Promoting Effective and Inclusive ICT Policy in Africa

Tag Archives: Freedom of expression

  HomeCollaboration on International ICT Policy for East and Southern Africa (CIPESA)  /  Freedom of expression
19Aug

Leveraging Digital Technologies to Enhance Data Governance Practices in Africa

Author CIPESA Posted on

By Paul Kimumwe |

Data governance policies and practices in many African countries have continued to attract attention due to their inadequacy in ensuring the protection and respect for the rights of individual data subjects. Key concerns have been raised regarding the data management practices, particularly related to biometrics, that have undermined the safety, confidentiality, accuracy, accessibility, and reliability of personal data, which are critical principles in data governance.

Several studies have documented cases of misuse of digitalised personal data, including data breaches, surveillance, misuse of personal information, unwarranted intrusion, and financial harm. Despite these misgivings, digitisation of data has been recognised within the African Union’s Digital Transformation Strategy for Africa (2020-2030) as critical in promoting and building confidence for the continent’s digital economy. For many governments, the desire to transform service delivery and enhance public participation has been a key driver for the adoption of biometric data collection and digital identities for purposes of issuing National Identity cards and updating of biometric voter registration and identification programmes.

In this blog, we highlight the critical areas in which advances in digital technologies can enhance data governance practices in Africa.

Understanding Data Governance

Data governance refers to the holistic approach to data management that entails the development and implementation of relevant norms, procedures, and standards to ensure that data is secure, accurate, reliable and consistently available, particularly spelling out clear standards and protocols that govern data collection, storage, and management, resulting in accurate, consistent, and up-to-date data. There is a growing concern that without a robust data governance framework, the continent risks missing out on maximising the benefits from its own datasets as they would be prone to abuse and misuse by poorly regulated data collectors and controllers.

Demand for a Robust Data Governance Framework

In Africa, the demand for a robust data governance framework has gained traction as a response to several countries moving away from paper-based to more digitised data management practices, raising concerns about the rights of data subjects, particularly the safety and confidentiality of user data.

While progress has been registered normatively – with the adoption of regional instruments such as the African Union Convention on Cyber Security and Personal Data Protection and the AU Data Policy Framework, both of which provide frameworks for rights’ respecting data protection practices, and with several countries adopting relevant privacy and data protection laws – full implementation remains a challenge.

In addition, the African Union’s Digital Transformation Strategy for Africa (2020-2030) calls upon states to “promote open data policies that can ensure the mandate and sustainability of data exchange platforms or initiatives to enable new local business models, while ensuring data protection and cyber resilience to protect citizens from misuse of data and businesses from cybercrime.”

Unfortunately, several laws contain problematic and vague provisions that provide for sharing of sensitive information and data localisation that are prone to abuse and misinterpretation. For example, provisions such as section 18 of Algeria’s Law No. 18-07 of 2018 on the protection of personal data, sections 44-47 of Kenya’s Data Protection Act 2019, and section 9 of Uganda’s Data Protection and Privacy Act, 2019, provide for circumstances under which sensitive personal information can be accessed, such as safeguarding national security, public interest, enforcement of the law, and conduct of criminal investigations. In addition, in many countries, biometric data collection programmes were initiated before the enactment of relevant data protection laws.

Leveraging Digital Technologies

While for the most part digital technologies have been used by various states to undermine the legitimacy and enjoyment of digital rights through surveillance and interception of communication, internet shutdowns, and data breaches, there is a growing belief that these technologies can be instrumental in building a robust data governance framework if applied correctly.

Ease of Authentication

Recent technological advancements including the multi-factor authentications (MFA) that enable secure access to services on the go are critical in facilitating seamless data collection, processing, verification and enhancing the authenticity and reliability of data compared to paper-based identifiers. Data subjects can easily request access to and verify their digitised data in the possession of data controllers. As technology becomes more accessible and affordable, governments and private entities can leverage biometrics and biometric technologies for functional and foundational identity purposes, and for an expanding array of applications.

Improving Data Storage and Confidentiality

Data storage is a key pillar within the data governance framework as it easily allows data subjects to exercise their individual rights to request and obtain their personal data in the hands of data controllers in a structured, commonly used, and machine-readable format, as well as request that their data be transferred directly to another organisation. With advances in technology, data controllers can easily encrypt, de-identify and destroy personal data in their possession. Technologies such as the Identity Management Systems (IDMS) facilitate interoperability, allowing seamless integration between different data management systems used by data controllers. In addition, new technologies such as blockchain facilitate the secure storage of datasets in blocks that are connected through cryptography.

Ease of Data Rectification

One of the fundamental rights of data subjects is the right to request data controllers to correct any inaccurate and incomplete data the data controller may have collected. Under Principles 5 and 16 of the European Union’s General Data Protection Regulation (GDPR), data controllers are required to keep personal data accurate and up-to-date,  and to take “every reasonable step” to ensure that inaccurate personal data is erased or rectified.

In many countries, data controllers have been accused of collecting and processing inaccurate and incomplete personal data due to the analogue way data is collected. The adoption of digital technologies and use of biometric data identifiers such as fingerprint, facial, or iris recognition become critical forms of authentication in issuing different forms of identities as well as easing on the verification and rectification processes by both data subjects and controllers.

As Africa strives to improve its data governance framework, it is important that we leverage on the new and emerging technologies such as biometric data collection, blockchain, and identify management systems to enhance the safety, security, accuracy, reliability and confidentiality of personal data.

12Aug

Rollout of Digital Number Plates Poses Privacy Concerns in Uganda

Author CIPESA Posted on

By CIPESA Writer |

The rollout of the digital number plate system in Uganda is well underway. At a press conference last month, the Ministry of Works and Transport announced January 2025 as the deadline for full roll out. The system – over two years in the making – is a joint project between the government of Uganda and Russian company Joint Stock Company Global Security and has caused alarm among rights activists as it introduces another layer of massive personal data collection and processing amidst weak controls.

The stated objective of the Intelligent Transport Monitoring System (ITMS) is to improve the country’s transport management systems and security by enabling the authorities to “swiftly identify vehicles involved in criminal activities and improve traffic management through efficient ticketing and revenue collection”. It will involve the installation of digital number plates on all vehicles and motorcycles in the country, allowing security agencies to track and pinpoint their location at any one time.

  Overview of ITMS
Digital Number Plate ComponentsStatus of Fitment on Government Vehicles as at June 2024Target Installations (Registered Vehicles as at July 2024)
Aluminium plates – front and back1,0912,145, 988
A tracker
A sim chip
Bluetooth beacons – front and back
Snap locks

Once rolled out, the digital plates will add to the catalogue of surveillance apparatus in Uganda. The country already has a plethora of retrogressive laws, such as the Regulation of Interception of Communications Act 2010 and the Anti-Terrorism Act 2002 that require communication service providers to aid in intercepting communication by ensuring that their systems are always technically capable of supporting lawful interception. The laws also grant powers to an authorised officer to intercept the communications of a person and to conduct surveillance of individuals.

The components of the digital number plates will enable the government through its security agencies, such as the police, to swiftly identify vehicles and their owners. Instantaneous data exchanges pose major challenges to data privacy, especially in cases where there are calculated targets such as civil society organisations (CSOs), human rights defenders (HRDs), activists, and political opponents, government critics, or dissidents.

An added concern is that, according to the Uganda Police, the digital number plate system will be integrated with the Closed Circuit Television System (CCTV) system and others such as the motor vehicle registration system, the e-tax system managed by the Uganda Revenue Authority (URA) and the national identity database managed by the National Identification and Registration Authority (NIRA) to “ensure comprehensive vehicle and personal identification.” Given weak controls over data held by public bodies and rare punishment for data breaches and unauthorised access, linking these databases absent clear data-sharing frameworks and robust controls poses grave concerns. Notably, Uganda does not have a law or regulations governing CCTV/ video surveillance.

Whereas there are efforts to localise parts of the system through the establishment of a local production facility for the various components, the partnership with Joint Stock Company Global Security underscores Uganda’s reliance on foreign entities for purposes of conducting surveillance and interception of private communication of its citizens. For example, in August 2022, there were reports that the Uganda Police had purchased UFED, a technology developed by the Israeli firm Cellebrite that enables authorities to hack into password-protected smartphones.

Earlier, starting in 2018, Uganda turned to a Chinese company, Huawei, for the supply and installation of CCTV across major cities. The decision to install the CCTV cameras came on the heels of a spate of murders that had engulfed the country, with the security forces keen on using the CCTV cameras to improve security in the country. Like many other government security procurements, the CCTV deal raised a lot of transparency and accountability issues, including the secrecy that surrounded the entire process.

Additionally, there were reports that security agencies were working with Huawei technicians in Uganda to spy on opposition critics by intercepting encrypted communications and using cell data to track their movements. This appeared to be the continuation of a trend that was documented earlier in 2012, when the Uganda government reportedly relied on a Germany-made spyware, FinFisher, which it is said to have covertly installed in various places, including hotels, the parliament and key government institutions, for purposes of surveilling on its opponents, including politicians, civil society, and the media.

Given the country’s history of repressing the civic space and harassing political opponents, CSOs and HRDs, the ITMS digital number plates could further the suppression of civil liberties, including political participation, freedom of expression, access to information and assembly and association. Moreover, deeper democratic regression could occur since these liberties largely depend on privacy and the ability to express oneself with minimal interruptions or interference.

While the government has a legitimate desire to improve the security of its people and transport management, recent events as discussed above where the same government has used the acquired technologies to surveil its citizens and undermine digital rights, it is critical that any future attempt to enhance its surveillance apparatus is anchored in law with clear oversight mechanisms. This is because the deployment of surveillance technologies such as ITMS, FinFisher, and Huawei’s CCTV present a veritable avenue for economic and political exploitation by collecting extensive data on people’s behaviour, location, activities, and interests online and offline. This makes the risk of violation of privacy apparent, rendering citizens helpless because they essentially have no control over how the data will be used, even when they are aware that data is being collected.

It is, therefore, important that the government reduce its reliance on foreign-manufactured surveillance technologies, particularly from countries whose human rights record is wanting, as these have tended to use these tools to suppress civic spaces. In addition, the government should reconsider its regulatory framework to ensure it conforms to international standards on privacy and data protection, especially during the procurement and deployment of potentially intrusive technology that is prone to abuse.

12Aug

Portal on Gender-Based Violence in Africa Expanded with ADRF Support

Author CIPESA Posted on

Update |

The Covid-19 pandemic was characterised by a sharp increase in gender-based violence (GBV) in Kenya, Nigeria, and South Africa, as well as other countries across the world. This was largely attributed to lockdown restrictions, which left victims isolated in the same physical space as their abusers, reduced availability of shelters and other support mechanisms, and exacerbated economic anxiety and mental health pressures – all key drivers of GBV.

The pandemic also accelerated digitalisation, which widened the scope of Technology-Facilitated Gender-Based Violence (TFGBV). According to UN Women, in Africa, online abuse, harassment and exploitation increased as learning went online during the pandemic. Similar  concerns about online harms are discussed in the African Union Guidelines on Gender-Responsive Responses to COVID-19.

Alt Advisory, a South Africa based public interest advisory firm, launched the endgbv.africa as a resource on domestic and international responses to GBV online and offline before, during and after the pandemic. At the time of its launch in 2022, the portal featured GBV mapping and assessments on the legal and policy developments, trends and statistics as well as key terminologies on six African countries – Malawi, Mozambique, Namibia, South Africa, Zambia, and Zimbabwe.

With a grant from the Africa Digital Rights Fund (ADRF) – an initiative of the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) –  Alt Advisory has revamped and expanded the portal to cover an additional seven countries – Eswatini, Ethiopia, Ghana, Kenya, Mauritius, Nigeria and Uganda. The project has also featured a spotlight series on experiences of sexual minorities in Botswana and Uganda.

The new seven country factsheets were developed in collaboration with researchers from various fields, with multidisciplinary perspectives regarding GBV, thereby expanding the breadth of information relating to organisations and movements hitherto unknown due to varied degrees of online visibility. This collaborative approach has strengthened the regional network of gender rights advocates beyond national borders.

“Our hope is that the project’s focus on TFGBV enabled researchers to develop their own insights on emergent forms of harm which may potentially enrich future policy advocacy in their contexts,” said S’lindile Khumalo, a Senior Associate at Alt Advisory.

Alt Advisory’s Equity and Inclusion as well as Media teams are working to publicise the portal to maximise uptake and impact. The firm will also continue to fundraise to expand the portal’s coverage to the full African continent and translate the resources to increase relevance and accessibility to a diversity of audiences. All this, in tandem with efforts in law and policy reform, advocacy, and activism on GBV and related issues. “As the portal undergoes further development, we hope that it contributes to the end of GBV in our lifetime,” concluded Khumalo.

29Jul

Counting the Benefits of Fact-Checking Training for Ethiopian Journalists

Author CIPESA Posted on

Journalists play a crucial role in informing citizens and shaping public opinion in Ethiopia. However, in recent years, the proliferation of disinformation and hate speech has become a significant challenge. The surge in disinformation is undermining social cohesion, promoting conflict, and leading to growing threats against journalists and human rights defenders.

Accordingly, it is crucial to conduct fact-checking training  for Ethiopian journalists so as to safeguard the integrity and reliability of journalism in the country. A number of Ethiopian journalists have undergone training in understanding disinformation and hate speech. However, most of them lack practical skills in conducting fact-checking. It is against this background that, in May 2024, CIPESA organised a fact-checking and ethical reporting workshop for 20 Ethiopian journalists in the capital Addis Ababa.

Two months later, journalists and media development actors point to the benefits of that training. 

“The fact-checking and verification training was crucial for Ethiopian journalists and content producers, as it provided them with valuable tools to combat daily misinformation and produce reliable news stories,” notes Kirubel Tesfaye, one of the experts that conducted the training. “The training equipped them with the most essential and current tools in the industry, allowing them to produce credible and trustworthy news and reports.” 

By equipping journalists with fact-checking skills, they can serve as gatekeepers of truth, helping to counter disinformation and to ensure that accurate information reaches the public. Ethiopia has experienced an explosion in disinformation over the last five years, with the armed conflicts which have plagued the country being key drivers of disinformation. 

Selam Mulugeta, a journalism lecturer at Addis Ababa University who participated in the training, enumerates the benefits of the fact-checking training. “One of the most important things was to learn how to recognise dis/misinformation on different websites and social media sites, and to learn [about] fact-checking tools to debunk disinformation,” she says. She adds that after gaining fact-checking knowledge, journalists will contribute to minimising the amount of false information in the public domain. This will in turn lessen the harms of disinformation.

According to Konjit Zewdie of NBC TV, there is a need for more practical training workshops focussed on fact-checking as there is a dire shortage of fact-checking skills among journalists amidst the deluge of illegal and harmful content, including hate speech. She says the training was crucial in capacitating journalists to identify sources of disinformation and to use various fact-checking tools. 

Konjit notes that Ethiopian journalists are often unable to get reliable information from concerned bodies, which presents a challenge for fact-checking. The training gave the journalists alternative ways of verifying information even when they face blockages in accessing information from official sources.

“The training added great value to the journalists because it covered several topics with practical exercises, from the basics of fact-checking to advanced fact-checking techniques. The participants gained insights into the motivations behind the sharing of disinformation, the actors responsible, and the tactics employed by them. Furthermore, the training highlighted prevalent disinformation trends in Ethiopia and provided participants with online tools and techniques to effectively combat disinformation.” – Kirubel Tesfaye, fact-checking trainer

The May 2024 training built on an earlier one CIPESA conducted in November 2023 that equipped 21 Ethiopian journalists, bloggers, and activists with knowledge to navigate the country’s law on hate speech and disinformation and skills to call out and fight disinformation and hate speech.

Mulugeta says that by honing their fact-checking skills, journalists are better positioned to deliver factual information and live up to their duty as mouthpieces of the masses. Moreover, journalists and content creators would become more responsible and accountable for the content they create, and play a role in developing media literacy among the general population.

Tiblets Tesfaye, a senior journalist with Wazema Media, said the training “offered significant value by equipping journalists and content creators with essential skills to identify and correct misinformation, fostering a culture of accuracy and ethical reporting”.

According to her, the training also enhanced the journalists’ ability to recognise and mitigate hate speech, thereby contributing to more reliable and responsible media practices that support social cohesion and peacebuilding in the country. Tesfaye adds: “The benefits are huge because most social media influencers are based in Addis Ababa, but it would be good to extend this training to regional cities as well.”

See more about the training focus here

10Jul

Is Foreign Malign Influence Inspiring Digital Authoritarianism in Uganda?

Author CIPESA Posted on

By CIPESA Writer |

A new policy brief by the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) on the deteriorating state of digital rights in Uganda examines whether the east African country is drawing inspiration from China for its brand of digital authoritarianism.

Uganda is ranked as “Partly Free” by Freedom House’s annual Freedom on the Net report, with the biggest contributing factor being the repressive laws governing the digital civic space and surveillance, particularly those that enable internet censorship, network disruptions, and deployment of surveillance technologies such as spyware and video surveillance.

China has been a notable source of support in developing Uganda’s digital communication and other infrastructure. For example, Chinese telecom firm Huawei helped set up a video surveillance system for the Uganda Police, and reportedly aided security agencies to spy on political opponents in the country. China has also organised numerous study tours for Ugandan officials and journalists that are centred on popularising its economic and governance systems.

The brief illuminates how China and its model of governance and state surveillance may be influencing or inspiring retrogressive laws and undermining digital rights in Uganda. It explores the legal reforms necessary to advance digital rights in Uganda and the role that legislators, civil society organisations, human rights defenders (HRDs), and journalists should play.

Uganda has mirrored some practices from China, a country which various global indices consider a leading player in digital authoritarianism. While it is not patently clear whether China has directly influenced legislation in Uganda, the brief notes that “it has arguably inspired some of the legal frameworks and practices that fuel digital authoritarianism in the east African country.”

There is ample evidence indicating that African autocracies are exploiting the adoption of Chinese technology and model of internet controls to roll back democratic gains through surveillance and censorship.

China invested more than USD 110 million in Uganda’s National Backbone Data Transmission Project and also supported the National Fibre-Optic Project. There are suggestions that the national backbone and fibre-optic projects are part of a digital infrastructure that has enhanced the Uganda government’s surveillance capabilities that violate the right to privacy and freedom of expression.

China has continually buttressed its influence over Uganda’s social-economic development through the seemingly no-strings-attached loan schemes that have often been acknowledged and praised by President Museveni. This non-interference policy in the internal affairs of other countries allows their governments greater leeway to suppress dissent and democratic processes without facing criticism or repercussions from China.

By contrast, the Uganda government or senior public officials have during 2023 and 2024 attracted sanctions by the United States of America, the United Kingdom, and the World Bank over governance and human rights concerns. As such, the Chinese no-governance-strings-attached model is criticised for emboldening authoritarian tendencies in the countries it partners with.

However, the brief states that claims of China actively seeking to export its governance model and influencing local laws and practices in Africa are often anecdotal and inconclusive. Moreover, such claims and, often, the evidence they advance, assume that African governments are incapable of developing home-grown systems of governance and thoughtlessly rely on models from other continents.

Recommendations

Uganda should resist all foreign influence and models that promote digital authoritarianism and undermine democracy. The country’s laws must respect internationally recognised human rights standards and promote the use of a free, open, and safe internet.

The brief makes several recommendations, such as:

  • Parliament should strengthen legal and regulatory frameworks by amending or repealing regressive and oppressive frameworks to ensure responsible and ethical use of surveillance technology.
  • Parliament should enact laws that specifically protect journalists, whistle-blowers, human rights defenders, and activists from wanton threats, arrests, and prosecutions over legitimate online communications and activism that advances social accountability, respect for human rights, and good governance.
  • Civil society should conduct evidence-based research into the actions of foreign actors and how they adversely impact local laws, policies, and democratic governance.
  • Various stakeholders, including academia, the media, and lawyers, should engage in public interest litigation to challenge provisions in legislation that limit the exercise of digital rights.

See the full policy brief here.

1 3 4 5 6 7 25