Combating Disinformation in Africa: Challenges and Prospects

By CIPESA Staff Writer |

As disinformation grows in form and prevalence in many African countries, the challenges to combating it are equally increasing yet measures to combat it remain inadequate and often inappropriate. This has got disinformation researchers concerned that, if more robust measures are not adopted, disinformation could become pervasive, harder to fight, and with broad social and political ramifications.

While disinformation is not a new phenomenon, a number of factors have spurred it to unprecedented levels. These include the rapid growth of social media usage, emerging media viability challenges, politicians’ increasing influence on the media, the outbreak of the Covid-19 pandemic, and the involvement of mainstream media in spreading disinformation.

Few actors are conducting fact-checking and contributing to fighting disinformation in the region, which is partly due to a shortage of expertise. That requires building a bigger cohort of fact-checkers and arming them with the skills to match the evolving disinformation challenges.  “We need to make fact-checking sexy,” says Rosemary Ajayi, the lead researcher at Digital Africa Research Lab. “We need to learn from the disinformation spreaders. We need to find the motivation behind the disinformation.”

Also crucial to combating disinformation is generating evidence of the form and prevalence of  disinformation, and how it originates and spreads between different mediums and communities. In this regard, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) in conjunction with partners in five countries (Cameroon, Ethiopia, Kenya, Nigeria, and Uganda), is conducting a study to understand the nature, perpetrators, strategies and pathways of disinformation, and its effects on democracy actors including civil society, bloggers, government critics, and activists.

At a related workshop conducted as part of the eighth Forum on Internet Freedom in Africa (FIFAfrica), held in September 2021, experts discussed the factors fuelling disinformation, efforts to contain the problem, and  how disinformation is affecting democracy in African countries.  

Morgan Wack, a PhD Candidate at the University of Washington, said the fracturing of online media and rise of social media has broken up the consolidated media that previously existed. “This is good but it also leaves the media vulnerable and also takes resources away from entities that could have done better fact-checking,” he said.

According to various speakers at the workshop, mainstream media across the continent has increasingly become a key disinformation pathway contrary to the known pillars of traditional media as purveyors of factual and reliable information. As observed by Tessa Knight, a Research Assistant at the Digital Research Forensic Lab, many countries do not have free and independent media and so their stories are often biased. Given the difficulties in fact-checking in such countries, the information remains one-sided. 

With growing media viability concerns, newsrooms are narrowing the choice of issues to cover in order to cut costs. As Knight pointed out, given what is online, there may not be many people interested in what newsrooms are reporting. “We need to acknowledge the financial squeeze on the industry. Also, the fact that people consider other issues more important than say hospital deaths,” she added.

Nonetheless, Ajayi argued that the business model of several media organisations in countries such as Nigeria enables the propagation of disinformation, as some mainstream media were also doing the opposite of what is expected. “All I need to have a story published is to accompany it with an envelope [bribe] and this cuts across all media platforms,” she said. “There is also a close relationship between the government and newsrooms. Government spokespeople have come from the media so if they want to silence a story they know who to contact.” 

Ownership of news organisations by political actors, including individuals holding senior positions in government, also undermines media independence and often renders such media houses sources of disinformation.

There are also concerns about governments using public media platforms and manipulating private media to spread disinformation. “In Ethiopia, the media is largely funded by the government so their news is one-sided, noted Abel Wabella, Executive Director of Inform Africa’s HaqCheck

Yet Ethiopia presents a vivid example of how different political actors are using disinformation to push their agenda, including to destabilise the country. “Now people are suffering a humanitarian crisis because each side is providing contradictory information about the crisis in Ethiopia with a view of pushing their agenda,” said Wabella. He added that it is crucial to counter this disinformation to provide the opportunity for sanitised political conversations and to aid the country’s democratisation process.

Meanwhile, it was reported that during elections in Nigeria and Ghana, politicians assemble armies of commercial influencers to push their agendas that include disinformation. “In Nigeria we call them influenza because their goal is to make their content trend. They use all sorts of tactics, compromised accounts, fake celebrity accounts, fake accounts and also attaching fake giveaways to this content. They manipulate us by making us turn a non-story into a key topic of the day,” Ajayi said. She called for a multi-sectoral and multidisciplinary approach to digital literacy because fact-checking on its own does not work because “fact-checked information is not sexy like disinformation”.

Simone Tousi, a CIPESA Programme Officer for Francophone Africa, said governments in west and central Africa were also heavily relying on mainstream media to spread disinformation. This was undermining the power of mainstream media to deter the spread of disinformation.

The inadequacy of government responses to disinformation was also reflected in their legislative decisions. According to Tousi, disinformation laws and policies have had the net effect of undermining freedom of expression. Accordingly, there is an urgent need to repeal and replace these harmful laws with more progressive legislation.

Africa Law Tech Festival 2021: CIPESA Underscores Strategies to Cutting Through Common Emerging Barriers To Access To Justice Despite the Covid-19 Pandemic

By the Lawyers hub |

At the onset of the COVID-19 pandemic, governments across Africa implemented measures to curb the spread of the virus that greatly disrupted judicial processes, slowing down access to justice. Such measures include suspension of all in- person court activities like mentions, hearings and appeals as well as execution of court judgements. Gradually, courts looked to adopting technological measures to aid in the delivery of justice; measures which despite the noble intentions, had to be grounded in law. 

These developments informed the Collaboration on International ICT Policy for East and Southern Africa (CIPESA)’s masterclass at the second edition of the Africa Law Tech Festival, a five-day annual conference that convenes different stakeholders in Africa to deliberate on digital policy issues. In line with this year’s theme, ‘Digital Policy for Economic Growth’, the class explored The Role of Lawyers and Courts digital access to Justice amidst the Covid 19 Pandemic. CIPESA affirmed that for many African countries, the basis for e-justice can be founded on the supreme law- the Constitution. In July 2020, the Supreme Court of Nigeria ruled in favour of virtual courts and  dismissed suits by Lagos and Ekiti States in which they sought to have virtual courts declared unconstitutional and null and void. 

Since the emergence of COVID-19, the African Judicial system has greatly changed. Courts have developed guidelines and practice notes for development of virtual courts and adopted online case management systems. As at December 2020, at least 20 African states had adopted e-filing and e-service and incorporated virtual hearings. Despite these successes, there are various challenges inhibiting the growth and adoption of virtual courts in Africa including:

The costs of acquisition of hardware and software needed for virtual courts. Africa has the lowest internet penetration rate caused by high cost of services and connectivity devices. In 2020, the Alliance for Affordable Internet reported that Africa had the least affordable smart devices globally costing about 62.8% of individual monthly income. Unaffordable devices raise the cost of connectivity for most Africans, pushing many offline. Conversely, those offline are not able to effectively utilize and participate in virtual courts, thus limiting access to justice. In Uganda, the judiciary obtained support from the UNDP to purchase zoom licenses. In Kenya, the judiciary partnered with the Ministry of ICT to acquire licenses for teleconferencing facilities and technical officers to provide support in respective court stations. 

Africa’s increasing digital divide has further degenerated access to justice. The International Telecommunication Union reports that Africa has the lowest percentage of persons using the internet globally. Moreover, urban areas have twice as much home internet access than rural areas. Despite having internet access, the reliability may be affected by constant power outages. Other justice actors like prisons would also need to be meaningfully connected. Previous efforts to implement the e-filling system and virtual courts by the judiciary in Kenya were slowed down due to lack of digital infrastructure and unreliable electricity in courts. As the adoption of virtual courts becomes widespread, it is crucial to ensure accessibility for all by addressing issues of digital infrastructure, device and broadband affordability otherwise justice would be discriminatory and a violation of their right to access to justice. 

Law and policies regulating the internet are not favourable. For instance, taxation of the internet leads to high data costs which in most cases aggravates digital exclusion. In 2021, Uganda replaced the unpopular social media tax of 200 shillings (USD 0.02) by introducing a 12% excise duty on the internet. In 2018 Zambia introduced a daily tax of USD 0.03 on internet voice calls following research that 80% of the citizens were using internet voice calls like WhatsApp, Skype and Viber. Recently, Kenya raised excise duty on internet services by from 15% to 20% further raising the cost of internet.  Such tax raises the cost of the internet, decreasing affordability for most citizens. Limitation on access and usage stifles innovation and ultimately access to justice as litigants would also be required to meet these high costs whether directly or indirectly. 

While digital security is important for a safe digital space, there has been a rise in cybercrimes during the COVID-19 pandemic. This includes malware that was previously dormant. The Communication Authority of Kenya reported a 152.9% increase in cybercrimes during the pandemic as cyber criminals exploit vulnerable computer systems. With recent cyberattacks in Uganda’s financial system as well as South Africa’s healthcare, there is concern over capacity to deal with cyberattacks given the sensitivity of judicial proceedings. Cyberattacks and crime are usually associated with a chilling effect on the use of digital platforms.

Meanwhile lack of the required digital skills pose a challenge to use of ICTs. While the goal remains to leave no one in Africa offline, African participation may be hindered by lack of digital skills. According to a study by the International Finance Corporation, by 2030,  over 200 million jobs in Africa will require digital skills. This means that Africans should strive to have the basic skills required that allows for full participation in virtual court system such as the filing of documents or attendance of virtual hearings. This is especially so in critical times like the pandemic where isolation could cause one to be away from those with the digital skills.   

From the aforementioned highlights, it is necessary to undertake practice measures that harness access and use of technology for justice. This would in turn lead to maximization of the benefits of e-justice. Similarly, governments should undertake a favourable licensing policy and legal frameworks that encourage investment and connectivity in ICTs. 

CIPESA Supports Impactful Digital Rights Media Advocacy in Africa

By Apolo Kakaire |

Civic space continues to shrink across Africa. In recent years, disruptions to the internet and social media applications have emerged as a common trend of digital repression especially in authoritarian countries in Africa. While the Covid-19 pandemic has reaffirmed the immense importance of digital technologies for government and citizen interactions, public services provision, employment, education and commerce, some governments on the continent used the pandemic as an excuse to impose further clampdowns.  

For full realisation of the potential of digital technologies to transform society and economies in Africa during the pandemic and beyond, there is need for continued advocacy to uphold and protect freedom of expression, access to information, and equitable participation online. 

It is against this background that between July 5-9, 2021, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) in partnership with the African Centre for Media Excellence (ACME) conducted an intensive training course on Digital Rights and Impact Communication for grantees of the Africa Digital Rights Fund (ADRF). The ADRF was launched in April 2019 to offer flexible and rapid response grants to select initiatives in Africa to implement activities that advance digital rights, amidst rising digital rights violations.

The training  equipped civil society organisations (CSOs) with skills, knowledge and tools to effectively communicate digital rights issues and inspired them to approach communication systematically so as to increase the visibility of digital rights issues in different media and to promote public discussion on digital rights issues.

According to Ashnah Kalemera, the Programme Manager at CIPESA, “the training was the result of the realisation that organisations working in the digital rights arena have inadequate skills to effectively and proactively engage the media and to conduct effective public communications.” She added that, as a consequence of this skills gap, “digital rights issues are poorly covered, commonly with limited depth and sensitivity.” 

“Digital rights are a fairly new area of interest, so it is prudent that CSOs working in this space are skilled in pitching appropriate messages in clear language and in making concrete calls to action, especially given that the media is not well-versed or always keen on this subject,” said Kalemera.

The training was preceded by a capacity and training needs assessment which established ADRF grantees’ preeminent training needs as using social media as a tool of influence, communicating research and hard-to sell-subjects, and developing media advocacy strategies. The findings of the assessment informed the development of the curriculum and training resources featuring a mix of trainer-led discussions, experience sharing, case studies, guest lectures, plenary discussions and assignments. 

Sessions during the training included on topics such as Impactful communication and Advocacy, which was led by ACME’s Executive Director, Dr. Peter Mwesige; and Civil Society Relations: Breaking the Barriers, a lecture by Daniel Kalinaki, General Manager, Editorial Nation Media Group in Uganda.  John Baptist Imokola and Dr. Gerald Walulya, both lecturers at Makerere University’s Department of Journalism and Communications, alongside Agnes Tumuheire, Content Manager at Ultimate Media Consults, led the sessions on Communication Planning,  Communicating/ Disseminating Research and Hard-to-Sell Subjects, and Taking Advantage of the Power of Digital/Social Media, respectively.

The 25 trainees, who included the executive leadership, programme and communications officers from ADRF-supported organisations operating in Cameroon, Côte d’Ivoire, Democratic Republic of Congo (DR Congo), Ghana, Kenya, Rwanda, Somalia, Somaliland, Tanzania, Uganda and Zimbabwe, worked to develop internal communications strategies and drafted campaign materials.

Experience from such communication-related training shows that having the right mix of senior staff and implementers from an organisation is a prerequisite for success. Communication being a management function, it helps that the key decision makers share the same vision, outlook and attitude to communication with those that handle the day-to-day communication functions. 

Select participant testimonies“I was very interested in understanding how the media works.  Since I don’t have experience working in media houses, it was a good opportunity to discuss how to engage with the media.” Blaise Ndola, Rudi International – DR Congo.

“I am happy to have participated in this training. The delivery method was well thought-through, the materials were easy to access and understand and the mentors were amazing. Many important questions were answered as a result of this training. [I am] grateful for the opportunity to learn from experts in those fields!” Ayaan Khalif, Digital Shelter – Somalia.

“What l really enjoyed were mostly issues to do with how communities have to embrace digital rights so that they see the benefits that come with digital rights, and the roles CSOs have in ensuring our communities are aware of their rights. And also on issues of media relations strategies how best to come up with a working strategy for the diverse communities we serve.” Michelle N. Q Mulingo, Zimbabwe Centre for Media and Information Literacy (ZCMIL).

Going forward, digital rights advocacy CSOs would benefit from investing in the journalism they want to see. Possible avenues include offering reporting grants to facilitate higher quality research than that done by journalists through media houses’ limited resources.  Follow ups with the trainees/grantees is also necessary to ensure application of acquired skills and knowledge. Moreover, given the fairly high staff attrition rate in CSOs it would be useful to regularly conduct these kinds of training if impact communication is to gain traction in the digital rights arena.

Aperçu de la Responsabilité des Intermédiaires au Sénégal

By Astou Diouf |

Parmi ses homologues ouest-africains, le Sénégal fait partie des leaders dans les efforts de numérisation. Ses classements en matière de liberté de la presse sont élevés et le pays a également enregistré des progrès positifs en matière de protection des données. Les acteurs du secteur des télécommunications comprennent les entrants de 2018, ARC Telecom, WAW Telecom et Africa Access, aux côtés de l’entreprise  Sonatel, Free (initialement sous licence SENTEL, rebaptisée plus tard Tigo) et Expresso Sénégal

De plus, l’accessibilité d’Internet reste un défi, le pays se classant 25ème  sur 72 pays évalués selon l’indice d’accessibilité. En décembre 2020, la pénétration d’Internet au Sénégal était estimée à 88,7% et la pénétration mobile à 114,2%. Cependant, il existe des inquiétudes concernant les contrôles répressifs prétendument destinés à lutter contre la cybercriminalité, la désinformation et les discours de haine. 

Cet article met en évidence l’état de la responsabilité des intermédiaires au Sénégal à travers l’environnement juridique et réglementaire relatif aux obligations des intermédiaires, y compris la divulgation d’informations/données aux autorités répressives, le filtrage ou le blocage de contenu et les limitations du service. 

Aperçu législatif et réglementaire

La loi sur les transactions électroniques et le décret sur les communications électroniques sont les principales législations qui établissent un cadre de responsabilité des intermédiaires au Sénégal. L’article 3(1) de la loi n° 2008-08 du 25 janvier 2008 relative aux transactions électroniques désigne les intermédiaires comme « les personnes dont l’activité est de fournir au public l’accès à des services par le biais des technologies de l’information et de la communication ».

S’inspirant de la loi française n° 2004-575 du 21 juin 2004 pour la confiance dans l’économie numérique, la loi de 2008 impose aux intermédiaires des obligations limitées de surveillance des contenus, mais les oblige à mettre en place des mécanismes pour supprimer ou empêcher l’accès aux contenus illicites, informer les utilisateurs des restrictions de service et des plaintes.

L’article 3(2) précise les personnes physiques ou morales qui fournissent au public un service de stockage de signaux, d’écrits, d’images, de sons ou de messages «  ne peuvent pas voir leur responsabilité civile engagée du fait  des activités ou des informations stockées à la demande d’un destinataire de ces services si elles n’avaient pas effectivement connaissance de leur caractère illicite ou de faits et circonstances faisant apparaître ce caractère ou si,  dès le moment où elles en ont eu cette connaissance, elles ont agi promptement pour retirer ces données ou pour en rendre l’accès impossible ».

Cependant, sans une définition claire de ce qui constitue un contenu illicite, la loi sur les transactions électroniques laisse place à la restriction de l’accès à un contenu arbitrairement jugé illégal, mais il n’existe pas de dispositions claires sur les moyens de contester les décisions de retrait de contenu. 

En revanche, la confidentialité des informations personnelles est exigée par l’article 5. Le non-respect des dispositions de la loi sur les transactions électroniques constitue une infraction aux articles 431-46 à 431-49 du Code pénal de 2016, passible d’une amende de 250 000 à 1 000 000 de francs (461 à 1 845 USD), d’un emprisonnement de six mois à un an, ou des deux.

Le décret de 2008 sur les communications électroniques considère les intermédiaires comme des parties neutres n’exerçant aucun contrôle sur le contenu, en partant du principe qu’ils ne font que transmettre ou stocker des informations, parfois de manière temporaire. Ainsi, l’article 6 limite la responsabilité des intermédiaires lorsque « 1) ils ne choisissent pas le destinataire de la transmission ; 2) ils n’initient pas la transmission ; 3) les activités de transfert et de fourniture d’accès visent exclusivement à effectuer la transmission ou la fourniture d’accès ; 4) ils ne modifient pas les informations soumises à la transmission ; 5) ils exécutent une décision d’une autorité judiciaire ou administrative de supprimer l’information ou d’en interdire l’accès. 

Alors que la loi sur les transactions électroniques et le décret sur les communications électroniques limitent la responsabilité des intermédiaires, d’autres lois imposent des obligations qui ont des implications sur les droits des utilisateurs, comme détaillé ci-dessous. Il s’agit notamment de la loi sur les services de renseignement, de la loi modifiant le Code de procédure pénale, du Code des communications électroniques et de la loi modifiant le Code pénal.

Interception des communications et divulgation d’informations

La loi n°2016-33 du 14 décembre 2016 relative aux services de renseignement en vertu de l’article 10 précise que dans l’intérêt de la sécurité nationale, les autorités de renseignement peuvent « utiliser des procédures techniques, intrusives, de surveillance ou de localisation pour collecter des informations utiles à la neutralisation de la menace ». L’article 11 exige des prestataires de services qu’ils coopèrent et assistent des « organismes privés concernés » non spécifiés dans leurs activités de renseignement. 

La loi n° 2016-30 modifiant la loi n° 65-61 de 1965 portant code de procédure pénale mentionne également la responsabilité des intermédiaires en matière d’enquêtes pénales. L’article 90-11 exige la coopération d’intermédiaires avec les autorités d’enquête pour collecter ou l’enregistrer « en temps réel » des données et communications électroniques pertinentes. L’article 90-14 prévoit que le procureur de la République doit adresser aux opérateurs de télécommunications et aux fournisseurs de services une demande formelle de coopération. L’enregistrement et l’interception des communications en vertu du code pénal sont soumis à l’autorisation écrite d’un juge.

En outre, l’article 90-17 habilite les juges à ordonner aux intermédiaires de décrypter les données ou de fournir des informations sur le fonctionnement des systèmes cryptés. Les ordonnances ne sont pas susceptibles d’appel et leur validité est limitée à une période de deux à quatre mois renouvelable au cas par cas. L’absence de dispositions permettant aux personnes faisant l’objet d’une surveillance de contester les ordonnances judiciaires va à l’encontre des dispositions de la Convention de Budapest (à laquelle le Sénégal est partie), qui vise à assurer un équilibre approprié entre les intérêts des forces de l’ordre et le respect des droits fondamentaux de l’homme.

L’article 20 du Code des communications électroniques réaffirme l’obligation pour les prestataires de services de coopérer avec les autorités gouvernementales conformément aux dispositions de l’article 90-11 du Code de procédure pénale, notamment en divulguant les informations pertinentes et en offrant une assistance technique sur demande. 

Limitations du service

Le Code des communications électroniques 2018 impose aux fournisseurs de services de « prévenir une congestion imminente du réseau et atténuer les effets d’une congestion exceptionnelle ou temporaire, pour autant que les catégories équivalentes de trafic fassent l’objet d’un traitement égal » (article 27) ». Il ajoute que « l’autorité de régulation peut autoriser ou imposer toute mesure de gestion du trafic qu’elle juge utile pour préserver la concurrence dans le secteur des télécommunications électroniques et assurer un traitement équitable de services similaires ». En application de ces dispositions, les intermédiaires peuvent réduire le débit ou interrompre Internet à des moments et des lieux, sous prétexte de réduire la congestion du réseau. Les dispositions confèrent également à l’Autorité de régulation des télécommunications et des postes (ARTP) des pouvoirs illimités pour autoriser ou imposer des restrictions sur la disponibilité des réseaux de communication numériques. 

Des exigences strictes de confidentialité et de continuité de service sont également imposées aux intermédiaires et à leur personnel en vertu de l’article 167 du Code pénal qui prévoit  que « la suppression ou l’ouverture de correspondance adressée à des tiers de mauvaise foi » est un délit passible d’un emprisonnement de six jours à un an et une amende de 20 000 à 100 000 francs (36 à 185 USD), ou les deux.  

Restrictions de contenu

Il n’y a pas d’obligations spécifiques pour les intermédiaires de surveiller activement les réseaux et les plateformes à la recherche de contenus contrefaits. L’article 3, paragraphe 5, de la loi de 2008 sur les transactions électroniques stipule que les prestataires de services « ne sont pas soumises à une obligation générale de surveiller les informations qu’ils transmettent ou stockent, ni à une obligation générale de rechercher des faits ou des circonstances révélant des activités illicites ». Cependant, la disposition fait l’objet d’une activité de surveillance ciblée et de demandes des autorités judiciaires. En ce qui concerne les crimes contre l’humanité, l’incitation à la haine raciale et la pornographie infantile, l’article 3, paragraphe 5, prévoit que les intermédiaires doivent mettre en place des systèmes « facilement accessibles et visibles » pour permettre que de tels contenus soient portés à leur attention.

Alors que la Constitution du Sénégal garantit la liberté d’expression, l’article 255 du Code pénal prévoit que : « La publication, la diffusion, la divulgation ou la reproduction, par quelque procédé que ce soit, de fausses nouvelles, fabriquées, falsifiées ou faussement attribuées à des tiers » qui entraîne la désobéissance civile, met en danger la population ou discrédite les institutions publiques est un délit passible d’un emprisonnement d’un à trois ans et d’une amende de 100 000 à 1 500 000 francs (185 à 2 770 USD). Sans une définition claire de ce qui constitue une fausse nouvelle et compte tenu des exigences de coopération avec les autorités chargées de l’application des lois, le défaut des intermédiaires de signaler toute infraction peut entraîner des sanctions. 

Aux termes de l’article 431-61 du Code pénal, la condamnation pour une infraction à la loi commise via des communications électroniques entraîne des peines supplémentaires. Elles comprennent l’interdiction d’envoyer des communications électroniques, l’interdiction temporaire ou définitive d’accéder au site utilisé pour commettre l’infraction ou à son hébergeur. L’article impose également aux prestataires de services de mettre en œuvre les mesures nécessaires pour assurer le respect des sanctions, dont la violation est un délit passible de six mois à trois ans d’emprisonnement et d’une amende de 500 000 à 2 000 000 francs (923 à 3 693 USD). 

Cas de responsabilité des intermédiaires 

  1. Plusieurs entités privées et publiques collectent des données à caractère personnel au Sénégal. Par exemple, il existe un enregistrement obligatoire de la carte SIM lié à la base de données nationale d’identité. Cependant, de nombreux cas de non-respect de la loi sur la protection des données et des règlements de la Commission des données personnelles (CDP) ont été signalés. Voir, par exemple, l’avis trimestriel du CDP
  2. Lors des émeutes du début de l’année 2021, le gouvernement a suspendu les chaînes de télévision privées Sen TV et Walf TV pour avoir diffusé à plusieurs reprises des images des troubles qui ont suivi l’arrestation du leader de l’opposition sénégalaise Ousmane Sonko. En outre, l’accès aux plateformes de médias sociaux, notamment YouTube et Whatsapp, a été restreint.
  3. Le 20 juin 2019, le journal en ligne « Pressafrik » aurait été inaccessible pendant des heures après avoir collaboré avec la BBC sur un reportage d’enquête sur des allégations de corruption impliquant le frère du président Macky Sall. Selon le directeur  de publication Ibrahima Lissa Faye, le piratage a été “sponsorisé” étant donné que “60 % des sites d’information sénégalais sont chez le même hébergeur et PressAfrik est le seul site à être inaccessible”. 
  4. Le régulateur des télécommunications, l’ARTP, a par le passé lancé des ultimatums aux opérateurs de télécommunications pour améliorer la qualité des services.
  5. Selon le rapport Transparence de Facebook, le Sénégal a fait six demandes de données d’utilisateurs, concernant sept comptes en 2020  dont aucune n’a été respectée. Les demandes antérieures, au nombre de 21 pour la période 2016-2019, n’ont pas non plus été satisfaites.
  6. Depuis 2009, le Sénégal a fait quatre demandes de suppression de contenu à Google.
  7. En 2016, le Sénégal aurait fait le deuxième plus grand nombre de demandes d’informations sur les abonnés  à Orange  – 18 653, contre 13 557 l’année précédente.  

Conclusion et recommandations

 

L’environnement législatif et pratique de la responsabilité des intermédiaires au Sénégal manque de clarté sur les rôles et les obligations. Dans certains cas, des pouvoirs excessifs sur l’exploitation du réseau sont accordés aux prestataires de services et au régulateur. Dans d’autres, les exigences de coopération avec les autorités répressives sont larges, sans spécifier les voies de recours en cas d’abus des droits des utilisateurs. Alors que la loi sur les transactions électroniques et le décret sur les communications électroniques sont clairs sur le rôle de l’intermédiaire en ce qui concerne le contenu de l’utilisateur, la loi sur les services de renseignement, le code pénal et d’autres documents prévoient des dispositions contradictoires relatives à la surveillance et à l’interception des communications susceptibles de porter atteinte à la vie privée et à la liberté d’expression en ligne.

Une législation spécifique est nécessaire pour déterminer la responsabilité des intermédiaires, y compris avec précision sur les contenus susceptibles de faire l’objet d’un retrait ou d’un blocage, des procédures d’appel pour les décisions et des mesures de rétablissement des contenus supprimés. En l’absence d’un document juridique spécifique entièrement dédié à la responsabilité des intermédiaires, la définition de la responsabilité des intermédiaires, des responsabilités et obligations, ainsi que des contenus illicites devrait être claire et cohérente dans l’ensemble de la législation existante.

Pour leur part, les intermédiaires devraient fournir des conditions d’utilisation des services claires, accessibles et compréhensibles, y compris des options de confidentialité, de sauvegarde et d’anonymisation, dans des formats accessibles afin de promouvoir la confidentialité et la protection des données. En outre, une transparence accrue des prestataires de services devrait inclure une communication préalable des modifications apportées aux politiques d’utilisation pertinentes, des restrictions de service, ainsi que la publication de rapports détaillés sur la coopération avec les autorités. Parallèlement, il est nécessaire de renforcer les partenariats et l’engagement avec la société civile en vue d’un plaidoyer collaboratif pour promouvoir les principes des entreprises et des droits de l’homme.

Astou DIOUF est boursière CIPESA et travaille sur le rôle des intermédiaires et des fournisseurs de services Internet dans la lutte contre la Covid-19 au Sénégal, notamment sur des questions telles que la facilitation de l’accès à Internet, les atteintes à la vie privée et aux données personnelles, et le contenu.

Overview of Intermediary Liability in Senegal

By Astou Diouf |

Among its west African counterparts, Senegal is among the leaders in digitalisation efforts. Its press freedom rankings are high and the country has also recorded positive strides in data protection. Telecommunications sector players include 2018 entrants ARC Telecom, WAW Telecom and Africa Access, alongside the state-owned Sonatel, Free (initially licensed as SENTEL, later rebranded as Tigo), and Expresso Senegal

Moreover, internet affordability remains a challenge, with the country ranked 25th out of 72 countries assessed under the Affordability Index. As at December 2020, internet penetration in Senegal was estimated at 88.7% and mobile penetration at 114.2%. However,  there are concerns about repressive controls purportedly aimed at countering cybercrime, misinformation and hate speech. 

This article highlights the state of intermediary liability in Senegal, including the legal and regulatory environment relevant to intermediaries’ obligations including information/ data disclosure to law enforcement authorities, filtering or blocking content, and service restrictions. 

Legislative and Regulatory Overview

The electronic transactions law and eCommunications decree are the primary legislations that establish an intermediary liability framework in Senegal. Article 3(1) of law n° 2008-08 of January 25, 2008 on Electronic Transactions refers to intermediaries as “persons whose activity is  to provide  the public access to services through information and communication technologies”.

Borrowing from France’s law n° 2004-575 of June 21, 2004 on Confidence in the Digital Economy, the 2008 law places limited obligations on intermediaries to monitor content, but requires them to put in place mechanisms to remove or prevent access to unlawful content, inform users of service restrictions and complaints.

Article 3(2) states that a natural or legal persons who provides  to the public a service of storage of signals, writings, images,  sound or messages “cannot be held liable for the activities or information stored at the request of a recipient of these services if they did not have actual knowledge of their illicit nature or of facts and circumstances showing this nature or if, from the moment they had such knowledge, they acted promptly to remove this data or to make access [to it] impossible“.

However, without a clear definition of what constitutes illicit content, the electronic transactions law leaves room for restriction of access to content arbitrarily deemed illegal yet there are no clear provisions on ways to challenge content takedown decisions. 

On the upside, confidentiality of personal information is required under Article 5. Failure to comply with the provisions of the electronic transactions law is an offence under Articles 431-46 to 431-49 of the Penal Code, 2016, punishable with a fine of between 250,000 and 1,000,000 Francs (USD 461-1,845), imprisonment of between six months and one year, or both. 

The 2008 decree on eCommunications considers intermediaries to be neutral parties with no control over content, assuming that they merely provide transmission or storage of information, sometimes temporarily. Accordingly, Article 6 limits the liability of intermediaries when “1) they do not select the recipient of the transmission; 2) they do not initiate the transmission; 3) the activities of transfer and provision of access are aimed exclusively at carrying out the transmission or provision of access; 4) they do not modify the information that is subject to transmission; 5) they execute a decision of a judicial or administrative authority to remove the information or prohibit access to it.” 

While the electronic transactions law and the eCommunications decree limit the liability of intermediaries, other laws place obligations that have implications on users’ rights as detailed below. These include the law on intelligence services, the law amending the Code of Criminal Procedure, the eCommunications Code and the law amending the Penal Code.

Interception of Communications and Information Disclosure

The law n°2016-33 of December 14, 2016 relating to Intelligence Services under Article 10 states that in the interest of national security, intelligence authorities can “use technical, intrusive, surveillance or location procedures to collect information useful for neutralising the threat’’. Article 11 requires service providers to cooperate with and assist unspecified “relevant private bodies” with intelligence activities. 

Act No. 2016-30 amending Act No. 65-61 of 1965 on the Code of Criminal Procedure also mentions  intermediary liability in relation to criminal investigations. Article 90-11 requires the cooperation of intermediaries with investigative authorities in collecting or recording “in real time” relevant electronic data and communications. Article 90-14 provides that a public prosecutor must issue  to telecommunications operators and service providers a formal request for cooperation. Recording and interception of communications under the criminal code are subject to written authorisation by a judge. 

Further, article 90-17 empowers judges to order intermediaries to decrypt data or provide information on the operation of encrypted systems. Orders are not subject to appeal and their validity is restricted  to between two and four months renewable on a case-by-case basis. The lack of provisions for individuals subject to surveillance to challenge court orders is against the provisions of the Budapest Convention (which Senegal is Party to), aimed at ensuring an appropriate balance between the interests of law enforcement and respect for fundamental human rights.

Article 20 of the eCommunications Code re-emphasises the requirement for service providers to cooperate with government authorities in accordance with the provisions of Article 90-11 of the Code of Criminal Procedure, including through disclosing relevant information and offering technical assistance when asked. 

Service Restrictions

The 2018 eCommunications Code requires service providers to “prevent impending network congestion and mitigate the effects of exceptional or temporary congestion, provided that equivalent categories of traffic are subject to equal treatment” (Article 27)”. It adds that “the regulatory authority may authorise or impose any traffic management measure it deems useful to preserve competition in the electronic telecommunications sector and ensure fair treatment of similar services.” In application of these provisions, intermediaries can reduce the speed or interrupt the internet at times and locations, under the pretext of reducing network congestion. The provisions also give the Telecommunications and Postal Regulatory Authority (ARTP) unchecked powers to authorise or impose restrictions  on the availability of digital communication networks. 

Strict confidentiality and continuity of service requirements are also placed on intermediaries and their staff under the Penal Code Article 167 which states that “deletion or opening of correspondence addressed to third parties in bad faith” is an offense punishable by imprisonment for between six days and one year, a fine of 20,000-100,000 francs (USD 36-185), or both.  

Content Restrictions

There are no specific obligations for intermediaries to actively monitor networks and platforms for infringing content. Article 3(5) of the 2008 electronic transactions law states that service providers “are not subject to a general obligation to monitor the information they transmit or store, nor to a general obligation to search for facts or circumstances revealing illicit activities.” However, the provision is subject to targeted surveillance activity and requests by judicial authorities. In relation to crimes against humanity, incitement to racial hatred and child ponography, Article 3(5) states that intermediaries should set up systems that are “easily accessible and visible” to allow for such content to be brought to their attention. Furthermore, to promptly inform authorities of infringing content and inform users of the policies and practice in place to fight against illegal content. 

Whereas the Constitution of Senegal guarantees free speech, the Penal Code under Article 255 provides that: “The publication, dissemination, disclosure or reproduction, by any means whatsoever, of false news, fabricated, falsified or falsely attributed to third parties” that results in civil disobedience, endangers the public, or discredits public institutions is an offense punishable by imprisonment of one to three years and a fine of 100,000 to 1,500,000 Francs (USD 185 to 2,770). Without a clear definition of what constitutes false news, and considering requirements to cooperate with law enforcement authorities, failure of intermediaries to report any infringements may lead to sanctions. 

Under Article 431-61 of the Penal Code, conviction for an offense under the law that is committed via electronic communications attracts additional penalties. They include prohibition from sending electronic communications, temporary or permanent prohibition of access to the site used to commit the offense or its host. The article also requires service providers to implement measures necessary to ensure compliance with the penalties, violation of which is an offense punishable by six months to three years imprisonment and a fine of 500,000 to 2,000,000 Francs (USD 923 to 3,693). 

Cases of intermediary liability 

  1. Several private and public entities collect personal data in Senegal. For instance, there is Mandatory SIM card registration linked to the national identity database. However, there have been numerous reports of non-compliance with the data protection law and Commission of Personal Data (CDP) regulations. See, for instance, quarterly CDP notice
  2. During riots in early 2021, the government suspended private television channels Sen TV and Walf TV for repeatedly broadcasting images of the unrest following the arrest of the Senegalese opposition leader Ousmane Sonko. Furthermore, access to social media platforms including Youtube and Whatsapp was restricted.
  3. On June 20, 2019, the online newspaper “Pressafrik” was allegedly inaccessible for hours after it collaborated with the BBC on an investigative report into allegations of corruption implicating the brother of President Mack Sall. According to the Publishing Director Lissa Faye, the hack was “sponsored” given that “60% of Senegalese news sites are with the same host and PressAfrik is the only site to be inaccessible”. 
  4. The telecoms regulator ARTP has in the past issued ultimatums to telecommunications operators to improve quality of services.
  5. According to Facebook’s Transparency report, Senegal made six requests for user data, relating to seven accounts in 2020 – none of which was complied with. Earlier requests totaling 21 in the period 2016-2019 were also not complied with.
  6. Since 2009, Senegal has made four requests to remove content to Google
  7. Back in 2016, Senegal is reported to have made the second highest number of subscriber information requests  to Orange  – 18,653, up from 13,557 the previous year.  

Conclusion and Recommendations

The legislative and practice environment for liability of intermediaries in Senegal lacks clarity on roles and obligations. In some cases excessive powers over network operations are granted to service providers and the regulator. In others, requirements to cooperate with law enforcement authorities are broad, without specifying the recourse avenues for abuse of users’ rights. While the eTransactions Act and the Decree on eCommunications are clear about intermediary’s role regarding user’s content, the Intelligence Services Act, the Penal Code and other documents provide conflicting provisions related to surveillance and interception of communications that are likely to infringe privacy and freedom of expression online. 

There is need for specific legislation to determine the liability of intermediaries including with precision on content subject to take down or blockage, appeals procedures for decisions and measures for reinstating removed content. In the absence of a specific legal document entirely dedicated to intermediary liability, definition of intermediary liability, responsibilities and obligations, as well as unlawful content should be clear and consistent across all the existing legislation.

For their part, intermediaries should provide clear, accessible and understandable terms and conditions for service use, including options for privacy, back up and anonymisation, in accessible formats towards promoting privacy and data protection. Furthermore, increased transparency of service providers should include advance communication of changes to relevant user policies, service restrictions, as well as publication of detailed reports on cooperation with authorities.  Meanwhile, there is need for increased partnerships and engagement with civil society towards collaborative advocacy to promote business and human rights principles

Astou Diouf is a CIPESA Fellow, working on the role of internet intermediaries and service providers in the fight against Covid-19 in Senegal, including on issues such as facilitating increased access to the internet, privacy and personal data infringements, and content.