Tackling Threats to Media Freedom and Safety in The Digital Age

By Ashnah Kalemera | 

The proliferation of technology has created new opportunities for journalists and journalism in Africa, but it has also come with threats. For civil society, academia, media development practitioners, activists and development partners, it is critical to understand the key issues related to freedom of expression and the internet and possible ways to address them as part of programming and strategic intervention. 

At the Africa Media Convention (AMC), which was held in Lusaka, Zambia on May 11-13, 2023, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) convened a session that explored threats to media freedom and journalists safety in the digital age and comprehensive measures to tackle them.

During the session, which brought together over 40 stakeholders from across Africa, it was acknowledged that technology had enabled groundbreaking journalism, ease of reach to diverse audiences which has also enabled active engagement, and more accessible content production avenues. With this evolution, new actors have joined the sector and new regulation and economic sustainability models have been witnessed, all with implications for the future of media freedom and democracy. 

However, the digital era has also seen an exponential increase in online harassment of journalists, criminalisation of aspects of journalism, surveillance of journalists, and the orchestration of disinformation campaigns. These threats have translated into offline risks of physical violence, thereby undermining the safety and independence of journalists, while also eroding freedom of expression. 

According to Kamufisa Manchishi, a lecturer in the Faculty of Journalism and Public Relations at Zambia’s Mulungushi University, digitalisation in the media had created several “crises”. One of them was an identity crisis, whereby journalists and media houses are struggling to balance their online presence with upholding journalistic principles and ethics. Linked to the identity crisis was a financial crisis of generating revenue and sustaining operations. “This has caused clickbait journalism and led to compromise of ethics,” said Manchishi. 

Manchishi added that fears of being surveilled by the state and private actors had led to increased self censorship. He said: “Journalists do not want to talk about controversial issues on phone or virtual platforms. They are worried someone is listening and are opting to conduct interviews and investigations physically.” 

Meanwhile, misinformation and disinformation continue to proliferate on legacy media as well as on social and digital media. CIPESA research indicates that disinformation from online platforms is often amplified through traditional print and broadcast media. Soren Johannsen, BBC Media Action’s Zambia Country Director, called for more innovative approaches to promoting digital literacy. 

Whilst applauding various stakeholders’ efforts in debunking and fact-checking, Johannsen advocated for more interventions designed around pre-bunking as an inoculation theory for behavioural change. “We shouldn’t try to just correct and verify but help users understand where false information is coming from, the motivation and the consequences,” he said. Such efforts should be complemented with more research to help understand the originators, flows and uptake of misinformation and disinformation. 

Disinformation Pathways and Effects: Case Studies from Cameroon, Ethiopia, Kenya, Nigeria and Uganda.

Understanding the Information Disorder in Tunisia, Algeria and Libya .

As disinformation and misinformation threaten democracy, public security, and social cohesion, there has been an increase in legislative responses including the enactment of laws on cybercrime, computer misuse, hate speech and “false news”. However, many of such laws in place are vague and broadly criminalise “false news” or “offensive publications online” without, for instance, distinguishing between misinformation and disinformation, and have been weaponised against critics, journalists and media houses. 

Citing various examples from West Africa, Dora Mawutor, the Programme Manager at the Media Foundation for West Africa (MFWA), said the determination of what qualifies as false news lies with the state and its “self-serving purposes”. She called for more solidarity among the media fraternity to push back against the selective application of such laws through increased coverage of legislative developments and  of attacks against journalists. Mawutor also called for advocacy for review or repeal of such repressive laws. 

Echoing Mawutor’s sentiments, Alfred Bulakali, the Regional Director of Article19 West Africa, stated that laws across Africa that govern  freedom of expression and media freedom often come with heavy sanctions against offenders yet they fall short of the three part test under international human rights standards. He noted that media freedom advocates around Africa had scored successes in securing the decriminalisation of libel and defamation provisions in traditional press laws. However, added Bulakali, “technology has given them [the decriminalised provisions] an opportunity to come back” through laws and regulations being developed to govern media and freedom of expression online. He called for renewed efforts in decriminalising libel and defamation online and offline and limiting the power of law enforcers to interpret the laws.

On online harassment, Cecilia Maundu, a Kenyan broadcast journalist, digital rights researcher and digital security trainer, stated that online gender-based violence is under-reported, even though some newsrooms have dedicated gender desks. Meanwhile, newsroom policies are also weak or non-existent, putting women journalists at increased risk. As a result, there was limited visibility of online gender-based violence in mainstream media and inadequate support for survivors. This calls for more response measures and programming that not only focus on newsroom policies and safety mechanisms, but also on psychological support. 

The joint responsibility alluded to by the various speakers at the session around advocacy, movement building, institutional capacity building, skills and knowledge development as well research and documentation  are key planks of CIPESA’s programming and engagement at national, regional and international levels to advance access to information, privacy and data protection, and free expression online as enablers of citizen participation, resisting authoritarianism, protecting women’s or other marginalised groups’ rights, amplifying people’s voices, and engendering accountability.

CIPESA Submits Comments on Uganda’s Proposed New Digital Tax 

By Edrine Wanyama |

On April 28, 2023, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA)  submitted comments on the Income Tax (Amendment) Bill, 2023 to the Committee on Finance, Planning and Economic Development of the Uganda Parliament. The comments argue that the proposed law would  undermine access to and use of digital tools and services. 

The bill, among others, proposes to impose a tax of five percent on foreign-based entities that derive income from providing digital services to customers in Uganda. The proposals are contained in clause 16 which seeks to introduce a new section, 86A.

Clause 86A provides:

  1. A tax is imposed on every non-resident person deriving income from providing digital services in Uganda to a customer in Uganda at the rate prescribed in Part IV of the Third Schedule to this Act.
  2. For the purposes of subsection (1), income is derived from providing a digital service in Uganda to a customer in Uganda, if the digital service is delivered over the internet, electronic network or an online platform.
  3. For the purposes of this section “digital service” includes—
  1. online advertising services;
  2. data services;
  3. services delivered through an online marketplace or intermediation platform, including an accommodation online marketplace, a vehicle hire online marketplace and any other transport online marketplace;
  4. digital content services, including accessing and downloading of digital content;
  5. online gaming services;
  6. cloud computing services;
  7. data warehousing;
  8. services, other than those services in this subsection, delivered through a social media platform or an internet search engine; and
  9. any other digital services as the Minister may prescribe by statutory instrument made under this Act.”

While the clause targets non-residents, if enacted it would add to the digital taxes borne by the already tax-burdened consumers of digital services in Uganda. Since July 1, 2022, web hosting, software and streaming services in the country pay a mandatory value added tax of 18% chargeable on consumers of services offered by  platforms such as Amazon, Meta (Facebook), Twitter and Zoom. 

The tax would potentially hinder inclusive access and use of digital technologies and negatively affect Uganda’s digital economy. According to the United Nations Capital Development Fund (UNCDF), Uganda’s digital economy score is low, particularly in areas such as digital inclusiveness. According to the UNCDF Score Card of 2021 the digital divide or groups most excluded from the digital economy in Uganda are the elderly (80%), rural communities (64%), persons with disabilities (74%), the youth (33%), refugees (80%) and migrants (75%). The inclusion gap such as for persons with disabilities is attributed to the high cost of technologies. 

Innovation is a prerequisite for the provision of digital services including advertising, data services, marketing, cloud computing services, and data warehousing. Most of these tools and services are developed outside Uganda, hence imposing high taxes on non-residents that provide them could   limit access to these critical tools and services. That could push Ugandans further into the margins of the global digital economy.

The enjoyment of digital rights and freedoms, including freedom of expression, access to information, and association, could also be limited by the imposition of high digital taxes. 

Accordingly, the submission by CIPESA recommends that the Committee on Finance, Planning and Economic Development:

  1. Drops the entire proposed clause 16 of the Income Tax (Amendment) Bill, 2023;
  2. Conducts wide consultations with the affected stakeholders including the tech community, innovators, the business community and civil society on the potential effects of the proposed amendment.
  3. Conducts a tax impact assessment to weigh the potential effects of the proposed tax on access and use of digital tools and services. The impact assessment should specifically spell out the anticipated positive impacts and weigh them against the anticipated negative effects.
  4. Takes into consideration and supports all the progressive policies that seek to increase and enhance accessibility and usage of digital tools and services such as tax incentives which usually lead to lowering of the costs to be borne by consumers in purchase and use of digital tools and services.

See the full submission here.

Gear Up! The 2023 Forum on Internet Freedom in Africa (FIFAfrica) is Heading to Tanzania!

Announcement |

The annual Forum on Internet Freedom in Africa (FIFAfrica) hosted by the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) will be held in Dar es Salam, Tanzania on September 27-29, 2023. This year will mark a decade of the largest gathering on internet freedom in Africa, which has since 2014 put internet freedom on the agenda of key actors including African policy makers, platform operators, telcos, regulators, human rights defenders, academia, law enforcement representatives, and the media. This has paved the way for broader work on advancing digital rights in Africa and promoting the multi-stakeholder model of internet governance.

In several African countries, it is becoming increasingly challenging to utilise the internet to defend human rights, strengthen independent media, support democratisation, and demand accountable and transparent governance, or to freely access information and contribute content in the diversity of African languages. This is undermining the core principle of the internet as a free and open platform. 

The decision to host the 2023 edition of FIFAfrica in Tanzania is in recognition of the country’s progressive shift to advance digitalisation for sustainable development. Under the leadership of its first female President, Samia Suluhu Hassan, a proponent for civil rights and women’s rights, the country has undergone political and legal reforms aimed at enhancing civic space and digitalisation agenda. Notably, a data protection law has been enacted, the law governing media operations is being revised, and the  Online Content Regulations 2020 were revised to make them more supportive of online speech, privacy and access to information. 

It is upon this backdrop that FIFAfrica 2023 will offer a platform for critical engagement of diverse stakeholders in identifying the most pressing internet rights-related issues and challenges that have to be addressed at national and regional levels. Over the years, FIFAfrica has identified opportunities for bringing the debate on the importance of digital rights to national, regional and global fora. In particular, the Forum supports the development of substantive inputs to inform a wide range of conversations at organisational, national, regional, continental and global levels, including at the African Union, the African Commission on Human and Peoples’ Rights (ACHPR), the United Nations Human Rights Council, the African Internet Governance Forum (IGF), sub-regional IGFs and at the global IGF.

The growth in diversity of participants and discussions at FIFAfrica reflects the evolving trends and concerns in access and usage of the internet and related technologies.  Topics have included access to information, mass surveillance, turning policy into action, internet shutdowns, content regulation, cyber security, digital economy, online violence against women, data protection and privacy, cyber governance, open source investigative journalism, online movement building and civic building, business and big data, building research capacity in internet measurements, innovation and security in conflict territories, as well as gender-sensitive approaches to ICT Policy and decision making. 

Overall, FIFAfrica is helping to grow the community advancing digital rights in Africa, increasing awareness about and advocacy for internet freedom, while forging new alliances that advance digital rights. It elevates new voices including those of often marginalised groups such as the youth, persons with disabilities and women, and enables state and non-state actors to develop evidence-based interventions that guide policy and practice

FIFAfrica has previously been hosted in Uganda, South Africa, Ghana, Ethiopia and Zambia, with the last edition attended by up to 1,000 individuals (online and offline) from 47 countries.
A call for proposals and travel support applications will be announced soon. For updates, follow CIPESA social media (@cipesaug) accounts  on Twitter,Facebook and LinkedIn.

Digital Democracy in Africa: What Has the Law Got to Do With It?

By Edrine Wanyama |

With digital freedoms continuing to take a hit amidst a wider democratic regression across Africa, the role of laws in curing what ails democracy in the region warrants scrutiny. In a number of countries, the laws that regulate how citizens use digital platforms and exercise their digital rights are retrogressive and fail to offer sufficient protection to citizens. Many of them are broadly worded, give extensive powers to state agencies to interpret the laws and to interfere with citizens’ rights.

In turn, the legal and regulatory framework has become central in shaping digital rights and digital democracy in Africa. Governments have enacted regressive and draconian laws that variously empower state agencies to limit the digital civic space. As a result, rights such as freedom of expression, access to information, and data privacy continue to come under threat due to the high-handed and often excessive control measures. 

In many countries laws have been weaponised to silence critics, notably those that use digital and social media to organise or express opinions critical of governments and state officials. Various laws are being used to arrest, persecute, detain and prosecute individuals over online communication, as have been witnessed in the Democratic Republic of Congo (DRC), Mozambique, Kenya, Rwanda, South Sudan, Tanzania, Uganda, Zambia, Zimbabwe and several other countries. These measures curtail press freedom and other digital rights that are at the root of democratic participation.

Laws that regulate state surveillance are among those that have a profound chilling effect on digital rights and citizen participation. Anonymous communication in the digital domain is crucial for citizens, journalists and political actors to operate without fear of reprisals, particularly in authoritarian countries. Yet the conduct of surveillance in the region is enabled by laws that give broad powers to state agencies to conduct surveillance amidst limited oversight and transparency, and strenuous demands on intermediaries to facilitate communications monitoring and interception.

Equally concerning is that various governments have weaponised disinformation laws to silence critical voices, rather than utilising them to counter the ills of disinformation. Similar to the purposes that state surveillance often serves, laws on countering disinformation have in many cases been used to target political critics.

In turn, those laws (which tend to be vague and ambiguous and fail to distinguish between disinformation or falsified information, making their enforcement open to the subjective interpretation of law enforcement agencies) are being used to stifle legitimate expression and to hamper access to critical and pluralistic information. This has been common in countries like Burkina Faso, Ethiopia, Kenya, Nigeria, Tanzania and Uganda where laws criminalising disinformation and false news, such as  those on computer misuse, are often deployed to silence government critics.

Governments have also relied on different laws to order internet disruptions, which create information blackouts, deny citizens their right to access information, associate and express themselves. Mostly ordered during elections and public protests, the network disruptions also undermine electoral credibility and hinder the ability of citizens to record and disseminate incidents of rights violations by security agencies and other actors.

Many observers around the continent, as well as the United Nations, have repeatedly urged states to refrain from ordering shutdowns, which they say are often not necessary or proportionate to address the threats that prompt governments to order them. However, such network disruptions continue unabated in parts of Africa, with governments and communications regulators citing various laws to justify them. According to the KeepItOn coalition, at least four of the region’s nine shutdowns during 2022 took place alongside reported human rights abuses, both in the context of violent crackdowns on protests and active conflict.

There are other ways still in which the law is undermining the protection of freedom of expression and access to information and data privacy. Many African countries have enacted access to information laws to facilitate public access to information in possession of the state. They include Kenya (enacted in 2016), Rwanda (2013), South Sudan (2013), Tanzania (2016), Uganda (2005), Malawi (2017), Mozambique (2014), and Zimbabwe (2020). On the other hand, countries like the DRC, Burundi, and Zambia do not have specific laws on access to information.

However, many of the existing laws have wide exemptions and limitations to the kinds of information that citizens can access. These limitations are primarily based on national security, official secrecy laws, individual privacy and confidentiality justifications. Proactive disclosure of information is rare in most countries, and information of vital importance to citizens is in short supply online. This undermines accountability and transparency of governments, which are key ingredients for citizen participation in democracy. 

At another level, proliferation of technology has led to a need to protect individual privacy. Previously, countries collected personal data in absence of enabling legislation, for such purposes as immigration, issuance of driving permits and SIM card registration. This has, in turn, necessitated the adoption of laws to protect privacy: Uganda (2019), Kenya (2019), Rwanda (2021), Tanzania (2022), South Africa (2013), Zambia (2021) and Zimbabwe (2021). Still, countries like South Sudan, DRC, Malawi, and Mozambique are yet to enact specific laws. 

Despite the adoption of laws, they generally fall short of the ideal practices. Many countries do not have independent data protection authorities and there is inadequate oversight and enforcement of personal data protection standards and mechanisms. Moreover, only 13 of Africa’s 55 countries have ratified the African Convention on Cyber Security and Personal Data protection. These are Algeria, Cape Verde, Congo Brazzaville, Ghana, Guinea, Mozambique, Mauritius, Namibia, Niger, Rwanda Senegal, Togo and Zambia. Reluctance to endorse this lead guiding instrument on data protection, privacy and cyber security is telling of countries’ commitment to respecting privacy.

Meanwhile, numerous data protection laws facilitate governments’ access to personal data without adequate safeguards, thereby enabling undue surveillance and interception of communications and unlawful use of private information. They fail to adequately regulate the mass collection of individuals’ personal data, including biometrics, for issuance of national identity cards, immigration documents, voters’ cards and driving permits. Furthermore, the laws often restrict the transfer of personal data outside national borders but do not put sufficient checks on governments’ access to this data.

Indeed, the place of the legal and regulatory framework in promoting and protecting fundamental freedoms was in focus at a regional convening on March 13-14, 2023, by the International Senior Lawyers Project (ISLP) in partnership with the Media Institute of Southern Africa (MISA) and Southern African Institute for Policy and Research (SAIPAR) in Harare, Zimbabwe. 

The workshop identified advocacy, capacity building, analysis of laws and proposed legislation, engagements with parliaments on law reform, and litigation at national and regional courts, as key to promoting the digital civic space. Yet, as CIPESA noted at the meeting, political interference, long periods taken to determine cases, and non-compliance of states with decisions of regional courts have hampered the effectiveness of litigation.

The convening made recommendations to governments, civil society, and the private sector:

  1. Governments
  • Sign and ratify key international human rights instruments on data protection and privacy especially the African Union Convention on Cyber Security and Personal Data Protection.
  • Ensure a favourable environment for the exercise and enjoyment of digital rights and freedoms by among others enacting progressive laws and repealing draconian legislation.
  • Promote accountability and transparency by proactively disclosing information in a timely manner and expeditiously responding to information requests from citizens.
  1. Civil Society, the Private Sector and Tech Communities
  • Jointly push for the amendment of regressive laws that undermine digital rights, and contribute to law-making processes by analysing bills and making proposals for reform, repeal or amendment. 
  • Advocate for compliance with the United Nations Guiding Principles on Business and Human Rights to ensure that violations of human rights are minimised in the course of doing business.
  • Engage in strategic and collaborative litigation to challenge all measures by governments which curtail digital rights and undermine digital democracy. 
  • Build capacity of stakeholders including the media and the general public to protect and promote digital rights and to demand accountability and transparency from governments and their agencies.
  • Use human rights monitoring mechanisms such as the Universal Periodic Review (UPR) to hold their states to account.
  • Advocate for states to ratify key human rights instruments such as the AU Convention on Cyber Security and Personal Data Protection.

Building Cyber Smart Women Entrepreneurs in Nigeria

By CIPESA Staff Writer |

According to the Global Entrepreneurship Monitor, Nigeria is among the countries with the highest number of women entrepreneurs, most of whom conduct their business online. However, with the increasing prevalence of cyber attacks and fraud, the success of women-owned Small and Medium Enterprises (SMEs) in the country is under threat. In Nigeria, Africa’s largest economy, Sophos reports that 71% of businesses were hit with ransomware attacks in 2021.  

In 2021, cybercrime caused an estimated USD 4 billion loss for African economies, equivalent to 3.5% of the continent’s USD 115 billion digital economy. Despite significant threats such as online scams, digital extortion, email compromise, ransomware and botnets, Interpol figures indicate that over 90% of businesses on the African continent operate without the necessary cyber security protocols in place. 

In a bid to counter such threats, Tech Hive Advisory in partnership with Ikigai Innovation Initiative implemented the Cyber Smart Woman project to build a sustainable digital ecosystem for women entrepreneurs in Nigeria. The three-phase project featured 12 focus group discussions on data governance, cybersecurity challenges, and digital security needs of the women-owned SMEs, followed by four knowledge and skills workshops, and the development of a toolkit on data protection and cyber security practices for sustainability and competitiveness.

Tech Hive Advisory and Ikigai Innovation Initiative were one of ten initiatives awarded grants in the sixth round of the Africa Digital Rights Fund (ADRF). The supported initiatives focused on promoting effective data governance in Kenya, Nigeria and Senegal; countering gendered and election-related misinformation and disinformation in Kenya, South Sudan and Uganda; building digital resilience within the media fraternity in Ghana, Nigeria and Uganda; promoting digital inclusion in Uganda and Kenya; and building grassroots-based movements for internet freedom in South Africa.

The focus group discussions featured participants from various online business sectors, many of whom revealed that they lacked adequate digital protection for their businesses. Up to a quarter of the participants had been direct victims of device theft and cyber attacks such as scams and hacking. As a result, their businesses had suffered monetary loss, reputational damage, and, in extreme instances, loss of online assets such as social media accounts and client databases. 

The discussions further revealed that despite the SMEs collecting various personal data, the majority did not include online security or data protection measures within their business strategies. Meanwhile, many clients did not invoke their rights as data subjects, which made their data more susceptible to abuse. Indeed, one participant admitted that she had  shared a client’s contact information without permission. 

Most of the focus group participants believed that with the appropriate knowledge and skills, business owners, just like data subjects, would be able to minimise vulnerability to cyber attacks  and data breaches. Accordingly, four capacity building workshops were convened in four regions – Abuja, Ibadan, Kaduna and Lagos –  benefiting 167 SME owners. Topics covered included data protection rights and obligations; compliance with data protection regulations; and cybersecurity best practices.  

To complement the training workshops, a toolkit for data protection and cybersecurity was developed and disseminated. The toolkit outlines Nigeria’s data protection frameworks as well as the obligations and compliance requirements for business owners. It also provides tips and resources for data subject access procedures, privacy policies, records of processing activities and retention periods. The second section of the toolkit focuses on cybersecurity, also outlining the prevailing legal and regulatory frameworks, common vulnerabilities, best practice guidelines and resources. 

Ayodeji Sarumi, the Co-Founder of Tech Hive Advisory, says the project has equipped female-owned businesses in Nigeria with better approaches to handling data protection and cybersecurity issues,  which could be essential for their survival in a highly digitised world where cyber fraud is rampant.