Promoting Effective and Inclusive ICT Policy in Africa

Category Archives: Briefs

  HomeCollaboration on International ICT Policy for East and Southern Africa (CIPESA)  /  Blog  /  Resources  /  Briefs
06Aug

Challenges and Prospects of the General Data Protection Regulation (GDPR) in Africa

Author admin Posted on

Policy Brief |
Privacy is a fundamental human right guaranteed by international human rights instruments including the Universal Declaration of Human Rights in its article 12 and the International Covenant on Civil and Political Rights, in its article 17. Further, these provisions have been embedded in different jurisdictions in national constitutions and in acts of Parliament.
In Africa, regional bodies have invested efforts in ensuring that data protection and privacy are prioritised by Member States. For instance, in 2014 the African Union (AU) adopted the Convention on Cybersecurity and Personal Data Protection. In 2010, the Southern African Development Community (SADC) developed a model law on data protection which it adopted in 2013. Also in 2010, the Economic Community of West African States (ECOWAS) adopted the Supplementary Act A/SA.1/01/10 on Personal Data Protection Within ECOWAS. The East African Community, in 2008, developed a Framework for Cyberlaws. Notwithstanding these efforts, many countries on the continent are still grappling with enacting specific legislation to regulate the collection, control and processing of individuals’ data.
On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) came into effect. The GDPR is likely to force African countries, especially those with strong trade ties to the EU, to prioritise data privacy and to more decisively meet their duties and obligations to ensure compliance.
See this brief on the Challenges and Prospects of the General Data Protection Regulation (GDPR) in Africa, where we explore the consequences of GDPR for African states and business entities.

23Aug

The Growing Trend of African Governments’ Requests for User Information and Content Removal From Internet and Telecom Companies

Author admin Posted on

Policy Brief |
The relationship between communications service providers, users and governments with regards to data protection, requests of user information and content take downs is increasingly taking centre stage in discussions around free, open and secure use of digital technologies.
In February 2017, Millicom issued its second Law Enforcement Disclosure Report. Millicom’s report is one of many by private companies aimed at promoting transparency and accountability, through periodically publishing reports detailing information on government requests for user data, content removals, and compliance with those requests.
Google is credited with being the first internet company to publish a transparency report back in 2009, followed by Twitter in 2012. Facebook and Yahoo have published reports since 2013. Vodafone and Orange were among the first telecommunications companies to publish transparency reports, both in 2014.
These reports have become vital to understanding censorship, surveillance and more importantly the commitment of service providers to protecting the privacy of their users and promoting freedom of expression online. Based on the reports alone, it remains unclear what the true extent of governments’ surveillance of citizens’ communications and censorship of content across the world is. Nonetheless, the reports indicate a growing trend among countries, including African governments, of requests for subscribers’ data and content removal.
On the social media front, from five African countries being listed by Facebook among those that requested users’ details in the first half of 2013, the number on the continent has grown to 18 as at the end of 2016. Meanwhile, requests to remove content from Google have also grown from only Libya in 2010 and 2011, to four African countries in 2016 alone. Twitter, which only received one user information request from South Sudan in 2012, has since gone on to receive requests from an additional four countries on the continent. The countries which have consistently made requests for user information to Google, Facebook and Twitter include South Africa, Nigeria, Sudan, Kenya and Egypt.
In telecommunications, figures are scanty as only four companies operating in Africa issue transparency reports – one of which, MTN, does not disclose any statistics while Vodafone’s extent of disclosure is limited due to legal provisions in some of its countries of operation that prohibit publishing of such information. Even then, user data requests from five African governments to Millicom have increased from 5,000 in 2015 to nearly 7,000 in 2016. Requests to Orange from the 20 African countries where it had operations as at the end of 2016 have tripled in the past three years – from 22,930 in 2014 to 67,718 in 2016.
In this brief, we provide a summary of the user data and content removal requests which governments in Africa have made to select internet and telecommunications companies in recent years.
 
 

03Nov

Call for Evaluation Consultant: ICT4Democracy in East Africa Network

Author admin Posted on

The Collaboration on International ICT Policy in East and Southern Africa (CIPESA) is seeking an evaluation consultant to establish the achievements, outcome and challenges registered by the ICT4Democracy in East Africa Network during the period November 2013 – October 2015. The evaluation will assess the appropriateness, effectiveness and outcomes of the network in relation to the program objectives.
Closing date for applications: 17:00 hours East African Time (EAT) on Thursday November 19, 2015
Further details on the scope, eligibility and how to apply are available here.

07Jul

Hunting Down Social Media ‘Abusers’ in Uganda as Elections Near

Author admin Posted on

By CIPESA Staff |
As Uganda draws closer to the February 2016 presidential elections, the fever of anxiety in government corridors is rising. Over the years, election periods have seen a crackdown on social media, voices critical of the ruling party, and independent media in the guise of promoting public order and unity as well as preventing the spread of false information. This, however, has sparked debate on the fine line between preserving national cohesion and hampering free speech.
See our full analysis of Hunting Down Social Media ‘Abusers’ in Uganda as Elections Near in our Policy Briefing Series

09Feb

Reflections on Uganda’s Draft Data Protection and Privacy Bill, 2014

Author admin Posted on

Towards the end of 2014, Uganda’s government through the National Information Technology Authority (NITA-U), Ministry of Information Communication and Technology (MoICT) and the Ministry of Justice and Constitutional Affairs (MOJCA) issued a draft Data Protection and Privacy Bill for public comment. The Bill seeks to protect the privacy of the individual and personal data by regulating the collection and processing of personal information. It provides for the rights of persons whose data is collected and the obligations of data collectors and data processors; and regulates the use or disclosure of personal information.
The Collaboration on International ICT Policy in East and Southern Africa (CIPESA) welcomes the move by the Uganda Government, however, following an analysis of the Bill, we identified some areas of concern and gaps that need to be addressed. We have assembled our comments as part of the CIPESA ICT briefing series and have also submitted official comments to the government as part of the public comments phase.
Read more on our Reflections on Uganda’s Draft Data Protection and Privacy Bill, 2014 in the CIPESA ICT Briefing series and see our Formal Comments Submitted for consideration.

1 2 3