Call for Consultant: Informational Guide on Digital Security of Financial Transactions for CSOs in Uganda

Announcement |

The USAID/Uganda Civil Society Strengthening Activity (CSSA) is a five-year USAID-funded Activity implemented by East-West Management Institute (EWMI) in partnership with the International Center for Not-for-Profit Law (ICNL). The Collaboration on International ICT Policy for East and Southern Africa (CIPESA) supported by EWMI seeks to develop and implement a CSO Compliance Index for the Regulatory Framework and Digital Security.

In this year CIPESA identified the need to develop and produce an informational guide on digital security of financial transactions for CSOs. The information Guide will feed into the overall goal which is to protect and expand civic space throughout Uganda by improving the enabling environment for civil society and fostering state-civil society engagement. And specifically, as a means to provide technical assistance towards strengthening the capacity of civil society organizations (CSOs) and other stakeholders to address restrictions on civic space in Uganda.

Find the full details here.

New Reports Examine Internet Freedom Challenges in Francophone Africa

By Simone Toussi |

The situation of internet freedom in French-speaking countries in Africa is not regularly and adequately captured in research. However, two reports released in recent months move towards addressing this, as they provide a picture of the key issues affecting digital rights in up to 26 Francophone countries. The reports show that more than ever, Francophone African countries are facing pivotal choices in building a cyberspace that respects citizens’ rights and meets their needs.

Released in May 2023, the Digital freedoms in French-speaking African countries research by Agence Française de Développement (AFD) states that internet rights are at risk in most of the 26 Francophone African countries covered. The report scored and ranked the countries on the respect for digital freedoms based on barriers to access, content limitations, and violations of users’ rights.

A second study conducted by PROTEGE QV and JONCTION, with the support of the Association for Progressive Communications (APC), sheds light on the main internet freedom concerns in Burundi, Cameroon, Chad, Congo, Cote d’Ivoire and Senegal. The countries were assessed using the African Internet Rights and Freedoms Index (AIRFI) 2022 which contains 67 variables based on the 13 principles of the 2016 African Declaration on Internet Rights and Freedoms (ADIRF)

The findings of the assessment were launched at a workshop on June 20, 2023. Speaking at the workshop, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) Francophone Officer, Simone Toussi, stated that the AIRFI is “a timely tool” given the prevailing context  where the internet, despite its multiple advantages, was fostering social inequities while also sometimes serving as a tool for repression by autocratic governments.

Out of 26 countries assessed by AFD, only Mauritius and Seychelles fell in the “Free” category – meaning digital freedoms were fully respected. The worst performers were Burundi, Cameroon, the Central African Republic (CAR), Chad, Djibouti, Equatorial Guinea, and Rwanda, which were ranked as “Non-free”, indicating that digital freedoms are “in serious trouble”. Seven countries were found to be “Partially Free” and 10 countries ranked “Partially Non-Free”, meaning digital freedoms are “Partially respected” and “Partially in trouble” respectively. 

Among the major regional trends, the AFD report cites internet shutdowns; deployment of mass or targeted surveillance solutions; online censorship, such as the blocking of local and international media websites; instrumentalisation of cybersecurity and disinformation laws; and a recurrent lack of data protection laws. Meanwhile, the AIRFI assessment highlighted the exclusion of marginalised and at-risk groups; barriers in accessing affordable internet; online surveillance and censorship; intimidation, arrest and prosecution of internet users; internet disruptions; and weak privacy and data protection systems. 

The AFD report notes that 21 of the 26 Francophone African countries have shut down the internet or limited online content at least once since 2017, with Burkina Faso, Cameroon, Chad, CAR, Djibouti, Equatorial Guinea, Gabon, Mali, Senegal and Togo being repeat offenders. In 2022, Chad, Burkina Faso and Algeria shut down the internet. Furthermore, the governments of Algeria, Burkina Faso, Burundi, Equatorial Guinea and Mali reportedly applied targeted filtering to websites or blocked social media groups belonging to opposition parties or dissident groups. 

Both reports cite the weaponisation of cybersecurity and anti-disinformation laws against journalists, human rights defenders, and citizens critical of governments. The AIRFI assessment shows how cybersecurity laws of Cameroon and Burundi are weak in ensuring digital safety of citizens, journalists and human rights defenders in conflict zones. Such a situation is transposable to other Francophone African countries that do not have either a cybersecurity law – CAR, Republic of Congo, DR Congo, Djibouti and Gabon – or a diligent monitoring system dedicated to cybersecurity and the fight against cybercrime, or both. As a result, some Francophone African countries have suffered an increase in targeted cyberattacks, data breaches within government institutions and banking institutions, and ransomware attacks, as well as multiple cases of online harassment and abuse.

The lack of legislation for the protection of personal data is another concern in the region. The AIRFI assessment notes that rapid mobile penetration and social media use has led to increased data protection and privacy concerns. Many users are not aware of their rights and governments and companies continue to collect massive amounts of data without comprehensive data protection laws or oversight authorities, leaving citizens vulnerable to data theft and privacy breaches. 

The AIRF assessment also showed prevalence of surveillance, including through interception of communications and monitoring of people’s movements aided by massive data collection, and the search and seizure of people’s devices. According to the AFD report, the use of Pegasus spyware was documented in Rwanda, Togo, Morocco and Djibouti. Among the 26 countries studied, only 14 have signed or ratified the Malabo Convention, most have outdated, ambiguous or unenforced data protection laws while others, including Burundi, Cameroon, CAR, Comoros, DR Congo and Djibouti, are dragging their feet on adopting a data protection law.

The digital divide is still a challenge, with many marginalised groups left out of the digital society. The reports stress how the high costs of internet access and low internet speeds limit affordable and universal access, especially in rural areas where internet infrastructure is in short supply. Infrastructure roll out and maintenance were particularly a challenge in countries like the CAR and Mali which are faced with political instability and a security crisis linked to internal conflicts or terrorist attacks.   

Indeed, digital inclusion of marginalised and at-risk groups scored zero in most countries assessed under the AIRF index. Country reports outlined that persons with disabilities as well as refugees and displaced persons remain offline due to barriers such as language, usability challenges and mandatory SIM card registration tagged to possession of an identity card. 

According to the AIRFI assessment, countries such as Chad, Congo and Senegal are yet to take appropriate actions to ensure the right to development and access to knowledge, which are an essential catalyst of digital access, literacy and access to information. Others like Cameroon and Burundi have not taken any measures towards fostering cultural and linguistic diversity in the digital sphere.

The findings of both reports provide a comprehensive overview of the state of digital rights in Francophone Africa, and give visibility to contexts that are largely missing in existing reports on the situation of digital rights in Africa. The reports underscore that digital space in Francophone Africa will shrink further if states continue to exert more pressure on civil liberties through internet shutdowns, surveillance, limits to privacy rights, and adopt laws that limit freedom of expression, assembly and association under the pretext of combating disinformation, hate speech, terrorism and threats to national security. 

As a means towards remedy, recommendations are made to policy-makers, civil society, academia, and the private sector. Among them: the need for enactment and enforcement of rights-respecting and inclusive policy and legislation; regular documentation and assessment of digital rights developments in these countries to inform debate and design of interventions; and robust advocacy to align country digital policies and practices with human rights standards and push for transparency and accountability of governments and companies.

Submit Your Session Proposal or Travel Support Application to the Forum on Internet Freedom in Africa 2023 (FIFAfrica23)

Announcement |

The Collaboration on International ICT Policy for East and Southern Africa (CIPESA) invites interested parties to submit session proposals to the 2023 edition of the Forum on Internet Freedom in Africa (FIFAfrica23). Successful submissions will help to shape the agenda of the event, which will gather hundreds of policymakers, regulators, human rights defenders, journalists, academics, private sector players, global information intermediaries, bloggers, and developers.

FIFAfrica23, which is set to take place in Dar es Salaam, Tanzania on September 27-29, 2023, offers a platform for deliberation on gaps and opportunities for advancing privacy, free expression, inclusion, free flow of information, civic participation, and innovation online. This year will mark a decade of hosting the landmark event in various African countries, including Ethiopia, Ghana, South Africa, Uganda, and Zambia.

As part of the registration, we invite session proposals including panel discussions, lightning talks, exhibitions, and skills workshops to shape the FIFAfrica23 agenda. 

CIPESA is committed to ensuring diversity of voices, backgrounds and viewpoints in attendance and as organisers and speakers at panels at FIFAfrica. In line with this, there is limited funding to support travel for participation at FIFAfrica23. Preference will be given to applicants who can partially support their attendance and those who organise sessions.

Submissions close at 18.00 (East Africa Time) on July 14, 2023. Successful session proposals and travel support applicants will be directly notified by August 14, 2023.

The session proposal and travel support form can be accessed here.

NOTE: All data collected as part of the registration and session proposal exercise will only be used for purposes of the FIFAfrica event management.   

Follow @cipesaug on Twitter and on the dedicated FIFAfrica website for regular updates on the Forum.

Gear Up! The 2023 Forum on Internet Freedom in Africa (FIFAfrica) is Heading to Tanzania!

Announcement |

The annual Forum on Internet Freedom in Africa (FIFAfrica) hosted by the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) will be held in Dar es Salam, Tanzania on September 27-29, 2023. This year will mark a decade of the largest gathering on internet freedom in Africa, which has since 2014 put internet freedom on the agenda of key actors including African policy makers, platform operators, telcos, regulators, human rights defenders, academia, law enforcement representatives, and the media. This has paved the way for broader work on advancing digital rights in Africa and promoting the multi-stakeholder model of internet governance.

In several African countries, it is becoming increasingly challenging to utilise the internet to defend human rights, strengthen independent media, support democratisation, and demand accountable and transparent governance, or to freely access information and contribute content in the diversity of African languages. This is undermining the core principle of the internet as a free and open platform. 

The decision to host the 2023 edition of FIFAfrica in Tanzania is in recognition of the country’s progressive shift to advance digitalisation for sustainable development. Under the leadership of its first female President, Samia Suluhu Hassan, a proponent for civil rights and women’s rights, the country has undergone political and legal reforms aimed at enhancing civic space and digitalisation agenda. Notably, a data protection law has been enacted, the law governing media operations is being revised, and the  Online Content Regulations 2020 were revised to make them more supportive of online speech, privacy and access to information. 

It is upon this backdrop that FIFAfrica 2023 will offer a platform for critical engagement of diverse stakeholders in identifying the most pressing internet rights-related issues and challenges that have to be addressed at national and regional levels. Over the years, FIFAfrica has identified opportunities for bringing the debate on the importance of digital rights to national, regional and global fora. In particular, the Forum supports the development of substantive inputs to inform a wide range of conversations at organisational, national, regional, continental and global levels, including at the African Union, the African Commission on Human and Peoples’ Rights (ACHPR), the United Nations Human Rights Council, the African Internet Governance Forum (IGF), sub-regional IGFs and at the global IGF.

The growth in diversity of participants and discussions at FIFAfrica reflects the evolving trends and concerns in access and usage of the internet and related technologies.  Topics have included access to information, mass surveillance, turning policy into action, internet shutdowns, content regulation, cyber security, digital economy, online violence against women, data protection and privacy, cyber governance, open source investigative journalism, online movement building and civic building, business and big data, building research capacity in internet measurements, innovation and security in conflict territories, as well as gender-sensitive approaches to ICT Policy and decision making. 

Overall, FIFAfrica is helping to grow the community advancing digital rights in Africa, increasing awareness about and advocacy for internet freedom, while forging new alliances that advance digital rights. It elevates new voices including those of often marginalised groups such as the youth, persons with disabilities and women, and enables state and non-state actors to develop evidence-based interventions that guide policy and practice

FIFAfrica has previously been hosted in Uganda, South Africa, Ghana, Ethiopia and Zambia, with the last edition attended by up to 1,000 individuals (online and offline) from 47 countries.
A call for proposals and travel support applications will be announced soon. For updates, follow CIPESA social media (@cipesaug) accounts  on Twitter,Facebook and LinkedIn.

Capacitating Civil Society Actors to Advance Digital Rights in Africa

By Paul Kimumwe |

Internet freedom in Africa has been on the decline over the past years with several countries continually adopting repressive measures that curtail civil liberties. Many governments have embraced digital authoritarianism, which has resulted in criminalisation of speech online, internet disruptions, arrests and prosecution of social media users, and abuse of citizens’ data rights, thus undermining free expression and civic participation. 

Several governments have continually enhanced their technical capacity to intercept and monitor electronic communications, including through the installation of equipment and software or spyware that enable remote controlled hacking and eavesdropping, and deployment of video surveillance systems, some of which have facial recognition capabilities. These enhancements have been partly aided by introduction of regressive laws ostensibly to fight terrorism and to protect national order. 

Some control measures – such as trolling and cyberbullying – target critical democracy actors, including women human rights defenders (WHRDs) and journalists, and have far-reaching impacts on rights protection, including free expression, access to information and civic participation. Other measures, such as digital taxation, registration and licensing of online users, greatly undermine internet access and affordability and weaken the potential of digital technologies to catalyse free expression and civic participation.

These measures are worrying not only because they directly undermine citizens’ digital rights and their appetite for public participation but also because they endanger the safety of some critical democratic actors. Without adequate digital security capacity, activists and human rights defenders (HRDs) are not able to meaningfully undertake advocacy and engagements around human rights, transparent and accountable governance. Concerningly, digital security and safety skills are lacking among some of the most at-risk groups, yet trainers and support networks are in short supply. In this brief we review some key intervention measures necessary to  grow the capacity of  civil society actors to navigate the rising digital authoritarianism and highlight CIPESA’s work in this regard.

Shrinking Civic Space

Recent years have seen an increase in the number of reported incidents of governments in the region cracking down on civil society organisations, especially those addressing human rights and social justice issues. Various illegal means, including physical assaults, arbitrary detention, torture, killings, intimidation and surveillance by security agencies, have been adopted to limit the rights to freedom of assembly, association, expression, and access to information.

The situation was exacerbated by measures adopted by national governments to curb the spread and mitigate the effects of the Covid-19 pandemic. The different measures including the clamp down on media platforms, intimidation, arrests, detention and prosecution, affected the work and operations of HRDss and civil society organisations (CSOs) in many countries. The ability of citizens to participate in civic matters and the conduct of public affairs were also eroded. Meanwhile, HRDs, journalists, activists, the political opposition, and ordinary citizens have been forced to self-censor, disengage from participating in public affairs, and refrain from exercising their rights to participate.

Limited Capacity of Civil Society Actors

Although there has been a growing number of civil society and justice actors responding to, and challenging government excesses, some of them have been hampered by lack of requisite knowledge, skills, and tools to engage in meaningful policy advocacy. There is also limited understanding of the linkages between Information and Communication Technologies (ICT), human rights and democracy and how government control measures undermine democratic participation.

According to Ashnah Kalemera, Programme Manager at CIPESA, advancing digital rights is a new phenomenon for most of the traditional human rights organisations in Africa, “with many still trying to understand the relationship between ICT and human rights, on top of dealing with an already hostile environment.” 

Through various interventions, CIPESA is building the capacity of different social justice organisations and equipping them with the requisite skills, including research, communicating digital rights, designing evidence-based advocacy campaigns, as well as digital resilience, especially how to cope with the increasing cyber attacks.

Findings from a 2017 joint research study conducted by Small Media, DefendDefenders, the Centre For Intellectual Property And Information Technology Law (CIPIT), and CIPESA showed that in Burundi, Rwanda, Tanzania, and Uganda, most CSOs failed to demonstrate a baseline of digital security knowledge and practices.

The study noted that although the internet and other ICT had empowered CSOs to engage with the public, share information, and advocate for citizens’ rights in sometimes challenging and closed political environments, it had also offered means and tools that regional state and non-state actors utilised to interfere with their work, surveil them, and censor their voices.

Similarly, an assessment CIPESA conducted in five countries during 2020 indicated a need to bolster capacity, organisational practices, and implementation of security and safety measures for social justice organisations and staff. It also found that skills and protections (software and hardware) were low and inadequate among many HRD organisations and individuals. 

Building Digital Resilience Among CSOs

In many countries in the region, skills in digital security and safety are lacking among some of the most at-risk groups, yet trainers and support networks are in short supply. Without adequate digital security capacity, activists and HRDs are not able to meaningfully continue advocacy and engagements around human rights, transparent and accountable governance.

For several years CIPESA has provided digital security resilience including conducted training for civil society groups, HRDs and other democracy actors. Through the Level-Up programme, CIPESA has provided security support to 16 HRD organisations in Kenya, Ethiopia, Tanzania, South Sudan, and Uganda. 

The initiative helped to strengthen the participating entities’ organisational and information systems security capacity, entailed a Training of Trainers (ToT) component – which benefitted 19 individuals – to grow the network of individuals and organisations that offer digital security training and support to journalists, activists, and HRDs, and organisational security assessments. The training and support were delivered through innovative approaches to geographically distributed individuals that could not meet physically due to Covid-19 social distancing and travel restrictions.

The individuals trained in turn conducted safety and security training sessions which benefitted 120 staff of HRD organisations. The Level Up programme also conducted an assessment of organisational digital security needs and practices which informed the provision of hardware, software and security equipment to nine beneficiary organisations in four countries, and the development of organisational digital security policies.

“Several justice actors, both individuals and organisations, have fallen victims to cyber attacks, hacking, and online harassment, with some reporting loss of  their brand assets. It is therefore important to bolster their capacity, enhance their organisational practices, especially the implementation of security and safety measures related to digital and social media platforms usage by the organisations and their staff,” says Brian Byaruhanga, Technology Officer at CIPESA.

Supporting Impactful Digital Rights Advocacy and Communication

Digital rights advocacy and communication has become crucial in promoting human rights in Africa. Accordingly, CIPESA has over the years supported capacity development for CSOs, HRDs particularly WHRDs, and key duty bearers, to cultivate cross-country and cross-sectoral partnerships, and promoted joint advocacy and communications campaigns. 

In June 2022, CIPESA convened a regional advocacy and engagement training workshop in Lusaka, Zambia that brought together media, civil society and technology policy actors from 10 African countries – Ethiopia, Kenya, Malawi, Mozambique, Rwanda, South Africa, Uganda, Zambia, and Zimbabwe. The regional engagement equipped participants with a keen understanding of key digital rights trends in the region, alongside practical skills in impactful digital rights advocacy and communication.

Also in June 2022, CIPESA convened a digital rights policy advocacy webinar where participants shared their experiences, challenges and lessons learned in advocating for digital rights in Africa. Panelists were mainly drawn from the Africa Digital Rights Fund (ADRF) beneficiaries, a grant facility managed by CIPESA whose main purpose is to offer flexible and rapid response grants to select initiatives in Africa to implement activities that advance digital rights, including advocacy, litigation, research, policy analysis, digital literacy and digital security skills building 

In July 2021, CIPESA in partnership with the African Centre for Media Excellence (ACME), conducted an intensive training course on Digital Rights and Impact Communication for grantees of the ADRF. The training was preceded by a capacity and training needs assessment. The ADRF was launched in April 2019 to offer funding and capacity development to expand the pool of actors that advance digital rights in Africa, amidst rising digital rights violations.

These capacity building efforts serve to equip civil society actors with skills, knowledge, and tools to effectively engage in evidence-based advocacy as well as communicating digital rights issues. They inspire these actors to approach advocacy and communication systematically in order to increase the visibility of digital rights issues in different media and to promote public discussion of digital rights issues.

Building Capacity and Collaborations for Digital Rights Research

Evidence-based digital rights advocacy has become particularly crucial in Africa as a growing number of governments and powerful private actors continue to undermine citizens’ online rights through legal and extra-legal means. However, as the need for internet policy advocacy that is informed by research grows, it is essential to increase the amount and depth of research originating from, and relevant to, Africa. 

Over the last few years, CIPESA has responded by building capacity and enhancing collaborations for digital rights research among academia and CSOs. During the 2019 Forum on Internet Freedom in Africa (FIFAfrica19) in Addis Ababa, Ethiopia, CIPESA organised a Digital Rights Research Methods Workshop as one of the pre-events. The workshop was attended by 58 participants who included university lecturers, staff of international human rights organisations, digital rights researchers, activists, technologists, and lawyers.

The Ethiopian training built on the foundations of a five-day intensive training on internet policy research methods co-organised with the Annenberg School for Communications Internet Policy Observatory in 2018, which aimed to train, connect, and build collaboration between researchers, activists, academics and internet freedom advocates, and brought together 40 participants from 17 countries.

CIPESA has continued to build this capacity through additional training, and providing research and grant opportunities through the CIPESA Academic and Media Fellowships, which seek to nurture university students’ and early career academics’ understanding of ICT for governance, human rights and development, as well as enhance the media’s understanding of and coverage of ICT, democracy and human rights issues, respectively.

Digital rights continue to evolve alongside technological changes and advancement. CIPESA will continue to tap into the opportunity of skilling civil society personnel to facilitate knowledge building and enhance their capacity to continually engage in digital rights proactively and securely.