Promoting Effective and Inclusive ICT Policy in Africa

Category Archives: Internet Governance

  HomeCollaboration on International ICT Policy for East and Southern Africa (CIPESA)  /  Blog  /  Internet Governance
24Mar

Building Collaborations in Research for Internet Policy Advocacy in Africa

Author admin Posted on

By Juliet Nanfuka |

Many African countries are caught between developing policies that support the unfettered use of the internet as a tool for social, economic and political growth, and laws that threaten citizens’ rights and use of digital technologies. Often, this is partly due to limited evidence upon which to base policies and decision-making, which results from the scant availability of relevant in-depth research.

As the need for internet policy advocacy that is informed by research grows, it is essential to increase the amount and depth of research originating from Africa. It is equally necessary to expand the methods used beyond the traditional to more contemporary ones such as network measurements, social network analysis and data mining. This has led to the need to train, connect, and build collaboration between researchers, policy makers and internet freedom advocates across the region and formed the basis of an intensive training on internet policy research methods.

The training workshop, which was held between February 27 and March 3, 2018, was organised by the Annenberg School for Communication’s Internet Policy Observatory and the Collaboration on International ICT Policy for East and Southern Africa (CIPESA), alongside several partners from across Africa. A total of 40 participants from 17 countries attended the training in Kampala, Uganda. They included journalists, lawyers, technologists, academics, telecom regulators, government officials, and digital rights advocates.

 

The six days’  intensive curriculum covering various topics including on policy research, legal analysis, survey methods, social network analysis, strategic communication, data visualization, and network measurement was led by experts in the field, including faculty from Makerere University, University of San Francisco, the University of Pennsylvania, as well as various think tanks and civil society organisations.

The workshop emphasised the need to embrace more collaborative push back efforts such as strategic litigation, the deployment of tools such as the Ooni probe that monitor internet speed and performance, accompanied by social network analysis, data visualisation and data scraping which can reflect patterns of online narrative. It was also stressed that these methodologies, coupled with traditional research approaches through physical interactions such as focus group discussions and key informant interviews would support more multidisciplinary collaborations and versatile communication strategy for internet policy advocacy in Africa.

Indeed, evidence-based advocacy is fundamental today perhaps more than ever, as the affronts to citizen’s rights online continuously evolve, including at a technological infrastructure level (internet throttling, internet shutdowns, surveillance and data breaches), as well as laws and regulations that increasingly criminalise internet use. More recently, financial affronts to online content production and dissemination have been witnessed in Tanzania and Uganda.

The workshop alumni join a cohort of others from the Middle EastAsia, and Latin America equipped with the skills needed to collaborate across disciplinary and professional silos for progressive internet policy and practice at national, regional and global levels.

Below are some tweets shared  from the workshop:


https://twitter.com/kudathove/status/969500199486984192


https://twitter.com/kudathove/status/969125256911781889


https://twitter.com/NHLAKANHLANHLA/status/968457060424781824


https://twitter.com/kudathove/status/968095031763652610
 


 

13Dec

Reflecting on the Forum on Internet Freedom in Africa (FIFAfrica) at the Internet Governance Forum 2017

Author admin Posted on

IGF Pre-event |
Join the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) at the Internet Governance Forum 2017 where we will share on the evolution of the Forum on Internet Freedom in Africa (FIFAfrica) at a pre-event on December 17, 2017!
We’ll explore insights from our latest report on the State of Internet Freedom in Africa 2017 themed Intermediaries’ Role In Advancing Internet Freedom – Challenges And Prospects as well as uncover what is sometimes left out of discussions on the economic impacts of internet shutdowns in Sub-Saharan Africa. For this discussion we’ll reference a new framework we developed this year. You can see more about it here: Calculating the Economic Impact of Internet Disruptions in Sub-Saharan Africa.
Are you keen on going into the IGF with a solid background on the internet freedom landscape in Africa?  Join us as we reflect on the Forum on Internet Freedom in Africa (FIFAfrica), discuss its evolution, the lessons learnt, the gaps and opportunities that lie ahead for policy development and practical advancement of digital rights in  Africa.

  • Venue: Join us at Room 18, Centre International de Conférences Genève (CICG)
  • Location:  17 rue de Varembé, CH – 1211 Genève 20
  • Date: Sunday, December 17, 2017
  • Time: 13h30 – 14h30

We’ll also share how various organisations have supported the growth of the FIFAfrica in various ways ranging from increasing participation of African delegates, in-depth research and analysis, unique workshops, through to skills exchange and network building.
To confirm attendance, please register here. 

16Oct

Research Methods Workshop for Internet Policy And Advocacy in Africa

Author admin Posted on

Call for Applications  |
The Annenberg School for Communication’s Internet Policy Observatory, the Collaboration on
International ICT Policy in East and Southern Africa (CIPESA), Research ICT Africa, Kenya ICT Action Network (KICTANet), Unwanted Witness, Paradigm Initiative, and
Young ICT Advocates seek applications from young scholars, activists, lawyers, and technologists working across Africa for an intensive practicum on using research for digital rights advocacy.
The workshop seeks to provide a venue for stakeholders in the region to build collaborative possibilities across sectors, expand research capacity within practitioner and digital rights advocacy communities, and to provide the skills and know-how to more strategically use research and data to advance advocacy efforts. Sessions will cover both qualitative and quantitative methods and will provide the space for hands-on activities and the development of individual and group research interests. In this way, the workshop seeks to provide opportunities to connect scholarly expertise with policymakers and advocates and improve working synergies between emerging African networks of civil society organizations, academic centers and think-tanks.
Sessions will include workshops on stakeholder analysis, conducting interviews, researching laws and regulations, social network analysis, network measurement, survey methods, data visualization, and strategic communication for policy impact.
We encourage individuals from Africa in the academic (early career), NGO, technology, and public policy sectors to apply. Prospective applicants should have a particular area of interest related to internet governance and policymaking, censorship, surveillance, internet access, political engagement online, protection of human rights online, and/or corporate governance in the ICT sector. Applicants will be asked to bring a specific research question to the program to be developed and operationalized through trainings, group projects, and one-on-one mentorship with top researchers and experts from around the world. Several partial and full scholarships will be made for the most competitive applicants to participate.
The course will be conducted in English and applicants should have high proficiency in English in order to interact with experts, lecturers and other participants who will come from diverse backgrounds. Please also note that we require all participants to have a laptop to use for the duration of the program.
Application Deadline: November 10, 2017
Workshop Dates: Feb 26 – Mar 3, 2018 | Location: Kampala, Uganda
To apply for the program, please fill this form.
For questions, please email Laura at [email protected].
 

17Sep

Bridging Cyber Security Gaps: The Commonwealth Telecommunications Organization Trains SMEs in Uganda

Author admin Posted on

By Edrine Wanyama |

Uganda’s Small and Medium Enterprise (SME) sector is credited with contributing 20% to the country’s Gross Domestic Product (GDP) in 2016. While the level of adoption of technology as a key component of operations within the sector remains unclear, its effective utilisation requires entities to also embrace safety and security measures as a priority.

Identifying security controls to defend against cyber threats and data protection thus formed the basis of discussions at a cyber standards training workshop for SMEs in Uganda. Organised by the National Information Technology Authority (NITA-U) in collaboration with the Commonwealth Telecommunications Organization (CTO), the workshop, held in Kampala, Uganda on August 23-24,2017 targeted SME entrepreneurs, banking industry officials as well as ICT sector representatives from non-government organisations and other ICT stakeholders.

The workshop explored the Information Assurance for Small Information Assurance for Small to Medium Enterprises (IASME) which encourages SME’s to comply with international information security management standards.

Currently, possible cyber risks include; theft of data for monetary gain or competition by criminals, hacking, physical insecurity to staff and office equipment, malware attacks, insecure configuration, updating software from unreliable sources, access control and spam.

Discussions on information security are abound in Uganda as the Data Protection and Privacy Bill, 2015 makes slow progress in Parliament while laws like the Computer Misuse Act, 2011, the Electronics Signatures Act, 2011 and the Electronic Transactions Act, 2011 do not fully address the issue of data protection and privacy.

According to a 2016 report based on a global survey of cybersecurity managers and practitioners, cyber security and information security is considered a technical issue rather than a business imperative.  The findings of this study echo sentiment held by civil society orgnaisations which face similar digital security threats including increasingly sophisticated threats and rate of incidents.

In order to be better positioned to address cyber threats, civil society and SME need to be equipped with skills encompassing both online and offline responses. These include know how on policy and compliance, physical environmental protection, risk assessment, access controls, incident management, monitoring, backup, malware identification and technical intrusions.

Through a cyber essentials course and practical exercises, participants at the workshop were equipped with basic skills for enabling non-technical users to establish five information security controls including malware protection, access control, patch management, secure configuration, boundary firewalls and internet gateways.

As a follow-up to the exercise, selected participants will undergo further training for possible contracting as IASME information security assessors for SME’s.

CTO’s international events and seminars are conducted in all countries of the Commonwealth, across the continents of Africa, Europe, the Americas, Asia and the Pacific region. Specifically, in Africa, the events have been held in Botswana, Cameroon, Ghana, Kenya, Liberia, Mozambique, Nigeria, Papua New Guinea, South Africa, Swaziland and Uganda.

In the meantime, the Ministry of ICT & National Guidance on August 20, 2017 held an Awareness Workshop on Cyber Laws such as the Constitution of the Republic of Uganda 1995, National Information Technology Authority, Uganda Communications Act 2013, Electronic Signatures Act, Computer Misuse Act, Registration of Persons Act, Electronic Transactions Act, Electronic Transaction Regulations 2013, Electronic Signatures Regulations 2013, Open Data Policy, 2017, ICT for Disability Policy Draft and the Data Protection and Privacy Bill, 2015, to sensitize member of the public, private sector, academia, government officials and other stakeholders on information security threats and how to best combat them. The work shop put emphasis on the need to know, learn and understand existing and upcoming laws, policies and guidelines that regulate cyber security and how they can be best applied.

 
 
 

27Jul

What African Countries Can Learn from European Privacy Laws and Policies

Author admin Posted on

By Edrine Wanyama |
The General Data Protection Regulation (GDPR) came into force in the European Union (EU) in May 2016. The 28 EU member states have until May 2018 to apply the Regulation to existing national laws to ensure the protection of citizens with regard to the processing of personal data and its transfer within the EU and beyond.
In Africa, only 14 countries (Angola, Benin, Burkina Faso, Mali, Gabon, Ghana, Ivory Coast, Lesotho, Madagascar, Morocco, Senegal, South Africa, Tunisia and Zimbabwe) have enacted data protection and privacy laws. Others, including Kenya, Niger, Nigeria, Tanzania and Uganda, have bills that are yet to be passed into law.
Whereas a continent-wide convention on Cyber Security and Personal Data protection was adopted by the African Union back in 2014, only eight countries (Benin, Chad, Congo, Guinea-Bissau, Mauritania, Sierra Leone, Sao Tome & Principe and Zambia) are signatories and only one (Senegal) has ratified the convention.
Meanwhile, as part of efforts to ensure data protection within the different regional blocs, the Southern African Development Community (SADC) has developed a model law on data protection while as of 2010, the Economic Community of West African States (ECOWAS) had the  Supplementary Act A/SA.1/01/10 on Personal Data Protection Within ECOWAS. Unlike its regional bloc counterparts in the south and west, the East African Community (EAC) has not adopted legislation on data protection and privacy – it only has a Framework for Cyberlaws which calls for member states to enact laws that protect personal data.
Meanwhile, some of the proposed and existing national laws fall short of comprehensively protecting data and privacy. For instance, Uganda’s Data Protection Bill, 2015 and Ghana’s Data Protection Act, 2012 lack succinct clauses on key areas such as notification of breach and data portability, and also have limitations on the right to access, among others. Despite this, mass collection of personal data continues across the continent, leaving the majority of Africans vulnerable to the violation of their data privacy.
This contrasting state of affairs formed part of the discussions at a July 2017 convening of lawyers, government officials, civil society representatives, academics, and students at the Institute for Information Law at the University of Amsterdam for a five-day training course on issues pertaining to privacy and data protection law relate to the internet and electronic communications.
For over 60 years, the European Convention on Human Rights (1950) has functioned as the framework to guarantee the right of privacy for private and family life. More recently, the European Charter of Fundamental Rights, 2000 has reinforced this right. These instruments are the basis of the robust protections provided for under the GDPR. In Africa similar frameworks which address privacy are less than 15 years old, such as the Declaration of Principles on Freedom of Expression in Africa (2002) (Part V), the  Resolution on the Right to Freedom of Information and Expression on the Internet in Africa – ACHPR/Res. 362(LIX) 2016, and the civil society led African Declaration on Internet Rights and Freedoms.
However, where European instruments have been largely endorsed and supported by member states, many African instruments still struggle to gain similar recognition by member states.  As in the EU, African countries need to uphold the principles laid down in these instruments towards the recognition and enforcement of citizens’ right to privacy and data protection.
Further, per the GDPR, European states are required to establish Data Protection Authorities (DPAs) to ensure that safeguards are in place to protect user data including across different jurisdictions. African states should embrace similar measures to guard against infringement on citizens’ privacy.

Data Protection Authorities are mandated to independently monitor, raise awareness, handle complaints and conduct investigations, among others, to uphold personal data protection.

Overall, the course highlighted the need for a robust privacy regime across the world to ensure that citizens enjoy due protection of their online data. It also highlighted the need for more efforts in citizen sensitisation on data protection and privacy alongside better frameworks in the African context to support these rights.
CIPESA participated in the course together with representatives from Ohio State Moritz College of Law and Capital University Law School; Global Privacy Practice, Covington & Burling; Institute for Information Law, University of Amsterdam; Berkeley Center for Law & Technology, UC Berkeley School of Law; Dutch Data Protection Authority; and the Washington University Law School, among others.
There are lessons for Africa to learn from the European experience, including the establishment of state and regional mechanisms that strengthen data protection frameworks. However, it is integral that more African countries enact data protection laws, and for countries that have with this law, it should be implemented with oversight from independent bodies as more user data is generated and stored online.
 
 

1 12 13 14 15 16 22