Promoting Effective and Inclusive ICT Policy in Africa

Blog

  HomeCollaboration on International ICT Policy for East and Southern Africa (CIPESA)  /  Blog
21Feb

How the MTN Group Can Improve its Digital Human Rights Policy and Reporting

Author CIPESA Posted on

CIPESA Writer |

These proposals are made to the MTN Group in respect of its Digital Human Rights Policy. The proposals commend the positive elements of the Policy including the proclamation to respect the rights of users including in privacy, communication, access and sharing information in a free and responsible manner. The submission points to areas where the telecoms group can further improve its role in the protection of human rights.

The United Nations Guiding Principles on Business and Human Rights (UNGPs) enjoin corporate entities to act with due diligence to avoid infringements on human rights. They also provide ways through which adverse impacts on human rights can be addressed. It is therefore commendable that MTN developed a Digital Human Rights Policy and is open to commentary and suggestions for  strengthening its implementation. It is imperative that MTN takes proactive and consistent measures to comply with international human rights instruments such as the UNGPs, the leading global framework focused on business responsibility and accountability for human rights, which were unanimously endorsed by States at the United Nations in 2011.

Some of the Principles that MTN needs to pay close attention to include the following:

 Principle 11: Business enterprises should respect human rights. This means that they should avoid infringing on the human rights of others and should address adverse human rights impacts with which they are involved.

Principle 13: The responsibility to respect human rights requires that business enterprises (a) Avoid causing or contributing to adverse human rights impacts through their own activities, and address such impacts when they occur; (b) Seek to prevent or mitigate adverse human rights impacts that are directly linked to their operations, products or services by their business relationships, even if they have not contributed to those impacts.

Principle 15. In order to meet their responsibility to respect human rights, business enterprises should have in place policies and processes appropriate to their size and circumstances, including:

(a) A policy commitment to meet their responsibility to respect human rights;

(b) A human rights due diligence process to identify, prevent, mitigate and account for how they address their impacts on human rights;

(c) Processes to enable the remediation of any adverse human rights impacts they cause or to which they contribute.

Principle 23:  In all contexts, business enterprises should:

  1. Comply with all applicable laws and respect internationally recognised human rights, wherever they operate;
  2. Seek ways to honour the principles of internationally recognised human rights when faced with conflicting requirements;
  3. Treat the risk of causing or contributing to gross human rights abuses as a legal compliance issue wherever they operate.

Respect for digital rights is also stipulated in the Declaration of Principles on Freedom of Expression and Access to Information in Africa of 2019 which MTN needs to be cognisant of as part of efforts to ensure that it upholds respect for human rights.

CIPESA Proposals to the MTN Group
The MTN Group is a market leader in various service areas in several countries where it has operations. It is also a key employer and tax payer, and by facilitating the operations of other sectors,  MTN is a key contributor to the Gross Domestic Product (GDP) and to the health of the respective countries’ economies. It is crucial that the company develops and effects a robust Digital Human Rights Policy. Notably, MTN has trailed other operators, such as Orange, Millicom and Vodafone in rolling out a digital rights policy, and in transparency reporting.

While MTN last year issued its inaugural transparency report as part of its annual reporting, there are areas of concern for which we make the following recommendations:

  1. Provide more granular and disaggregated data about the number and nature of requests MTN receives from government agencies. At present, it is not clear how many of those requests relate to the release of users’ identifying data, how many were on metadata, and how many were on rendering support to communication monitoring and interception. Besides providing such a breakdown, MTN should also explain how many requests, if any, were not adhered to and why. Further, the report should indicate which particular government departments made the requests and whether all their requests were backed by a court order.
  2. Provide more nuanced information in reporting on the Digital Human Rights Policy to enable the contextualisation of country-specific explanations of government requests. In the last report, for instance, it is difficult to comprehend the information on government requests from Uganda. Given that Uganda is one of the countries where MTN has the largest number of subscribers, and given that country’s human rights record, the numbers are inexplicably few (12 in total) compared to Congo Brazzaville (1,600), eSwatini (3,661), Ghana (1,642), Guinea Conakry (6,480), Ivory Coast (4,215), Nigeria (4,751), Rwanda (602), South Africa (15,903), South Sudan (1,748), Sudan (5,105), and Zambia (8,294).
  3. In its transparency reporting on implementation of its Digital Human Rights Policy, MTN should reflect on the role of local laws and regulations in enabling or hampering the realisation of digital human rights. What elements are supportive and which ones are retrogressive? Which grey areas need clarification or call for repeal of laws?
  4. Include in the MTN transparency report a detailed and analytical section on network disruptions, as these are highly controversial and have wide-ranging economic, public service and human rights impacts yet they are becoming endemic in many of the countries where MTN operates. Further, MTN should include information on whether it received (or demanded – as we propose it should) written justifications from regulators (or government officials and bodies who issue shutdown orders) for the shutdown orders, including citation of the specific laws and provisions under which they are issued and the situation that warranted invoking the disruption. Additionally, the MTN Group should commit to scrutinise each demand, order or request and challenge them if they are not clear, specific, written, valid or do comply with national laws. It should also keep a written record of such demands, orders or requests.
  5. The MTN Policy and reporting should have a section and actions dedicated to inclusion of marginalised groups, a key area being enabling access and accessibility for persons with disabilities. Research conducted by CIPESA showed that, in countries where it operated, MTN had not taken any deliberate efforts to make its services more accessible to persons with disabilities. Beyond the additional section, MTN should appoint / designate Inclusion and Human Rights Ambassadors, and build the capacity of internal teams to facilitate engagement and compliance with digital accessibility obligations.
  6. MTN should take a proactive stance in making its Digital Human Rights Policy, including country-specific transparency information, well publicised among users, civil society and government officials in the respective countries. This will aid the growth of knowledge about MTN policies, inspire other companies to respect human rights, and draw feedback on how MTN can further improve its human rights policies and practices.
  7. MTN should develop relationships with, and have proactive and sustained engagements with civil society, consumer groups and governments on the implementation of its Digital Human Rights Policy. Such engagements should not only be post-mortem after-the-fact reviews of reports after their publication but should be continuous and feed into the annual reporting. This engagement should also include external experts and stakeholders in the conduct of regular human rights due diligence as envisaged by Principle 15 of the UNGPs. Such engagements could also relate to raising concern on the national laws, policies and measures which pose a risk to digital rights.
  8. As part of due diligence, MTN should periodically assess and examine the impact of its enforcement of its terms and service, policies and practices to ensure they do not pose risks to individual human rights, and the extent to which they comply with the UNGPs and are consistent with its Digital Human Rights Policy. Such assessments are essential to determining the right course of action when faced with government requests and other potential human rights harms.
  9. MTN should add to its Policy and make public its position on network disruptions and outline a clear policy and the procedures detailing how it handles information requests, interception assistance requests, and disruption orders from governments.
  10. Support initiatives that work to grow access, affordability, and secure use of digital technologies, and speak out about any licensing obligations and government practices that undermine digital rights.
  11. Join key platforms that collaboratively advance a free and open internet and respect for human rights in the telecommunications sector, such as the Global Network Initiative (GNI), endorse the GSMA Principles for Driving Digital Inclusion for Persons with Disabilities, and align with local actors on corporate accountability (such as the Uganda Consortium on Corporate Accountability).
  12. MTN should at a minimum, provide simple and clear terms of service, promptly notify users of decisions made affecting them, and provide accessible redress mechanisms and effective remedies.
  13. MTN should institutionalise its commitment to digital rights by putting in place a governance structure at the country level with oversight at a senior level, train its employees on the policy, and create awareness among its customers to ensure the realisation of the policy.

CIPESA stands ready to continue to engage with MTN on ways to improve and effect its Digital Human Rights Policy. We can be contacted at [email protected].

27Jan

Data Privacy Still A Neglected Digital Right in Africa

Author CIPESA Writer Posted on

By Juliet Nanfuka |

In recent years, the threats to data privacy have evolved at a quicker pace than the development of regulatory frameworks dedicated to safeguarding the right to privacy, especially in the digital era. Currently, just over half of African countries have enacted privacy laws and policies. Still, the right to privacy is repeatedly under threat through the introduction of new laws  that  facilitate  surveillance  and  the  collection  of  biometric  data  and  limit  the  use  of  encryption. There are growing concerns that in several African countries, government agencies and private entities are collecting and processing personal data without adequate data protection frameworks, amidst weak oversight mechanisms and inadequate remedies.

Most African countries are parties to international human rights instruments such as the International Covenant on Civil and Political Rights (ICCPR) and the Universal Declaration of Human Rights (UDHR) which provide for the right to privacy. However, the African Charter on Human and Peoples’ Rights does not provide for the right to privacy, although its article 9 has been interpreted to encompass the right to privacy.

Meanwhile, the continent’s model instrument on privacy and data protection, the African Union Convention on Cybersecurity and Personal Data Protection, has been signed by 14 countries and only eight countries had ratified it by June 2020. Indeed, adherence to these instruments remains low.

“In recent years, various African countries have enacted  laws  and  policies  to  regulate  the  right  to  privacy.  Many of  the  laws  enacted  do  not  measure  up to  international  human  rights  standards  and  fail  to  establish  clear  and  appropriate  oversight,  redress  and  remedy mechanisms.” CIPESA Mapping and Analysis of Privacy Laws in Africa

Increased digitalisation, which was accelerated by Covid-19, has seen rising use of  technology in health, business, education, and civic participation and engagement, necessitating greater need for progressive personal data privacy policies and practices. However, as many positive developments emerged in the region so did gaps in the respect for data protection and privacy  in the numerous state responses.

See: How Surveillance, Collection of Biometric Data and Limitation of Encryption are Undermining Privacy Rights in Africa

For example, Ethiopia has embarked on a national digital identification (ID) biometric-based project which it argues will support access to services for citizens and hasten trade relations with other nations on the continent. However, the country has no comprehensive data protection law.  In 2020, the government published the draft Personal Data Protection Proclamation which is yet to come into force.

In Kenya, the Data Protection Act, 2019 which establishes the Office of the Data Protection Commissioner also prohibits the sharing of data with third parties without consent of the data subjects and requires that individuals are informed when their data is being shared and for what purposes. In December, an amendment to the Central Bank of Kenya Act addresses digital lenders that share personal data of loan defaulters with third parties could have their licenses revoked. Tactics used by lenders reportedly included calling friends and family, to shame and compel their borrowers to repay the loans.

In South Africa, the data privacy debate recently surged when the Department of Basic Education stated that high school leaving exam (National Senior Certificate) results would no longer be published on media platforms, in line with the Protection of Personal Information Act (POPIA). However, a court ruled against the department and instructed that the results be published publicly on media platforms and newspapers. Historically, the results have been made available with students identified through their ID numbers or exam numbers. The Department argued that in order to publish the results, it would have to seek consent from every pupil per the POPIA.

Private entities in South Africa have also come under scrutiny for their surveillance systems’ compliance with privacy regulations and their data privacy practices. Among these entities is Vumacam, which in 2021 announced that it was gearing up to instal additional “hundreds of thousands of cameras” in the country. Vumacam currently has over 5,000 cameras that have been installed in Johannesburg suburbs since 2019.

The concerns raised about private surveillance actors in South Africa echo those that have emerged about state actors in Botswana, Equatorial Guinea, Kenya, Morocco, Nigeria, Uganda, Zambia, and Zimbabwe who have heavily invested in state-run video surveillance systems commonly referred to as “Safe Cities” – which in the absence of sufficient safeguards, present risks through their collection and processing of personal data.

Indeed, there are concerns on the true extent to which governments are committed to ensuring citizens’ data privacy rights. In 2019, Clément Voule, the United Nations Special Rapporteur on the Rights to Freedom of Peaceful Assembly and of Association, stated that a surge in legislation and policies aimed at combating cybercrime had also opened the door to punishing and surveilling activists and protesters in many countries around the world.

See this Mapping and Analysis of Privacy Laws in Africa

Among the ways in which data privacy is being undermined through legislation and policy is by increasing restrictions to the use of anonymity and encryption – both of which are fundamental to upholding other rights including press freedom, access to information and freedom of expression. States fear the use of anonymisation and encryption tools will hamper their capacity to fight terrorism and crime.

See this Policy Brief on How African States Are Undermining the Use of Encryption

Anonymity and encryption protect privacy, and without effective protection of the right to privacy, the right of individuals to communicate anonymously and without fear of their communications being unlawfully detected cannot be guaranteed. Whether used to protect sensitive information or to verify identities, individuals and corporations alike benefit from cryptographic software in a world that is becoming increasingly networked.

In the absence of robust oversight, legal and practical safeguards, and the selective application of data protection laws, data privacy remains a primary concern for digital users in several African countries.  This is compounded by  governments who continue to encourage and support an enabling environment that facilitates efforts by state and non-state actors to undermine privacy-related rights at the cost of numerous digital rights in Africa.

—————————————————————————————————————-

This Data Privacy Day (January 28), the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) reaffirms its commitment towards advancing effective policy that shapes and informs a progressive data privacy landscape in Africa. See some of our blogs and indepth research reports on data privacy and protection in Africa.

27Jan

Centering Digital Rights and the Digital Economy in Encryption Regulation

Author CIPESA Writer Posted on

By CIPESA Writer |

In many African countries, the regulation of the use of encryption considers “national security” as the predominant concern and gives limited consideration to other areas that would benefit from the use of secure tools and technologies. Accordingly, many countries in the region are saddled with laws that unreasonably limit the use of encryption by individuals and businesses, which in turn undermine digital rights and the digital economy.

Encryption technologies enable users of digital technologies, including the internet and messaging services, to protect the confidentiality of their data and communications from unwarranted interception, observation and intrusion. Such protections are essential for businesses to thrive and be resilient, in addition to being key considerations by their customers. Those protections are crucial for individuals to enjoy their rights to privacy, free expression, and public participation.

As the world marks the Data Privacy Day on January 28, it is imperative that reflection is drawn onto Africa’s performance in regards to the role that encryption regulation plays in human rights protection online and promoting the digital economy.

The Digital Economy

The digital economy in Africa is steadily growing and contributes significantly to countries’ Gross Domestic Product (GDP), besides being a notable direct employer.  As of the end of 2021, around 33% of individuals in Africa used the internet, while there were eight mobile cellular telephones for every 10 individuals in the region, according to the International Telecommunications Union (ITU) figures.

Across the continent there has been significant growth in the penetration, access, and usage of Information and Communications Technologies (ICT). At the same time, the use of ICT is taking centre stage in education, health, economic, and governance sectors. It is also driving financial inclusion, with fintechs proliferating at high speed. In 2020, mobile technologies and services generated more than USD 130 billion of economic value added (or 8% of GDP) in Sub-Saharan Africa, according to the GSMA. In that year, the value of transactions on mobile money platforms in the region reached USD 490 billion.

Many governments are undertaking digitalisation programmes and have prioritised the integration of technology into more sectors to drive economic and social transformation. However, the growing rate of digital transformation in Africa is creating new cybersecurity threats which must be addressed to unlock new pathways for technology-enabled  economic growth, innovation, job creation and service delivery.

Regulation that facilitates the use of strong encryption by individuals and companies as opposed to limitation and prohibition of use is one way of nipping those risks in the bud and building trust and confidence to embrace and participate in the digital economy.

Various countries’ laws require registration and licensing of encryption service providers, and regulators have extensive powers to prohibit the use of some encryption technologies. Moreover, offering encryption services without licenses attracts penalties, as does failure to hand over secret encryption codes to state authorities, or using prohibited encryption tools. How African Countries Undermine Use of Encryption.

In 2021, research by the Internet Society (ISOC) showed that laws that undermine encryption can significantly harm the national economy, with the single biggest source of adverse economic effects being the indirect threat that such laws pose for trust in the internet and digital services. This reduced trust in data security depresses aggregate demand across the digital economy and induces firms to incur higher costs in attempts to build trust in their services.

Digital Rights

Compelled assistance by service providers as part of interception of communications, including the requirement to decrypt encrypted data and communications or disclose encryption keys gives governments and their agencies unfettered access to personal data, undermining citizens’ right to privacy and various other digital rights. Countries including Benin, Gabon, Namibia, Niger, Nigeria, Sierra Leone, and Zimbabwe prohibit service providers from providing any communications services that cannot be lawfully intercepted.

Such prohibitive regulations undermine digital rights in similar ways to laws on surveillance, which impose undue liability on intermediaries, and fail to provide for strong judicial oversight over surveillance operations. Meanwhile, data localisation requirements in some countries further grant authorities easier access to data for decryption and surveillance purposes with or without compelled assistance, “as they would not need to go through foreign countries’ or intermediaries’ data management protocols to access this data”, as highlighted by recent CIPESA research. Combined with mandatory SIM card registration and growing biometric databases, they thus contribute to the regressive situation for online freedom in a region fraught with human rights abuses and violations.

Securitising Encryption

Various countries regulate the use of encryption with national security as the sole key consideration. In Ivory Coast, the Telecommunications Regulatory Authority (ARTCI) is tasked to ensure that no service provider employs encryption that is contrary to public order or which undermines the interests of national defence, internal or external security of the state. Similarly, in the Central African Republic, the Electronic Communications Law of 2018 empowers the security minister to approve encryption services “based on the need to preserve the internal and external security of the state and national defence.”

Moroccan legislation restricts the import and use of encryption “to prevent its use for illegal purposes, and to protect the interests of national defence and the internal or external security of the State.” In that spirit, in 2015, the responsibility for authorising and monitoring encryption in Morocco was moved from the civilian National Telecommunications Regulatory Agency (ANRT) to the military’s General Directorate for the Security of Information Systems (DGSSI).

In Algeria, the acquisition and use of encryption by individuals and organisations must be authorised by the Regulatory Authority of Post and Electronic Communications (ARPCE) after approval by the Ministry of Defence and the Ministry of the Interior. Further, Algerian law requires that the type and nature of the equipment that will be used, list of cryptography algorithms, the size of the encryption keys, the type of virtual private network (VPN) used, the authentication methods, and the Public IP address, be provided to the regulator while applying for authorisation.

Many other countries require registration, while also requiring service providers to disclose the technical characteristics of the cryptology means, and the source code of the software used. Concerningly, some countries (including Benin, Gabon, Namibia, Niger, Nigeria, Sierra Leone, and Zimbabwe) prohibit service providers from providing any communications services that cannot be lawfully intercepted.

Overall, these limitations to the use of encryption go against Principle 40(3) of the Declaration of Principles on Freedom of Expression and Access to Information in Africa, which provides that “States shall not adopt laws or other measures prohibiting or weakening encryption, including backdoors, key escrows, and data localisation requirements unless such measures are justifiable and compatible with international human rights law and standards.”

Ultimately, all laws that place undue restrictions on the use of encryption tools should be repealed.

To promote the use of encryption in the region, it is imperative to desist from the current trends towards securitisation of encryption regulation. While governments often require surveillance to curb crime, laws should not outrightly prohibit or criminalise the use of encryption technologies. Rather, they should be supportive of legitimate state interests, which  also robustly protect digital rights and support growth of the digital economy.

30Dec

Towards an Accessible and Affordable Internet in Africa: Key Challenges Ahead

Author CIPESA Writer Posted on

By Paul Kimumwe |

Over the last few years, Africa has experienced exponential growth in internet access spurred by mobile internet, which stood at 28% penetration  in 2020. However, internet access and affordability are still a major challenge for the majority of Africans, especially the rural poor, women, and persons with disabilities.

According to the State of Mobile Internet Connectivity 2021, Sub-Saharan Africa has the largest coverage gap (those living in areas without mobile broadband coverage) at 19%, which is more than three times the global average. While internet access has become more affordable, particularly through mobile phones, costs are still high and unaffordable to many in the region, who remain offline.

A new brief by CIPESA explores some of the retrogressive measures that undermine citizens’ rights to access a reliable and affordable internet in Lesotho, Mozambique, Tanzania, Uganda, Zimbabwe, and Zambia. Some of these measures include digital taxation that has led to increases in internet costs, registration and licensing of online users that imposes high licensing fees and tough penalties, network disruptions including internet shutdowns that lead to inaccessibility of the internet, and the failure to provide enabling infrastructure that exacerbates the digital divide.

Many governments have been eager to increase their tax base, particularly from the telecommunications sector and over-the-top (OTT) services, which they claim are eating into the revenues of licensed operators. Several other governments have slapped taxes on mobile phone handsets and other devices. These costs are passed on to consumers, thereby raising the cost of owning and using a mobile phone and accessing the internet.

In addition, the lack of an enabling infrastructure, including lack of access to reliable electricity, has been a major hurdle to broadband adoption in many African countries. It is  estimated that 45% of Africans live farther than 10 kilometres from the network infrastructure essential for online education, finance and healthcare services.

Network disruptions including internet shutdowns, internet throttling and social media blockages have recently become endemic in several African countries, and present yet another hurdle. Governments have sometimes shut down or restricted access to the internet or to social media platforms in an attempt to limit or control conversations online and prevent mobilisation for potential pro-democracy protests. The disruptions have mostly been initiated around election times, public protests, and during national exams.

Various countries have also adopted the registration and licensing of online users on whom they impose high licensing fees and tough penalties. This has forced many online users to abandon their platforms due to the high costs and threats of prosecution. Many of those who are online routinely practice self-censorship for fear of attracting reprisals.

The lack of internet access requires immediate counter action by several countries especially given the overbearing effects of digital exclusion caused by the Covid-19 pandemic. Countries with better access to online platforms for business and education are reaping faster economic rebounds compared to unconnected economies. The internet plays a vital role in the realisation of human development and facilitates the enjoyment of several human rights and freedoms, including the right to freedom of expression and information, the right to education, the right to assembly and association.

According to the brief, African governments need to recognise and nurture the true potential of the internet in driving inclusive economic growth and development, as well as digital transformation, especially in the post-Covid pandemic era. This calls for robust investments in internet infrastructure, digital literacy and refraining from taking actions that undermine the transformative potential of digital technologies.

See the full brief here.

23Dec

Sudan’s Bad Laws, Internet Censorship and Repressed Civil Liberties

Author CIPESA Posted on

By Khattab Hamad and CIPESA Writer | 

On December 19, 2021, the third anniversary of the start of the uprising that overthrew former Sudanese strongman Omar al-Bashir, protests against the current military rulers rocked the capital Khartoum. Yet these demonstrations are only a small part of the north African country’s challenges, as it remains saddled with a slew of repressive laws that undermine civil liberties, with the digital civic space particularly under attack.

Sudan’s 2019 constitution grants citizens the right to privacy (article 55) and to free expression (article 57) and “the right to access the internet” (article 57(2)). As of December 2020, Sudan had 34.2 million mobile subscriptions while internet subscriptions stood at 13.7 million, representing a penetration of 31%. Sudan has the most affordable mobile internet in Africa and is ranked among the five least expensive countries for mobile internet globally.

Despite the constitutional guarantees and proliferation of technology, a new briefing paper by the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) shows that the state of digital rights remains precarious, with the cybercrimes law enabling the military rulers to harass dissenters and critics under the guise of fighting false information online. 

Frequent internet shutdowns remain a constant reminder that the government will go to great lengths to control access to and use of digital technologies for mobilisation. In the last three years, six internet disruptions have been recorded, mostly ordered to thwart public protests against bad governance. The disruptions have had significant economic implications and only ended following the intervention of the courts. 

The brief explores the repressive elements of media and technology-related laws and how they have been used to undermine freedom of expression, access to information and press freedom in the aftermath of al-Bashir’s overthrow. Overall, while there have been some improvements since al-Bashir’s ouster, the current government continues to institute regressive measures such as news website blockages and censorship. The latest power machinations that saw the military stage a coup on October 25, 2021 are making matters worse. 

The Sudanese Professionals’ Association (SPA), which spearheaded the uprising that overthrew al-Bashir, extensively used digital technologies to disseminate news about the uprising and to mobilise citizens to attend protests. The military rulers that succeeded Bashir seem to have realised the power of technology in mobilisation and embarked on continuous disruption of the internet, in addition to instituting other measures to curtail online organising, freedom of expression, and the free flow of information online.

Bashir’s dictatorship initiated internet disruptions in view of public protests calling for his overthrow, but the government that succeeded him has been more prolific in utilising shutdowns to try and shut off criticism and protests. 

The longest internet disruption in Sudan’s history was recorded in 2019 and lasted 37 days. During protests around the time the shutdown was initiated, more than 100 protesters were killed. The latest shutdown started on October 25, 2021 and lasted 25 days. It was instituted after Lt. Gen. Abdel Fattah al-Burhan seized control of the government. The shutdown was ended by a court order on November 11.

In July 2021, Sudanese authorities blocked more than 30 local news websites in the run up to protests demanding the resignation of the government, a move that severely undermined the right to expression and access to information.

Meanwhile, the cybercrime law of 2020 punishes publishing “lies” and “fake news” online with a heavy penalty of four years imprisonment, or flogging, or both. This law has been used by the military to silence activists and critical state officials. Even Lt. Gen. Burhan has this year invoked it to bring a suit against a prominent critic. The Press and Publications Law of 2009 equally has repressive provisions and was last August controversially invoked to suspendAlitibaha and Alsayha newspapers.

In 2020, Sudan issued the National security law amendment of 2020, article 25 of which leaves latitude for staff of intelligence agencies to violate citizens’ privacy by giving the Sudanese General Intelligence Service “the right to request information, data, documents or things from anyone to check it or take it” without a court order. Last October, military forces that staged a coup appeared to use this provision to search people’s phones in the streets to delete documentation of human rights violations perpetuated by security forces.

See the policy brief for further details on Sudan’s Bad Laws, Internet Censorship and Repressed Civil Liberties.

1 30 31 32 33 34 158