Tanzanian Court Acquits Jamii Forums Founders on One of Three Charges

By Ashnah Kalemera |
A Tanzanian court has acquitted the founders of popular online discussion platform Jamii Forums, who were charged over failure to comply with a police order to disclose the identity of two users of their platform.
The magistrate’s court at Kisitu in the capital Dar es Salaam found that Maxence Melo and Micke William had no case to answer in the case, in which the two were alleged to have obstructed investigations in contravention of Section 22(2) of the Cyber Crimes Act, 2015 by refusing to comply with an order to disclose their platform users’ data. The ruling cuts the number of cases against Melo and William to two.
Reacting to the June 1, 2018 decision, Melo stated that it was a “victory for anyone who would like to see freedom of expression flourish” in Tanzania. He said he was glad to have only two outstanding cases, having recently endured four court appearances over five days.
In December 2016, Melo was charged with three offences: two counts of not complying with a disclosure order under Section 22(2) of the Cyber Crimes Act (2015) and one count of managing a domain that is not registered in Tanzania under Section 79(c) of the Electronic and Postal Communications Act (2010). Melo was initially charged alone but William was subsequently added to the cases as a co-accused, since he is a shareholder in Jamii Media, the legal entity under which Jamii Forums is run.
Section 22(2) of the Cyber Crimes Act relates to unlawful interference with investigations and refusal to comply with an order under the Act. The penalty, upon conviction, is a fine of three million Tanzania Shillings (USD 1,300) or imprisonment for one year, or both. Meanwhile, Section 79 of the Electronic and Postal Communications Act (2010) provides for the regulation of all electronic communication numbering and electronic addresses by the Tanzania Communications Regulatory Authority (TCRA). Part C of the section mandates the authority to perform oversight role of management of .tz – the country’s code Top Level Domain (ccTLD).
The charges stemmed from Jamii Forum’s refusal to comply with police disclosure notices to reveal the Internet Protocol (IP) addresses, email and phone numbers of users, whose identities authorities sought after whistleblowing corruption scandals in the oil and banking sectors.
Initially, Jamii Media, went to court challenging the disclosure orders and specifically provisions of Section 32 and 38 of the Cybercrime Act. However, the petition was dismissed in a ruling that dealt a blow to intermediary liability rules in Tanzania.
During court proceedings in the now dismissed case, prosecutors called four witnesses including two officials from the Tanzania Police cybercrime department. Court also heard testimony from the Human Resource Manager of CUSNA Investment LTD, the company which made a defamatory report to police regarding the information disclosed by the whistleblowers. The fourth witness called by the prosecutor was the Acting Deputy Registrar of Intellectual Property at Tanzania Business Registrations and Licensing. Proceedings then stalled with the prosecution indicating that it had no further witnesses to call.
Since its enactment in 2015, state authorities in Tanzania have used the Cyber Crimes Act to arrest and prosecute individuals for expressing critical opinion. Reportedly passed in the middle of the night, the Act is one of many recent laws in Tanzania that have been criticised for disregarding free speech and access to information, among other citizens’ constitutionally guaranteed rights.
Hearings in the remaining two cases against Melo and William are scheduled to continue during June.

Tanzania Court Deals a Blow to Intermediary Liability Rules

By Ashnah Kalemera |
A court in Tanzania has dealt a blow to the rules governing the country’s internet intermediaries, after ruling that requests for disclosure of user information for law enforcement purposes pursuant to the Cybercrimes Act (2015) are not arbitrary. In a March 8, 2017 ruling, three judges of the court in Dar es Salaam also ruled that the absence of regulations to govern the enforcement of the Act did not render the controversial law unconstitutional.
The ruling dismissed a petition filed by Jamii Media, proprietors of the popular Jamii Forums discussion platform, who argued that Section 32 of the Cybercrimes Act was arbitrary and contrary to citizens’ right to privacy guaranteed by article 16 (1) of the country’s constitution. Jamii filed the petition last April, after receiving three notices from police demanding that it discloses the personal details of up to four users who had posted on the forum information on political tensions among members of the ruling party Chama Cha Mapinduzi, and scandals in one of the country’s leading banking institutions.
The notices, issued during January and February 2016 pursuant to Section 32 of the Act, demanded disclosure of the names of the users, their emails and Internet Protocol (IP) addresses. Last December, Jamii Forums founder Maxence Melo was charged with obstruction of investigations under Section 22 of the Cybercrimes Act for failure to comply with the disclosure notices.

Section 32 of the Cybercrimes Act provides:
(1) Where the disclosure of data is required for the purposes of a criminal investigation or the prosecution of an offence, a police officer in charge of a police station or a law enforcement officer of a similar rank may issue an order to any person in possession of such data compelling him to disclose such data.
(2) The order issued under subsection (1) shall be granted to a law enforcement officer who shall serve the order to the person in possession of the data.
(3) Where the disclosure of data cannot be done under subsection (1), the law enforcement officer may apply to the court for an order compelling:
(a) a person to submit specified data that is in that person’s possession or control; or
(b) a service provider offering its services to submit subscriber information in relation to such services in that service provider’s possession or control.
(4) Where any material to which an investigation relates consists of data stored in a computer system or device, the request shall be deemed to require the person to produce or give access to it in a form in which it is legible and can be taken away.

In its petition, Jamii Media argued that no procedures were in place to enforce Section 32 as required under Section 39 (2) of the Act to govern the circumstances and procedure of disclosure by intermediaries. Section 39 (2) states that the Minister for Information and Communication Technology shall “prescribe the procedures for service providers to avail competent authorities, at their request, with information enabling the identification of recipients of their services”.
However, the judges noted that, often, for laws that provide for putting in place regulations by the Ministers responsible, “it takes a while before the said regulations are formulated.” This implied that intermediaries were obliged to honour disclosure notices in the absence of the regulations.
In their defense, the Tanzania Police argued that they had the duty to carry out investigations and prosecution of offences and maintained that the disclosure notices issued to Jamii Media were “justified”. According to the state attorney, the disclosure notices did not infringe upon citizens’ right to privacy because they were “intended to obtain the names of people who have published information that may turn out to be relevant to some offences under investigation”. The state attorney added that the Cybercrimes Act did not require the police to disclose to the recipient of the disclosure notices the offences under investigation.
Meanwhile, Jamii Media also argued that under sub-section 32 (4), the 2015 Act confers powers upon authorities to require the surrender of devices on which information is contained, without any safeguards. “If an investigator takes away one such device in order to access one piece of information relevant to a particular investigation, there is no guarantee that by taking the same, the investigation will not access other pieces of information contained in the same device and [which are] irrelevant to the matter being investigated,” it argued.
Judges ruled that Section 32 (4) did not empower the police to take away the devices as contended. “Our understanding of that section is that the person to whom the request has been made, like the petitioner in this case, may print the information such that it can be read and/or taken away by the investigators in printed form,” the judges stated.
Citing jurisprudence including provisions under Article 19 (2) and (3) of the International Covenant on Civil and Political Rights, the judges considered that Section 32 of the Cybercrimes Act was “proportional” for balancing individual human rights on the one hand and public interest on the other.
Lawyers representing Melo in the ongoing case plan to file submissions for police to seek court’s intervention for mandatory disclosure pursuant to provisions of the Act and dismiss the obstruction charges.
For more on the government’s tactics to stifle citizens’ digital rights in Tanzania see the State of Internet Freedom in Tanzania 2016 report.
 

UPDATE: Maxence Melo Charged with Obstruction of Investigations and Operating a Domain Not Registered in Tanzania

By CIPESA Writer |
Jamii Forums Founder, Maxence Melo has been charged with three offences before a court in Dar es Salaam, Tanzania. The charges are:
1: Management of a domain not registered in Tanzania under Section 79(c) of the Electronic and Postal Communications Act (2010).
2: Obstruction of investigations under Section 22 (2) of the Cyber Crimes Act  of 2015 for not complying with an order of disclosure of data in his possession. This followed an order by the Tanzania Police Force to release data pertaining to electronic communications published on his Jamii Forums site between April 10, 2016 and December 13, 2016.
3: Obstruction of investigations under Section 22 (2) of the Cyber Crimes Act  of 2015 for not complying with an order to disclose data in his possession. This follows an order by the Tanzania Police Force to release data pertaining to electronic communications published on his site between May 10, 2016 and December 13, 2016.
Section 79 of the Electronic and Postal Communications Act (2010) provides for the regulation of all electronic communication numbering and electronic addresses by the Tanzania Communications Regulatory Authority (TCRA). Part C of the section mandates the authority to perform oversight role of management of the country’s code Top Level Domain (ccTLD).
Meanwhile, Section 22 of the Cyber Crimes Act 2015 relates to unlawful interference with investigations and refusal to comply with an order under the Act.
Max was arrested on Tuesday December 13. He remained in police custody until his arraignment before court this morning. According to his lawyer, a bail application has been denied.

PRESS RELEASE: Tanzania Should Immediately Release Digital Rights Activist Maxence Melo

By CIPESA Writer |
The police in Tanzania has detained Maxence Melo, a freedom of expression activist and co-founder of the popular online discussion platform, Jamii Forums. Although no charges have been brought against Melo, who was arrested at 1pm on Tuesday, December 13, his lawyer says the detention is an intimidation tactic on the backdrop of an ongoing case before the courts on the constitutionality of the Cybercrime Act of 2015.
The Collaboration on International ICT Policy for East and Southern Africa (CIPESA) strongly condemns this unjustifiable arrest, and urges Tanzanian authorities to immediately release Melo and henceforth cease any intimidation of Jamii Media (the company under which Jamii Forums is run), its staff, and other social media users. Melo’s arrest extends the steady and worrying deterioration in media freedom and internet freedom since President Pombe Magufuli took the reins of power at the end of last year. As one user on the platform noted, Jamii Forums provides Tanzanians with an alternative source of information in addition to “relying on traditional media outlets, which are increasingly becoming state-controlled.”
According to Melo’s lawyer, Benedict Alex Ishabakaki, the activist was arrested because of Jamii Media’s refusal to comply with police demands for disclosure of the identities of users who posted “sensitive information” on the platform. Last July, police officials issued a letter to Melo indicating intention to sue him for criminal liability for failure to comply with disclosure notices. In the letter, police put Melo on notice under Section 22 of the Cybercrimes Act 2015 for obstruction of investigations.
Section 22 of the Act states:
(1) A person who intentionally and unlawfully destroys, deletes, alters, conceals, modifies, renders computer data meaningless, ineffective or useless with intent to obstruct or delay investigation commits an offence and on conviction, is liable to a fine of not less than three million shillings or to imprisonment for a term not less than one year or both.
(2) A person who intentionally and unlawfully prevents the execution or fails to comply with an order issued under this Act, commits an offence and is liable, on conviction, to a fine of not less than three million shillings or to imprisonment for a term of not less than one year or to both.
See Cybercrimes Act 2015
A number of Tanzanian social media users have been charged under this law that took effect in September 2015. According to Ishabakaki, Jamii Media’s refusal to comply with the police disclosure notices was partly informed by a lack of regulations governing the Act. “At the time [the notices were issued], there were no mechanisms in place or procedures for disclosure of the requested information,” said Ishabakaki. Moreover, he added, “We refused to disclose the information because it is against the constitutional guarantees of individuals’ right to privacy under Article 18.”
In April 2016, after being issued with eight letters by Tanzanian police demanding the disclosure of the Internet Protocol (IP) addresses of users, Jamii Media went to court challenging the disclosure orders by the law enforcement agency. The users whose identities authorities sought were linked to bringing to light corruption scandals in the oil and banking sectors. According to the State of Internet Freedom in Africa 2016 report, the disclosure notices indicate a bias towards protecting notable figures implicated in scandals or against whom users have used profanities.
In its petition, Jamii Media challenged the arbitrary letters from the police and specifically the provisions of Section 32 and 38 of the Cybercrime Act that appear to infringe the right to be heard, the right to privacy and freedom of expression as provided for under the constitution. Initially, the government responded by raising six preliminary points of objection against the petition, which it termed frivolous and vexatious. The government stated that Jamii Media should explore other remedies rather than file a constitutional petition. During preliminary hearings, judges dismissed the objections and the case proceeded in court. A ruling on the case is due on February 20, 2017.
According to Ishabakaki, Melo’s detention tantamounts to police interference in the ongoing case, the issues of which are still before the constitutional court. “Police officers are misusing their power,” he said.
Prior to his arrest, Melo was summoned to appear in court, by way of telephone call. Upon arrival at the court, an officer told him to appear at a police station, where he was immediately detained.
“No charges have been filed. We were unable to apply for bail yesterday as the law requires detention for 24 hours before formal application of bail,” Ishabakaki told CIPESA on the morning of December 14. He added that police officials had indicated that Melo would appear in court this morning but as at 11am local time, this had not happened. “They are not prepared. It is just harassment. They want information from him,” said the lawyer.
Back in 2008, Melo, along with Jamii Forums co-founder Mike Mushi, were detained and interrogated by police for 24 hours in Dar es Salaam in what was believed to be a politically motivated attempt to shut down their site. Police confiscated computers used to host the website, causing it to go off air for five days while the equipment remained in police custody.
In September 2015, the Tanzania Human Rights Defenders Coalition (THRDC) filed a case challenging the constitutionality of some provisions of the Cybercrime Act, which it contends infringe constitutional provisions on freedom of expression, right to information, and privacy.
The Tanzanian government is accordingly urged to refrain from applying this law, or any other of the repressive laws that remain on its statute books, to gag legitimate expression by citizens be it in the online or offline domain.

CIPESA Conducts Digital Safety Training for Journalists and Activists in Tanzania and Uganda

By Ashnah Kalemera |
This month, the Collaboration on International ICT Policy in East and Southern Africa (CIPESA) has given training to human rights defenders, journalists, bloggers and media practitioners in Tanzania and Uganda in safety and security tactics to promote privacy and freedom of expression online.
The training, conducted in Kampala on April 10 and in Dar es Salaam on April 14 and 15, also helped participants to understand the laws and policies governing digital communications in the two east African countries.
The trainings explored basic computer security for operating systems, data storage and software updates. In addition, safety and security tips for using social media such as Facebook and Twitter, email and mobile communications were shared. Strong emphasis was placed on ensuring privacy of these communication tools and creating strong passwords. The trainings also explored techniques for responding to surveillance and censorship using anonymous browser tools, Virtual Private Networks (VPN) and Encryption.
Participants in the two countries shared their experiences – with varying levels of expertise – in securing their communications.
“I do not share my laptop regardless of who you are,” stated one Ugandan participant. He added that he did not access his email on phone or at internet cafes, cautioning the participants who did. “Any email has to wait until I get to my encrypted laptop,” he said.
A Tanzanian journalist said that whereas she makes the effort to secure all her devices and online user accounts, she often used the same password across board. This highlighted the shortage of digital safety skills among some of the most regular users of digital technologies in the country.
Participants in both trainings noted that in some cases, civil society organisations were “lazy” in adopting the latest technology to ensure the safety and security of their operations and their staff online. In other cases, financial resources were a limitation. Another challenge highlighted was the slow internet speeds in both countries, hence forcing users to access the internet on several devices.
On the legal and regulatory front, discussions centered around the proposed Cyber Crime Bill in Tanzania and the Uganda Data Protection and Privacy Bill and the need for the two countries to adopt laws that support internet freedoms.
Participants also raised concern about recent developments in neighbouring Kenya and their potential impact on the use of information and communication technologies (ICT) across all member states of the East African Community.
Participants in both the Tanzania and Uganda trainings called for increased awareness of online freedom amongst internet users, particularly vulnerable groups such as women and youth to promote greater appreciation for the need to adopt safety and security practices online.
Overview of training beneficiaries
Individuals from 27 organisations benefited from the training, out of which an average of 33% were women and 67% were men.
Figure 1: Training beneficiaries by gender
gender
Figure 2: Training Beneficiaries by user/organisation category
TZ
 
UG
The trainings were organised by CIPESA in partnership with the Pan African Human Rights Defenders Project and Jamii Forums in Uganda and Tanzania respectively in the context of CIPESA’s OpenNet Africa project supported by Hivos, the Open Technology Fund and the Association for Progressive Communications.
Upcoming digital safety skills engagements include for journalists in Uganda (to coincide with World Press Freedom Day on May 3) and for the local tech community.