Monthly Roundup: April 2020

REUTERS/Antonio Parrinello

With restrictions on movements and gatherings, much of the world has been using technology to work and learn (and watch Netflix) from home during the last month. Governments have also been deploying digital tools in their responses to the COVID-19 outbreak, and for this monthly roundup, we take a look at some of those that concern disinformation and surveillance.

Singapore

While Singapore was initially praised for its rapid and effective response to the pandemic, in recent weeks the country has experienced outbreaks among its neglected migrant communities who live in crowded, poor conditions. Part of the government’s response has been its notorious misinformation law, the Protection from Online Falsehoods and Manipulation Act. Under the law, officials have requested that Facebook disable access to the page of the States Times Review – which posts anti-government news and commentary to its 54,000 followers. Authorities allege the page contains “false statements” about the government’s response, including that the international community is losing confidence in the country’s public health measures. After seeking legal advice, Facebook eventually complied with the request, but released a statement expressing the company’s concern on the impact the law has on free speech. The government has denounced similar criticism that the Act is a tool to suppress opposition, and is now considering how to remove false communications on encrypted applications, such as WhatsApp, which companies don’t have access to.

South Africa

With no existing law against misinformation, South Africa’s disaster management regulations now prohibit the sharing of coronavirus-related information “with the intention to deceive.” A person who contravenes the regulations will be liable to a fine or imprisonment of up to 6 months. The government has also placed an additional duty on ISPs to remove any identified false content from their platforms. So far, a number of arrests have been made, including a man who posted a video violating and mocking the regulations. You can read more of our coverage and what this means for free expression in the country here.

India

The Home Ministry of India has issued an order making it mandatory for all public and private workers to download the government’s contract-tracing app. The Aarogya Setu app uses location data to map the movements of those infected with the coronavirus, and sends alerts to those who come in contact with them. The responsibility is on employers to ensure that their workforce complies with the order, but experts are skeptical about the legal ramifications if an employee refuses to download it. An additional concern is the impact this has on citizens’ privacy, which was recognized as a constitutional right in the famous ‘Aadhaar’ judgement, and thus can only be limited in accordance with prescribed procedures which have not yet been followed.

South Korea

South Korea’s tracing program is extensive and meticulous. When a person tests positive for the virus, authorities reconstruct an hour-by-hour timeline of the person’s whereabouts in the days leading up to the diagnosis. This information is derived from interviews, cellphone location data, credit card transaction history and CCTV footage that reports suggest private business owners are required to supply. This data is also shared via public alerts to people in affected districts, and the alerts archived on local websites, without anonymizing the age, gender and ethnicity of the patients. This is seemingly inconsistent with South Korea’s strict personal data protection law, the Personal Information Protection Act, which also includes the right to be forgotten, and applies to both the private and public sector. But the government has exercised an exception in the statute, which permits government agencies to collect and use data without consent if it’s in the public interest to do so. The privacy concerns of the tracing program are manifest, and some individuals have been subject to harassment. Notwithstanding, South Korea’s responses to the pandemic, including its tracing program, have been heralded both locally and globally.

In light of many countries adopting stricter measures during this time, the UN Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression has encouraged governments to center the dignity and respect of people in their responses. We hope they heed this call, and ensure that both access to information and privacy are protected going forward.

Call for Proposals: CYRILLA Applied Research and Advocacy Grants

Contact

Grant Baker, CYRILLA Project Director (grant[at]smex.org)

Background 

The CYRILLA Collaborative will be awarding 5 grants of $5,000 to organizations and individuals to pilot small-scale applied research, journalistic, or advocacy initiatives committed to expanding the knowledge on digital rights legislation and case law. The CYRILLA Collaborative is particularly interested in applications from individuals or organizations based in the Middle East and North Africa, Latin America, South and Southeast Asia, and Sub-Saharan Africa. Small grant–supported initiatives will last between 3-4 months and are expected to respond to a regional digital rights–related research or advocacy challenge.

About CYRILLA

The CYRILLA Collaborative is a global initiative that seeks to map and analyze the evolution and impacts of legal frameworks in digital environments by aggregating, organizing, and visualizing distributed legal data through open research methodologies, data models, taxonomies, and databases. The Collaborative’s keystone initiative, CYRILLA.org, is an open online database that facilitates and accelerates the sharing and comparison of legal information on digital rights. At its core, CYRILLA organizes and provides access to legislation and case law that affects human rights in digital environments; enabling researchers, activists, lawyers, and civil society representatives to assess legal trends and their impacts in digitally networked spaces. 

The CYRILLA Collaborative is comprised of the Association for Progressive Communications (APC), Center for Intellectual Property and Information Technology at Strathmore Law School (CIPIT), Columbia University’s Global Freedom of Expression Initiative, Derechos Digitales, HURIDOCS, and SMEX.

Topics   

The CYRILLA Collaborative is interested in proposals that examine how legal frameworks have evolved to protect, regulate, and repress digital rights. Projects can take the form of research, advocacy, or the development of new data–driven technical outputs that utilize existing data on one of our three databases: cyrilla.org, ICT Policy Africa, or RedLatam i.e visualizations for journalistic reporting or an advocacy campaign. We are especially interested in projects that tackle the disproportionate impacts of policies affecting digital rights on at-risk communities. Potential projects ideas include, but are not limited to: 

  • Examining how the courts have applied recent or outdated legislation to impact digital rights (i.e freedom of expression, privacy etc.)
  • Delineating opaque legislative or judicial processes related to digital rights 
  • Analyzing how legislation has impacted the introduction of digital identity programs, or how the introduction of digital identity programs has led to new legislation
  • Studying the digital rights implications of competition laws or other laws that have facilitated market concentration in the tech or telecommunications sector
  • Comparing digital rights case law across regional or national jurisdictions

Given the current COVID-19 pandemic, we understand that projects which document the nature and impact of domestic coronavirus-related regulations on digital rights are topical and necessary. While we encourage you to apply if you have a strong idea around a Coronavirus-related topic, a project will not be viewed more favorably solely because it is linked to COVID-19. 

Application Instructions

Please submit a 3-4 page proposal and a line item budget via email by May 28, 2020. Proposals must be sent to grant[at]smex.org, nerissa[at]smex.org, and collaborative[at]cyrilla.org with the subject line “CYRILLA Research Proposal.” 

The proposal should include:  

Background: Describe the problem that your project seeks to address, explaining why the issue is relevant right now. Briefly detail any previous research or advocacy efforts that have addressed this topic. 

Organizational Description: Outline your organization’s mission and list any relevant projects that you have worked on in the past two years. Organizations should also provide short biographies of the staff members who would be working on the project. If you are applying as an individual, please write a short biography and attach a CV. 

Outcome & Project Narrative: State the project’s desired outcome and explain how the project will accomplish that goal. Please mention any challenges or risks that you anticipate this project might face. 

Project Timeline: Produce a detailed timeline, with dates, listing the project’s expected outputs and when they are expected to be completed.

SMEX will serve as the initial point of contact for shortlisted candidates. Once candidates have been selected, they may communicate directly with one of the other CYRILLA partners, depending on where the project is located. 

Selection Criteria 

The six organizations that comprise CYRILLA Collaborative will convene to evaluate proposals. Strong proposals will: 

  • Clearly articulate the relevance of the project
  • List clear outcomes within the three-month timeframe
  • Directly interact with legislation and case law concerning digital rights
  • Demonstrate how the project will help build growing interest in digital rights law 

The CYRILLA Collaborative will attempt to maintain regional balance (i.e one project from the Middle East and North Africa, one from Latin America etc.) in awarding the grants. Projects that make use of the CYRILLA research methodology or databases will be viewed favorably.

A Look at South Africa’s Covid-19 Disinformation Regulations

AP Photo/Denis Farrell

Countries across the world have been implementing drastic measures to curb the spread of the novel coronavirus, and South Africa has followed suit by criminalizing disinformation related to COVID-19 during the “national state of disaster” – declared on March 15, 2020. The accompanying Disaster Management Regulations impose fines or imprisonment of up to 6 months for people who share false information on social media, and responsibility for removal thereof has been assigned to ISPs by a Ministerial directive.

In trying to find examples of infringing content, I need look no further than my own phone. According to the messages I’ve received during the last month, no less than six countries have already developed a COVID-19 vaccine, which we wouldn’t even need anyway if we just bathed in bleach while holding our breaths for 20 seconds. Also, this is all somehow the fault of 5G internet. I receive these messages from people across age groups, cities, and education levels, and on every platform I use. A couple are from my mom. And two weeks after we went on lockdown began, they remain unrelenting.

Even pre-pandemic, the spread of disinformation on South Africa’s social networks was a familiar problem. Fabricated statistics showing disproportionate attacks against white farmers circulated for a number of years, fuelling the “white genocide” myth that made international headlines. Significantly more distressing are the false narratives shared about immigrants in the country which sustain the rampant xenophobia that time and again results in loss of life.  But South Africa has resisted the growing trend in the region and globally of enacting legislation against “fake news” – with good reason.

While countries like Singapore have introduced laws against disinformation, these laws are often arbitrarily enforced by officials against dissidents. However, South Africa’s robust protection of freedom of expression inhibits the government from going down this dark path. The Constitutional Court has described freedom of expression as a “guarantor of democracy” and our jurisprudence tends to reflect this. The South African Constitution entrenches the right to freedom of expression, including the “freedom to receive or impart information or ideas.” The right, however, expressly does not extend to propaganda for war, incitement of imminent violence, and hate speech. Accordingly, false information which does not fall under the exceptions is presumably a constitutionally-protected form of expression.

Although the Disaster Management Act, 2002 grants the government broader powers, any regulations enacted must nevertheless be consistent with the Constitution and, in particular, the Bill of Rights, and are reviewable by the courts in this regard. So is this limitation of freedom of expression imposed by the criminalization of disinformation constitutionally permissible? Section 36 of the Constitution permits the limitation of rights when circumstances demand, provided such limitation is “reasonable and justifiable”, taking into account factors such as the nature and extent of the limitation, and the purpose for its imposition.

The Disaster Management Regulations state:

“Any person who publishes any statement, through any medium, including social media, with the intention to deceive any person about –

  1. COVID-19;
  2. COVID-19 infection status of any person;
  3. Any measure taken by the Government to address COVID-19,

commits an offence and is liable on conviction to a fine or imprisonment for a period not exceeding 6 months, or both such fine and imprisonment.”

The Minister of Communications and Digital Technologies’s directive takes the limitation a step further, and has imposed a duty on ISPs to entirely remove such content from their platforms once it has been identified. She has not yet communicated how enforcement of this would interact with the otherwise comprehensive limitations on ISP liability in the Electronic Communications and Transactions Act, 2002

Even so, the government has confined the scope of the offence to categories of false information relating to the pandemic, and not false information generally. This, at least, alleviates concerns that it will weaponize the criminalization of disinformation towards undemocratic ends, such as the stifling of criticism from the public, press and political opposition. Additionally, the regulations are temporary – the national state of disaster lapses after three months, if a relevant Minister fails to terminate it earlier.

A person will also only be liable if they had the “intention to deceive.” The State will have to show that the individual was aware the information was false, and shared the information for the purposes of misleading others accordingly. Therefore, good faith data modeling and projections, and our aunts on family WhatsApp groups, are unlikely to contravene the regulations.

But just because there’s no legal obligation to ensure the credibility of the information we share, doesn’t mean we don’t have a social one. The categories of false information enumerated in the regulations have the potential to result in physical harm, incite fear or discrimination, and derail public health efforts. AfricaCheck, an independent fact-checking organization, has been debunking coronavirus-related myths that have been circulating on social media across the continent – ranging from eating garlic and drinking baking soda as cures, to state-mandated murder of positive patients in China. In a country that ranks social media almost as reliable as traditional news outlets, coupled with an overburdened public healthcare system and a history of disease-related trauma and stigma, the impact of these messages on the general public cannot be underestimated. Since the government has been trying to widely disseminate scientifically-accurate information, in various languages, most notably via an AI-powered WhatsApp service that’s been heralded by the World Health Organization, we should verify the information we receive from other sources before sharing it with our social circles. 

There have already been numerous arrests for contravening the regulations, including a man who warned people to stay away from his ex-girlfriend, who he alleged had tested positive for the virus, and another who posted a video of himself violating and mocking the Disaster Management Regulations. Activists and academics, however, are wary of how imposing and enforcing this limitation may impact the importance of the right to freedom of expression in South Africa in the future. But until the regulations are challenged before a court, we’re all better off thinking twice before hitting the share button.

Job Opportunity: External Project Evaluator

Terms of Reference: 

External Project Evaluator, CYRILLA

Timeline:

March to April 2019

Contact:

Grant Baker, CYRILLA Project Director (collaborative@cyrilla.org)

SMEX is seeking a consultant to perform an external midterm evaluation for a two-year program. The consultant will have experience with monitoring and evaluation, and program assessment for digital rights and internet freedom-related projects, or, alternatively, projects related to technology and human rights with strong legislative/policy analysis, research, and advocacy campaigning components.

About the Project:

The CYRILLA Collaborative is a global initiative that seeks to map and analyze the evolution and impacts of legal frameworks in digital environments by aggregating, organizing, and visualizing distributed legal data through open research methodologies, data models, taxonomies, and databases. The Collaborative’s keystone initiative is CYRILLA.org, an open, federated online database that facilitates and accelerates the sharing, comparison, visualization, and interoperability of legal information on digital rights. 

The Collaborative is comprised of the Association for Progressive Communications, the Center for Intellectual Property and Information Technology (CIPIT) at Strathmore Law School, Columbia University Global Freedom of Expression, Derechos Digitales, HURIDOCS, and SMEX. 

Evaluation Objectives:

The chief aim of the external midterm evaluation is to perform a comprehensive analysis of results and learning emerging from CYRILLA, relative to its stated objectives and activities, in order to assess overall impact, effectiveness of approach, and progress of the project towards desired outcomes during its first year. This should, in turn, yield a detailed set of findings and recommendations that will inform project design, operations, and priorities for its second year.

Approach:

The midterm external evaluation will examine the extent to which CYRILLA has progressed with its objectives and activities, how activities have translated into the community-level outcomes that are central to its success and sustainability, and any operational challenges that have impacted this progress. This will include drawing on key sources of information: project reporting, monitoring evaluation framework and performance monitoring plan (PMP), internal documentation of activities and their outputs, and interviews with key stakeholders (both project partners and beneficiaries).

About SMEX:

Founded in 2008, SMEX is a registered Lebanese NGO that develops media and information literacy, expands knowledge of internet policy and governance, and advocates for human rights online throughout the Middle East and North Africa (MENA) via research, training, and advocacy. Since August 2018, SMEX has served as the incubator for the CYRILLA Collaborative, a consortium-based initiative to expand and amplify responsive, evidence-based internet freedom legal and policy advocacy in the Global South, through coordinated approaches to systematizing digital rights law and case documentation. 

Application Materials:

  • Cover letter
  • CV
  • Two references on previous consulting projects

Email materials to collaborative@cyrilla.org and grant@smex.org with the subject line: “CYRILLA Evaluator Application” by March 24th, 2020. Salary commensurate with experience.

Glenn Greenwald and the Fight for Press Freedom in Brazil

The constitutional protections for press freedom are being challenged in Brazil. Last month, federal prosecutors in Brazil filed charges against US journalist, Glenn Greenwald, for cybercrimes. Greenwald, the journalist who published Edward Snowden’s intelligence leaks, and one of the founders of news site, The Intercept, has a history of exposing government corruption and criticizing President Jair Bolsonaro’s administration. Last year, Greenwald released private chats between top government officials, which revealed possible corruption by Justice Minister, Sergio Moro. The Intercept asserted that the exchanges were obtained from an “anonymous source” while implicated politicians, including Moro and Bolsonaro, alleged that Greenwald had encouraged hackers to obtain the information. 

Brazil has robust press freedom laws. The Constitution includes special protection for journalists from criminal liability for publishing information from illegally obtained sources if it’s within the public interest to do so, and the journalists have not participated in the theft itself. In an extraordinary move, the Supreme Court barred the federal government from investigating Greenwald for receiving the intercepted messages exchanged between top officials. “The right corollary of freedom of expression is the right to obtain, produce and disseminate facts and news by any means. The constitutional secrecy of the journalistic source makes it impossible for the State to use coercive measures to constrain professional performance and to investigate the form of reception and transmission of what is brought to public knowledge,” the ruling stated.

Last December, Brazil’s federal police concluded their investigation into the hacking. The police claimed that Greenwald was not the subject of the investigation, and therefore they were not circumventing the Supreme Court decisions, but his name emerged in communications with the hackers. Police established that “it is not possible to identify moral or material participation by the journalist [Greenwald].” In the transcribed audio files, Greenwald tells the hacker to evade criminal liability for participating in the hack, he would have to prove he only spoke to the source after the criminal action was completed. Authorities noted that Greenwald exercised caution when interacting with the hackers and acknowledge his legal duties as a journalist.

Federal prosecutors charged Greenwald with criminal association and illegal interception of communications, alleging that some audio tapes demonstrate he “helped, encouraged and guided” the hackers. However, a federal judge declined to proceed with the charges because of the previous injunction issued by the Supreme Court against investigations into him. But Greenwald feels that refusing to move forward on procedural grounds is not the victory for press freedom it appears to be: “Anything less would leave open the possibility of further erosion of the fundamental freedom of the press.” The judge ultimately noted that if the injunction was overturned, he would be open to formally charging Greenwald.

Greenwald intends on approaching the Supreme Court for a more conclusive ruling on press freedom. As this unfolds, press freedom and the rule of law in Brazil, as well as the strength of the country’s institutions, will be tested. We hope that the judiciary once again defends the rights of journalists who are acting in the public interest, and does not foster an environment of fear, corruption and secrecy.

The court documents referred to above will be available on CYRILLA in the coming months.

New on CYRILLA: Online freedom of expression cases from around the world

CYRILLA has now uploaded 383 additional online freedom of expression cases. The cases were collected by Global Freedom of Expression at Columbia University (CGFE), which is a member of the CYRILLA Collaborative. As part of their work, CGFE maintains the Global Database of Freedom of Expression Law, which includes an Arabic-language version recently launched at SMEX’s annual regional unconference, Bread&Net 2019, as well as a Spanish-language version. The database surveys jurisprudence around the world, critically reviews exemplary cases, engages in comparative analysis, and aims to identify national, regional and global trends. It currently includes more than 1,370 freedom of expression cases from over 130 countries. 

One of the new cases available on CYRILLA is WA and WB v. Mamedov from Kazakhstan. In 2018, Mamedov E.A. filmed two women kissing in a cinema in Kazakhstan, and posted the video on his Facebook page immediately after. He left a comment on the post: “They are possibly someone’s children, sisters or acquaintances. Repost to start a conversation, maybe it is possible to reach them, to change, or at least to shame them.” The video went viral, and, by the time Mamedov took down the post 24-hours later, it had already amassed 60,000 views. Reactions to the video included hate speech and violent threats directed at the women, who, fearing for their safety, were forced to flee the country. Last year, they sued Mamedov for violating their right to privacy.

The court of first instance found for the women, and held that Mamedov, by failing to ask their permission, had indeed caused them harm. The appellate court, however, overturned this verdict, holding that Mamedov was simply exercising his freedom of expression to defend the morals of Kazakh society. By posting the video on Facebook, a media entity, this brought Mamedov’s actions in line with the Law on Mass Media, which contains an exemption from liability for failing to obtain consent to share a video or image if it’s done with the aim of protecting morals. The women appealed this decision to the Supreme Court, which held that Mamedov violated the right to privacy guaranteed by Article 18(1) of the Constitution of Kazakhstan and Article 115(3) of the Civil Code. Because of Mamedov’s actions, the women became objects of scrutiny, their private lives became public, and their relationships with colleagues and relatives deteriorated. The Supreme Court reinstated the first instance judgment, and the women were eventually compensated.

WA and WB v. Mamedov demonstrates the complexities of balancing freedom of expression with other fundamental rights, like privacy and dignity, and how technology has transformed the arguments and defenses raised by either side. Hawley Johnson, Associate Director of CGFE, explains: “In an age where freedom of expression is under siege on many fronts, we aim to provide lawyers, human rights defenders, academics and others with tools to uphold international standards of protection. The database provides comparative case law on numerous digital rights issues as diverse as defamation, surveillance, blasphemy and data privacy among many others. Partnering with the CYRILLA has provided us with an unparalleled opportunity to collaborate with advocacy organizations working on the frontlines of digital rights so we can expand our coverage of emerging legal trends globally.”

Case Recap: The Kashmir Internet Shutdown

Image via Tauseef Mustafa/Getty Images

On August 4 2019, the government of Kashmir shut down mobile networks and internet services in the disputed territory. The next day, the President of India revoked the region’s semiautonomous status. Anticipating unrest, India deployed thousands of army personnel, restricted movement within and across borders, and launched what would be the longest internet shutdown in a democracy. 

A number of Kashmiri citizens, including the executive editor of the Kashmir Times, petitioned the Supreme Court of India to set aside the government’s order to suspend “all modes of communication”, including the mobile networks and internet services. The petitioners argued that the internet shutdown was a restriction on the fundamental right to freedom of speech and expression as protected under Article 19(1)(a) of the Indian Constitution, and the decision should thus be “tested on the basis of reasonableness and proportionality” as required by Article 19(2) of the Constitution.

The court delivered its judgement on January 10th, 2020. It had to first consider whether access to the internet was part of freedom of expression under Part III of the Constitution. The court recognized the primacy of the internet in everyday life: “the importance of the internet cannot be underestimated, as from morning to night we are encapsulated within the cyberspace and our most basic activities are enabled by the use of internet.” It considered the internet as a medium for expression, and not necessarily as a fundamental right in itself. “Expression through the internet has gained contemporary relevance and is one of the major means of information diffusion.” Accordingly, the court found that freedom of expression over the medium of the internet was indeed constitutionally protected under Article 19(1)(a).

The question then turned to whether the internet shutdown, and therefore the restriction of a fundamental right, was carried out in accordance with Article 19(2) of the Constitution. In terms of Article 19(2), the following conditions must be met for the restriction to be constitutional, namely:

  1. The action must be sanctioned by law
  2. Restriction must be reasonable
  3. Must be in the furtherance of inter alia security of the state

The shutdown was conducted under Section 7 of the Telegraph Act, 1885, which gives effect to the Temporary Suspension of Telecom Services (Public Emergency of Public Service) Rules, 2017. Further, the court recognized government’s concerns of terrorism proliferating via the internet during this time. The main contention was the reasonableness of the internet shutdown. The court underwent a lengthy analysis of the legal meaning of “reasonableness”: “The degree of the restriction and the scope of same, both territorially and temporally, must stand in relation to what is actually necessary combat an emergent situation.” The court had to balance the legitimate state objective of security with the impact of restricting citizens’ fundamental right to freedom of expression over the internet.” 

In analyzing the impact of the measures taken by the government, the court found that a sustained internet shutdown without review was unjustifiable. The Suspension Rules indicated that a shutdown of services must be temporary, yet did not define a period that could be considered such. The court held that, notwithstanding this, “an order suspending the aforesaid services indefinitely is impermissible.” The court directed the government to review whether the conditions which warranted the initial shutdown persist, on the basis that restrictions “must not be allowed to extend beyond that time period which is necessary.” The court reiterated that curtailing fundamental freedoms “cannot be done through an arbitrary exercise of power.” and gave the government 7 days to conduct its review.

The following week, the internet was partially restored for “essential services” like hospitals, banks, and government offices. Social media sites and personal internet services, however, remained banned. Then, late on January 24th, 2020, nearly six months since the shutdown was first instituted, the government enabled 2G connectivity for 300 “whitelisted” websites, including social media apps. This decision will be reviewed on January 31, 2020.

The judgment can be said to further access to the internet in India generally by recognizing the internet as a pivotal tool in the realization of well-established fundamental human rights, like freedom of expression. This would make it easier to challenge future internet shutdowns in the courts. However, it is essential that the government of India translate this sentiment into action, and not merely satisfy the order of the Supreme Court for the sake of doing so. We hope that internet connectivity will be fully restored in the Kashmir region soon.

November Roundup: Freedom on the net?

Our monthly roundup highlights trends in digital rights law from around the world. In November, Freedom House released its annual Freedom on the Net report, which revealed an overall decline in internet freedoms for a 9th consecutive year. This is consistent with news coming out of China, Spain, Lebanon, and Sweden, where governments have cracked down on fundamental freedoms online. However, one US court has taken strides towards securing them.

China

Leaked Chinese government documents revealed authorities’ use of facial recognition technology and artificial intelligence to monitor, identify and persecute the country’s minority Uyghur population – demonstrating “the power of technology to help drive industrial-scale human rights abuses.” Using a joint policing platform, Chinese authorities collate the personal data of people they interrogate, including blood type, education level, travel history, and household electric-meter readings, and this data is used by an algorithm to determine individuals who should be considered “suspicious”. Unsurprisingly, China was found to be the worst abuser of internet freedom for the fourth year in a row.

Spain

The Spanish government has made several legislative modifications which would allow them to shut down digital services without a court-issued warrant when “public order” is threatened – a move that is targeted at Catalan separatists. Acting Prime Minister, Pedro Sanchez, said: “I’m telling Catalan separatists. There won’t be independence either offline or online. The state of law will be as forceful online than in the real world,” The modifications came into force without undergoing proper parliamentary procedures, and grants authorities the powers to remove any content, websites or apps for the purposes of “public safety, civil protection, emergencies, defence of human life or interference with other networks.”

Lebanon

There has been an increase in the arrest and prosecution of people for exercising speech online in Lebanon, according to a recent Human Rights Watch report. While it’s common for Lebanese authorities to rely on laws that criminalize libel, slander and defamation to silence speech about the country’s fragile economic situation and corruption, the report demonstrates that these are now being used to target online speech, in particular, and at an alarming rate. Many of those arrested are journalists or editors, whose reporting constitutes “speech that is not only legitimate, but necessary for the functioning of a vibrant society governed by the rule of law.” CYRILLA partner, SMEX, also released a report this month, that focuses specifically on the restriction of online speech by the Lebanese government. As of November, they had tracked 56 cases concerning online freedom of expression in 2019 – already 20 more than last year.

Sweden

The Swedish government’s draft proposal to expand its hacking authority has been approved by the country’s constitutional advisory body. The scope of the proposed law is so broad, it has attracted the concern of human rights watchdogs, who fear the implications it may have on privacy and security. In terms of the draft proposal, anyone even remotely related to the suspect of a crime may be be monitored, and judicial oversight of the process has been diminished. The draft proposal now awaits parliamentary approval, and Sweden hopes it will come into effect in early 2020.

US

A court in Boston found that suspicionless searches of travellers’ electronic devices at ports of entry into the US are unconstitutional. Border and immigration control authorities now have narrowed powers to search and seize devices, and must show “individualized suspicion of illegal contraband before they can search a traveler’s device.” The suit, brought by the EFF and ACLU of Massachusetts, comes after the unprecedented increase in the searches of devices entering the country, which many international travellers reported as “abusive”.

tl;dr

Tools to Understand the Legal Aspects of the ICT Ecosystem: the CYRILLA Collaborative and the CLFR

Image via CYRILLA

As rapid developments in technology revolutionize our interactions with each other and the world, established fundamental rights, like freedom of expression and privacy, take on different, but no less significant, characters in the digital realm: censorship can be a simple social media policy, and surveillance has traded in binoculars for browser cookies. It’s imperative that these rights — these digital rights — are still protected, and that the national laws which protect them are directed at this objective, because although the possibilities are greater, so are the vulnerabilities.

But technology as regulatory concern can be vexing for human rights activists and even the most attuned policymakers. As governments scramble to bring dynamic technological advancements under their control, some countries enact laws that display a lack of awareness of technical architecture, while others apply or bend analog laws, some of which are already inconsistent with international law, to digital spaces. The result is that digital regulation is inconsistent across jurisdictions, and its subjects often lack an appreciation of the impact it has on their lives. Not only does this threaten fundamental human rights online, but it can be most harmful to the activists and researchers working to defend them.

At its core, CYRILLA addresses this obstacle by organizing and making accessible the world’s digital rights-related laws, cases, and analyses on its open database, which boasts legal resources from more than 140 countries. CYRILLA empowers researchers, journalists, civil society advocates, legal professionals, and human rights defenders to more readily assess legal trends as they shape and impact digitally-networked spaces. The aggregation of this data could potentially highlight threats to human rights online and reveal opportunities for legal reform. To supplement its extensive collection, CYRILLA has included the Global Network Initiative’s (GNI) Country Legal Frameworks Resource (CLFR) reports under its Analysis Section.

Image via GNI

The CLFR helps shed light on governments’ legal authorities to compel information and communications technology (ICT) companies to restrict access to communications services and/or content or share users’ data. This form of digital regulation warrants particular scrutiny for the potential risk to ICT users’ rights. With reports on legal frameworks in over fifty countries, the CLFR also demonstrates the challenges some ICT companies may face in honoring their international human rights responsibilities and commitments when these domestic legal frameworks authorize disproportionate restrictions or lack uniform interpretation. The CLFR reports use a shared methodology to group the pertinent laws, regulations, and policies into six categories:

1) compelling companies to allow interception of customers’ communications;

2) mandating disclosure of non-content communications data;

3) enhanced disclosure or interception requirements for national security or emergency purposes;

4) censorship-related powers, including powers to order ICT companies to block or restrict access to networks, services, and/or websites;

5) oversight of powers pertaining to access to user data; and

6) oversight of censorship-related powers.

The new and improved CLFR web tool allows users to view and compare up to four reports at once, to navigate between categories, and even to download the entire resource in CSV, allowing for better integration with other actors researching digital rights-related legislation like CYRILLA.

This integration enhances the capabilities of both resources. Via the CYRILLA database, researchers can find original laws and regulations referenced in CLFR analysis, and CYRILLA visitors can supplement their reviews of digital rights-related laws and regulations to see how they might be interpreted in practice using the CLFR. The CYRILLA database also links to pertinent case law, as well as draft legislation and legal provisions, helping showcase the implications of or potential real-world shifts in CLFR analysis. These features are particularly helpful with regard to laws permitting interception and censorship for the seemingly-narrow purposes of national security threats or emergencies, a focus of the CLFR. And CYRILLA users can take a bigger-picture view, searching for country-specific data, or by keywords which cover a variety of pressing digital rights issues, including freedom of speechfreedom of assembly, and privacy.

Digital rights advocateshuman rights expertsresearchers, and ICT companies alike have stressed that documenting the development and application of digital rights-related laws is critical to both keeping users’ around the world informed on their digital rights and ensuring policymakers protect these rights. Both the CLFR and CYRILLA are committed to this aim, especially in regions where information is not always readily accessible, like Latin America and sub-Saharan Africa. Together we hope to enable the research and advocacy required to understand the legal realities that exist and identify problematic trends that need to be curtailed. These tools are a step towards responsible, transparent digital regulation, and, ultimately, stronger digital communities.

Note: this post was originally published on the GNI blog.

CYRILLA at FIFAfrica 2019

In September, the sixth Forum on Internet Freedom in Africa (FIFAfrica) was hosted in Addis Ababa, Ethiopia. Malcolm Kijirah and Jackie Akello from CYRILLA partner, the Centre for Intellectual Property and Information Technology Law (CIPIT), were in attendance to discuss and share views on digital rights and internet freedom in Africa, and to build contacts and advocate for the CYRILLA Collaborative.

FIFAfrica is a landmark event that convenes various stakeholders from the internet governance and digital rights communities in Africa and beyond. Attendees deliberate on gaps, concerns and opportunities regarding key internet issues faced by the continent, such as advancing privacy, access to information, free expression, and non-discrimination. FIFAfrica also provides a platform for responding to rising challenges to the enjoyment of internet freedom in various countries, including arrests and intimidation of online users, internet disruptions, and a proliferation of laws and regulations that undermine the potential of digital technology to drive socio-economic and political development on the continent. 

At FIFA, CIPIT hosted a CYRILLA exhibition stand, which was visited by legal practitioners, activists, organizations in the tech space, private individuals, human rights organizations, and research institutions. The team provided information to attendees on the databases being developed, as well as emphasized the significance of the project to the digital rights space. CIPIT also used the platform to build contacts from different jurisdictions, particularly Lusophone, Francophone, West and Central Africa, where it had experienced the challenge of accessing digital rights-related legal data. The exhibition was a success, with CIPIT engaging a number of people interested in learning further information about CYRILLA.

As a member of the Africa Internet Rights Alliance (AIRA), CIPIT also participated in private briefings, during which they made submissions on the Declaration of Principles on Freedom of Expression in Africa, discussed digital ID systems as a pressing issue on the continent, and attended workshops on effective organizational advocacy. Malcolm found these workshops particularly beneficial, as CIPIT is gearing up for the launch of their Africa ICT Policy Database within the next few months: “Among other things, we were taught how to properly identify what our goal is, lay down the campaign strategy, and take record of the milestones covered. The overall objective of the Collaborative is fostering digital rights literacy across the globe, and we clearly see how these strategies can help us promote the use of our database, and engage in advocacy around its contents.”  

Follow our social media channels for updates on when the Africa ICT Policy Database goes live!