Overview of Cameroon’s Digital Landscape

By Simone Toussi |

The Information and Communications Technology (ICT) sector in Cameroon has evolved considerably since 2010, despite the persistence of the digital divide and affronts to freedom of expression online. The country’s digital landscape was  boosted by the launch in May 2016 of the National ICT Strategic Plan 2020, which recognised the digital economy as a driver for development. The country has registered increased investments in  telecommunication and ICT infrastructure, including extension of the national optical fibre backbone to about 12,000 km, connecting 209 of the country’s 360 sub-divisions, and neighbouring countries such as Chad, Gabon, Equatorial Guinea, the Central African Republic and Nigeria. 

By 2018, the Ministry of Posts and Telecommunications reported that mobile phone  subscribers stood at 18.8 million representing a penetration rate of 83%, while internet penetration was 35%. There are four big telecommunications service providers in Cameroon – MTN, Orange, Viettel and the state-owned CAMTEL. With 48% of the mobile market share or 8.7 million subscribers, MTN is the leading service provider, according to its report for the first quarter of 2019. 

Over the years, Cameroon has scored some improvements in ICT development and affordability. For instance, on the ICT Development Index (IDI) of  the International Telecommunications Union (ITU), its value improved from 1.54 in 2010 to 2.38 in 2017 – against the highest global value of 8.98 for Iceland, and between the highest African value of 5.88 for Mauritius and the lowest 0.96 for Eritrea. Cameroon thus ranked at 149  out of the 176 countries assessed, with more than twenty African countries ranked above it. On affordability of the internet, Cameroon’s ranking has also slightly improved – currently ranked 50, up from 53 in 2015, out of 60 countries. This still makes internet access in Cameroon among the most expensive of the countries surveyed.

Meanwhile, internet shutdowns, arrests and intimidation of online critics, and censorship of online content  raise concerns about the government’s commitment to nurturing a sustainable and inclusive digital society.

ICT Legal and Regulatory Frameworks

The Cameroonian Constitution provides for freedom of expression, freedom of the press and of communication. It states: “the freedom of communication, of expression, of the press, of assembly, of association, and of trade unionism, as well as the right to strike shall be guaranteed under the conditions fixed by law”. 

Relevant agencies governing the sector include the Telecommunication Regulatory Agency (ART), and the National Telecommunications Agency (ANTIC) – both under the mandate of the Ministry of Posts and Telecommunications (MINPOSTEL). Other entities such as the Ministry of Communication and the National Council of Communication also has regulatory and advisory roles with regards to media. 

These agencies are guided by key laws that govern ICT including  Law n° 98/014 of July 14, 1998 governing telecommunications and its amendment of December 29, 2005;  Law n° 2010/013 of  December 21, 2010 on e-Communications, and its amendment of April 2015;  Law n° 2010/012 of  December 21, 2010 on Cyber Security and Cybercrime; and Law n° 2010/021 of December 21 2010 governing e-Commerce. Other legalisation related to ICT are the Framework Law n° 2011/012 of May 6, 2011 on Consumer Protection,  Law n° 2001 / 0130 of July 23, 2001 establishing the minimum service in telecommunications, and Law n° 98/013 of July 14, 1998 on competition which governs all sectors of the national economy.

The 2014 Law on the Suppression of Terrorist Acts, which was enacted to support the fight against terrorism and growing threats from the jihadist group Boko Haram, has been used as a tool to suppress journalism and opinion critical of the government under the guise of preventing the spread of fake news and threatening national security. In January 2018, the Minister of Justice issued a directive to magistrates to “commit, after clear identification by the security services, to legally prosecute any person residing in Cameroon who uses social media to spread fake news”. 

A new law is the  2019 Finance Act, which under Section 8, introduces taxation on software and application downloads produced outside of Cameroon, at a flat rate of 200 Central African Francs (CFA), equivalent to USD 0.34, per download. Whereas the government is yet to issue implementation guidelines for the taxes, once in effect, they  will result in additional costs for digital platform users.

Access and Affordability 

Article 4 of the 2010 eCommunications law states that every citizen “has the right to benefit from electronic communications services”. The same law establishes a Universal Service Access Fund, aimed at ensuring equal, quality and affordable access to services (Articles 27-29). Whereas internet and mobile telephony have registered growth, access and affordability remain a challenge, especially among rural and poor communities. Currently, the average cost of 1GB of data is 2,000 CFA (USD 3.4) per month, and with the proposed levy of 200 CFAs (USD 0.34) on software and application downloads, costs are expected to further increase. With an estimated per capita income of USD 1,500 in 2018, the prevailing rates are over and above the Alliance for Affordable Internet’s recommendation of 1GB of data costing 2% or less of average monthly income.  

Gender Digital Divide

A 2015 report by the Web Foundation found that in Cameroon only 36% of women compared to 45% of men were internet users. The key factors inhibiting women’s access to the internet and digital devices in Cameroon included literacy levels, cost relative to income, access to devices, perceived relevance and usefulness, lack of time and poor infrastructure. Towards addressing the digital gender divide, the National ICT Strategic Plan 2020 states among its objectives the need to “support the development of female skills in the field of digital engineering“, and to “support technological and scientific vocations for women“. However, these objectives are not linked to any specific projects within the plan’s priority action areas. 

Meanwhile, without much in the way of provisions for gender, cultural and linguistic diversity, the country’s ICT laws remain largely silent on diversity and inclusion within the ICT sector. Further, seven years since its passing, the Framework Law on Consumer Protection, which includes provisions on consumer rights and quality of services within the technology sector, remains largely unenforced due to the absence of  implementation guidelines.

Privacy and Data Protection

Cameroon has no data protection or privacy law. However, the national Constitution amended by the Law N°. 96-06 of 18 January 1996, guarantees privacy of communications in its preamble, stating that “the privacy of all correspondence is inviolate. No interference may be allowed except by virtue of decisions emanating from the Judicial Power”. The 2010 Cybersecurity and Cybercrime law also provides for the privacy of communications under Article 41 and outlaws the interception of communications under Article 44. The obligation for service providers to guarantee users’ privacy and the confidentiality of information is covered under Articles 42 and 26.  

According to Article 26(1); “Information system operators shall take all technical and administrative measures to ensure the security of the services offered. To this end, they should be equipped with standardised systems that enable them to identify, evaluate, process and continuously manage the risks related to the security of information systems in the context of services offered directly or indirectly”. However, the law does not specify the guiding principles for the collection and processing of personal data, nor users’ right to access and update such data. 

Network Disruptions

The government of Cameroon has in the past initiated two internet shutdowns in the Anglophone region of the country, which together lasted 240 days and drew international condemnation. The shutdowns were imposed in the wake of ongoing strikes, fatal violence and protest action against the alleged “francophonisation” and marginalisation of English speakers who claim that “the central government privileges the majority French-speaking population and eight other regions.” It is estimated that the regional internet shutdown cost USD 38.8 million in addition to affecting access to public services, education, and daily livelihoods. 

Guaranteeing an Inclusive Digital Space in Cameroon

Cameroon’s government has professed its intention to leverage the digital economy for sustainable development and to establish  an enabling legal and regulatory framework. However, developments such as taxation of application downloads, internet disruptions, and limited efforts to bridge the digital gender divide, indicate a shrinking digital space and are likely obstacles to the uptake of ICT. Efforts are thus necessary to ensure a digital environment that is both open and accessible to all, upholds users’ safety and security, and guarantees constitutional rights. These efforts should include a strengthened legal framework with implementation guidelines to ensure enforcement, compliance monitoring, and accountability. 

Moreover, the adoption of a specific law on privacy and data protection is recommended, so as to guarantee the principles of anonymity and consent, and in line with international best practice. For civil society organisations, it is recommended to intensify advocacy against regressive policy and practice including internet disruptions,  and the enforcement of consumer protection and universal services. Crucially, civil society should play an active role in policy consultative processes and citizen sensitisation on digital rights and literacy.

Is the future of the internet in Africa fractured?

By Daniel Mwesigwa |
At its founding, in the late 80s, the internet promised to democratize information, level uneven grounds, and the destroy barriers associated with distance, space, and time. Through promoting communication, coordination, integration at a pace and scale beyond the ability of any government to halt, the connectivity set a foundation for dichotomies so often aligned with colonialism, imperialism, and globalization.
Today the internet is not just about inscrutable abstracts on the potential merits of its ubiquity but rather its impact and probable effects on a global scale. If anything, the weaponization of algorithms, speech, objectivity, and people has been pronounced in the recent past. For example, Facebook and Cambridge Analytica have accepted responsibility for abetting electoral malfeasance in America and other states by enabling the manipulation of electorates through an à la carte of sensational news and unsubstantiated political advertising only meant to swing and tilt public opinion.
That is why it might be hard to assess whether governments will continue to sit back and watch powerful technology companies from the west continue to prowl over strategic industries in their backyards, or whether they will take to the ‘commanding heights’ to steer the internet’s governance, at the expense of an open and decentralized internet, within their jurisdictions.
But how did we get there? An Xiao Mina’s instructive take on the potential effects of censorship on the future of the global internet and the attendant effects on the public sphere predicts not only deeper digital divides but also bolder and even more daring abuses to democracy by nation-states. She’s not alone, Google’s former chairman, Eric Schmidt, and internet theorist and scholar Evgeny Morozov have made similar pronouncements: the internet is splintering due to policy dilemmas in the realms of sovereignty and globalization.
In spite of all; bad laws, technical upheavals, spam, and disruptions, the popular narrative is that we could not kill the “global” internet even if we tried. However, through technical disruptions (covert and overt) and an array of legal and regulatory guises, governments in Africa have institutionalized attacks on the internet at a level not experienced before.
Censorship is arguably one of the leading factors threatening the future of the internet. And China is the pariah. It has been particular to institutionalize censorship through remodelling its own internet reality in what the Communist party president, Xi Jinping, calls ‘internet sovereignty’. The Republic augmented her stringent controls on free speech and tightened media regulations in the real world onto the internet through even tighter controls on content, privacy and security. Through ambitious projects like the infamous “Great Firewall” and the more recent proposal to create a dystopian future where citizens are assessed for the good and bad through a “national social rating system”, China has asserted her position on her internet governance despite the internet’s original ideals on openness and decentralization. Indeed, China’s ethos on “internet sovereignty” are being evangelized and promoted in fragile, and weak nation-states. Zimbabwe is reported to be in the process of adopting a Chinese sanctioned facial recognition system to surveil high traffic areas such as airports and malls. For its renowned poor human rights record, such surveillance capabilities pose a danger to a free society.
Further, African governments have been renown for clandestinely shutting down the internet for all sorts of reasons—twice in Uganda during the 2016 presidential elections and over three months in the English-speaking region of Cameroon—usually in defence “national security”. Such censorships have been arbitrarily executed despite the punitive economic costs associated. Some governments have even flirted with the idea of developing local alternatives to popular social networking sites such as Facebook and Twitter so as to have full control over the knobs of social media must the need arise.
But also the censorship has been effected through particularly prohibitive laws meant to derail social media use and charge social critics and other dissenting voices. For example, the cybercrime laws of countries such as Tanzania give the police the mandate to arrest anybody they deem in breach of cyber laws without the necessary legal oversight. Tanzania has introduced a $900 tax for bloggers, Uganda has slapped a “gossip tax” on social media use and other OTT services, Zambia has levied a cost on internet voice calls. If the feel of the contours is anything to go by, censorship has taken unique and complex forms. It seems like many African governments are operating from the same template.
Meanwhile, if we might on what the future of the internet might look like, despite the attacks, we know it will largely be multimedia and highly, rather unsurprisingly, localized. The internet in the past faced severe infrastructural deficits. For example, before the first landfall of transatlantic fibre optic cables at the coast of East Africa in 2009, the internet was not only accessed through more expensive options such as satellite links, generally suffered lower speeds and was inaccessible with the greater part of the region.
The global interconnection through the fibre and terrestrial optic cables enabled further access and connectivity within the region. Most remarkably, local peering and Content Delivery Networks (CDN) increased internet capacity. Loosely defined, local peering means that instead of a webpage directly loading from some server located in an obscure location in North Carolina, a local copy of the same data would be stored on servers hosted locally, in Africa. This bolsters the user experience and also enables the reduction of costs associated with extending the internet to the last mile.
Of course, such developments are welcome but technology companies and giants predominantly from Silicon Valley have taken over these alternative connectivity methods to further affordable internet access to the “last mile”. However, they also have deep financial and corporate interests at heart. In fact, content companies such as Facebook are laying more fibre optic cables than traditionally renowned telecommunications carrier/infrastructure companies. Facebook has laid its first fibre in sub-Saharan Africa, in Uganda at a cost estimated at $100 million. Google had previously done the same in Uganda and Ghana. Overall, major countries seem to have some sort of connectivity experiment going on involving the use of low frequency, wifi hotspots, rockets and other novel technologies—again, spearheaded by Western tech giants. Such moves have raised concerns on issues regarding net neutrality, data protection and privacy, local content, among others. Technology companies seen through the lenses of benevolence might appear as benign catalysers of internet access. Yet by mere ownership of the plumbing that powers the internet effectively makes their services synonymous with the open internet itself. Indeed, it would not be surprising to find people who think Facebook is the internet. Technology companies could not only influence the internet’s direction but also act as a chokepoint, especially when deciding what geographical areas or income groups to serve or not.
While globalization was mostly lauded for is the discovery of previously unchartered territories and the opening of new frontiers, a lot of how it happened was characterized with pillage and violence—often at the expense of conquered states’ sovereignties. The globalization of the world through the internet promised trade and commerce, education and research, government and service delivery through instantaneous communication, on levelled grounds. But many of the paradigm shifts have enabled good use of the internet insofar as they have enabled abusive, problematic use. Now governments seem to have taken centre stage in steering what directions their internet takes, powerful corporations, on the other hand, have grown so powerful since they can algorithmically control and mediate the internet’s content, and emotions, that they threaten democracy and other virtues of good governance, especially in fragile states. As for the users, disparate realities of the internet look not so far away, some Facebook (through Free Basics) is touted to better than no Facebook (or internet) at all. Balkanization of the internet is at rather happening at an unprecedented pace. Is the future of the internet in Africa fractured?
This article was first published on December 19, 2018, African School on Internet Governance

CIPE to Preview New Policy Guide on Digital Economy at the Forum on Internet Freedom in Africa

Announcement |
The Center for International Private Enterprise (CIPE) will preview a new resource titled Digital Economy Enabling Environment Guide, at the Forum on Internet Freedom in Africa (FIFAfrica) 2018, set to take place 26–28 September, 2018, in Accra, Ghana. This preview comes ahead of a formal launch at the upcoming conference of the Aspen Network of Development Entrepreneurs (ANDE), on 2–4 October, 2018 in Tarrytown, New York.
The guide was developed in collaboration with the New Markets Lab (NML) and focuses on four priority topics that serve as the building blocks of digital economy: Consumer Protection, Data Protection, Cybersecurity, and Electronic Transactions (e-payments and e-signatures). The guide explains key regulatory considerations and helps policymakers, the private sector, and other stakeholders reach a shared understanding of these often complex topics in order to engage in constructive policy dialogue.
Further, the guide includes Legal Deep Dives with detailed information on the applicable international and regional frameworks; examples of different regulatory approaches used around the world; considerations for implementation and enforcement of laws and regulations; and relevant institutional frameworks that influence the digital economy.
Anna Kompanek, CIPE Director for Global Programs, will highlight the section of the guide at a FIFAfrica session on Consumer Rights Protection in the Digital Age, scheduled for 28 September. “Previewing the Digital Economy Enabling Environment Guide at FIFAfrica provides a valuable opportunity to support public-private dialogue efforts throughout the continent on issues key to shaping democratic discourse on digital economy,” she said.
Going forward, CIPE and NML will leverage this new resource in their respective work to facilitate crucial multi-stakeholder policy conversations and regulatory reforms in countries around the world.
CIPE strengthens democracy around the globe through private enterprise and market-oriented reform in order to expand access to opportunity for all citizens and help build democracies that deliver. By working with private sector organizations, CIPE is helping businesses find their voice in policymaking on a range of digital economy issues.
NML is a non-profit center for law, development, and entrepreneurship that houses comparative expertise and an international team of lawyers focused on socially accountable economic, legal and regulatory reform. NML sees law as a driving force that can generate entrepreneurship and economic development.
 

Challenges and Prospects of the General Data Protection Regulation (GDPR) in Africa

Policy Brief |
Privacy is a fundamental human right guaranteed by international human rights instruments including the Universal Declaration of Human Rights in its article 12 and the International Covenant on Civil and Political Rights, in its article 17. Further, these provisions have been embedded in different jurisdictions in national constitutions and in acts of Parliament.
In Africa, regional bodies have invested efforts in ensuring that data protection and privacy are prioritised by Member States. For instance, in 2014 the African Union (AU) adopted the Convention on Cybersecurity and Personal Data Protection. In 2010, the Southern African Development Community (SADC) developed a model law on data protection which it adopted in 2013. Also in 2010, the Economic Community of West African States (ECOWAS) adopted the Supplementary Act A/SA.1/01/10 on Personal Data Protection Within ECOWAS. The East African Community, in 2008, developed a Framework for Cyberlaws. Notwithstanding these efforts, many countries on the continent are still grappling with enacting specific legislation to regulate the collection, control and processing of individuals’ data.
On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) came into effect. The GDPR is likely to force African countries, especially those with strong trade ties to the EU, to prioritise data privacy and to more decisively meet their duties and obligations to ensure compliance.
See this brief on the Challenges and Prospects of the General Data Protection Regulation (GDPR) in Africa, where we explore the consequences of GDPR for African states and business entities.

Privacy & Protection: Do Ugandans Care What Happens to Their Data?

By Neema Iyer |

Let’s be honest.

When was the last time you read the “Terms and Conditions” before you signed up for a new service online?

We don’t blame you. It’s easy to get lost in the legal jargon.

But do you know what happens to your personal data every time you click on “I have agreed to terms and conditions”? Did you know at the mere click to accept, you could have given a way a portion of your vital information and put your data privacy in absolute jeopardy?

Today, it’s hard to raise the issue of data privacy without putting a thought on the recent Facebook-Cambridge Analytica scandal that made many people realize the power of data. Even with as much information spewed out explaining what the scandal was about, very few took a note to learn from.

A recent allegation from the Cambridge Analytica scandal pins the Uhuru Kenyatta presidential campaign to have employed social media surveillance results to target campaign messages to different profiles of voters. This was possible because Facebook monitors your social media activity and can predict your behavior from that, hence such information is used to target messages that speak to your interests and emotions to sway major decisions such as election outcomes. This isn’t just happening on our doorsteps, allegations claim similar outcomes in the United States and the UK.

The EU revised as much on data privacy and protection in Europe and promised to give users more power over their data. While Europe seems to take quick action, down in Uganda and Africa at large, we continue to grapple with weak data privacy and protection laws, a citizenry that is not well-informed on data privacy, a delay in passing necessary bills and weak implementation processes. Unfortunately, a majority of African countries lack the necessary mechanisms for the inclusive participation of citizens and other stakeholders in the processes of formulating the very laws on internet and digital rights that directly affect them.

Do we care about Data Privacy and Protection?

In December 2017, Unwanted Witness, an activists group petitioned the Uganda Human Rights Commission (UHRC) to compel Parliament to speed up the enactment of privacy and data protection law.

They argued that without a governing law, citizens’ personal data is exposed to abuse without collection and protection safeguards. They further asked UHRC to prioritize privacy and recognize it as a fundamental right under attack in the country. However, to date, we are yet to see significant action taken to build an informed citizenry on their digital rights and to provide appropriate protections.

When talk about data arises, many are not really willing to delve further into the ethics surrounding the topic. This can and will still be attributed to the high illiteracy levels in the country and because many don’t know what data is or how valuable it might be on the long run, they will give it away easily. Funny as it may sound, a majority internet users think ‘data’ is the a term tied to the internet bundles that the ISPs provide and it’s that school of thought that has stuck with them. Whether their data gets in the hands of the wrong or the right people, it’s the least of their concerns.

Data Protection basically means to ensure the right to privacy, respect to confidentiality principles in various relations such as doctor patient, employer-employee and service providers with their clients generally.

Did you know that privacy is your human right?

The right to privacy refers to the concept that one’s personal information is protected from public scrutiny. It is essentially, your right to be left alone. Privacy is a core aspect of human dignity and values such as freedom of association and freedom of speech.

One would wonder, even with the data privacy breaches, are there really laws in place to curb and punish those that are misusing people’s data and evading on their privacy or we are simply looking while our data gets tampered with and is easily handed to the wrong hands.

Are there Laws in Place?

Yes! There is a Ugandan Data Protection and Privacy Bill that was tabled before parliament in 2015 and although the Bill needs to be revised and aligned better with human rights provisions, comments have been raised on the need to balance civil liberties, national security and data protection and privacy.

According to a paper published a couple of years ago by Dr Ronald Kakungulu Mayambala a Senior Lecturer of Human Rights and Peace Centre at Makerere University, Article 27 of the Constitution guarantees the right to privacy of person, home and other property. In particular, article 27(2) of the Constitution provides that a person shall not be subjected to interference with the privacy of that person’s home, correspondence, communication or other property.

Unfortunately there is no comprehensive law giving effect to article 27, yet a lot of data concerning individuals are collected, stored or processed regularly by various institutions in the private and public sector, including banks, hospitals, insurance companies, the Uganda Citizenship and Immigration Control Board, the Uganda Revenue Authority, Uganda Registration Services Bureau, the Electoral Commission, utility service providers and telecommunications companies under the SIM card registration exercise

The Bill seeks to protect the privacy of the individual and personal data by regulating the collection and processing of personal information. It provides for the rights of persons whose data is collected and the obligations of data collectors and data processors; and regulates the use or disclosure of personal information.

However even with these laws and bills in place, further questions continue to be raised on whether they even hold any solid ground in implementation, especially, if there has not been enough sensitization of the bills and data literacy.

 

What do some people think about data privacy in Uganda?

A chat with a few random Ugandans around town shows you just how long of a way we have to go with the data privacy and protection talk.

“I honestly have nothing to hide with my data and anyone who wants to access it can go ahead and access it. Your data can only be private if you choose to keep it private but if you choose to put it out there and later claim for privacy, then you are playing yourself” — Lisa

“Whatever you put out there is public. I don’t really care who gets my data because once Ipost anything on social media, it’s no longer in any way private. I get a need for data privacy if it comes to my business data like emails. That is when i need some real privacy” — Hans

“Data privacy is not even a topic of debating here in Uganda because people don’t really care what happens with their data. Because we have a huge Internet penetration gap, very many people don’t even know what data is in most parts of africa.” — Emmanuel