Cybercrime: More often in Africa, states crack down on whistle-blowers who use government data to report crime
Digital repression is on the rise in many parts of Africa. Over a dozen African countries have recently experienced politically motivated internet shutdowns. Roughly the same number have been identified as operators of military-grade spyware (such as Pegasus, RCS and FinFisher), which they use to track domestic political opponents and activists with the same vigor as criminals and terrorists.
Governments employ automated tools to subject social media platforms to expansive surveillance. Increasingly, leaders are taking advantage of vague elements of recently passed cybercrime laws to expand executive powers to arrest activists and debilitate the free press.
African leaders frequently portray digitally repressive tactics as necessary to combat threats from terrorism, organised crime and secessionist violence. In fact, their main impact is to undermine the fundamental freedoms that make it possible for governments to be transparent, legitimate and accountable to citizens.
Tanzania’s 2015 Cybercrimes Act is a case in point. The law was ostensibly passed to fight rising digital crime. In practice, it bans “insulting” speech, empowers law enforcement officials to respond to violations without judicial checks and allows authorities to crack down on whistleblowers who use government data to report wrongdoing.
The Cybercrimes Act was followed by the 2018 Electronic and Postal Communications Regulations, which requires bloggers to register with the government and internet cafes to keep surveillance videos of people using their services.
These regulations have had a chilling effect on citizen security in Tanzania. Broad definitions of offenses, as well as disproportionate penalties for them, have stifled political debate by enabling the unjustified detention, arrest and intimidation of opposition figures, independent journalists, and activists.
Along with social media outages and the suspension of text messaging services, Tanzania’s cybersecurity laws were the government’s main tools of digital repression in the run-up to the fraudulent October 2020 elections.
Paradoxically, while often justified as necessary to enhance security, the embrace of digital repression has failed to improve African security. Instead, digitally repressive tactics, technologies and policies are proving to be damaging to national security and harmful to citizens.
As more Africans get their information from the internet, some governments have embraced digital forms of repression to exert more control over the information environment. Digital repression encompasses a variety of increasingly common tactics and tools, all of which involve the use or manipulation of digital technology to censor or restrict communications, invade privacy, limit free speech, stifle political opposition, and undermine democratic checks and balances.
The most visible face of digital repression in Africa is the limitation of people’s use and access to the internet and telecommunications. Over the past decade, the African continent has become awash in internet shutdowns and restrictions. In 2021, at least 10 African countries experienced a major internet shutdown, the most of any region in the world.
Internet shutdowns have been deployed in the run-up to or aftermath of contested elections in Uganda, the Republic of the Congo and Guinea. Similar tactics were applied to citizens protesting in favour of democracy and civilian governance in Togo, Eswatini and Sudan.
At times, shutdowns have even happened in freer countries. Leaders shut off the internet during a high-stakes election in Niger and during popular protests in Senegal and Burkina Faso. These interventions strain the balance between liberties and security that is a core tenet of open and democratic governance.
Another tactic of digital repression involves the use of malware or social media to conduct surveillance of political opponents, journalists and activists. Information gathered during surveillance is then used for blackmail, harassment, or targeted arrests and detention. For example, authorities in Uganda worked closely with officials from the Chinese telecom firm Huawei to hack into the WhatsApp and Skype accounts of opposition leader and presidential candidate Bobi Wine during a rally he attended in 2018.
This led to his detention and torture and cost Wine’s driver his life. More broadly, cheap and sophisticated malware, which is widely available from numerous private sector firms and sold as a means for authorities to surveil terrorists, has created a booming surveillance market across Africa.
Finally, authoritarian-minded leaders across Africa are applying new laws on cybersecurity, online speech and data sharing in ways that expand executive powers to crack down on protected speech or attempts at whistleblowing.
Benin’s 2018 Digital Code, which criminalises online press offences, including the publication of false information—was used to arrest journalists reporting on public statements made by officials that were embarrassing to the government.
Zambia’s cybercrimes law was passed under former President Edgar Lungu at a time of closing civic space. The law’s vague definitions made it susceptible to a politically selective application, which led current President Hakainde Hichilema to campaign on repealing it. In other instances, governments use existing laws on speech and expression to crack down on opponents and activists for their comments in the digital sphere.
Authorities in Côte d’Ivoire have used the country’s antidefamation laws to hold journalists criminally liable for publishing online stories exposing inadequate prison conditions and possible cases of corruption.
- A Tell / ISS report