Zimbabwe has been in the process of aligning its laws with the 2013 Constitution resulting in the unbundling in 2019 of the Access to Information and Protection of Privacy Act (AIPPA) through the gazetting of the Freedom of Information Bill and the Zimbabwe Media Commission Bill.
In addition, the Cybercrime and Cybersecurity Bill was merged with the Data Protection Bill to produce the Cybercrime, Cybersecurity and Data Protection Bill, 2019 (hereinafter called the Cybercrime Bill). Surprisingly, the Ministry of Information, Publicity and Broadcasting Services is equally working on a data protection law, known as the Protection of Personal Information Bill, of which both are data protection bills.
This write-up seeks to comment on the recent developments pertaining to Ethiopia’s digital space regulation as widely reported in the media, vis-à-vis the proposed regulatory framework for Zimbabwe and its implications on rights to expression, access to information and privacy.
Reuters and Al Jazeera on the 13 February 2020, reported that Ethiopia’s Parliament had passed a law imposing jail terms for people whose internet posts stir unrest, a move which the government argues is necessary to prevent violence ahead of national events such as general elections.
This law is said to permit a fine of up to 100,000 Ethiopian Birr (US$3,000) and imprisonment of up to five years for anyone who shares or creates social media posts that are deemed to result in violence or disturbance of public order.
The Freedom of the Net report published by Freedom House, notes that Internet freedom has globally been on the decline for the past nine years. Accordingly, Ethiopia is one of the 21 countries that fall in the category of internet space which is “not free”, sharing the same category with countries such as Russia, China, Venezuela, Saudi Arabia, Iran, Myanmar and Turkey, among others.
In passing this law, fears are high that it will be used to target dissenting voices online.
Such developments on the regulation of online space put Zimbabwe under the same spotlight. Zimbabwe’s Cybercrimes Bill is reported to be with the Attorney General’s Offices awaiting gazetting en route to the Parliament of Zimbabwe.
MISA Zimbabwe notes with concern the striking resemblances of some of the sections in the Ethiopian law with those being proposed in the Zimbabwean Bill which the organisation had sight of during consultative processes.
MISA Zimbabwe reiterates its calls for the government of Zimbabwe to strike a strategic balance between security concerns and digital rights through safeguarding citizens and content creators’ rights to free expression, in particular, and access to information and the right to privacy.
In view of the last draft that MISA Zimbabwe had sight of during engagements with the Ministry of ICTs and Courier Services, the organisation raised concerns around provisions of the draft bill which establishes the Cybersecurity Centre which is otherwise deemed to be the Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ).
As rightly laid out in the Bill, POTRAZ is created in terms of the Postal and Telecommunications Act [Chapter 12:05] and likewise, its roles are clearly laid out in that Act.
For purposes of efficiency and effectiveness, it would not be ideal to also allocate the functions of the Cybersecurity Centre in their entirety to POTRAZ. The question on who the main beneficiary to the provisions of the Bill remains a matter of concern. Conflating this role on POTRAZ is dangerous as POTRAZ regulates the industry and has access to large sources of data that can be used for the state’s interests without the citizens’ consent.
It poses a dual crisis, with POTRAZ, on one hand, becoming the surveillance arm of the state while also having access to the large volumes of data collected by the Mobile Network Operators (MNOs). Our fears are that the right to privacy will be compromised.
An independent institution, with a clearly defined mandate and parameters of operation and accountability, would have been more ideal to handle issues relating to the Bill. Further, such an institution requires the representation of multiple stakeholders such as civil society and marginalised groups.
Accordingly, the Freedom of the Net report noted that the decline in the enjoyment of Internet freedom in Zimbabwe includes the existence of laws in the country’s Criminal Law Code that criminalise fair enjoyment of the right to free expression.
In 2019, a number of people were arrested for sharing messages that are said to undermine the authority of the President over social media platforms. This was exacerbated by the fact that the Zimbabwean government shut down the Internet until MISA Zimbabwe approached the courts to end the blackout. It is in light of these developments elsewhere and local historical developments, that we call upon the government to adopt a human rights approach towards the regulation of the digital space.
It is for this reason that the Freedom of the Net report makes the following key recommendation for policymakers:
- Ensure that all internet-related laws and practices adhere to international and human rights standards…
- National governments should establish periodic reviews to assess whether their laws and practices regarding internet freedom conform to the principles outlined in the Universal Declaration of Human Rights and International Covenant on Civil and Political Rights.
- Any undue restrictions on internet freedom – including the blocking of political websites, internet shutdowns, arrests for non-violent speech, or extra-legal surveillance should cease immediately.
In taking this position, MISA Zimbabwe is inspired by the United Nations Human Rights Council Resolution of 2012, which declared that the same rights that people have offline must be protected online. What this essentially means is that digital rights are also human rights.
MISA Zimbabwe thus calls for continuous adherence to the letter and spirit of such international frameworks that protect and promote the enjoyment of digital rights.