatory SIM card registration and creation of inter-linked databases for national ID, voters’ registers, and other services provisions.

Government critics including leading opposition leaders, human rights defenders and activists who do human rights and governance work, as well as investigative journalists, remain prominent targets of state surveillance.

Enablers of State Surveillance

Many countries have enacted various laws that permit surveillance, mandate telecommunication intermediaries to facilitate the interception of communication, stipulate the mandatory collection of biometric data, limit the use of encryption, require the “localisation” of personal data, and grant law enforcement agents broad search and seizure powers.

In countries such as Chad, Malawi, Senegal, Tanzania, Tunisia and Zambia, laws prohibit offering encryption services without licensing, and in other cases, encryption service providers are required to decrypt any encrypted information that they hold to aid lawful interception. Moreover, while all countries have laws that facilitate lawful surveillance, many of these laws have pervasive flaws, are partially implemented, indiscriminately applied, and widely abused.

While democratic participation is based on free will and freedom, the study found that the law has been instrumentalised in many countries including Uganda, Rwanda, Nigeria, Ghana, and Tanzania, to intimidate and to carry out arbitrary arrests and detention, prosecution, and persecution of individuals. The limited oversight over surveillance activity, where the actions of those who conduct illegal surveillance remain shrouded in secrecy with limited accountability for their actions, or redress for victims of surveillance, remains of concern.

Impact on Democratic Participation

The overreach effect of increased surveillance across the region is the curtailment of rights to freedom of expression, access to information, association and assembly, and diminished appetite for participation in democratic processes.

Undermining the Right to Freedom of Expression and Access to Information

The rights to freedom of expression and access to information are critical to meaningful democratic participation and civic engagement. The inability to freely express oneself has a direct impact on democratic participation since it limits an individual’s engagement in political discussions and the capacity to influence others, especially during periods of political contestation, as well as limiting engagement in civic spaces.

The fear of repercussions associated with surveillance curtails the rights of individuals who have been victims of surveillance to freely express themselves. The study shows that this fear has forced human rights defenders, activists, government critics and journalists into self-censorship, to be less vocal, and to limit expression of their opinions especially on debates on political affairs.

Infringing on the Right to Privacy of Communications

Surveillance intrudes on the privacy of individuals and  has become a means through which fear is instilled in political activists, the opposition, HRDs and the public. According to the United Nations High Commissioner for Human Rights, the right to privacy is not only impacted by the examination or use of information about a person by a human or an algorithm.  Rather, even the mere generation and collection of data relating to a person’s identity, family or life already affects the right to privacy, as through those steps an individual loses some control over information that could put his or her privacy at risk.

Overall, surveillance has  undermined the ability of democracy actors to use digital communication channels – some have stopped using the channels to communicate altogether or have restricted their communications. Further, it has increased their costs on communication and operations generally..

Curtailing Freedom of Assembly and Association

The right to freedom of assembly and association is intricately linked to the rights and ability to freely express oneself, seek information, and mobilise. The curtailment of these freedoms can be felt in the individuals’ withdrawal from active engagements with peers, their representatives to parliament and other political actors. The study shows that the rights to assembly and association have been limited for victims of state surveillance and other democracy actors.

The study found that victims of surveillance and those who closely work with or associate with them, tended to take an overly cautious approach due to fear of repercussions such as being arbitrarily arrested, prosecuted, and detained.

The ability to organise and mobilise for activities, especially political meetings, is among the aspects that have been adversely affected by state surveillance. Some actors have resorted to organising meetings online as opposed to physically, and only with trusted individuals, which has affected the reach and effectiveness of such meetings and the mobilising power of such actors.

Effect on the Work of Organisations

According to the report, state surveillance has adversely affected  the work of organisations, making it difficult for them to achieve their goals including gathering information and mobilising for activities. Some organisations  were affected by disruptions of their activities, including being evicted from their offices by landlords at the request of state officials.

In addition, the costs of running the organisations had gone up, due to the level of financial investments made towards implementing safety and security measures. Organisation staff  lost precious energy and time worrying about surveillance, and felt controlled and less free in undertaking their work. Some organisations scaled down their work especially on governance issues.

Impact on Personal Life and Relations

The impact of surveillance goes beyond affecting peoples’ ability to meaningfully participate in democratic processes, to their personal life and relations. Individuals who were targets of state surveillance had relationships with their family, friends and society affected. Many of them lamented their lack of a social life as they could no longer make new friends, visit their old friends or family members, invite them to their homes, or be seen with them in public.

The research found widespread fear among the respondents, including their families, friends, and colleagues because of the surveillance they had experienced, or due to the apprehension of ongoing or future surveillance. Surveillance of their communication, lives and work had affected their psychological well-being and mental health in various ways. The mental toll of surveillance had resulted in constant and increased feelings of anxiety, anguish, stress, worry, depression, paranoia, fear, isolation, danger, risk, hurt, and insecurity.

There was widespread fear among respondents of repercussions for expressing opinions, in the form of  threats, harassment, arrest, attacks, abduction, detention, prosecution, death, and making their family, friends and associates targets of state action.

The study makes the following key recommendations:

  1. Governments should repeal, amend or review existing laws, policies and practices on surveillance, interception of communication, biometric data collection, and limitations on the use of encryption to ensure  compliance with the established international minimum standards on human rights and communications surveillance.
  2. Judiciaries and Parliaments need to proactively check the excesses of the state and its agencies in surveillance to ensure accountability and transparency of the executive arms of government.
  3. Civil society organisations (CSOs) should continue to investigate, document, and expose data and privacy breaches such as unauthorised access, surveillance and non-compliance by data collectors, controllers and processors.
  4. CSOs should engage in strategic public interest litigation through collaborative efforts to challenge laws, measures and acts that violate privacy rights and push for policies and practices reforms that uphold privacy.
  5. Organisations under threat of surveillance should enhance their internal digital capacity and build capacity of their staff in digital literacy, cyber hygiene, physical and digital security and data protection measures; and how to manage new surveillance measures and other emerging threats to digital rights.
  6. Intermediaries should regularly publish, update and widely disseminate privacy policies and transparency reports and inform users about the collection, use, handling, sharing and retention of their data and the measures taken to protect their right to privacy.

FIFAfrica21: Tackling Cybersecurity on the African continent

FIFAfrica21 |

EU Cyber Direct will on September 29, 2021 convene a session on Africa and the Future of International Cybercrime Cooperation as part of the eighth edition of the Forum on Internet Freedom in Africa (FIFAfrica).

According to the Africa Center, African governments face a fast-evolving array of digital threats including espionage, critical infrastructure sabotage and organised crime. The attacks come from a broad range of actors including lone-wolf hackers and criminal syndicates through to foreign governments. Reports indicate that the Covid-19 pandemic has accelerated digitisation on the continent leading to cybercriminals stepping up attacks given the limitations on security infrastructure and capacity, with financial institutions  and telecom companies in particular suffering huge losses.

The estimated economic cost of cybercrime in Africa is USD3.5 billion, and it affects the livelihoods and well-being of millions of people, businesses and communities annually. Due to the global footprint that defines cybercrime, there is a shared transnational responsibility that requires international cooperation and coordination to address the phenomenon. While the United Nations Third Committee has initiated a process mandated with elaborating an international convention on cybercrime, many states are still struggling to understand how this new process fits within existing efforts and what their position should be.

The EU Cyber Direct session will work to identify the priorities of African countries for the upcoming negotiations. The session will also brainstorm on how African stakeholders can contribute to the planned negotiation process, and the role African civil society organisations can play in this process.

As part of efforts to combat cybercrime in Africa, the African Union under its Agenda 2063 that was adopted in 2014 recognises cybersecurity as a key priority to ensure that new technologies are used for the good and prosperity of individuals and institutions on the continent. The session is thus timely and will bring synergies to the other on-going efforts towards a more secure cyberspace on the African continent.

The speaker line up includes representatives from Chatham House, Swansea University, Cyber Peace Institute, and the Zambia Police Service.

FIFAfrica convenes various stakeholders from the internet governance and online rights arenas in Africa and beyond to deliberate on gaps, concerns and opportunities for advancing privacy, access to information, free expression, non-discrimination and the free flow of information online. This year’s forum, which runs from September 27 to 30 2021, is hosted by the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) with support from Ford Foundation, Sigrid Rausing Trust (SRT), Omidyar Network, Small Media, Internews, the European Union Institute for Security Studies (EU ISS), and the Slovenian Presidency of the Council of the European Union.

Registration for FIFAfrica21 remains open.

#FIFAfrica21: Deliberating Europe-Africa Digital Rights Cooperation

FIFAfrica21

As a supporter of the upcoming Forum on Internet Freedom in Africa 2021 (FIFAfrica21), the Slovenian Presidency of the Council of the European Union (EU) will seek to enhance digital rights cooperation between Africa and Europe.

Ambassador Tadej Rupel, Ministry of Foreign Affairs of Slovenia, Presidency of the Council of European Union 2021, will be part of a keynote panel to kick off FIFAfrica21 on September 28, 2021. Others on the panel are journalist and writer Samira Sawlani, Cameroonian lawyer and activist Michelle Ndoki, and Chief Executive Officer of the Pan African Lawyers Union (PALU), Donald Deya. The panel will put a spotlight on the various dynamics that have come to shape digital rights in Africa in addition to also sharing insights on the path that should be taken towards an inclusive, safe and secure internet in Africa. Ambassador Rupel will speak about Slovenia’s digital rights in Africa engagement as part of the EU and in its national capacity.

Meanwhile, the Slovenia-based International Research Centre on Artificial Intelligence (IRCAI) under the auspices of the United Nations Educational, Scientific and Cultural Organisation (UNESCO) and its partner Knowledge 4 All Foundation will host a roundtable on the intersection of African languages and Artificial Intelligence (AI). The session, scheduled to take place on September 29, 2021 starting at 16:30 East African time, will discuss the importance of linguistic and cultural diversity in the digital era. It will also discuss the need to leverage collaborations between AI research communities, policy makers and investors, as well as bilateral cooperation between the African Union and the EU, in order to harvest the benefits offered by Language Technology for realising digital rights in Africa.

The roundtable will highlight ongoing efforts by Masakhane (supported by the Lacuna Fund), which consists of 140 contributors from 17 African countries, focused on the preservation of African languages in the information society. The session will also showcase AI projects with interdisciplinary teams of researchers that have created openly accessible text and speech datasets that will fuel Natural Language Processing (NLP) technologies in nine languages across 22 countries.

The roundtable is part of a series of global events organised by the Ministry of Foreign Affairs of the Republic of Slovenia and IRCAI in cooperation with Slovenian embassies and other permanent representatives in 12 countries around the world to garner interest in urgent and global responses to the emerging field of AI. The first event was held in London, United Kingdom on AI and decarbonization.

Speakers during the roundtable will include representatives from Bayero University, Kano-Nigeria; Uganda’s Makerere University; Maskhane; and IRCAI.

Register for the Forum here.

Countdown to The Forum on Internet Freedom in Africa 2021 (#FIFAfrica21) – Here Is What You Can Expect!

FIFAfrica21 |

The five-day countdown to the eighth edition of the annual Forum on Internet Freedom in Africa 2021 (FIFAfrica21) is on! 

While revolving around three primary themes of Access to Information, Digital Inclusion, and Key Trends shaping digital rights in Africa, the Forum will serve as a platform to dissect and deliberate on topics shaping the digital rights agenda in the continent and other parts of the world.

Setting the stage for FIFAfrica, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) will host a keynote panel featuring journalist and writer Samira Sawlani, Cameroonian lawyer and activist Michelle Ndoki, the Chief Executive Officer of the Pan African Lawyers Union (PALU), Donald Deya, and Ambassador Tadej Rupel from the Ministry of Foreign Affairs of Slovenia, Presidency of the Council of European Union 2021. The diversity of backgrounds and expertise of the panel is reflective of the nature of deliberations, participants and content that will form the backbone of the Forum.

Overview of FIFAfrica21

  • 2 Pre-event trainings
  • 6 Remote hubs across five countries – Democratic Republic of Congo, Senegal, Tanzania, Uganda and Zimbabwe
  • 25 virtual sessions (lightning talks, report launches, strategy sessions, panels and learning calls)
  • 115 speakers

See the current agenda and speaker lineup.

Supported by the Ford Foundation, Sigrid Rausing Trust, Omidyar Network, Small Media, Internews, the European Union Institute for Security Studies (EU ISS), and the Slovenian Presidency of the Council of the European Union, FIFAfrica21 will serve as a platform for deliberation on gaps, concerns and opportunities for advancing privacy, free expression, non-discrimination and the free flow of information online. 

The virtual sessions, remote hubs and pre-event trainings have been organised in partnership withData4Change, the International Centre for Non-for-Profit Law (ICNL), Paradigm Initiative, Zaina Foundation, Africa Kiburi, Jonction Senegal, International Training Programme (ITP), Zimbabwe Centre for Media and Information Literacy (ZCMIL), Centre for Media Literacy and Community Development (CEMCOD), and Rudi International.

Registration for FIFAfrica21 remains open and includes access to the online event space wherein participants are already engaging with each other. Registered attendees can also lookout for the following at the Forum:

    • Build networks of practice: The Forum provides an opportunity for like-minded individuals to get to know and engage with each other. Be sure to look out and diarise sessions that resonate with you.
    • Access to the Digital Security and Virtual Support Desk: We have a wonderful team of digital security experts who will be on hand to provide personalised support and advice to attendees on any digital security issues and concerns.  
    • Visit Exhibitors: There is a plethora of very interesting work being done by the digital rights community across the world. You can visit the exhibitors’ centre to see some of this work and directly engage with the entities and people behind the various initiatives
    • Launch of the State of Internet Freedom in Africa 2021 report: This year we look forward to launching the latest edition of the State of Internet Freedom in Africa report. This adds to our repository of tracking the trends shaping digital over the years since 2014.