Uganda: New social media tax will push basic connectivity further out of reach for millions

By Alliance For Affordable Internet |
Uganda’s government has passed a new tax that will require citizens to pay UGX 200 (US$0.05) per day in order to use messaging and voice over-the-top services (OTTs), including Facebook, WhatsApp, Twitter, and Viber. The tax, slated to take effect on 1 July, will push the cost of basic internet access further out of reach for millions of low-income Ugandans. The government must take urgent action to reverse this measure.
The Excise Duty (Amendment) Bill 2018, passed last week by the Ugandan Parliament, calls for telecommunications service operators providing data used to access OTTs to pay an excise duty on this access. According to Reuters, the country’s mobile network operators are likely to pass these costs on to consumers, levying a daily tax on each SIM card used to access the relevant platforms and services. The impact on consumers in Uganda — and particularly on low-income users — will be significant, and is likely to force many of these users to curb their internet usage, or to forego access entirely.
Only five other countries in Africa (where data was available) have more expensive mobile internet plans than Uganda. At the end of 2016, a 1GB mobile broadband plan in Uganda cost more than 15% of average monthly income. This high cost is keeping Ugandans offline — according to the GSMA, individual mobile internet subscriber rates in Uganda stand at just 18% of the population.
The true cost to connect is even higher for those earning less than the average national income (i.e., less than US$630/year). For the lowest income group in Uganda (see graph below), purchasing the same 1GB plan costs them 30% of their average monthly income. With the excise duty in place, this cost to connect for Uganda’s poorest will jump by 10%, resulting in just 1GB of data costing them nearly 40% of their average monthly income. The richest Ugandans will also experience an increase of 1% in their cost to connect, and by and large, this new excise duty disproportionately and negatively impacts low-income Ugandans and their ability to affordably access the internet.

he Ugandan government has argued that such a tax is necessary both to reduce gossip (“lugambo”) on these platforms, and to raise funds needed to address the impacts of comments made on social media that are critical of the government. However, it has not provided any explanation as to how such a tax might change what people say on the platforms, nor how the funds collected would be used to address these impacts.
The government has also argued that this tax will help promote local content development by placing a tax on “imported content.”  As consumers increasingly shift toward data-based services, mobile operators will have new opportunities to develop and offer their own OTT services on their networks. However, the current language in the bill makes the duty applicable to all voice and messaging OTTs, including those that could potentially be developed by mobile operators or Ugandan firms. This is precisely why regulators in other countries have opted not to intervene on OTTs — so that local companies can innovate and create jobs and value in the telecoms market. The government of Nigeria, for example, previously considered a tax on internet use, which was eventually scrapped as a result of studies showing it would make access unaffordable for millions of people.
For other local firms that rely on voice and messaging apps for sales and service, for example when they use WhatsApp to communicate with customers, this duty will hurt their businesses. Finally, from a consumer view, these services offer value for money to communicate and share with others beyond what existing voice and messaging services can provide.
Stifling internet uptake and use is also likely to result in failure to achieve the goals laid out in the Digital Uganda Vision.The ICT sector contributed 3.4% to Uganda’s GDP in 2015, and increasing internet access has the potential to spur significant socio-economic growth — a recent study showed that a 10% increase in mobile broadband penetration can increase economic growth by nearly 3%.
We urge the government of Uganda to:

  • Repeal the excise duty amendment before it goes into effect, and
  • Adopt an evidence-based approach to policy making for the sector, with a specific focus on better broadband planning, increased public access solutions, innovative spectrum policy, and more efficient use of universal service and access funds.

By focusing instead on these areas, the government can have a far more positive impact on increasing internet access, and promoting local content development and innovation.
Featured image: Bustling street scene in Kabale, Uganda (Photo credit: Adam Cohn, CC BY-NC-ND 2.0)

Sections of Kenya’s Computer Misuse and Cybercrimes Act, 2018 Temporarily Suspended

By Juliet Nanfuka |
Barely two weeks after the presidential assent to the Computer Misuse and Cybercrimes Act, 2018, a High Court judge has issued a conservatory order suspending the entry into force of 26 sections of Kenya’s contentious Computer Misuse and Cybercrimes Act, 2018. The order by Judge Chacha Mwita, suspending the sections until July 18, follows a petition filed by the Bloggers Association of Kenya (BAKE), which challenged the law for contravening constitutional provisions on freedom of opinion, freedom of expression, freedom of the media, freedom and security of the person, right to privacy, right to property and the right to a fair hearing.
In the order issued on May 29, the judge certified BAKE’s petition as urgent, and stated that  respondents (who include the Attorney General, the Speaker of the National Assembly, the head of the National Police Service, and the Director of Public Prosecutions) be served immediately. The respondents would have seven days from receipt to file written submissions. Hearing of the petition is scheduled for July 18, 2018.
Although the conservatory order only stalls the enforcement and could be lifted or maintained thereafter, it nonetheless represents a win for digital rights advocates in Kenya, as they have in the interim satisfied the judge that there is an arguable case to be made against the constitutionality of the recently enacted law. The order also marks another landmark ruling in the litigation towards respect and realisation of digital rights across Africa.

According to the  order, the suspended sections are: 5, 16, 17, 22, 23, 24, 27, 28, 29, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 48, 49, 50, 51, 52 & 53.


Various organisations criticised the bill prior to its assent on May 16, 2018 calling it unconstitutional. Among the organisations were the Kenya ICT Action Network (KICTANET), Article 19 Eastern Africa, BAKE and the Centre to Protect Journalists (CPJ) who deemed numerous sections unconstitutional and detrimental to Kenyan citizens’ digital rights. They said it infringed on the privacy of individuals, freedom of expression, speech, opinion and access to information online.
Kenya already has a history of stifling online critics of the state and state actors, as echoed by James Wamathai, the Director of Partnerships at BAKE. In a statement, he said: “In the past several years, there have been attempts by the government to clamp down on the freedom of expression online. This Act is a testament of these efforts, especially after other sections were declared unconstitutional by the courts.
Among the prevailing concerns on the law is the use of vague language on issues such as “false” or “fictitious” content and false publications in Section 22 and 23, accompanied with heavy obligations on users to verify truthfulness or untruthfulness of information before disseminating. As per section 12, failure to comply would result in a fine of five million Kenyan shilling (USD 50,000), up to two years in prison, or both.
The  court order comes on the heels of the two judgments (Okiya Omtatah Okoiti v The Communication Authority of Kenya and 3 others Constitutional Petition No. 53 of 2017 and Kenya Human Rights Commission v Communications Authority of Kenya and 3 others no. 86 of 2017) by the Kenya High Court in which the petitioners successfully challenged the installation on mobile phone networks of a communication surveillance system dubbed Device Management System (DMS), by the Communications Authority (CA) Kenya (CA). The petitioners argued that, through this system, the authority would have undue access to the communications of citizens.
As more countries in Sub-Saharan Africa develop technology related laws, it is fundamental that the laws uphold human rights standards prescribed at global and regional levels, including in the International Covenant on Civil and Political Rights (ICCPR), the African Charter on Human and Peoples Rights (ACHPR), and African Union Convention on Cybersecurity and Personal Data Protection. However, recent developments such as has been witnessed in East Africa appear to prioritise the criminalisation and penalisation of internet use rather than encourage its adoption as a tool for greater access to information, and for expanding free expression and civic engagement.
Kenya’s neighbours Tanzania and Uganda have this year taken actions detrimental to digital rights. In Uganda, social media taxes that could be introduced in July 2018 threaten internet access and affordability while in in Tanzania, online content producers will have to pay over USD 900 to register with the state for permissions to maintain their platforms, according to new regulations.
 

Privacy & Protection: Do Ugandans Care What Happens to Their Data?

By Neema Iyer |

Let’s be honest.

When was the last time you read the “Terms and Conditions” before you signed up for a new service online?

We don’t blame you. It’s easy to get lost in the legal jargon.

But do you know what happens to your personal data every time you click on “I have agreed to terms and conditions”? Did you know at the mere click to accept, you could have given a way a portion of your vital information and put your data privacy in absolute jeopardy?

Today, it’s hard to raise the issue of data privacy without putting a thought on the recent Facebook-Cambridge Analytica scandal that made many people realize the power of data. Even with as much information spewed out explaining what the scandal was about, very few took a note to learn from.

A recent allegation from the Cambridge Analytica scandal pins the Uhuru Kenyatta presidential campaign to have employed social media surveillance results to target campaign messages to different profiles of voters. This was possible because Facebook monitors your social media activity and can predict your behavior from that, hence such information is used to target messages that speak to your interests and emotions to sway major decisions such as election outcomes. This isn’t just happening on our doorsteps, allegations claim similar outcomes in the United States and the UK.

The EU revised as much on data privacy and protection in Europe and promised to give users more power over their data. While Europe seems to take quick action, down in Uganda and Africa at large, we continue to grapple with weak data privacy and protection laws, a citizenry that is not well-informed on data privacy, a delay in passing necessary bills and weak implementation processes. Unfortunately, a majority of African countries lack the necessary mechanisms for the inclusive participation of citizens and other stakeholders in the processes of formulating the very laws on internet and digital rights that directly affect them.

Do we care about Data Privacy and Protection?

In December 2017, Unwanted Witness, an activists group petitioned the Uganda Human Rights Commission (UHRC) to compel Parliament to speed up the enactment of privacy and data protection law.

They argued that without a governing law, citizens’ personal data is exposed to abuse without collection and protection safeguards. They further asked UHRC to prioritize privacy and recognize it as a fundamental right under attack in the country. However, to date, we are yet to see significant action taken to build an informed citizenry on their digital rights and to provide appropriate protections.

When talk about data arises, many are not really willing to delve further into the ethics surrounding the topic. This can and will still be attributed to the high illiteracy levels in the country and because many don’t know what data is or how valuable it might be on the long run, they will give it away easily. Funny as it may sound, a majority internet users think ‘data’ is the a term tied to the internet bundles that the ISPs provide and it’s that school of thought that has stuck with them. Whether their data gets in the hands of the wrong or the right people, it’s the least of their concerns.

Data Protection basically means to ensure the right to privacy, respect to confidentiality principles in various relations such as doctor patient, employer-employee and service providers with their clients generally.

Did you know that privacy is your human right?

The right to privacy refers to the concept that one’s personal information is protected from public scrutiny. It is essentially, your right to be left alone. Privacy is a core aspect of human dignity and values such as freedom of association and freedom of speech.

One would wonder, even with the data privacy breaches, are there really laws in place to curb and punish those that are misusing people’s data and evading on their privacy or we are simply looking while our data gets tampered with and is easily handed to the wrong hands.

Are there Laws in Place?

Yes! There is a Ugandan Data Protection and Privacy Bill that was tabled before parliament in 2015 and although the Bill needs to be revised and aligned better with human rights provisions, comments have been raised on the need to balance civil liberties, national security and data protection and privacy.

According to a paper published a couple of years ago by Dr Ronald Kakungulu Mayambala a Senior Lecturer of Human Rights and Peace Centre at Makerere University, Article 27 of the Constitution guarantees the right to privacy of person, home and other property. In particular, article 27(2) of the Constitution provides that a person shall not be subjected to interference with the privacy of that person’s home, correspondence, communication or other property.

Unfortunately there is no comprehensive law giving effect to article 27, yet a lot of data concerning individuals are collected, stored or processed regularly by various institutions in the private and public sector, including banks, hospitals, insurance companies, the Uganda Citizenship and Immigration Control Board, the Uganda Revenue Authority, Uganda Registration Services Bureau, the Electoral Commission, utility service providers and telecommunications companies under the SIM card registration exercise

The Bill seeks to protect the privacy of the individual and personal data by regulating the collection and processing of personal information. It provides for the rights of persons whose data is collected and the obligations of data collectors and data processors; and regulates the use or disclosure of personal information.

However even with these laws and bills in place, further questions continue to be raised on whether they even hold any solid ground in implementation, especially, if there has not been enough sensitization of the bills and data literacy.

 

What do some people think about data privacy in Uganda?

A chat with a few random Ugandans around town shows you just how long of a way we have to go with the data privacy and protection talk.

“I honestly have nothing to hide with my data and anyone who wants to access it can go ahead and access it. Your data can only be private if you choose to keep it private but if you choose to put it out there and later claim for privacy, then you are playing yourself” — Lisa

“Whatever you put out there is public. I don’t really care who gets my data because once Ipost anything on social media, it’s no longer in any way private. I get a need for data privacy if it comes to my business data like emails. That is when i need some real privacy” — Hans

“Data privacy is not even a topic of debating here in Uganda because people don’t really care what happens with their data. Because we have a huge Internet penetration gap, very many people don’t even know what data is in most parts of africa.” — Emmanuel


 

Uganda’s Social Media Tax Threatens Internet Access, Affordability

By Juliet Nanfuka |
Uganda’s president Yoweri Museveni has directed the finance ministry to introduce taxes on the use of social media platforms. According to him, the tax would curb gossip on networks such as WhatsApp, Skype, Viber and Twitter and potentially raise up to Uganda Shillings (UGX) 400 billion (USD 108 million) annually for the national treasury. The ministry has already proposed amendments to the Uganda Excise Duty Act, 2014 to introduce taxation of “over-the-top” (OTT) services, and raise taxes on other telecommunications services.
Section 4 of the Excise Duty (Amendment) Bill 2018, a copy of which was obtained by CIPESA, states: “A telecommunication service operator providing data used for accessing over the top services is liable to account and pay excise duty on the access to over the top services.” The amendment defines such services as the “transmission or receipt of voice or message over the internet protocol network and includes access to virtual network; but does not include educational or research sites which shall be gazetted by the Minister.”
According to the proposals, which could take effect on July 1, 2018, OTT services that commonly include messaging and voice calls via Whatsapp, Facebook, Skype and Viber will attract a tax duty of UGX 200 (USD 0.05) per user per day of access. In his letter, Museveni said the government needed resources “to cope with the consequences” of social media users’ “opinions, prejudices [and] insults”. He proposed a levy of UGX 100 (USD 0.025) per day per OTT user. Prime Minister Ruhakana Rugunda supported the suggestion as did the ICT minister, who stated that the taxes were meant to increase local content production and app innovation in Uganda.
If implemented, the proposed tax will be the latest in a series of government actions that threaten citizens’ access to the internet. Last month, the communications regulator issued a directive calling for registration of online content providers and also released tough restrictions on registration of SIM cards. At the USD 0.05 per day suggested by the finance ministry, a Ugandan user would need to fork out USD 1.5 per in monthly fees to access the OTT services. That would be hugely prohibitive since the average revenue per user (ARPU) of telecom services in Uganda stands at a lowly USD 2.5 per month.
According to the Uganda Communications Commission (UCC), in the 2016-2017 financial year, Uganda’s telecommunications sector contributed UGX 523 billion (USD 141.2 million) to national tax revenue, an increase of 14.3% from the previous year’s UGX 458 billion (USD 123.6 million).
As of September 2017, Uganda had an internet penetration rate of 48% while the mobile subscription stood at 65 lines per 100 persons. Research shows that at least one in nine internet users in the country is signed up for a social networking site, with Facebook and WhatsApp the most popular.
Indeed, social media and by extension OTT services, are key avenues for public discourse, service delivery and political engagement. As per the recently released results of the national IT survey 2017/18, 92% of MDAs have a social media presence with most using Facebook, Twitter and WhatsApp as their primary platforms for information dissemination and engagement with citizens. Meanwhile, telecommunications companies have tapped into the popularity of OTTs by offering competitive social media data packages, resulting in what was popularly referred to as “data price wars.”
The amendment bill also proposes a 12% tax for airtime on cellular, landline and public payphones. The latter two previously attracted a 5% tax. The tax on mobile money transfers has been increased from 10% to 15%, while a 1% tax has been introduced to the value of mobile money transactions of receiving and withdrawals.
The proposed taxes do little to support internet affordability in Uganda, which already scores poorly on the Affordability Drivers Index (ADI) that annually assesses communications infrastructure, access and affordability indicators. Currently, 1GB of mobile prepaid data in Uganda costs more than 15% of the average Ugandan’s monthly income. This is much higher than the recommended no more than 2% in order to enable all income groups to afford a basic broadband connection.
The proposed taxes have also raised considerable debate among members of civil society and the business sector, who are concerned that consumers will inevitably be economically affected, while the legal fraternity has called the move unconstitutional. In a country where two social media shutdowns were ordered in a space of three months during 2016, and where some social media users have been prosecuted or arrested over opinions expressed on Facebook and Twitter critical of public officials, these developments are particularly worrying. Already, the perceived high level of surveillance has forced many Ugandans including the media, into self-censorship, turning them away from discussing “sensitive” matters of community or national importance.
The increasing popularity of social media enabled OTT services, brings new regulatory challenges for governments, as many of these services have not required a licence or been required to pay any licensing fee according to the Electronic Frontier Foundation (EFF). However, the regulation of OTT platforms and services may in some cases adversely affect user rights.
On the financial inclusion front, the proposed taxes are also likely to affect mobile money subscriptions and the cost of doing business. In Uganda and across Africa, mobile money has become the primary means of financial transactions, offering new opportunities for productivity and efficiency gains to governments, businesses and individuals.
Feature photo by GotCredit
 

Tanzania Issues Regressive Online Content Regulations

By Ashnah Kalemera |
Tanzania has issued online content regulations that oblige bloggers, owners of discussion forums, as well as radio and television streaming services to register with the communications regulator and to pay hefty licensing and annual fees.
There are three types of licences. A license for provision of online content services comes at an initial cost of TZShs 1.1 million  (USD 484) comprised of an application fee of USD44 and an initial licencing fee of USD 440. In addition, there is an annual licence fee of USD440, and a similar amount has to paid for licence renewal after three years.
A licence to stream radio or television content on the internet costs TZShs 250,000 (USD110), with annual licence fees set at USD 88. This licence also has to be renewed after three years at a cost of USD 88.
The Electronic and Postal Communications (EPOCA) (Online Content) Regulations, 2018, which were issued on March 13, 2018, join a catalogue of legislation related to online content in Tanzania that threatens citizens’ constitutionally guaranteed rights to privacy and freedom of expression. The regulations are also likely to negatively impact on an already fragile intermediary liability landscape in a country fraught with increasing media repression and persecution of government critics.
When the Tanzania Communications Regulatory Authority (TCRA) initially published the draft regulations last September, they did not have the requirement to apply for online content service licences as set out in Regulation 14 of the enacted regulations. It states: “Any person who wishes to provide online content services shall fill in an application form as prescribed in the First Schedule and pay fees as set out in the Second Schedule to these Regulations.”
Applicants are required to provide their company details including physical address, shareholding, citizenship of shareholders/directors and tax registration. The communications regulator, TCRA, has the right to cancel licences over non-compliance.
The regulations that have been issued are more regressive than the draft which the regulator issued in September 2017 for public comment.

See CIPESA’s full analysis of the draft EPOCA Content Regulations, 2017 – available in English and Swahili.

Under obligations of internet cafes, the final regulations introduced two clauses that threaten user privacy. Under regulation 9, café owners are required “to ensure that all computers used for public internet access are assigned public static IP addresses”. This could inhibit the use of circumvention tools such as Virtual Private Networks (VPN) that rely on dynamic IP address protocols, and which citizens resorted to using in neighbouring Uganda during state-initiated interruptions to communications.
Further, the regulations extend café owners’ obligations to install camera equipment to include registration of users “upon showing a recognised identity card”.  Pursuant to regulation 9(2), recorded surveillance and the user register “shall be kept for a period of twelve months.”
Several regressive provisions from the draft version were also passed. Regulation 6(1) requires licenced service providers who provide online content or facilitate online content production to terminate or suspend subscriber accounts and remove content if found in contravention of the regulations, within 12 hours from the time of notification by TCRA or by an affected person. This requirement places a heavy technical and human resource burden on content hosts and providers to have in place competencies to handle complaints within 12 hours.
Swift content restriction or removal is also required of online content hosts under regulation 8(b) and content providers and users under regulation 5(1)(g). As we argued in an earlier brief, while content such as revenge pornography and that which promotes violent extremism may be justifiably removed promptly, there is a danger that the regulations may be applied unjustifiably to content such as that relating to exposure of corruption or human rights violations.
Whereas regulation 16 provides for a complaints handling procedure, the regulations do not provide for the process nor mechanisms for legal recourse over contested content.
Regulation 5(1)(e) requires content providers to “have in place mechanisms to identify source of content”. This obligation poses a threat to the right to anonymity and whistleblowing and may lead to self-censorship.
Moreover, Regulation 12 on content prohibited from publication lists restrictions with broad definitions and which have potential to limit freedom of expression. In terms of scope, it includes unspecified content that “causes annoyance”; “uses disparaging or abusive words which is calculated to offend an individual or a group of persons”; and is “crude”, “obscene” or “profane” including in local languages.
Regulation 12 also prohibits publication of “false content which is likely to mislead or deceive the public except where it is clearly pre-stated that the content is i) satire and parody ii) fiction; and iii) where it is preceded by a statement that the content is not factual.”
Nonetheless, the regulations have some positive elements, among them regulation 10(b) which requires users to use device passwords to ensure that unscrupulous and unauthorized persons do not access their social media accounts.
The requirement for provision of easily accessible user terms and conditions by licensed service providers, adoption of a code of conduct for content hosting, and publication of a safe internet use policy for internet cafes, are also commendable in promoting user awareness of platform policies. The regulations also provide important safeguards for child protection online, such as regulation 13 which prohibits children’s to access to prohibited content online.
In a boost to privacy and data protection, regulation 11 prohibits unauthorised disclosure of “any information received or obtained” under the provisions of the regulations, except where the information is required for law enforcement purposes. Furthermore, regulation 11 restricts use of information only to the “extent” that is “necessary for the proper performance of official duties.” Nonetheless, in the absence of data protection and privacy legislation in Tanzania, these safeguards could be rendered of little value and hence prone to abuse.
It remains to be seen how the new regulations will be enforced and how they will impact on citizens’ rights online. However, given Tanzania’s history of predatory action against internet users following the enactment of the Cybercrime Act, 2015, the new regulations are likely to be utilised to further undermine the internet freedom situation in the country.