Promoting Effective and Inclusive ICT Policy in Africa

Category Archives: Online Freedoms

  HomeCollaboration on International ICT Policy for East and Southern Africa (CIPESA)  /  Blog  /  Online Freedoms
11May

Online Censorship in South Africa

Author admin Posted on

South Africa is among the top five African countries with the highest mobile broadband reach, preceded by Ghana, Zimbabwe, Namibia and Egypt. As of June 2014, internet users had increased to 52% of the population, majority of them using mobile devices to access the internet.
Although the country has been ranked free in internet freedom rankings and held highly in respect to promoting equal rights, recent developments in the offline and online world say otherwise.
In March 2015, a consumer activist who runs the CAMcheck blog that reports on misleading claims made by consumer goods providers, was forced to move his website offshore following a take-down request made by sports supplement company USN for content described as “unsubstantiated and defamatory”.
According to Section 78 of the Electronic Communications and Transactions Act (ECTA) 2002, ISPs are not obliged to monitor the data they transmit or to actively seek facts or circumstances indicating an unlawful activity. Service providers are, however, liable for failure to comply when issued with takedown requests from users as provided under Section 77 of the Act.
It is thus no surprise that Hetzner, the CAMcheck blog web hosting provider, also a member of the South Africa Internet Service Providers Association (ISPA), complied with the take down request.
Also in March 2015, the Film and Publication Board (FPB) gazetted a Draft Online Regulation Policy, 2014, which contains clauses that have the potential of blocking online content – including films, games and certain publications – prior to publication.
The regulations require that anyone wishing to publish or distribute such content has to first acquire a digital publisher’s online distribution agreement with the FPB, after paying a subscription fee. Once paid, the publisher would have to submit the content to the FPB for classification prior to publishing.
The FPB has the mandate to regulate the creation, production, possession and distribution of films, games and certain publications by way of classification, to protect children from exposure to disturbing and harmful material and from premature exposure to adult material and to criminalise child pornography and the use and exposure of children to pornography.
The Draft Online Regulation Policy states that, the policy, “read with the Online Regulation Strategy and the ECT Act Amendment Bill, will also ensure that classification focuses on media content, rather than on platforms or delivery technologies.”
However, civil society organisations have criticised the draft policy, stating that they are “effectively a specific form of pre-publication censorship, which is not acceptable.” They also add that the time spent on the pre-classification of content would undermine one of the most valuable traits of the internet – its immediacy.
Further concerns about the new regulations include the exclusion of content by parties unable to pay the fees required and thus a potential limitation on the diversity of online content.
But online content censorship is not new in South Africa. In 2012, “The Spear”, a controversial painting by Brett Murray which depicted President Jacob Zuma with his genitals exposed, was published on the City Press website – a daily newspaper. President Zuma and the African National Congress Party obtained an order for the removal of the image from the website of City Press on the grounds that it was unfit for viewers under the age of 16, according to classifications by the FPB. The Goodman Gallery (where the painting was displayed) approached the FPB Appeal Tribunal which found that the ruling in favour of the injunction was incorrect. The City Press nonetheless removed the image from its website.
Meanwhile in the first quarter of 2013, the South African Counter Intelligence Agency made a content removal request to Google for a blog post that was ‘allegedly infringing copyright by criticizing a media release that the agency had issued.”
Although this request was denied, past incidents together with recent developments in the country bring to the fore the crucial online freedom issues of intermediary liability and freedom of expression.
In its 2014 State of Internet Freedoms in South Africa report, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) highlights these gaps. It states that the absence of detailed provisions in the guidelines for recognition of industry representative bodies of ISPs “creates a situation where ISPs are not free to establish any ’notice’ or ‘notice and put-back’ mechanism, which would allow the user to respond to the allegations of infringement or, respectively, to provisionally restore the allegedly infringing content.”
The ECTA Amendment Bill of 2012 attempts to address some of the existing gaps by introducing Section 77A, which provides consumers with the right to be heard by ISPs before a takedown notice is enforced. However, this section still has limited provision for a user to respond to the allegations of infringement or to provisionally restore the allegedly infringing content. ISPs are merely required to respond to a “first take-down notice” within 10 business days (lesser days if the complainant can demonstrate irreparable or substantial harm).
The 2014 report calls for a review of South African legislation that is applicable to online freedom, specifically pointing out the need for immediate revision of the Films and Publications Act.
The report also recommends increased dialogue between civil society and policy makers to progressive law reforms, including a review of legislation that have actual or potential chilling effects on internet freedom.
Read the full State of Internet Freedoms in South Africa Report here.
 

05May

World Press Freedom: Ugandan Journalists Convened for Digital Security Training

Author admin Posted on

By Juliet Nanfuka |
On May 2, a total of 27 Ugandan journalists were trained in digital security procedures. The training was held in commemoration of World Press Freedom Day (May 3), which this year was celebrated under the theme “Let Journalism Thrive! Towards Better Reporting, Gender Equality, and Media Safety in the Digital Age”.
The training, which was organised by the Collaboration on International ICT Policy in East and Southern Africa (CIPESA) in partnership with Uganda Journalists Union (UJU) and the East and Horn of Africa Human Rights Defenders Project (EHARDP), explored the status of journalism in Uganda as well as the legal and regulatory frameworks affecting freedom of expression in the country. Participants at the training workshop represented print, online and broadcast media houses from across Uganda.
During the training, it emerged that some journalists are not cautious about their online security, similar to those in a previous training hosted by CIPESA. The reuse of one password across different websites and platforms, and overexposure of personal information online were common among the training participants. Email encryption, the use of Virtual private networks (VPNs) and Multi Factor Authentication for passwords, were taught as skills that can aid journalists when investigating sensitive stories that may be prone to surveillance.
Norman Katende, an international award winning journalist, shared his experiences of being threatened while reporting on controversial stories and encouraged journalists to practice caution both online and offline. He questioned how journalism can thrive in the face of police attacks on the media, noting that journalists should not compromise on their security when covering sensitive stories just to earn a living.
According to the Committee to Protect Journalists (CPJ), an international organisation that defends the rights of journalists, over the past two decades, 1125 journalists across the world lost their lives while reporting or investigating stories. The medium increasingly used by journalists to source and disseminate information is the internet.
Last month, Somalia journalist Daud Ali Omar and his wife were murdered. The same month, Kenyan journalist Johan Kituyi, proprietor of the newspaper Mirror Weekly, which has covered controversial national issues, was also murdered.
Increasingly, online publishers and bloggers are also coming under attack in Africa. For instance, a year after their arrest, the Ethiopian Zone9 bloggers remain behind bars and in Burundi, civil unrest related to upcoming elections has led to government restrictions of information flow through various media houses – and radio stations.
Such attacks necessitate digital safety skills for journalists. “When you look at the level of knowledge on ICT that a journalist has – it’s really basic. We have several unsecured email accounts and we visit any website without [considering] security,” noted a journalist at the training in Kampala.
Journalists noted that they do not always exercise their rights and do not request security from their media houses when pursuing sensitive stories. They also indicated a lack of awareness of the laws in place that can aid them in developing stories, such as the Access to Information Act (2005), which compels Ministries, Departments and Agencies to release information.
Following a CIPESA presentation on the legal and regulatory frameworks affecting internet freedom, especially freedom of expression online in Uganda, a Soroti-based journalist said the training had made him re-evaluate how he used his mobile phone and the internet, saying that he had been using these tools “without considering their implications.”
Further to the commemoration of World Press Freedom day, CIPESA participated in the “Digital safety for journalists” plenary session of the global event hosted by UNESCO.  CIPESA and its partners in various countries were also involved in a series of Twitter engagements which explored press freedom, including in the digital world, particularly for African journalists.
The training was conducted in the context of CIPESA’s OpenNet Africa initiative that promotes internet freedom in Africa and is supported by the Open Technology Fund, Hivos and the Association for Progressive Communications (APC).

28Apr

Let Journalism Thrive! Towards Better Reporting, Gender Equality, and Media Safety in the Digital Age

Author admin Posted on

UNESCO |
Every year, 3 May is a date which celebrates the fundamental principles of press freedom; to evaluate press freedom around the world, to defend the media from attacks on their independence and to pay tribute to journalists who have lost their lives in the exercise of their profession.
Over 100 national celebrations take place each year to commemorate this Day. UNESCO leads the worldwide celebration by identifying the global thematic and organizing the main event in different parts of world every year.
The international day was proclaimed by the UN General Assembly in 1993 following a Recommendation adopted at the 26th Session of UNESCO’s General Conference in 1991. This in turn was a response to a call by African journalists who in 1991 produced the landmark Windhoek Declaration on media pluralism and independence.
To mark the 2015 World Press Freedom day, UNESCO will lead the global celebration with a main event under the theme “Let Journalism Thrive! Towards Better Reporting, Gender Equality, and Media Safety in the Digital Age”.  The event is co-organized by UNESCO and the Government of Latvia, and will take place from 2-4 May 2015 in Riga, Latvia.
The Collaboration on International ICT Policy in East and Southern Africa (CIPESA) will be participating in the event represented by Wairagala Wakabi as one of the speakers in the Plenary 3 Session on “Digital Safety for Journalists” on 4 May 2015.  The discussions during this session will be enriched by CIPESA’s experience and expertise, particularly under its OpenNet Africa initiative.
Meanwhile, on May 2, CIPESA will convene journalists in Kampala, Uganda for digital safety training as part of its ongoing online security capacity building efforts for human rights defenders, minority groups, activists and the media in East Africa.

16Apr

CIPESA Conducts Digital Safety Training for Journalists and Activists in Tanzania and Uganda

Author admin Posted on

By Ashnah Kalemera |
This month, the Collaboration on International ICT Policy in East and Southern Africa (CIPESA) has given training to human rights defenders, journalists, bloggers and media practitioners in Tanzania and Uganda in safety and security tactics to promote privacy and freedom of expression online.
The training, conducted in Kampala on April 10 and in Dar es Salaam on April 14 and 15, also helped participants to understand the laws and policies governing digital communications in the two east African countries.
The trainings explored basic computer security for operating systems, data storage and software updates. In addition, safety and security tips for using social media such as Facebook and Twitter, email and mobile communications were shared. Strong emphasis was placed on ensuring privacy of these communication tools and creating strong passwords. The trainings also explored techniques for responding to surveillance and censorship using anonymous browser tools, Virtual Private Networks (VPN) and Encryption.
Participants in the two countries shared their experiences – with varying levels of expertise – in securing their communications.
“I do not share my laptop regardless of who you are,” stated one Ugandan participant. He added that he did not access his email on phone or at internet cafes, cautioning the participants who did. “Any email has to wait until I get to my encrypted laptop,” he said.
A Tanzanian journalist said that whereas she makes the effort to secure all her devices and online user accounts, she often used the same password across board. This highlighted the shortage of digital safety skills among some of the most regular users of digital technologies in the country.
Participants in both trainings noted that in some cases, civil society organisations were “lazy” in adopting the latest technology to ensure the safety and security of their operations and their staff online. In other cases, financial resources were a limitation. Another challenge highlighted was the slow internet speeds in both countries, hence forcing users to access the internet on several devices.
On the legal and regulatory front, discussions centered around the proposed Cyber Crime Bill in Tanzania and the Uganda Data Protection and Privacy Bill and the need for the two countries to adopt laws that support internet freedoms.
Participants also raised concern about recent developments in neighbouring Kenya and their potential impact on the use of information and communication technologies (ICT) across all member states of the East African Community.
Participants in both the Tanzania and Uganda trainings called for increased awareness of online freedom amongst internet users, particularly vulnerable groups such as women and youth to promote greater appreciation for the need to adopt safety and security practices online.
Overview of training beneficiaries
Individuals from 27 organisations benefited from the training, out of which an average of 33% were women and 67% were men.
Figure 1: Training beneficiaries by gender
gender
Figure 2: Training Beneficiaries by user/organisation category
TZ
 
UG
The trainings were organised by CIPESA in partnership with the Pan African Human Rights Defenders Project and Jamii Forums in Uganda and Tanzania respectively in the context of CIPESA’s OpenNet Africa project supported by Hivos, the Open Technology Fund and the Association for Progressive Communications.
Upcoming digital safety skills engagements include for journalists in Uganda (to coincide with World Press Freedom Day on May 3) and for the local tech community.

02Apr

Tanzania Cybercrime Bill Should Safeguard Citizens’ Rights on the Internet

Author admin Posted on

By Juliet Nanfuka |
Tanzania has published a Cybercrime Bill that makes “provisions for criminalizing offences related to computer systems and Information Communication Technologies” and provides for investigation, collection, and use of electronic evidence.
However, the release of the Cybercrime Bill has been met with apprehension by the public due to its overt disregard for press freedom and freedom of expression, the excessive powers granted to police, and the limited protections afforded to ordinary citizens.
On social media, critics have suggested that the timing and content of the Bill were intended to control the media and bloggers ahead of the October 2015 elections. According to the 2014 State of Internet Freedom in Tanzania report, the process of making Cybercrime laws began in 2013 with proposals for the development of the Cyber security Act, Data Protection Act and the Electronic Transacting Act by the end of 2014.
Some of the problematic clauses in the Bill that affect freedom of expression and privacy include Sections 7, 8, 14, 16, 31, 32, 34, 35, 37, 41 and 45.
Section 7 (2) criminalises citizens who receive unauthorized computer data.  There should be consideration of content received with intent and without.
Section 8 and 16 provide vague descriptions of phrases including “unauthorized data” and “false information.” In Section 8, one can be charged with data espionage for obtaining “computer data protected against unauthorized access without permission.” The parameters that define unauthorized data need to be indicated as this could have an impact upon investigative journalists and confidentiality of their sources.
In Section 16, on the Publication of false information, the terms “deceptive, misleading and inaccurate information” are subjective and open to abuse by implementers of the law. A clear definition of what constitutes these terms needs to be stipulated in the bill. Moreover, there should be consideration of  the intent of those who publish such information, failing which the law would ultimately stifle freedom of expression, including of creative expression.
Also the lack of definition for ‘unauthorised data’ in Section 7 (2b) and “unsolicited messages” in Section 30 makes the bill open to misinterpretation and abuse by state authorities.
On the issue of pornography, the Bill should not proscribe the offence of pornography in general, particularly where not shared in public and where all parties that access it are adults. As is currently framed, Section 14 can be used to abuse individuals’ right to privacy. Besides, a clear definition of pornography which is “lascivious” or “obscene” should be added to the Bill.
Sections 31, 32, 33, 34 and 35 of the bill provide excessive powers to the police for search and seizure of computer systems; and disclosure of data. These sections should provide clear guidelines, safeguards and oversight, including the requirement for a warrant issued by a competent court of law before any search and seize or disclosure of data is to be undertaken.
For section 31, owners of the property or other independent parties should also be witness to such activity by the police for the safety of the equipment and data seized to be guaranteed.
According to Section 32 (1), “where disclosure of data is required for purposes of criminal investigation or the prosecution of an offence, a police officer in charge of a police station or a law enforcement officer of a similar rank may issue an order to anyperson in possession of such data compelling him todisclose such data.” This section needs to be adjusted to include police officers first obtaining a court order before compelling any person to disclose data.
On the disclosure of data in Clause 32 (3) b, there should be a clear indication as to the kind and extent of information a service provider can provide. Service providers should be required to report subscriber information requests in the public domain on a regular basis.
Further, there needs to indicate means of storage, retention period and methods of disposal for data collected or recorded through technical means as provided under Section 35 (b).
In regard to Section 37 (9), where service providers are required to support the installation of forensic tools, for purposes of transparency they should be compelled to provide reports of such requests made to them.
Section 41 provides for that  a hosting provider is not liable for information stored at the request of a user of the service, however following orders from any “competent authority” or court, the provider has to take down offending information. The Bill should name the authority or authorities who can issue an order to a hosting provider. The Bill should also indicate what the course of action in the event that a hosting provider does not comply with the order or where the owner of the information wants to contest the take-down order issued by the competent authority.
In regard to “Take down notifications” as provided in Section 45, service providers should notify the persons upon whom a complaint has been lodged, including the reason for the take down.
Also a section compelling service providers to periodically release takedown requests and actions taken to the public should be included.
There is no indication on the rights the users have of their data nor how it is protected once in the hands of the state, thus further putting citizens’ data at risk especially in the absence of a data privacy and protection law.
The Bill was this week tabled in Parliament by Communication, Science and Technology Minister Professor Makame Mbarawa.  However, in their discussions Members of Parliament should consider the amendments proposed by civil society so that the country gets a progressive law that strongly supports freedom of expression and the right to privacy.
 

1 32 33 34 35 36 39