It is now axiomatic that the mass diffusion of the internet and its ancillary digital technologies have created an alternative space for the widespread and ‘unrestricted’ exercise of rights like freedom of expression, freedom of assembly and access to information especially in contexts where such rights are already curtailed through legal and political repression.
It has facilitated the conducting of online transactions, e-learning, remote working, video conferencing and many other political, economic, cultural and social activities. Despite the intractable issue of digital divide and inequalities, the Southern African Development Community (SADC) region has witnessed the growth of internet and social media penetration and use over the last two decades owing to the liberalisation of the telecommunications sector and the advent of advanced wireless technologies such as 3G, 4G and 5G.
The digital space has altered communication patterns with online and social media becoming the preeminent arena for public communication and culture, often giving ordinary citizens a voice that they previously lacked. The emergence of e-commerce has also created business opportunities and convenience for citizens, whilst at the same time opening up the space for crime and the possibility of compromising citizens’ data security.
The Need for Government Intervention
Ultimately, governments are compelled to enact legislation to govern the online and digital space in order to prevent cyber-related crimes and protect citizens from hackers and fraudsters. In the process, though, the online and digital rights of citizens must be similarly protected as the governments enact these laws.
The reality, however, is that many countries have either introduced or are planning to introduce cybersecurity and cybercrime laws that potentially threaten the rights to free speech, expression association, access to information and privacy amongst others.
In the era of ‘surveillance capitalism’, the increased use and appropriation of digital technologies has been accompanied by massive information collection and processing, including personal data. Data is being collected, processed, shared and transferred every day, with or without the knowledge of the affected persons, which has serious implications for personal privacy.
A Right to Privacy
Because of this intrusive collection and procession of personal data and information by state and non-state actors, the conceptualization of the right to privacy has become very fluid and complicated. The uptake of facial recognition, video conferencing, contact tracing, artificial intelligence and machine learning technologies has expedited the processing, analysis, collection and storage of data, including personal information.
These technologies have augmented surveillance practices, thereby paving way for the setting up of huge databases with technical capacities to anonymise and de-anonymise data – all on a wide scale. This turn of events has significant implications on the right to privacy.
In Southern Africa, Hunter and Murray have shown that increased interference with the right to privacy mostly exists in environments with limited oversight mechanisms and results in data breaches, misuse of personal data, unlawful and indiscriminate interception of communications and impermissible data retention policies.
Cognisant of the fact that digital rights have become an inseparable part of our everyday lives because of the complex interaction between human beings and digital technologies, scholars have begun to foreground the advent of dark forms of participation such as the spread of misinformation, disinformation, malinformation, cyber-bullying, cyber harassment and revenge porn.
This is despite the initial celebratory views of the internet as technologies of freedom and accountability. In recent years, fears about the normalisation of communications surveillance, roll out of invasive monitoring and tracking technologies by governments and corporates, state-ordered Internet shutdowns as well as the passage of draconian pieces of legislation have dominated national, regional and international headlines.
Laws Violating Inalienable Human Rights
Instead of promulgating laws that are consonant with the Necessary and Proportionate Principles as articulated by Access Now, Privacy International (PI), Electronic Frontier Foundation (EFF), and Association of Progressive Communications (APC), some SADC countries have brazenly came up with legal frameworks that violate inalienable human rights as enshrined in their national constitutions.
Many governments in the SADC region are taking steps that undermine internet access and affordability, and weaken the potential of digital technologies to catalyse free expression and civic participation or to drive innovation. In a number of SADC countries, there has been an increase in digital rights violations such as arrests and intimidation of online users, internet blockages, and a proliferation of laws and regulations that undermine the potential of technology to drive socio-economic and political development in the region.
Several countries have come up with a number of Bills focusing on data protection, electronic transactions, cybercrimes and computer crimes and interception of communications in the last decade. Instead of helping to increase the accessibility and availability of ICTs, some of these pieces of legislation have contributed to the restriction of citizens’ rights to free speech, privacy and access to information, thereby undermining efforts to bridge the digital divide.
Internet shutdowns in particular during elections and during public protests and demonstrations are becoming commonplace. State surveillance in cyberspace as well as private spaces is on the increase, limiting civic space for engagement and critical opinion, and further curtailing an enabling environment for such engagement.
In addition, insult laws such as those meant to protect Heads of State and Government and other senior government officials from scrutiny and criticism have been invoked to limit public debate on social media regarding governance, democracy and human rights.
Laws to protect the integrity of e-commerce have been used to prevent non-governmental organisations and human rights defenders from opening and operating bank accounts and from transacting, thereby curtailing their work.
All these issues have brought to the fore the debate about the need for States to balance the regulation of the digital/online space or prevent online crime and the promotion and protection of citizens’ digital/online rights.
Government Cybersecurity Needs
However, the spread of ICTs and Internet penetration has also raised concerns about cyber security at regional and sub-regional governance forums. This has led African intergovernmental organisations to develop legal frameworks for cyber security.
At a sub- regional level, the Economic Community of West African States (ECOWAS) has adopted a Directive on Cybercrime, while the Common Market for Eastern and Southern Africa (COMESA) and the Southern African Development Community (SADC) have adopted model laws. In Southern Africa, there are three model laws worth mentioning here. These are
- The SADC Model Law on Computer Crimes and Cybercrimes;
- The SADC Model Law on Data Security; and
- The SADC Model Law on Electronic Transactions and Electronic Commerce.
At the regional level, the African Union (AU) has adopted a Convention on Cyber Security and Personal Data Protection. Individual countries like Zambia, Botswana, Tanzania, and Malawi have enacted cybersecurity laws as part of their internet governance frameworks while in countries like Zimbabwe, South Africa and Namibia plans are afoot to pass the similar legislation.
Unfortunately the developed and or proposed legal frameworks have been narrowed down to entirely prioritising the protection of ‘national interests’ and the prevention of ‘social media abuse’ at the expense of the digital security and protection privacy of general and day-to-day internet users in the SADC region.
Analyzing Cybersecurity Laws
These instruments have therefore also been characterised as vehicles for legitimising surveillance and criminalising free expression in the SADC region. The situation has been made worse by the fact that ever since the fast spreading of COVID-19, almost every facet of human life has been forced to migrate online in order to circumvent lockdown, social distancing and self-isolation protocols.
In this ‘new normal’, the internet and digital media technologies have become indispensable part of learning, news consumption, e-commerce, accessing government documents and contact tracing. This digital turn in everyday life has been accompanied by concomitant digitisation of criminal conduct.
In view of these concerns, MISA-Zimbabwe commissioned Cybersecurity and Cybercrime Laws in the SADC Region: Implications on Human Rights, which specifically focuses on the analysis of the enacted and proposed cyber laws in the SADC region and how they have impacted the exercise of rights more specifically, the right to privacy, freedom of expression and media freedom.
A lightly edited version of Cybersecurity and Cybercrime Laws in the SADC Region: Implications on Human Rights by Media Institute of Southern Africa – Zimbabwe.
Sorry, the comment form is closed at this time.