Update on the State of Internet Freedom in Burundi

By Jean Paul Nkurunziza and Alain Ndikumana |
Following on from the State of Internet Freedoms in Burundi 2014 report published last May, this brief presents an update on Information and Communication Technology (ICT) access, the legal and regulatory policies and practices that affect internet freedoms in the Burundi. It covers the period from March 2014 to May 2015. Notably, Burundi has been rocked by a coup attempt and intermittent public protests against President Pierre Nkurunziza’s plan to contest for a third term in office in apparent defiance of a two terms limit set by the constitution.
During the upheavals in April and May, the country’s communications regulator reportedly directed internet service providers to cut access to social media, and several media houses were pillaged. Meanwhile, the East African Court of Justice declared sections of the country’s media law undemocratic, but it upheld articles on the regulation of print and online media, which have been criticised by journalists and human rights defenders for negating freedom of expression.
Read the full State of Internet Freedoms in Burundi as of June 2015

OpenNet Africa Challenge Uncovers Gaps in Digital Safety Tools

By Ashnah Kalemera |
There are numerous tools which can secure online users’ communications, including through anonymising their identities and enabling them to circumvent online surveillance and censorship. In some cases, developers have gone on to localise such tools to suit various contexts. However, the tools’ relevance to certain populations and how best to improve them for a diverse range of users remains largely unknown.
During May 2015, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) in partnership with tech innovation hub OutBox challenged members of the Ugandan tech community to test five digital safety and security tools in order to gain an understanding, in a local context, of the tools’ strengths, weaknesses and opportunities for localisation. The challenge was in the context of CIPESA’s OpenNet Africa initiative which monitors and promotes internet freedom in east and southern Africa.
The tested tools were Cyrptocat, Mailvelope, Martus, TextSecure and Redphone. The scope of testing included how the tools enabled anonymisation, circumvention, and privacy of communications. The tests had to take into consideration different user communities, including women, bloggers, journalists, human rights defenders, and sexual minorities, and the nature of threats to internet freedom in the East African region.

A team presents to the panel during the OpenNet Africa Tools Testing Challnge
A team presents to the panel during the OpenNet Africa Tools Testing Challnge

These threats are often linked to the fight against terrorism, combating online hate speech, suppressing the views of opposition parties (mainly around election periods), and in crackdowns against particular groups, such as Lesbian, Gay, Bisexual, and Transgender (LGBT) community, critical media and human rights activists. The threats often come in the form of surveillance, blocking of websites and social media sites, and interception of communications.
Three teams participated in the challenge through trial exercises, user consultations and stakeholder interviews. In considering which tools were better suited to promote internet freedoms of the region’s citizens, the teams that conducted the tests also bore in mind the proliferation of technology, internet speeds and literacy levels in the region. Language, multiple device use and aesthetics such as the interface design including colours and icons, were also among the other features for testing.
The teams found a number of shortcomings on some tools, including the lack of protection from key loggers, poor or no consideration for low internet speed users and those with low ICT skills and literacy levels. Some tools were found to have limited cross platform/device operability, while others were not accessible to visually impaired persons.
Select test findings
 

Tool Safety and Security Features Key test finding limitation
Martus Allows for secure collection, transmission and storage of data. It is popularly used by human rights defenders.
  • There is no option for retrieving a lost encryption key

 

Cryptocat This app enables encrypted chat via a browser and mobile phone.
  • Lack of IP address anonymisation
  • There are no administrative privileges in group chats meaning there is free entry and exit of members in the conversations.
Mailvelope This is a browser extension that enables the exchange of encrypted emails
  • Lack of an attachment encryption function
Redphone An Android based mobile app that allows for encrypted voice calls over a Wi-Fi or data connection using a normal phone number.
  •  Unregistering a RedPhone number is not currently supported.
  • Very slow or no synchronisation with contacts that have RedPhone installed, meaning there is no possibility to upgrade calls to encrypted calls even when the user being called is running the RedPhone app.
TextSecure Secure messaging app
  • Recently dropped SMS support
  • Installation requires Google services

 

“Pious, a 25-year old IT student at Makerere said that he is now using Redphone with his girlfriend whenever they feel like phone sex in order to avoid the spying software announced by Fr. Simon Lukodo, Minister of Ethics and Integrity,” Tean Tech4Dev

The teams made recommendations for improvement and localisation, including translation of the tools into local languages, compatibility provisions across social media platforms, and feature phone support.
The teams also proposed numerous cases in which the tools can be used by marginalised and vulnerable user groups in East Africa. They cited youth mobilisation, gender-based violence and other human rights violations reporting, monitoring and victims support, facilitation of opposition groups’ activities, and protection from corporate espionage.
However, the teams also highlighted the potential of the tools promoting hate speech and radicalism in East Africa’s fragile socio-political environment through safeguarding the communications and activities of offenders.
“One of the primary uses of the Internet by terrorists is for the dissemination of propaganda. Through encrypted communications, terrorists can easily spread their propaganda and also plan their activities,” noted Team African Value. The team added that promotion of divisiveness and encouraging violent acts on ethnic grounds has become common on East African online platforms.
The teams also noted the need for increased awareness raising and capacity building among users to promote an understanding of cyber threats and online safety. Among the possible ways to achieve this was through working with academia to develop cyber security curriculums for education institutions.
The findings of the teams were showcased at a pitching event held on June 2, 2015 where a panel of judges determined the team with the best reports and localisation recommendations. The judges were Wilson Abigaba (Internet Society – Uganda Chapter), Richard Lusimbo (Sexual Minorities Uganda), Baldwin Okello (Uganda Telecom) and Neil Blazevic and Mark Kiggundu – both from East and Horn of Africa Human Rights Defenders Project.
The winning team was Tech4Dev, which was followed by Ghost In The Wires then African Values. See more on the event on  Storify

CIPESA Conducts Digital Safety Training for Journalists and Activists in Tanzania and Uganda

By Ashnah Kalemera |
This month, the Collaboration on International ICT Policy in East and Southern Africa (CIPESA) has given training to human rights defenders, journalists, bloggers and media practitioners in Tanzania and Uganda in safety and security tactics to promote privacy and freedom of expression online.
The training, conducted in Kampala on April 10 and in Dar es Salaam on April 14 and 15, also helped participants to understand the laws and policies governing digital communications in the two east African countries.
The trainings explored basic computer security for operating systems, data storage and software updates. In addition, safety and security tips for using social media such as Facebook and Twitter, email and mobile communications were shared. Strong emphasis was placed on ensuring privacy of these communication tools and creating strong passwords. The trainings also explored techniques for responding to surveillance and censorship using anonymous browser tools, Virtual Private Networks (VPN) and Encryption.
Participants in the two countries shared their experiences – with varying levels of expertise – in securing their communications.
“I do not share my laptop regardless of who you are,” stated one Ugandan participant. He added that he did not access his email on phone or at internet cafes, cautioning the participants who did. “Any email has to wait until I get to my encrypted laptop,” he said.
A Tanzanian journalist said that whereas she makes the effort to secure all her devices and online user accounts, she often used the same password across board. This highlighted the shortage of digital safety skills among some of the most regular users of digital technologies in the country.
Participants in both trainings noted that in some cases, civil society organisations were “lazy” in adopting the latest technology to ensure the safety and security of their operations and their staff online. In other cases, financial resources were a limitation. Another challenge highlighted was the slow internet speeds in both countries, hence forcing users to access the internet on several devices.
On the legal and regulatory front, discussions centered around the proposed Cyber Crime Bill in Tanzania and the Uganda Data Protection and Privacy Bill and the need for the two countries to adopt laws that support internet freedoms.
Participants also raised concern about recent developments in neighbouring Kenya and their potential impact on the use of information and communication technologies (ICT) across all member states of the East African Community.
Participants in both the Tanzania and Uganda trainings called for increased awareness of online freedom amongst internet users, particularly vulnerable groups such as women and youth to promote greater appreciation for the need to adopt safety and security practices online.
Overview of training beneficiaries
Individuals from 27 organisations benefited from the training, out of which an average of 33% were women and 67% were men.
Figure 1: Training beneficiaries by gender
gender
Figure 2: Training Beneficiaries by user/organisation category
TZ
 
UG
The trainings were organised by CIPESA in partnership with the Pan African Human Rights Defenders Project and Jamii Forums in Uganda and Tanzania respectively in the context of CIPESA’s OpenNet Africa project supported by Hivos, the Open Technology Fund and the Association for Progressive Communications.
Upcoming digital safety skills engagements include for journalists in Uganda (to coincide with World Press Freedom Day on May 3) and for the local tech community.

Is Kenya Putting the Chill on Internet Freedoms?

By Juliet Nanfuka |
The rights of Kenya’s digital citizens are fast shrinking in the face of new restrictive laws and increased arraignment of individuals for expressing online opinions which authorities deem in breach of the law.
The Security Laws (Amendment) Act 2014, assented to by President Uhuru Kenyatta last December, allows blanket admissibility in court of electronic messages and digital material regardless of whether it is not in its original form.
It is feared that retrogressive provisions in this law could be used to put the chill on internet freedoms in East Africa’s most connected country where mobile phone penetration stands at 80% and internet access at 50% of the population.
Part V of the new security law regarding “special operations” has raised particular concerns, as it expands the surveillance capabilities of the Kenyan intelligence and law enforcement agencies without sufficient procedural safeguards.
It gives broad powers to the Director General of the National Intelligence Service to authorise any officer of the Service to monitor communications, “obtain any information, material, record, document or thing” and “to take all necessary action, within the law, to preserve national security.”
In addition, the amendments also contain unclear procedural safeguards especially in the interception of communications by “National Security Organs” for the purposes of detecting or disrupting acts of terrorism.
Even though there is a provision for a warrant to be issued by a court of law, the broad definition of ‘national security’ leaves no room for restrictions on the extent of power the law grants to National Intelligence Service when it comes to accessing personal data, information and communications.
In February 2015, the Kenya High Court struck some clauses from the security law. The government says it may appeal.
Government says the new law is necessary to fight al Shabaab militants who have repeatedly rocked the country with fatal attacks such as the Westgate shopping centre attack on September 21, 2013, which left 67 people dead. Human rights activists blame President Kenyatta’s government for steadily shrinking the space for civil actors, a pattern they say was manifested in the Kenya Information and Communications (Amendment) Act 2013 and the Media Council Act 2013. These laws, they say, placed restrictions on media freedom and general freedom of expression.
The proposed Cybercrime and Computer related Crimes Bill (2014) also falls short of constitutional guarantees as it is contains “broad” speech offences with potentially chilling effects on free speech. See a full legal analysis of the Bill by Article 19. Proposed regulations to the law governing non-government organisations, which cap the funds received from foreigners at 15% of their overall budgets, have also been criticised as aimed to curtail and control the activities of civic groups engaged in governance and human rights work.
Over the 2012-2013 election period, several individuals were charged in court over their online communications. The National Cohesion and Integration Act of 2008 has been used to charge many for promoting hate speech – which some Kenyan citizens found justifiable given the role that hate speech played in the 2007 to 2008 post-election violence.
Hate Speech is defined by the 2008 Act as speech that is “threatening, abusive or insulting or involves the use of threatening, abusive or insulting words” with the intention to stir up ethnic hatred or a likelihood that ethnic hatred will be stirred up. Authorities, however, seem to be shifting gear and using this charge among others against online journalists and bloggers that criticise the Kenyatta government.
In December 2014, blogger Robert Alai was arrested and charged with undermining the authority of a public officer contrary to Section 132 of the Penal Code by allegedly calling President Kenyatta an “adolescent president” in a blog. He was again arrested in February 2015 for offending a businessman online by linking him to a land saga that involved the illegal acquisition of the Langata Primary School playground.
Meanwhile, Allan Wadi – a student – was also arrested for “hate speech” and jailed in January 2015 for posting negative comments on Facebook about the president. In the same month, journalist Abraham Mutai was arrested following tweets he posted on corruption in the Isiolo County Government. He was charged with the “misuse of a licensed communication platform to cause anxiety.”
Nancy Mbindalah, an intern with the department of finance at the Embu County Government, was charged on similar grounds for social media posts dating as far back as 2013 in which she is alleged to have abused County Governor Martin Wambora.
In all instances, some social media users claimed there were “selective” arrests and prosecution of those critical of government. Critics cited the case of Moses Kuria, a Member of Parliament (MP) for Gatundu South, who allegedly made remarks on Facebook against the Luo Community but did not face the same punitive actions.
A recent news report, however, indicates that the National Cohesion and Reconciliation Commission and the Public Prosecutor are calling for the MP’s case to be revisited for the “incitement to violence, hate speech and fanning ethnic hatred.”
The incidents of arrest, prosecution and law amendments demonstrate a recurring theme of clamping down on dissenting citizen voices, a concern that was highlighted by the Kenya Human Rights Commission and the International Federation for Human Rights following the enactment of the Security Laws (Amendment) Act.
While the country remains on a constant alert for terror attacks, this has been used to strengthen the control that the state has on freedom of expression and surveillance. The lack of laws that limit state access to citizens’ information further exacerbates this concern.

Women And Internet Freedom In East Africa

On March 8, International Women’s Day was marked across the world under the theme “Make It Happen.” The OpenNet Africa initiative, which monitors and promotes internet freedom in Africa, participated in a series of online discussions focused on women in the digital sphere.
A shared theme across all discussions to mark the day was the call for greater protections of women’s rights both online and offline. Many of the disadvantages faced by women offline have been transferred online, leaving many excluded from the information society, while those with access are sometimes targets of online hostility, such as gender based reputation and privacy attacks. In Africa, a key offline disproportionality is the education level and in turn ICT literacy variance between men and women.

Pan-African efforts such as the African Declaration on Internet Rights and Freedoms call for the creation and promotion of online content that “reflects women’s voices and needs, that promotes and supports women’s rights – in order to address existing gender inequalities and encourage active participation and empowerment of women via online spaces.” The Declaration recognises the need for mechanisms that enable the full, active and equal participation of women and girls in decision-making about how the Internet is shaped and governed.

@OpenNetAfrica in #Tanzania, the April Parliamentary Session is expected to have a bill that ‘might’ do! @endalk2006 #WomenOnlineEA — Jamii Forums (@JamiiForums) March 9, 2015
On March 7, the Unwanted Witness and the Women of Uganda Network (WOUGNET) held a twitterthon using the hashtag #WomenOnlineEA to highlight and create awareness on the important role women have played in the development of Uganda through ICT.
Using the hashtag #ICT4Women and reflections from a report titled Cyber Infrastructure: A Women’s Issue Too!, the discussions focused on the impact digital communications have had on women globally and in Uganda. According to the report, as ICT access and use increases in Uganda, a balanced ICT policy that includes women as key stakeholders should be pursued.
The sentiments of the twitterthon were echoed during a post-International Women’s Day twitter chat held amongst OpenNet Africa partners including Jamii Forums (Tanzania), East & Horn of Africa Human Rights Defenders Project (EHAHRDP) and experts from Ethiopia and Burundi on March 9. This chat used the hashtag #WomenOnlineEA and also touched on issues discussed during Safer Internet Day which explored Promoting Online Safety in Africa on February 10. 
Participants in this chat concluded that efforts to increase internet access for women should be complemented with the fundamental rights to privacy, access to information and data protection as some of the key requirements of internet freedom. Increased mobile phone access in particular was pointed out as a key driver for inclusivity and participation online for women.
According to the 2014 State of Internet Freedom in East Africa report, increased mobile penetration has contributed towards more internet users. Conversely, women on average are 14% less likely to own a mobile phone than men, according to a  recent GSMA report which also indicates that despite women seeing value in mobile phones as life enhancing tools, there are 200 million fewer women than men owning mobile phones globally.
According to the ITU, there are fewer women in developing countries online than there are men. In 2013, this figure stood at 16% fewer women than men accessing the internet in developing countries. Indeed, some twitter chat participants pointed out that internet access was not a key priority for women in developing countries. Rather, focus should be given to access to clean water, electricity and sanitation needs, among others.  This was, however, countered with the argument that access to the internet is no less a priority for women than access to other basic needs.

  @OpenNetAfrica @JamiiForums @nkurunzizajp We envision more women empowered to use the internet for #Social #Economic change #WomenOnlineEA

Throughout the discussions, participants shared reports and insights on internet freedom from their respective countries in what is an increasingly transforming area in the region. See A brief look into Internet Freedom and women in East Africa for a summary of the twitterthon.