Earlier today, 4 November 2021, the MISA Director, Tabani Moyo addressed the Africa ICT Ministers’ Forum hosted by UNESCO on the state of internet regulations in Southern Africa with an emphasis on marching towards affordable, accessible and available internet. The full address is as below;
Information as a public good is a timeless proposition. Moreso, a complex declaration as is it aptly captured in Windhoek Declaration +30. Part of the accessibility of the public good lies in the regulation of the internet and its accessibility by the citizens.
In the past few years, there has been a rush to regulate the internet in Southern Africa, more so in the wake of the COVID-19 pandemic outbreak in 2020.
Since then, a number of countries in the region, starting with South Africa, enacted regulations that criminalise the publication of falsehoods, a move that was replicated in Botswana, Zambia and Zimbabwe, among others.
In addition, a meeting of SADC heads of government in Maputo, in August 2020, also made a resolution to take “pre-emptive measures against external interference, the impact of fake news and abuse of social media particularly in electoral processes”.
Regional consensus to crackdown on free expression online
In the wake of the resolution, there seems to be a dangerous regional consensus to crackdown on free expression online. A number of Southern African countries have since begun or accelerated cyber security lawmaking, which we found somewhat problematic, as the proposed pieces of legislation have a chilling effect on freedom of expression and of the media in Southern Africa.
To illustrate this, countries such as Botswana, Eswatini, Tanzania, Malawi and Zambia have already passed cyber security and cybercrime laws, while countries such as Namibia and Lesotho have gazetted draft legislation on cyber security and cybercrime.
On the other hand, in Zimbabwe, the Cybersecurity and Data protection Bill is awaiting presidential assent before it is enacted.
While some of the laws in these countries are modelled along international, regional and sub-regional model laws and other human rights instruments, there are a number of problematic provisions, which infringe on the right to privacy and freedom of expression.
Where enacted, or, where at least there are bills, the laws regulating the internet in southern Africa are often restrictive in terms of dealing with the interception of communication, data protection and electronic transactions.
In countries such as Zambia, Zimbabwe, Namibia and Malawi, there are deep-seated fears that existing and new legislation is already being used for surveillance purposes.
In Tanzania, the government has taken the lead in clamping down on freedom of the media and of expression under the guise of curbing fake news and abuse of social media.
A number of online publications, broadcasting outlets and newspapers have been suspended or shut down by Tanzanian authorities since then under the guise of fake news laws. Yesterday, the Republic of Zimbabwe announced that it had set up a team to monitor social media, which is in itself a threat to expression.
It must be pointed out that in March 2021, Zambia adopted the Cyber Security and Cyber Crimes Act, 2021, following assent by former President Edgar Lungu. The Act was passed amidst criticism that it was primarily aimed at policing cyberspace and gagging freedom of expression and speech by government critics and opponents ahead of the general election.
In keeping with the SADC resolution, Lungu said the law was intended “to protect citizens from abuse by people who feel they can do or say whatever they want using the veil of cyberspace”. This seemed like a veiled warning to critics of the former administration.
Zimbabwe’s Cybersecurity and Data Protection Bill has far-reaching implications on freedom of expression and the right to privacy in that country. The bill criminalises the publication of falsehoods online and further entrenches surveillance in the country. MISA has since written to President Emmerson Mnangagwa pleading with him not to sign the bill into law before contentious issues are addressed.
Zambia’s law, and Zimbabwe’s proposed legislation, fall far short of regional and international standards and instruments on human rights such as the African Union Convention on Cyber Security and Personal Data Protection.
In Lesotho, the government gazetted the Computer Crime and Cyber Bill in 2020. The objectives of the Bill was “to criminalise offences against computers and network related crime; to provide for investigation and collection of evidence for computer and network related crime; to provide for the admission of electronic evidence for such offences”.
However, a parliamentary portfolio committee dismissed the Computer Crime and Cybersecurity Bill of 2021, as well as the Communications (Subscriber Identity Module and Mobile Device Registration) Regulations of 2021 from the National Assembly, to allow for the Minister of Communications, Science and Technology to go back and revisit these drafts of legislation.
Concern had been raised that there were no consultations before the bill was brought to the legislature, while some provisions also violated Lesotho’s Constitution. The bill has since been withdrawn.
Resorting to internet shutdowns in the face of political pressure
Coupled with that, there is a propensity by Southern African governments to resort to internet shutdowns where they face political pressure and civil unrest. As we speak, the internet has been shut down at least twice in Eswatini over the past four months as civil unrest rages on in that country.
In August, the former Zambian administration resorted to shutting down the internet during elections in that country.
As has been said ad nauseum, the internet and social media platforms play a critical role in enhancing participatory governance in a democratic society. It is for this reason that blocking access to the platforms is anachronistic and authoritarian in nature.
As has been previously affirmed, the African Commission on Human and Peoples’ Rights (ACHPR) Resolution of 2016, recognises the “importance of the internet in advancing human and people’s rights in Africa, particularly the right to freedom of information and expression.”
The ACHPR/Res. 362 (LIX) 2016 also condemns the “emerging practice of State Parties interrupting or limiting access to telecommunication services such as the internet, social media, and messaging services”.
Additionally, United Nations experts and high-level officials — including the UN Secretary-General — formally affirm that “blanket Internet shutdowns and generic blocking and filtering of services, are considered by United Nations human rights mechanisms to be in violation of international human rights law.”
Further, internet shutdowns disrupt emergency services, cripple economies and restrict the flow of business-related information and communications, including internet-based banking services and transactions.
The price of mobile data must fall!
Over the past few years, MISA has embarked on the Data Must Fall Campaign, an advocacy initiative to have the price of data reduced so that more people have access to the internet and are able to participate meaningfully in the global public sphere.
With the advent of COVID-19 and work from home orders, the importance of accessible and affordable internet cannot be overstated.
Internet access and affordability remain critical issue that needs to be addressed particularly for purposes of promoting universal access to the internet for all. More so, for purposes of promoting digital inclusion.
The continued increase in data tariffs, particularly in a country such as Zimbabwe, is widening the digital divide, hence, the need for urgent interventions.
Policymakers, consumers, private companies, civil society organisations and the regulator, should have meaningful, truthful and open conversations on this issue.
This will not only be for purposes of understanding business or human rights perspectives, or the policy perspective but to ensure that a clear roadmap is in place as we move forward as a continent.
Re-affirm commitment towards the collective call under the Windhoek Declaration +30:
- WORK TOGETHER to ensure the effective realisation of the steps and measures outlined in this Declaration;
- AGREE AND ADOPT new and innovative measures and mechanisms, including of a multilateral and multi-stakeholder nature, following broad consultative processes, to ensure respect by States for freedom of expression and access to information, and that digital platforms’ practices and systems which affect user interaction with information are appropriately transparent;
- COLLABORATE through multilateral fora to promote respect by governments, intergovernmental organisations and digital platforms for human rights, including freedom of expression, access to information and the safety of journalists.
- SADC member states should ensure that the enacted and proposed domestic laws are aligned with the AU Convention on Cyber Security and Personal Data Protection & ACHPR’s Revised Declaration on Principles of Expression and Access to information There is a need to draft separate laws on cybersecurity and data protection, particularly in the case of Zimbabwe.
- SADC member states must strive to fulfil the full import of Article 25 of the AU Convention on Cyber Security and Personal Data Protection, which calls upon State Parties to ensure that proposed or enacted cybersecurity and cybercrimes laws do not infringe on the rights of citizens guaranteed under the national constitution and internal laws, and protected by international conventions, particularly the African Charter on Human and Peoples’ Rights, and other basic rights such as freedom of expression, the right to privacy and the right to a fair hearing, among others.
- Southern African countries must adhere to the principles governing the processing of personal data as enumerated in Article 13 of the AU Model Law. These include; consent and legitimacy of personal data processing, lawfulness and fairness in personal data processing, purpose, relevance and storage of processed personal data, the accuracy of personal data, transparency of personal data processing, and confidentiality and security of personal data processing.
- There is a need for countries in the SADC region to adopt a Human Rights-Based Approach. Such an approach will ensure that enacted or proposed legislation, take into account the urgent need to balance cybersecurity needs with the need to protect and promote the fundamental right to privacy.
- Regional governments must come up with policies that ensure that the internet is accessible and available at all times and that they will not resort to internet shutdowns during elections and times of civil unrest.
- Agree on a framework upon which Universal Services Funds are accountably channelled towards expanding the infrastructure that enables internet access, at affordable rates to the entire African societies.
Source: MISA Zimbabwe