Uganda: When National Security Trumps Citizens’ Internet Freedoms

The Ugandan telecommunications sector was liberalised in 1998, resulting in an influx of service providers – there are currently four major mobile telecom operators and more than 30 Internet Service Providers (ISPs). The establishment of a Uganda Internet Exchange Point (UIXP) allows for local internet traffic routing, increased speeds and lower costs. The regulatory body reports a teledensity of 52 phones per 100 inhabitants and an internet penetration rate of 20%.
Ugandans have embraced social media as an alternative means of communication with their peers as well as for engaging with government. This is seen in the increase in the popularity of social networking sites such as Facebook, Twitter, LinkedIn, Youtube and Blogspot, which are ranked among the top 10 most visited websites in Uganda. As such the government has developed social media guidelines to aid its ministries, agencies and departments in communicating and engaging with citizens online.
However, as the telecommunications sector grows, so have the number of laws passed to regulate it. Some of these laws have drawn criticism from internet actors both locally and internationally due to their severity, infringement on human rights and contradictions with other existing legislation, including the constitution.

“No person shall be subjected to interference with the privacy of that person’s home, correspondence, communication or other property.”

Article 27 (2) of Ugandan Constitution

The use of ICTs in Uganda is threatened by the very laws that are meant to both protect citizens and ensure their rights. The Regulation of Interception of Communications Act, 2010, the Anti-Terrorism Act No.14 of 2002, the Anti-Pornography Act of 2014 and the Anti-Homosexuality Act of 2014 have undercurrents of surveillance, content filtering, and monitoring.
Although these laws are guised under provisions aimed to protect national security or fight cybercrime, in effect they may serve to silence voices critical to the state. Ultimately, these provisions are resulting in self-censorship by both ordinary online users and the media.
Provisions in the Electronic Transactions Act of 2011 limit the liability of ISPs for users’ content and do not require them to monitor stored or transmitted data including for unlawful activity. However, other laws place ISPs at a cross roads of service provision and protection of subscriber information. They are required to lawfully release users’ data to state agencies for purposes such as fighting terrorism and cybercrime. Moreover, the Anti-Pornography Act (2014) requires them to monitor, filter and block content of a pornographic nature.
In the absence of a data protection and privacy law, just like other countries in East Africa (State of Internet Freedom in East Africa), users’ data is vulnerable to mishandling and abuse by the state and ISPs. These vulnerabilities are also transferred to the offline world where freedom of expression and assembly have not been spared as seen in the limiting provisions under the Public Order Management Act, 2013.
It should be noted that the Ugandan government recently announced plans to draft a Data Protection and Privacy Bill. This is a positive step toward the protection of personal information and its use by the government and the private sector.
Read more in the 2014 Internet Freedom in Uganda Report prepared by CIPESA under the OpenNet Africa initiative. The report provides a status of the legislative environment and threats to internet freedoms in the country.

Towards an African Declaration on Internet Rights

As internet usage continues to grow in Africa, so does the interest by governments to monitor users’ online activities. This has led to a clash between internet rights promoters and governments in some African countries.
On February 12–13, 2014, participants from several African civil society organisations involved in promoting human rights and internet rights convened in Johannesburg, South Africa to draft an African Declaration on Internet Rights and Freedoms. The meeting was organised by the Association for Progressive Communications (APC) and Global Partners Digital in collaboration with the Media Rights Agenda, Media Foundation for West Africa and the Kenya Human Rights Commission.
Many countries justify their tough stance on internet freedom as necessary to fight cybercrime, promote peace and maintain national security. Whereas some of these policies and practices have been adopted by authoritarian regimes to retain power, others were in response to national crisis contexts such as hate speech and terrorism. Ultimately, the measures have often had chilling effects on access to information, freedom of expression, privacy and data protection.
Participants in this meeting called for the promotion of an open, free and accessible internet. Issues identified as the most crucial and still hindering internet growth in Africa that need immediate action were: improving access to internet including the development and promotion of localised multi-lingual content; addressing internet infrastructure obstacles; capacity building for users; and the need to create a balance between freedom of expression and privacy of users.
Others identified were data protection, addressing gender inequalities and gender-based violence against women online, and adopting supportive ICT policies that promote freedom of expression online and equitable access to information.
Due to increased internet freedom violation incidents coupled with regressive policies being made in many countries, the need for a well-defined Internet Intermediary Liability (ILL) regime has also become increasingly apparent. Another meeting held on February 10-11, 2014 organised by the APC with support from Google Africa discussed the responsibility that may be placed on intermediaries in implementing monitoring and control mechanisms laid down by the laws.
At the regional level, there are legal and regulatory frameworks like the Africa Charter on Declaration of Principles on Freedom of Expression in Africa, which provide limited protection for internet rights and the liability of internet intermediaries. It was noted that such frameworks could act as building blocks for individual countries to draw up best practices on ILL regimes.
There was consensus that such existing frameworks should be the basis for adopting a general guide with definitions of terms on Internet intermediary liability. This guide would act as central referencing document on which individual countries would base their national IIL regimes.
During the discussions, participants charted their thoughts on a best practice guide for an IIL regime for Africa by asking the below questions:
Untitled
 
While responding to these questions, participants recognised that intermediaries can play a crucial role in promoting Internet freedoms in Africa.
Meanwhile, the meeting also reviewed recent policy and practice developments in Uganda, Kenya, South Africa and Nigeria since the 2011 Intermediary Liability in Africa research. It identified a need to increase awareness among different stakeholder groups of the importance of clear regulatory frameworks for intermediary liability to secure rights on the internet; and for stronger collaboration to advocate for best practice internet intermediary regulatory measures in Africa.
The outcomes of both these meetings will form the basis for the draft civil society Africa Declaration on Internet Rights and Freedoms, which will be launched at the ninth global Internet Governance Forum (IGF) in Istanbul, Turkey September 2-5, 2014. The declaration will be available for public input throughout the period leading up to IGF 2014.

Internet Freedom: Should Africa Prioritise Access or Security?

By CIPESA Writer in Stockholm
An interesting conversation is taking place in the Swedish capital Stockholm. At the Stockholm Internet Forum (SIF), which is being watched online by audiences around the world, a journalist with Uganda’s Daily Monitor newspaper asked a question that is central to much of the debate here. Should people in his country be concerned about the so-called internet rights when majority of them do not even have access to the internet, and when big numbers of them lack access to clean water? As the journalist addressed a global audience of online rights activists, back home his newspaper, the two radio stations it runs, and another independent newspaper (The Red Pepper), remained shut down for a fourth day. Under the guise of searching for a document allegedly authored by the head of Uganda’s intelligence services, which President Yoweri Museveni’s government deemed a threat to national security. The police ransacked and cordoned off the media houses. Their computers and servers were being searched; the radio transmitters switched off despite a court order for the security agencies to vacate the media premises.
However, his concerns rhyme with concerns from other participants at the forum. Questions such as, should developing countries prioritise giving access to the internet to more of their citizens or should they instead dwell on improving security and privacy for current internet users?, were at the center of the discussions.
For many of the participants from Africa who spoke to CIPESA, access to the internet remains a key concern on the continent. Only a fraction of people on the continent are users of the Internet (estimated at 15% of the continent’s population). But user numbers are rising fast, driven by increased availability of affordable marine fibre optic bandwidth, a rise in private sector investments, the popularity of social media and innovative applications, not forgetting an increased use of the mobile phone to access the internet.
But as more Africans are getting online, more African governments are moving to curtail online freedoms using both legal and non-legal means. The pity, said the African observers, was that there was little understanding in African countries of the need to protect and to promote these internet rights and freedoms. More so, in most countries there were few actors talking about these matters and creating awareness about the citizens’ right to seek, receive and impart information and ideas through digital technologies.
But back to the question: should African countries priorities access or security? “It is important when you talk of the internet not to think of it chronologically,” said Ross LaJeunesse, Global Head of Free Expression and International Policy at Google. “The internet as we know it is supposed to be free and open… you would be doing a disservice to people if you offer it otherwise.” Anja Kovacs of the Internet Democracy Project in Delhi, India, agreed: we do not need to get everyone online before we start thinking of making it secure for people to be on the internet. “Security has to come at the same time as access,” said Kovacs.
Protecting internet freedoms is becoming of growing interest to academics, human rights activists and media worldwide, including in developed countries, where some governments are using the excuse of fighting cybercrime to limit citizens’ online freedoms. Ron Deibert, head of the Citizen Lab at the University of Toronto, Canada, has led a 10-year research into this issue, and on Tuesday, May 21 launched a well-received book, Black Code in which he contends that the internet’s original promise of a global commons of shared knowledge and communications is now under threat.
Intelligence agencies that were less accountable are taking over aspects of monitoring internet freedoms. Meanwhile, citizens are placing a growing amount of data into the hands of private companies which are increasingly being asked to monitor the internet. Worryingly too is that most of the new users are coming from countries with fragile democratic systems, where internet rights could more easily be trampled.
These concerns/fears are also being investigated by CIPESA under the OpenNet Africa Project. The project is monitoring internet freedoms in a number of African countries such as Ethiopia, Kenya, Rwanda, South Africa and Uganda. We are documenting internet rights violations and reviewing cyber security policies and legislations in these countries to see how they enhance, or undermine, internet freedom.
More on SIF: http://www.stockholminternetforum.se/
Follow on twitter: @sif13

Balancing Freedom of Expression And Privacy

Striking a balance between freedom of expression and privacy on the internet was the focus of a panel discussion at a review of one decade after the World Summit of the Information Society (WSIS). The WSIS+10 Review meeting took place at the UNESCO headquarters in Paris, France, February 25-27, 2013.
What convergences and tensions exist between freedom of expression and privacy online? What are the implications of approaching the balance between free expression and privacy from a freedom of expression–centric point of view? What actions can governments, civil society, media and the private sector take to balance privacy with freedom of expression online? And what is the best way to empower users? These are some of the questions addressed at the session on ‘Promoting of Freedom of Expression and Privacy Online’. CIPESA’s Lillian Nalwoga was the remote moderator for the session.
The session built on earlier discussions held at the 7th Internet Governance Forum (IGF) in Baku, Azerbaijan on promoting both freedom of expression and privacy on the internet. It also drew from the Global Survey of Internet Privacy and Freedom of Expression – a UNESCO 2012 publication – which highlights a diverse international regulatory landscape, and the challenges posed by discrepancies in laws pertaining to the online and off-line spheres, and between national and international jurisdictions.
During the session, Pranesh Prakash from the India-based Center for Internet Society stressed the need for more relaxed regulations to govern the conduct of the private sector. He noted that “one must give the private sector enough leeway to safeguard them from responsibility for users’ actions and the requirement of taking down reasonable speech.” However, he added that the commercial sector has divergent interests and they do not necessarily align with public interests.
According to him, differing public and private sector interests coupled with unenforceability of self-regulation mechanisms and the jurisdictional issues of the internet mean that the conflict between freedom of expression and privacy cannot be easily resolved through public policy options that are only aimed at the private sector.
Patrick Ryan, a Policy Counsel from Google who was also a panelist, argued that the move to the “cloud” brings with it both enhanced privacy and security benefits, while at the same time putting data  potentially at risk. Noting that government surveillance remained one of the biggest threats to privacy, he stressed that the private sector needs to share more information on government take down requests that violate individuals’ privacy and free speech.
Meanwhile, William Dutton, a professor of Internet Studies at Oxford Internet Institute, stressed the importance of recognising the power of the internet in empowering networked individuals and enabling freedom of expression, like never before. He cautioned that if nations do not approach the issue of striking a balance between freedom of expression and privacy appropriately, some of the key benefits of the internet may be lost. He noted that whilst some nations have taken progressive steps, many others are moving in the wrong direction and various global policy choices are increasingly restricting freedom of expression.
Indeed, this has been illustrated by worldwide trends towards more content filtering and censorship. Dutton said adopting inappropriate models for internet governance and regulation, such as disproportionate levels of surveillance in the name of security, reliance on intermediaries to regulate content, and assertion of national sovereignty and jurisdiction in the online world are threatening privacy and freedom of expression.
Key recommendations from this session were: avoiding a moral panic over privacy; creating widespread awareness of issues concerning privacy and data protection among users especially the young generation; updating policy and regulatory frameworks that address freedom of expression and privacy online; and having a clear definition on national security interests.
For more information, please visit – https://www.unesco-ci.org/cmscore/events
Promoting of Freedom of Expression and Privacy Online
Follow WSIS+10 on twitter at #WSIS

Monitoring Internet Openness in Africa

With internet usage continuing to spread across Africa, there are numerous purposes to which African users are putting the internet – from mobile banking, to connecting with fellow citizens and with leaders, tracking corruption and poor service delivery, innovating for social good, and just about everything else.
The increasing usage of the internet, however, has in some countries attracted the attention of authorities, who are eager to provide caveats on the openness of the internet and the range of freedoms which citizens enjoy online. The popularity of social media, the Wikileaks diplomatic cables saga and the Arab Spring uprisings have led many governments including those in Africa to recognise the power of online media.
The year 2012 saw a number of African states put curbs on Internet Rights, in what portends tougher times ahead for cyber security. According to the Freedom on the Net 2012 report published by Freedom House, both physical and technical mechanisms of filtering, monitoring or otherwise obstructing free speech online have been employed by states concerned with the power of internet-based technologies.
In its study, Freedom House covered developments in internet freedom in 47 countries around the world.  Based on an examination of obstacles to access, limits to content, and violation of user rights on the internet, countries were scored as ‘Free’, Partly Free’ or ‘Not Free’. The study found that in Sub Saharan Africa, Ethiopia was the only country to implement nationwide internet filtering. Meanwhile, South Africa and Kenya were reported as the most free. The former was credited for its high internet usage compared to other countries at the same level of development and the latter for its “growing diversity in content and fewer cases of arrest or censorship than in previous years.”
Ethiopia was reported as using paid pro-government commentators to manipulate internet discussions. There were also crackdowns and prosecutions of online,journalists as well a law that since 2002 prohibits the use of VoIP (Voice Over Internet Protocol). In Zimbabwe, regime critics were said to often be faced with politically motivated cyber attacks.
Even Kenya, all its ICT sector positives notwithstanding, was reported as one of the governments seeking “less visible means” to control internet freedoms. The Country’s communications regulatory is reportedly setting up a surveillance system to monitor email communications due to cyber security threats. Pending legislation in South Africa, which requires telecommunications service providers to broaden their surveillance obligations, was also noted as having the potential to mass monitor communications.
Despite having relatively low restrictions on internet usage, Rwanda was reported as a ”country at risk” in 2013 owing to its “strict” controls over traditional media which are feared may extend to digital media.
Freedom House ranked Nigeria, Uganda, and Zimbabwe as ‘Partly Free’.
In 2013 through to 2014, CIPESA will be undertaking a project to monitor and promote internet freedoms in Ethiopia, Kenya, Rwanda, South Africa and Uganda. We shall be reporting on legal regimes on internet openness or the lack of it, censorship incidents and African initiatives that are promoting internet rights, among others.
Read more about CIPESA’s Internet Governance and Online Freedoms work.