A Section of Uganda’s Computer Misuse Act Outlawed! But, the Greater Part of the Law Remains Thorny

By Juliet Nanfuka |

The Collaboration on International ICT Policy for East and Southern Africa (CIPESA) welcomes the ruling by Uganda’s Constitutional Court that section 25 of the Computer Misuse Act of 2011, which penalises “offensive communication”, is null and void. This section has severally been used by state authorities to silence dissent, and CIPESA has for long supported efforts to expunge it from the eastern African country’s key internet law.

On January 10, 2023, Uganda’s constitutional court ruled that section 25 of the Computer Misuse Act is inconsistent with the country’s constitution and called for an immediate halt to its enforcement, including for all cases being prosecuted or investigated. The court’s decision could bring to an end the utilisation of this problematic provision that has for a decade been weaponised to silence critics, political opponents and dissidents. The government can appeal the constitutional court’s decision to the Supreme Court within 14 days.

This week’s ruling is the result of a 2016 petition in which the litigants argued that section 25 was vague, violated civil liberties, and contravened constitutional guarantees. 

The law on computer misuse defines offensive communication as the “willful and repeated use of electronic communication to disturb or attempt to disturb the peace, quiet or right of privacy of any person with no purpose of legitimate communication whether or not a conversation ensues.” The offence is punishable by a fine not exceeding USD 130 or imprisonment not exceeding one year, or both. 

However, opponents of the law have argued that this provision is vague, overly broad and ambiguous. Further, they contended that the provision does not give a fair warning regarding what conduct is deemed illegal under the right and freedom of speech and expression pursuant to article 29(1)(a) of Uganda’s constitution.

In this week’s ruling, Justice Kenneth Kakuru, who wrote the lead judgement, stated that he  had determined that the words used under section 25 were “vague, overly broad and ambiguous.” According to the judge, what constitutes an offence is “unpredictable” and this gives the law enforcer the discretion to choose what qualifies as offensive. Justice Kakuru added that the provision “gives law enforcement unfettered discretion to punish unpopular or critical protected expression.” 

Section 25 of the Computer Misuse Act has severally been invoked to issue threats, effect arrests, detention, and prosecution of individuals over their online communications. 

The Computer Misuse Act has been previously used to suppress digital rights including free expression and access to information. For instance, academic and social critic Dr. Stella Nyanzi was arrested for insulting the president in a social media post. In 2019, she was convicted of cyber harassment contrary to section 24 of the Act but acquitted of offensive communications, which is proscribed under section 25. Other individuals who have suffered the wrath of the same law include former presidential aspirant Henry Tumukunde who was arrested over alleged treasonable utterances in radio and television interviews, the Bizonto comedy group who were arrested over alleged offensive and sectarian posts, and author Kakwenza Rukirabashaija who was arrested, detained and prosecuted over offensive communication against the president and his son. (Source: CIPESA Submits Comments on the Computer Misuse (Amendment) Bill, 2022 to Parliament )

Despite this progressive decision by the Constitutional court, the Computer Misuse Act will remain a key impediment to free expression and the enjoyment of digital rights, notably because of amendments made to the law in late 2022. Those amendments ambiguously prohibit the “misuse of social media,” sending or sharing of unsolicited information through a computer, and sending, sharing or transmission of malicious information about or relating to any person. These prohibitions, whose introduction was condemned by wide sections of Ugandan civil society, human rights defenders and some government officials, present a key curtailment of freedom of expression and access to information. 

Promoters of the amendments argued that existing laws did not “specifically address the regulation of information sharing on social media” or were “not adequate to deter the vice”. However, critics argued that efforts should instead have focused on addressing the existing retrogressive provisions in the law, notably those on “cyber harassment” and “offensive communication”. 

Accordingly, CIPESA alongside 13 civil society organisations and individuals filed a petition challenging those amendments. This followed CIPESA’s submission of comments and presentation of concerns before the Parliamentary Committee on Information and Communication Technology ahead of the enactment of the amendments. In those submissions, CIPESA argued that since its enactment, the Computer Misuse Act had been used to suppress digital rights including free expression and access to information and the proposed amendment would present a further blow to online civil liberties.

In its ruling, the constitutional court noted that, “In a democratic and free society, prosecuting people for the content of their communication is a violation of what falls within guarantees of freedom of expression in a democratic society.” The ruling is a step in the right direction in combating wanton limitations to digital rights in Uganda, where a flurry of technology-related laws were enacted in the wake of the 2010 Arab Spring during which users leveraged digital platforms and social media to build movements and mobilise public protests against their autocratic governments.

Besides the Computer Misuse Act, other laws enacted in Uganda during this time include the Regulation of Interception of Communications Act, 2010, the Electronic Signatures Act, 2011, and the Electronic Transactions Act, 2011, all of which variously interfere with digital rights including data privacy, access to information, and freedom of expression.

Move Fast and Fix Policy: African Digital Rights Advocacy in an Era of Rapid Policy Change

By CIPESA Staff Writer |

Across Africa, the fast-evolving technology landscape has created pressure to adopt appropriate legislation to keep up with the pace of technological development. However, these efforts are being shackled by numerous challenges, including silo approaches to policy development, limited citizens’ inclusion in policy formulation, failure to harmonise stakeholder positions, ad hoc advocacy efforts by Civil Society Organisations (CSOs), and the failure to leverage the influence of private sector actors.

At the Forum on Internet Freedom in Africa 2022 (FIFAfrica22), digital rights activists and policymakers examined how existing processes and mechanisms that provide input into digital policies can be improved. In a panel session organised by the Centre for International Private Enterprise (CIPE), participants explored experiences and practical tips for policy engagement that upholds democratic values.

A key concern was that, on the one hand, Africa’s digital rights landscape has for years remained unregulated, leading to resistance to efforts to regulate it, and yet the absence of laws creates room for violation of rights online and abuse by state and non-state actors. On the other hand, where laws have been enacted, implementation and enforcement have been weaponised to target critics and dissent, as reflected in the continued infringement of rights online. This creates the need for proactive multi-stakeholder efforts in pushing back against regressive developments.

“While we should be [engaged] at the beginning of the process, we are ignored and when we enact a law, CSOs come to challenge it, yet if they involve us early enough, we would all be in agreement,” said Neema Lugangira, Member of Parliament from Tanzania and Chair of the African Parliamentary Network on Internet Governance (APNIG).

She noted that with a negative attitude towards each other, many parliamentarians question the motives of CSOs in pushing certain agendas and called for a change in approach. “I want to champion issues in which I have been involved. How do we make your agenda my agenda? You can scream whatever you want but you cannot get legislative change without working with Parliament,” said Lugangira. 

Indeed, Boye Adegoke from Paradigm Initiative reiterated that one of the pitfalls of policy advocacy was to adopt the angel/devil relationship approach. He added that many CSOs lack  adequate knowledge and skills to engage in policy processes. In turn, he called for more proactive efforts in tracking parliamentary debates and business related to digital policy and undertaking research to inform policy advocacy. 

Building alliances, including with the local business and the tech community, was also cited as critical to strategic support for policy influence. “When they [business and tech community] speak, they tend to be listened to and governments tend to respect their views,” said Nashilongo Gervasius, a Namibian technology policy researcher and founder of NamTshuwe Media.

Equally emphasised was the need to leverage the power and influence of private sector players  at international level, where the quality of policy negotiations by some African governments remains wanting,  as noted by Ayaan Khalif, the Co-Founder of Digital Shelter, a digital rights group in Somalia. Citing the example of the 15% tax agreement between OECD countries and multinational companies, Ayaan stated that African countries and CSOs must bring the continent’s big market potential to the “negotiating table” in order to tap into the multinationals’ revenue.

Away from negotiations, the need to increase inclusive participation in public policy processes was also stressed. As Khalif stated, “Holistic stakeholder involvement should clearly define those being involved, ensure that they are actually given the opportunity to make meaningful input and outline the issues being addressed”.

Ultimately, context remains paramount given that most countries on the continent are at different levels of democracy and what is possible in one may not be tenable in another. What is important is to understand the policy making ecosystem and respond appropriately. “Policy advocacy is about incremental wins. If you are not invited to the table you can bring your own chair to the table, or you can set up your own table and bring people to it,” concluded Adegoke.

Comprehensive Approach Needed to Tackle Online Disinformation in Africa and Europe, say Experts

News Update |

“There is no silver bullet to tackle online disinformation” was the conclusion of the Town Hall debate Jointly tackling disinformation while protecting human rights, organised by the African Union — European Union (AU-EU) Digital for Development (D4D) Hub at the Internet Governance Forum 2022.

The session, which took place on 2 December 2022 in a hybrid format, brought together over 60 organisations for an open exchange of ideas, experiences, and lessons on how to address disinformation through a multi-stakeholder and human-centric approach. In particular, the debate focused on how Africa-Europe partnerships can help tackle the issue, in light of the AU-EU D4D Hub’s mandate to foster digital cooperation between both continents.

The panellists explained how fact-checking has grown dramatically in recent years, becoming one of the most common measures to tackle disinformation. Nevertheless, more than effective fact-checking is needed, they warned. Africa-Europe cooperation should adopt a comprehensive approach integrating multiple complementary measures, such as building digital literacy for all (including the most vulnerable), holding those who profit from disinformation accountable, and the involvement of all stakeholders in devising solutions.

Bringing all actors to the table

Simone Toussi, Project Officer for Francophone Africa at the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) highlighted how “disinformation is a multi-faceted phenomenon that directly threatens democracy and human rights and affects all stakeholders in society”.

“Disinformation manifests in many ways, and can be perpetrated by a diversity of actors,” she added.

As such, she argued that countering fake narratives needs both online and offline efforts undertaken in a coordinated manner by governments, intergovernmental organisations, civil society, media, academia, and private sector. “Multi-stakeholder collaboration is crucial to bring together different views and understanding of the roles that each actor plays,” she said.

Toussi presented research findings proving that measures to tackle disinformation can be ineffective or inadequate when they only consider the point of view of a single stakeholder. For example, fact-checking is sometimes challenged by lack of access to information. Media and civil society participation can help ensure that governments treat information as a public good.

Engaging with the private sector… how?

The debate also touched on the essential role that technology companies play in keeping disinformation from spreading. Ongoing efforts by private sector include partnering with civil society and fact-checkers — including through multi-stakeholder collaborations as proposed by Toussi.

Nevertheless, for Odanga Madung, journalist and Mozilla Foundation fellow, such measures are not enough. He argued that one of the major contributing factors to disinformation is that fake or misleading information is algorithmically amplified by big companies.

“Big companies and social media platforms profit from the spread of disinformation. It is part of their business model, which is a very serious problem,” he said.

For Madung, tackling disinformation requires strong regulations to protect users and their rights, addressing big technology companies’ dominance, encouraging competition, fostering new ideas on different business models, and decentralising the Internet.

Planting the seeds of change

Charlotte Carnehl, Operations Director at Lie Detectors, proposed further investments in training teachers and fostering exchanges between journalists and school-age kids: “Countering the corrosive effect of disinformation and polarisation on democracy requires empowering school kids and their teachers to tell facts from fake online.”

She argued that enabling journalists to visit schools to explain how professional journalism works is a win-win situation. It can help journalists to learn about how the younger generation accesses and consumes information, while teachers and children can gain practical skills in identifying fake or misleading information online.

“Everybody needs the skills to assess and critically think about information,” Carnehl said. “Kids are actually a high-risk group for disinformation because they are targeted on channels that can’t be monitored, and they are largely navigating them by themselves without their teachers or even their parents present.”

When questioned on the short-term impact of such measures by a member of the audience, Carnehl acknowledged that it’s a long-term investment, “like planting the seeds of a tree”. However, she argued that there are also some immediate positive effects for children.

Finally, Carnehl called for special attention to be paid to marginalised groups, such as rural populations. Civil society organisations could help ensure that everyone can access reliable information, she said.

This article was first published by the Digital for Development Hub on Dec 13, 2022

CIPESA At the 2022 Internet Governance Forum

By CIPESA Writer |

The global internet governance community is set to convene in Addis Ababa, Ethiopia, for the 17th Internet Governance Forum (IGF) from November 28-December 2, 2022. Ethiopia is hosting the IGF 2022 against a backdrop of internet freedom reforms, a recently liberalised telecommunications sector and an ongoing conflict that has seen the Tigray region without internet access for two years. 

The IGF 2022 theme of Resilient Internet for a Shared Sustainable and Common Future, and the five sub-themes which are drawn from the Global Digital Compact (GDC) in the UN Secretary-General’s Our Common Agenda report, resonate with the work of the Collaboration on International ICT Policy for East and Southern Africa (CIPESA).

  • Connecting All People and Safeguarding Human Rights
  • Avoiding Internet Fragmentation
  • Governing Data and Protecting Privacy
  • Enabling Safety, Security and Accountability
  • Addressing Advanced Technologies, including Artificial Intelligence  (AI)

CIPESA will co-convene and participate in various sessions at the IGF 2022 to showcase its work that supports the ambitions of the GDC.

A joint effort by DefendDefenders, Greenhost, Digital Society of Africa, Dig/Sec Initiative, Digital Security Alliance, AccessNow, CChub, Center for Digital Resilience, and CIPESA will run an onsite digital security hub to build the digital resilience of at-risk groups and organisations.

At a session titled “Jointly tackling disinformation and promoting human rights” facilitated by the AU-EU Digital for Development (D4D) Hub, CIPESA will contribute in an open exchange of ideas, experiences and lessons learned on how to address disinformation through a multi-stakeholder and human-centric approach.

Furthermore, CIPESA is among the organisers of the Dynamic Coalition roundtable on Strengthening digital ecosystems through shared principles and the Day 0 event on Shaping global digital governance and measuring meaningful connectivity for all: the ROAM approach, both of which are in support of ongoing efforts by CIPESA and UNESCO to raise awareness about and application of the Internet Universality Indicators across more countries in Africa.

The CIPESA team will also feature on a panel discussion on technology and human rights as part of the Peer Learning Event for National Human Rights Institutions (NHRIs) hosted by Danish Institute for Human Rights.

Further, CIPESA will participate at the Africa member convening of the Association for Progressive Communications (APC) and at a Digital ID Civil Society Summit hosted by the Open Society Foundations, under the auspices of an external digital ID fund and initiative (DIDIF), housed at Rockefeller Philanthropic Advisors.

Follow @cipesaug and #InternetFreedomAfrica

Safeguarding Digital Rights in Africa’s Growing Digital Economy

By Loyce Kyogabirwe |

Increased digitalisation and adoption of technology in Africa has fuelled the continent’s economy, with commerce and transactions increasingly being conducted online. Innovation and use of web and mobile applications have also encouraged the growth of micro, small and medium-sized enterprises, which has advanced financial inclusion and employment, and made the technology sector a key contributor to African countries’ Gross Domestic Product (GDP). For instance, platforms such as Jumia which is operational in 11 African countries have transformed the retail, travel and food markets. Other notable online platforms include Appruve and Esoko (Ghana), mFarm (Kenya) and Novus Agro (Nigeria).

African governments have prioritised the integration of technology into more sectors to drive social and economic transformation. However, the rapid adoption of technology tools and platforms has also been met with growing concerns about the impact on digital rights, including data protection and privacy, the digital divide, freedom of expression and surveillance. Other worrying trends include network disruptions, digital taxation, data localisation requirements, and encryption regulations. There is a growing consensus among digital rights advocates that the adoption of technology tools and policies impacting the digital space should not only advance economic inclusion, but also be carefully assessed and implemented in a way that respects human rights in the digital age. 

According to a GSMA report, in 2020, “mobile technologies and services generated more than USD 130 billion of economic value” while USD 155 billion is projected to be generated by 2025. The report further says that “495 million people subscribed to mobile services in Sub-Saharan Africa” by the end of 2020, representing 46% of the region’s population, and this is expected to increase to around 615 million subscribers by 2025, reaching the mark of 50% of Africa’s population.

In an effort to advance digital rights across Africa’s growing digital economy, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) through the Africa Digital Rights Fund (ADRF) has worked to support advocacy initiatives, skills development, and movement building to effectively influence policy and practice on digital rights and the digital economy. Efforts by the ADRF grantees have engaged with state and non-state actors, providing replicable insights into how governments and the private sector in the region can safeguard digital rights while advancing the digital economy. 

In Ghana, the Financial Inclusion Forum Africa developed a Data Protection and Privacy Policy to serve as an internal guide on how digital financial service providers in the country should collect, store, and process individuals’ data. The policy outlines principles on the management of personal data in compliance with Ghana’s Data Protection Act 2012 and the International Organization for Standardization and International Electrotechnical Commission Standards for Information Security Management – ISO 27001:2013. The policy benefited from reviews and input from leading digital financial service providers such as Appruve, Jumo, Vodaphone Cash, and G Money, alongside industry experts and regulators such as the eCrime Bureau, RegTheory, and CUTS (Consumer Unit and Trust Society) Ghana. This provided insights into the policy’s viability and applicability by tapping on real-life experiences of these service providers. 

Similarly, the Centre for International Trade, Economics and Environment (CUTS) and Mzalendo Trust have worked to advance consumer protection, security and inclusion, and public awareness within the digital economy in Kenya. The two Kenya-based grantees engaged with stakeholders such as the Capital Markets Authority, Kenya ICT Action Network (KICTANet), Association of Freelance Journalists, Open Institute, The Centre for Intellectual Property and Information Technology Law (CIPIT) at Strathmore University, Article 19, County Assemblies Forum, Internews, and the Election Observation Group (ELOG).

In Mozambique, efforts by the Mozambican Disabled Persons’ Organisation Forum (FAMOD) under ADRF focused on accessibility and compliance assessments of online services, including for employment, telecommunications, and revenue collection. These assessments helped identify key areas where advocacy campaigns for digital inclusion of persons with disabilities would be most impactful. Meanwhile, in an effort to promote women’s safety and participation online in Namibia, the local chapter of the Internet Society (ISOC) conducted policy engagements on the protection of women and girls as part of the Data Protection Bill. 

In Somalia, the work of Digital Shelter made significant breakthroughs in stakeholder dialogue and engagement on aspects of digitalisation that previously have not been prioritised or discussed regularly. Engagements, including in partnership with the Institute of Innovation, Technology & Entrepreneurship (IITE), the ICT and e-Governance Department in Ministry Communications and Technology, the private sector and activists, have focused on youth skilling, digital empowerment, data protection and privacy, and an open and inclusive internet. 

Finally, ADRF grantee, Alt Advisory, recently published research on a rights-based assessment of Artificial Intelligence (AI) applications in South Africa. The research involved inputs from 14 leading companies in the country’s financial services, retail and e-commerce sectors and two government bodies – the Home Affairs Department and the Department of Health. The findings of the study indicated human rights gaps in AI profiling and the need to bolster compliance with rights guarantees under relevant laws and policies and enforcement by the country’s data protection watchdog, the Information Regulator, and other regulatory bodies.

The ADRF grantees’ interventions in Ghana, Kenya, Mozambique, Somalia, and South Africa highlight the value of evidence-based advocacy that informs multi-stakeholder deliberations on the digital economy and digital rights. Together with the work of the broader ADRF cohort, it presents key lessons on digitalisation in Africa and the need for operationalisation of supporting frameworks such as for cyber security, data protection and privacy; increased participation of minority and marginalised groups in the design of initiatives; multi-stakeholder collaboration; harmonisation of national and local government plans; and digital literacy skills building. To learn more about the ADRF programme, please visit https://cipesa.org/the-africa-digital-rights-fund-english/