Analysis of Tanzania’s Electronic and Postal Communications (Online Content) Regulations 2017

Policy Brief | The proposed Electronic and Postal Communications (Online Content) Regulations, 2017 join the catalogue of legislation related to online content in Tanzania that threaten citizens’ constitutionally guaranteed rights to freedom of opinion and expression and the right to seek, receive and impart information. The regulations were developed pursuant to section 103(1) of the Electronic and Postal Communications Act, 2010 (EPOCA), which empowers the Minister of Communications to make regulations on content related matters. Enacted in March 2010, the EPOCA aims to keep the communications sector abreast with developments in the electronic communications industry by providing for a comprehensive regulatory regime for electronic communications and postal communications service providers.
The regulations specify obligations of service providers and users of online platforms including social media, discussion forums, and online broadcasts (radio and television). They also confer powers upon the Tanzania Communications Regulatory Authority (TCRA) to regulate online content, including through registration of users and platforms, and taking action against non-compliance with the obligations, such as ordering the removal of “prohibited content.”
The regulations have some important provisions and set minimum standard requirements with regards to the protection of children online, fighting hate speech and extremism online, and promoting user responsibility and digital security practices. However, the regulations should to reviewed and amended to have clear, unambiguous definitions and wording, and quash the requirement for registration of bloggers and users of similar online platforms. It is also essential that not too much power is vested in TCRA with regards to content take-downs and that diversity in content availability online is promoted. The obligations set out should not turn content service providers and publishers into monitors, by handing them responsibility such as use of moderating tools to filter content, conducting content review before publication, and undertaking mechanisms to identify sources of content.
Moreover, there should be a clear appeal mechanism against orders to remove or block content, and such remedial measures should also be applicable once an order for blockage or removal has been issued but not yet been effected. Overall, the regulations should uphold citizens’ rights to privacy, access to information and free expression. Furthermore, TCRA, pursuant to EPOCA’s objectives of promoting a developed telecommunications sector in Tanzania, should ensure that the regulations foster internet access and affordability without placing undue requirements on service providers or making costs prohibitive, which would act as a barrier to market entry, including for public access facilities such as internet cafes.
Read CIPESA’s analysis of the implication on access to the internet, intermediary liability, user privacy, censorship, surveillance and freedom of expression of the proposed regulations in Tanzania.

Tanzania Court Deals a Blow to Intermediary Liability Rules

By Ashnah Kalemera |
A court in Tanzania has dealt a blow to the rules governing the country’s internet intermediaries, after ruling that requests for disclosure of user information for law enforcement purposes pursuant to the Cybercrimes Act (2015) are not arbitrary. In a March 8, 2017 ruling, three judges of the court in Dar es Salaam also ruled that the absence of regulations to govern the enforcement of the Act did not render the controversial law unconstitutional.
The ruling dismissed a petition filed by Jamii Media, proprietors of the popular Jamii Forums discussion platform, who argued that Section 32 of the Cybercrimes Act was arbitrary and contrary to citizens’ right to privacy guaranteed by article 16 (1) of the country’s constitution. Jamii filed the petition last April, after receiving three notices from police demanding that it discloses the personal details of up to four users who had posted on the forum information on political tensions among members of the ruling party Chama Cha Mapinduzi, and scandals in one of the country’s leading banking institutions.
The notices, issued during January and February 2016 pursuant to Section 32 of the Act, demanded disclosure of the names of the users, their emails and Internet Protocol (IP) addresses. Last December, Jamii Forums founder Maxence Melo was charged with obstruction of investigations under Section 22 of the Cybercrimes Act for failure to comply with the disclosure notices.

Section 32 of the Cybercrimes Act provides:
(1) Where the disclosure of data is required for the purposes of a criminal investigation or the prosecution of an offence, a police officer in charge of a police station or a law enforcement officer of a similar rank may issue an order to any person in possession of such data compelling him to disclose such data.
(2) The order issued under subsection (1) shall be granted to a law enforcement officer who shall serve the order to the person in possession of the data.
(3) Where the disclosure of data cannot be done under subsection (1), the law enforcement officer may apply to the court for an order compelling:
(a) a person to submit specified data that is in that person’s possession or control; or
(b) a service provider offering its services to submit subscriber information in relation to such services in that service provider’s possession or control.
(4) Where any material to which an investigation relates consists of data stored in a computer system or device, the request shall be deemed to require the person to produce or give access to it in a form in which it is legible and can be taken away.

In its petition, Jamii Media argued that no procedures were in place to enforce Section 32 as required under Section 39 (2) of the Act to govern the circumstances and procedure of disclosure by intermediaries. Section 39 (2) states that the Minister for Information and Communication Technology shall “prescribe the procedures for service providers to avail competent authorities, at their request, with information enabling the identification of recipients of their services”.
However, the judges noted that, often, for laws that provide for putting in place regulations by the Ministers responsible, “it takes a while before the said regulations are formulated.” This implied that intermediaries were obliged to honour disclosure notices in the absence of the regulations.
In their defense, the Tanzania Police argued that they had the duty to carry out investigations and prosecution of offences and maintained that the disclosure notices issued to Jamii Media were “justified”. According to the state attorney, the disclosure notices did not infringe upon citizens’ right to privacy because they were “intended to obtain the names of people who have published information that may turn out to be relevant to some offences under investigation”. The state attorney added that the Cybercrimes Act did not require the police to disclose to the recipient of the disclosure notices the offences under investigation.
Meanwhile, Jamii Media also argued that under sub-section 32 (4), the 2015 Act confers powers upon authorities to require the surrender of devices on which information is contained, without any safeguards. “If an investigator takes away one such device in order to access one piece of information relevant to a particular investigation, there is no guarantee that by taking the same, the investigation will not access other pieces of information contained in the same device and [which are] irrelevant to the matter being investigated,” it argued.
Judges ruled that Section 32 (4) did not empower the police to take away the devices as contended. “Our understanding of that section is that the person to whom the request has been made, like the petitioner in this case, may print the information such that it can be read and/or taken away by the investigators in printed form,” the judges stated.
Citing jurisprudence including provisions under Article 19 (2) and (3) of the International Covenant on Civil and Political Rights, the judges considered that Section 32 of the Cybercrimes Act was “proportional” for balancing individual human rights on the one hand and public interest on the other.
Lawyers representing Melo in the ongoing case plan to file submissions for police to seek court’s intervention for mandatory disclosure pursuant to provisions of the Act and dismiss the obstruction charges.
For more on the government’s tactics to stifle citizens’ digital rights in Tanzania see the State of Internet Freedom in Tanzania 2016 report.
 

Promoting Access to Information and Digital Safety Awareness among Tanzanian Journalists For Upcoming Elections

By Gasirigwa G.S |
As the 25 October general election draws closer in Tanzania, journalists have been urged to be impartial in their reporting. Many have also taken steps to ensure that their digital communication is not compromised particularly when seeking information during the electioneering period.
In August, the Media Institute of Southern Africa (MISA) Tanzania Chapter, in partnership with the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) organized two training workshops on access to information with special focus on digital safety for Media practitioners in Tanzania. A total of 40 journalists (13 women and 27 men) from Geita, Mara, Mwanza and Dar es Salaam received practical digital safety skills against a backdrop of discussion on the Access to Information and Media Services bills as well as the recently passed Cybercrime Act 2015 and Statistics Act, also of 2015..
The objective of the workshops was to enhance knowledge and skills of selected media personnel in various outlets in order to enable them to access relevant information, cover and report  factually and responsibly during the 2015 general election.
Participants most of whom had no prior knowledge of what the proposed and enacted laws entailed had the chance to discuss and deliberate on how safely they can cover the ongoing campaigns and the October elections without falling on the wrong side of the laws.
In February, the government of Tanzania attempted to table and pass the Access to Information (ATI) and Media Services bills under certificate of urgency. The attempt was blocked by media and access to information activists under the Coalition of Right to Information (CORI) with support from Members of Parliament.  Tabling the bills under certificate of urgency meant that they would be passed into law without stakeholders review and input. CORI argued that the bills were draconian and shouldn’t be passed without earnest consultations with stakeholders.
The proposed access to information bill contains a number of provisions which are contrary to the country’s 1977 Constitution. Section 2 (4) of the bill states: “Nothing in this Act shall limit or otherwise restrict any other legislative requirement for a public authority to disclose information.” Under this provision public authorities could continue to withhold information despite the fact that the law is aimed at promoting information availability in the public domain.
The Bill further exempts the disclosure of certain information, placing vague restrictions on information which may: undermine national security; is likely to impede due process of law or endanger safety of life of any person; undermine lawful investigations being conducted by law enforcements agencies; and “significantly” undermine the operations of Tanzania Broadcasting Corporation (Section 6).
Other proposed provisions carry even wider violation of right to information. For example, Section 18(1) of the Bill states that “Information obtained by a person requesting from the information holder shall not be for public use”. Any person who contravenes this provision commits an offence and shall, upon conviction, be liable to imprisonment for a term not less than five years.
In a separate move, the government tabled and passed into law the Cybercrime Act and Statistics Act under certificates of urgency, making them operational as of September 1, 2015.
For its part, the Cybercrimes Act among many other things, criminalizes and penalizes the publication of “information, data or facts presented in a picture, texts, symbol or any other form in a computer system where such information, data or fact is false, deceptive, misleading or inaccurate”. Offenders are liable for at least six-months imprisonment and/or a fine of Tanzania Shillings (TZS)3 million (USD 1,380). The law also provides for at least three years in prison and/or a fine of at least TZS 10 million (USD 4,600) for publication of materials that incite, deny, minimize or justify acts that constitute genocide or crimes against humanity.
Regarding the initiation of transmission or re-transmission of unsolicited messages, the Cybercrimes Act provides for at least one year in prison and/or a fine of TZS3 million (USD 1,380) or three times the value of any undue advantage gained, whichever is higher.
The workshops were eye openers for many who stated they were not aware that several programmes and news items being run could potentially violate new laws. An editor expressed concern on content previously published which might be in contravention to the Cybercrimes and Statistics Acts and “could get us into trouble with the law.”
Moreover, the government through Tanzania Communication Regulatory Authority (TCRA) introduced the Subsidiary Legislation known as the political broadcasting services Code of 2015. The Code was gazetted in June this year and communicated to media owners in a seminar organized by TCRA. The code, which is not available in softcopy has serious implications on electronic media (Radio, TV and Social Media) during reporting of election issues.
The workshops served as opportunities to familiarise journalists with the recently passed laws and tabled bills. During the proceedings, journalists were also reminded that although the Media Services and Access to Information bills were not passed by parliament, the Newspaper Act of 1976 remained operational and media practitioners remain bound by it.
“I didn’t not know about this Broadcasting Code, TCRA summoned us bloggers to a meeting and made us sign a document that we were told was just guidelines for media and online users. They never told us we were signing our own jail warrants”, added Geofrey Adroph, photographer and blogger.
In light of the new and existing laws, the workshops and interactions made participants revisit ethical considerations and reporting guidelines in the run up to, during and after the elections.