The Communication Initiative
Development action with informed and engaged societies
The Communication Initiative
As of March 15 2025, The Communication Initiative (The CI) platform is operating at a reduced level, with no new content being posted to the global website and registration/login functions disabled. (La Iniciativa de Comunicación, or CILA, will keep running.) While many interactive functions are no longer available, The CI platform remains open for public use, with all content accessible and searchable until the end of 2025. 

Please note that some links within our knowledge summaries may be broken due to changes in external websites. The denial of access to the USAID website has, for instance, left many links broken. We can only hope that these valuable resources will be made available again soon. In the meantime, our summaries may help you by gleaning key insights from those resources. 

A heartfelt thank you to our network for your support and the invaluable work you do.
Time to read
5 minutes
Print
a- a+
Published 1 year ago
Last updated 10 months ago
Read so far

Information Ecosystem Assessment (IEA) on the Impact of Cyber Security and Cybercrime Laws Enacted by Southern African Governments on Media Freedom and Digital Rights

0 comments
Date
Summary

"Media freedom and journalism are under heightened threat and sharpened assault across the African continent, with developments across southern Africa over recent years becoming especially troubling, according to Amnesty International."

This report offers an overview of the cyber security and cybercrime laws, and regulatory landscapes, that are affecting media practice and the freedom of expression in the Southern African Development Community (SADC) region. Conducted in 2023 by Advancing Rights in Southern Africa (ARISA) through its consortium partner, Internews, this Information Ecosystem Analysis (IEA) is designed to provide an in-depth overview of the legal provisions that have been enacted or are in various stages of becoming laws in the region and that are being used by SADC governments to stifle and limit press freedom and public debate. The report offers individual country chapters on each of the sixteen SADC countries, providing country-specific legal analyses of the relevant cybersecurity and related laws used by the respective countries' governments. The ultimate objective of the study is to advance and strengthen media rights and to counter oppressive practices across Southern Africa.

The report defines cybercrime as being criminal activities carried out by means of computers or the internet that has three components to it: "Crimes where an information system, such as a computer, is the object of the crime (e.g. hacking); crimes where an information system is used as a tool to facilitate the crime (e.g. fraud); and crimes committed by the content the system carries (e.g. child pornography). In this analysis, the first two categories are grouped together as 'technical offences' in contrast to 'content-related offences' of the third."

It explains how cyberspace-related laws and regulations, particularly cybersecurity and cybercrime laws and regulatory frameworks, are being deployed to undermine media freedom and civic spaces across the SADC. "Evidence is mounting of how regional governments have been using newly minted cybersecurity or cybercrime laws, in conjunction with criminal procedures or penal codes, as well as media and civil society regulatory mechanisms, to clamp down on critical journalists and civil society and political activists during election times. This report sheds light on some of this ample evidence and testimony concerning these anti- and undemocratic and human rights-violating practices and occurrences."

Before discussing each individual country, the report offers an analysis of key international standards and guidelines that can be used as yardsticks for assessing laws in the SADC region which may threaten media freedoms. These include the Budapest Convention on Cybercrime, the African Union Convention on Cyber Security and Data Protection (Malabo Convention), and the SADC Computer Crime and Cybercrime Model Law, among others. 

The individual country chapters include the following sections: 

  • A table of "key indicators" that quotes the country's constitutional provisions on freedom of expression and, for context, the country's ranking in the 2023 World Press Freedom Index, as well as a list of the key laws that are examined.
  • Context: gives a brief overview of the regulatory system that affects different forms of expression.
  • Constitution: provides a short discussion of the constitutional framework on freedom of expression and a summary of key cases where it has been applied.
  • Case studies: considers recent examples where laws have been applied in an attempt to constrain freedom of expression.
  • Cybercrime legislation and other legal provisions relevant to freedom of expression: Although the focus of the research is cybercrime law, in practice, content-based offences in both cybercrime laws and other laws are most commonly utilised in practice to restrict freedom of expression. Thus, rather than being considered in isolation, the cybercrime laws are discussed alongside other offences that are or may be used to limit speech. This discussion includes information about relevant procedural law as well, including provisions on state investigative powers, state surveillance, SIM card registration, and take-down notifications.
  • Election law and freedom of expression: In respect of SADC countries where elections are planned for 2023 or 2024, specific laws and regulations relating to freedom of expression during election periods are briefly considered.

The report highlights the following key observations that are drawn from unfolding trends evident across all countries in the region:

  • "While most SADC member states have since the early 2010s, and earlier, introduced and implemented cyberspace, cybersecurity and/or cybercrime-related laws, at the time of compiling this report in mid-2023, some states - such as Namibia and Lesotho - were still in the process of finalising substantive laws and regulatory frameworks for enactment or implementation;
  • Aside from the democracy and human rights challenging aspects emerging from the latest regional trend to legislate for cyberspace, all SADC member states already had or have a range of problematic laws and regulatory frameworks, from colonial-era laws or outdated post-colonial frameworks to more recent press laws or penal code amendments, on their statute books that can be or have been used for repressive purposes;
  • In this regard, over the years, the primary tools used to clampdown on the media, as well as civil society and political opposition in countries across the region, have been criminal defamation or insult provisions, as well as 'decency', 'national security' or 'public order' provisions, among others, in criminal procedures laws or penal codes, along with media registration and communications regulatory mechanisms and, of late, provisions related to the dissemination of what can broadly be labelled as 'fake news';
  • Concerningly, in many instances where repressive state practices have been recorded and reported, such practices have occurred as a result of law enforcement and/or state security actors having acted extrajudicially;
  • Similarly, media freedom and free expression violations have occurred where law enforcement and/or state security overreach have been enabled by poorly developed or under-developed law or regulatory provisions;
  • At the same time, across the region human rights safeguards, along with public oversight guardrails, and transparency and accountability mechanisms, where such exist, are generally also poorly developed or under-developed in law and regulation, and especially so in the context of cybersecurity or cybercrime law and regulation;
  • The enabling of state surveillance abuse and/or overreach - especially through mass surveillance enabling legislative and regulatory measures - has become a primary concern, particularly for media freedom advocates, in the context of cybersecurity and/or cybercrime law and regulatory crafting and drafting in the SADC region."

Based on the findings, the report concludes with a number of recommendations. The following are just a selection: 

Journalists and the media

  • Journalists and the media in countries across the region are encouraged to continuously and persistently focus public scrutiny on law and regulatory crafting and implementation that threaten freedom of expression and media freedom, both domestically and regionally.
  • Specifically, journalists and the media are encouraged to proactively engage with law, policy, and regulatory crafting and drafting processes - on such issues as promoting the repeal of criminal defamation provisions - that could impact media freedom and freedom of expression generally.
  • Regionally, journalists and media organisations are encouraged to form effective information and advocacy-sharing networks that engage with regional governments and international stakeholders on media freedom issues in the digital age.

Civil society

  • Domestic and regional civil society actors are encouraged to form alliances and collaborations with local and regional media actors to raise local and regional public awareness and knowledge of the content and potential impacts of state-driven actions in the realm of cyberspace law and regulation.
  • Similarly, human rights and civil society actors, both domestically and regionally, are encouraged to continuously and persistently focus public interest advocacy on law and regulatory crafting and implementation that threaten freedom of expression and media freedom, both domestically and regionally.

SADC governments

  • Laws regulating freedom of expression and media freedom should be brought in line with best practice guidance and standards and be reflective of compliance with international and continental instruments that speak to protecting and enhancing such freedoms.
  • SADC member states are encouraged to look to international and continental best practice guidance and examples, such as the Malabo Convention in the context of domestically legislating for cyber security and cybercrime, and to bring laws and regulatory frameworks in line with such guidance and examples.

Click here for the 20-page summary report in PDF format. 

Web link
Click here for the full 633-page report in PDF format.
Source

Internews website on January 25 2024. Image credit: Internews