Report Documents A Decade of Internet Freedom in Africa

Announement | The Collaboration on International ICT Policy for East and Southern Africa (CIPESA) is proud to announce the launch of its 2023 edition of the State of Internet Freedom in Africa report titled, ‘A Decade of Internet Freedom in Africa: Recounting the Past, Shaping the Future of Internet Freedom in Africa’. This year marks a decade since the first State of Internet Freedom in Africa report was produced. Similarly, it marks a decade of the Forum on Internet Freedom in Africa (FIFAfrica) which has since 2014 served as the platform for the launch of every State of Internet Freedom in Africa report. 

This special edition honours the efforts of various state and non-state actors in the promotion of internet freedom in Africa. The report takes a deep dive into the dynamic landscape of internet freedom on the African continent and offers contextual information and evidence to inform ICT policymaking and practice, creates awareness on internet freedom issues on the continent, and shapes conversations by digital rights actors across the continent. 

Through a series of essays, authors in this special issue of the report reflect on the past 10 years on the state of Internet freedom in Africa, exploring various thematic issues around digital rights, including surveillance, privacy, censorship, disinformation, infrastructure, access, advocacy, online safety, internet shutdowns, among others. Authors featured in the report include, Admire Mare, Amanda Manyame, Blaise Pascal Andzongo Menyeng, Rima Rouibi, Victor Kapiyo, Felicia Anthonio. Richard Ngamita, Nanjala Nyabola, Professor Bitange Ndemo, Paul Kimumwe, and Edrine Wanyama.

The report maps the way ahead for digital rights in Africa and the role that different stakeholders need to play to realise the Digital Transformation Strategy for Africa and Declaration 15 of the 2030 Agenda for Sustainable Development on leveraging digital technologies to accelerate human progress, bridge the digital divide, and develop knowledge societies.

The report was unveiled at the closing ceremony of the FIFAfrica which this year was held in Dar es Salaam, Tanzania. 
Find the full report here.

Litigating Internet Disruptions in Africa: Lessons from Sudan

By CIPESA Writer |

Internet disruptions continue to be registered across Africa, despite efforts by local and international actors to demonstrate to telecommunications regulators and governments that it is counterproductive to human rights, the economy and democracy to disrupt digital communication networks.

In 2021, up to 12 African countries experienced state-ordered internet disruptions. These included Burkina Faso (November), Chad (February), Republic of Congo (March), eSwatini (June), Ethiopia (various), Niger (February), Nigeria (June), Senegal (March), South Sudan (August), Sudan (June and October), Uganda (January), and Zambia (August).

As internet disruptions have become more prevalent on the continent, strategic litigation against governments that order themand intermediaries, such as telecom operators and internet service providers (ISPs), that effect them, has gained recognition as a push back tool. Strategic litigation can lead to significant legal precedents by publicly uncovering inequalities and highlighting human rights violations, raising awareness, and bringing about reforms in legislation, policy, and practice.

However, as this brief argues, there are several obstacles to the successful litigation of internet disruption cases, including weaknesses among groups and individuals that submit applications, and case backlogs that impede timely adjudication of cases. Indeed, few cases of strategic litigation on internet disruptions have succeeded. Cases in Cameroon, Chad, and Uganda have been dismissed. In Zimbabwe, while the court in 2019 declared that an internet shutdown ordered during protests that year was illegal, the case was decided on procedural grounds without addressing the litigants’ grounds, such as rights violations due to the shutdown.

A notable progressive decision was the June 2020 ruling by the court of justice of the Economic Community of West African States (ECOWAS), which held that an internet shutdown ordered by the Togolese government during protests in 2017 was unlawful and violated the applicant’s right to freedom of expression. The court also ordered the Togolese government to pay two million CFA francs (USD 3,400) compensation to the applicants for the violation of their rights.

Litigating against shutdowns in Sudan

Perhaps more than any other African country, Sudan has made legal precedents arising from litigation against disruptions. Of note too, is that Sudan is only perhaps rivalled by Ethiopia in the number of shutdowns it has experienced in the last three years. Since 2019, the north African country has experienced six internet disruptions.

Former president Omar al-Bashir’s regime initiated internet disruptions during public protests calling for his overthrow, but the government that succeeded him has been more prolific in utilising shutdowns in response to criticism and protests. The longest disruption was recorded in 2019 and lasted 37 days, during which the country lost an estimated USD 1.9 billion. Over 100 protesters were reportedly killed during the time the shutdown was initiated. The latest shutdown started on October 25, 2021 and lasted 25 days. It was instituted after the military declared a state of emergency in the country and seized control of the government. The shutdown was ended by a court order.

The 2019 and 2021 disruptions were both challenged in court. In June 2019, Sudanese lawyer Abdelazim Hassan lodged a lawsuit against the internet shutdown that had been instituted earlier that month. Within two weeks of filing the case, court on June 23 ordered his service provider, Zain, to restore his internet service, which the ISP promptly did. However, service was only restored for the litigant’s SIM card, with the block on access maintained for the rest of Zain’s customers. This was because Hassan had filed the case in a personal capacity as a Zain customer.

Hassan then launched a class action suit, and on July 9, 2019 the court ordered MTN, Sudani and Zain to restore services for all their customers. The telecom providers complied promptly. In September 2019, court ordered Sudani and MTN to apologise to customers for disrupting access to their networks at the behest of the military authorities in June of that year.

Another win for litigants against internet disruptions came on November 11, 2021, when the general court of Khartoum ordered ISPs to restore internet services to all subscribers in response to a lawsuit raised by the Sudanese Consumer Protection Organisation. On the same day, the Telecommunication and Post Regulatory Authority (TPRA) insisted on maintaining the shutdown despite the court order, citing “national security” and a “State of Emergency” as justification. The authority argued that it was necessary to maintain the shutdown as ordered by “the higher leadership”, provided the state of emergency and threats to national security persisted.

The TPRA decision declining to restore internet connectivity cited article 6(j) and article 7(1) and article 7(2)(a) of the law of TPRA of 2018. Article 6(j) provides that one of TPRA’s mandate is “protecting the national security and the higher interests of Sudan in the field of Telecommunication, Post and ICT”. Articles 7(1) and 7(2)(a) state that among the powers of the TPRA is to protect the state’s obligations and requirements in the field of national security and defence, and national, regional and international policies, in coordination with the competent authorities and licensees.

The judge dismissed that argument and issued an arrest warrant for the chief executive officers of the telecom companies for not restoring internet access. On November 18, 2021, the telecom companies restored internet access for all subscribers. The various restoration orders and arrest warrants bring to four the key decisions taken by courts in Sudan that held the regulator, ISPs and the government to account. Further, unlike the Togo case which was adjudicated in the aftermath of the disruption, in Sudan the court issued orders during the disruption and brought it to an end.

Lessons from Sudan’s experience

  • Leaders of telecom companies can and should be held individually liable for actions of their companies. In Sudan’s case, an arrest warrant against leaders of telecom companies yielded compliance with a restoration order in spite of the telecom regulator’s directive to maintain the shutdown.
  • Powers of telecom regulators, who often cite vague grounds of national security in ordering disruptions, can be challenged in court even if the regulators cite the law in ordering an internet disruption.
  • It is essential for courts of law to adjudicate swiftly on internet shutdown cases. In Sudan’s case, it took two weeks of filing a case for court to order restoration of service to the litigant. In another two weeks, the court had ordered service providers to restore services to all customers.
  • Litigation’s target actions and actors need to be well-defined. Sudan has lessons on litigation that benefits individuals and others that benefit groups of users. Further, the targets of litigation action are varied, to include the regulator, a particular ISP or all ISPs, and other state bodies.
  • Intermediaries have appeared helpless in the face of government orders and have acquiesced to government orders even when their lawfulness is questionable. Holding them liable for losses to customers, such as the order by the Sudanese court that they apologise to customers, could make them think twice before implementing shutdown directives.

Towards an Accessible and Affordable Internet in Africa: Key Challenges Ahead

By Paul Kimumwe |

Over the last few years, Africa has experienced exponential growth in internet access spurred by mobile internet, which stood at 28% penetration  in 2020. However, internet access and affordability are still a major challenge for the majority of Africans, especially the rural poor, women, and persons with disabilities.

According to the State of Mobile Internet Connectivity 2021, Sub-Saharan Africa has the largest coverage gap (those living in areas without mobile broadband coverage) at 19%, which is more than three times the global average. While internet access has become more affordable, particularly through mobile phones, costs are still high and unaffordable to many in the region, who remain offline.

A new brief by CIPESA explores some of the retrogressive measures that undermine citizens’ rights to access a reliable and affordable internet in Lesotho, Mozambique, Tanzania, Uganda, Zimbabwe, and Zambia. Some of these measures include digital taxation that has led to increases in internet costs, registration and licensing of online users that imposes high licensing fees and tough penalties, network disruptions including internet shutdowns that lead to inaccessibility of the internet, and the failure to provide enabling infrastructure that exacerbates the digital divide.

Many governments have been eager to increase their tax base, particularly from the telecommunications sector and over-the-top (OTT) services, which they claim are eating into the revenues of licensed operators. Several other governments have slapped taxes on mobile phone handsets and other devices. These costs are passed on to consumers, thereby raising the cost of owning and using a mobile phone and accessing the internet.

In addition, the lack of an enabling infrastructure, including lack of access to reliable electricity, has been a major hurdle to broadband adoption in many African countries. It is  estimated that 45% of Africans live farther than 10 kilometres from the network infrastructure essential for online education, finance and healthcare services.

Network disruptions including internet shutdowns, internet throttling and social media blockages have recently become endemic in several African countries, and present yet another hurdle. Governments have sometimes shut down or restricted access to the internet or to social media platforms in an attempt to limit or control conversations online and prevent mobilisation for potential pro-democracy protests. The disruptions have mostly been initiated around election times, public protests, and during national exams.

Various countries have also adopted the registration and licensing of online users on whom they impose high licensing fees and tough penalties. This has forced many online users to abandon their platforms due to the high costs and threats of prosecution. Many of those who are online routinely practice self-censorship for fear of attracting reprisals.

The lack of internet access requires immediate counter action by several countries especially given the overbearing effects of digital exclusion caused by the Covid-19 pandemic. Countries with better access to online platforms for business and education are reaping faster economic rebounds compared to unconnected economies. The internet plays a vital role in the realisation of human development and facilitates the enjoyment of several human rights and freedoms, including the right to freedom of expression and information, the right to education, the right to assembly and association.

According to the brief, African governments need to recognise and nurture the true potential of the internet in driving inclusive economic growth and development, as well as digital transformation, especially in the post-Covid pandemic era. This calls for robust investments in internet infrastructure, digital literacy and refraining from taking actions that undermine the transformative potential of digital technologies.

See the full brief here.

South Sudan’s Cybercrimes and Computer Misuse Order 2021 Stifles Citizens’ Rights

By Edrine Wanyama |

South Sudan has enacted the Cybercrimes and Computer Misuse Provisional Order 2021 aimed to  combat  cybercrimes. The country has a fast-evolving technology sector, with three mobile operators and 24 licensed internet service providers. Investments in infrastructure development have propelled internet penetration to 16.8% and mobile phone penetration to 23% of the country’s population of 11.3 million people, which necessitates a law to curb cybercrime.

The Order is based on article 86(1) of the Transitional Constitution of South Sudan 2011, which provides that when parliament is not in session, the president can issue a provisional order that has the force of law in urgent matters.

The Cybercrimes and Computer Misuse Order makes strides in addressing cybercrimes by extending the scope of jurisdiction in prosecuting cybercrimes to cover offences committed in or outside the country against citizens and the South Sudan state. The Order also establishes judicial oversight especially over the use of forensic tools to collect evidence, with section 10 requiring authorisation by a competent court prior to collecting such evidence. Furthermore, the Order attempts to protect children against child pornography (section 23 and 24), and provides for prevention of trafficking in persons (section 30) and drugs (section 31).

However, the Order is largely regressive of citizens’ rights including freedom of expression, access to information, and the right to privacy.

The Order gives overly broad definitions including of “computer misuse,” “indecent content,” “pornography,” and “publish” which are so ambiguous and wide in scope that they could be used by the state to target government opponents, dissidents and critics. The definitions largely limit the use of electronic gadgets and curtail the exercise of freedom of expression and access to information.

Article 22 of the Transitional Constitution of South Sudan 2011 guarantees the right to privacy. The country has ratified the International Convention on Civil and Political Rights (ICCPR) that provides for the right to privacy under article 17 and the African Charter on Human and Peoples Rights, whose article 5 provides for the right to respect one’s dignity, which includes the right to privacy. The Order appears to contravene these instruments by threatening individual privacy.

Despite a commendable provision in section 6 imposing an obligation on service providers to store information relating to communications, including personal data and traffic data of subscribers, for 180 days – a period far shorter compared to other countries – personal data is still potentially at risk. The section requires service providers and their agents to put in place technical capabilities to enable law enforcement agencies monitor compliance with the Order. With no specific data protection law in South Sudan and without making a commitment to the leading regional instrument, the African Union Convention on Cyber Security and Personal Data Protection, privacy of the citizens is at stake.

The section on offences and penalties lacks specificity on fines which may be levied on errant individuals or companies. On the other hand, some of the offences provided for under the Order potentially curtail freedom of expression and the right to information. For instance, the offence of spamming under section 21 could be interpreted to include all communications through online platforms including social media platforms like Facebook and WhatsApp. Under the provision, virtually all individuals who forward messages on social media stand the risk of prosecution. This also has a chilling effect on freedom of expression and the right to information.

The offence of offensive communication under section 25 potentially has a chilling effect on freedom of expression, media freedom and access to information. A similar provision under section 25 of the Computer Misuse Act, 2011 of Uganda has been widely misused to persecute, prosecute and silence political critics and dissidents. Section 25 of the South Sudan Cybercrimes Order could be used in a similar manner to target government critics and dissidents. 

In CIPESA’s analysis of the Order, we call for specific actions that could ensure the prevention of cybercrime while at the same time not hurting online rights and freedoms, including:

  • Deletion of problematic definitions or provisions from the Order.
  • Enactment of a specific data protection law to guarantee the protection of data of individuals.
  • Urgent drafting of rules and regulations to prescribe the procedures for implementing the Order.
  • Ratification of the African Union Convention on Cyber Security and Personal Data Protection.
  • Service providers should not be compelled to disclose their subscribers’ information to law enforcement agencies except on the basis of a court order.
  • Amendment of the Order to emphasise the oversight role of courts during the processes of access, inspection, seizure, collection and preservation of data or tracking of data under section 9.

Read the full analysis here.

Apply for Data Driven Advocacy Sketchathon at FIFAfrica21

Call for Applications |

Do you want to use data for advocacy but you’re not sure where to start? Would you like to transform statistics into compelling stories? Are you passionate about a digital rights cause, and want to convince others to join your efforts?

In the lead up to the Forum on Internet Freedom in Africa 2021 (FIFAfrica21), the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) and Data4Change will host a virtual data sketchathon and series of critical discussions to get you thinking more about how to use data in digital rights advocacy. The sketchathon will take place on Monday 27 September 2021.

The schedule
Starting at 10am East African Time (EAT) and finishing at 5pm EAT, the sketchathon will entail a combination of live Zoom sessions and self-paced activities.

We’ll use the answers in your application forms to set an agenda for the group discussions as we explore themes like: data biases; representation, accessibility and ownership of data; and data inequalities. You’ll also have an opportunity to work in small groups to map your data advocacy aspirations and to tackle some of the data questions you’re grappling with as individuals or organisations.

Participants will also have an opportunity to create a data design using data from the #KeepItOn campaign Shutdown Tracker Optimisation Project.

Who should apply
There are no prerequisites, and literally anybody can apply. We are looking for people who are passionate about uncovering the potential of using numbers to drive forward emotive stories that have the power to advance digital rights preferably in Lesotho, Mozambique, Tanzania, Uganda, Zambia, and Zimbabwe.

A limited number of spaces are available for the workshop. We endeavour to create diverse and collaborative spaces and to foster a sense of community that lasts beyond the event and will strive to create a balanced representation of different geographies, abilities, and approaches among participants.

How to apply
Submit this form before 18.00 East African Time on Wednesday September 22, 2021.

Successful applicants will be notified by Friday September 24, 2021. A modest reimbursement will be provided for participants’ connectivity costs.