We’re hiring!

Image via Caio Resende/Pexels

The CYRILLA Collaborative is seeking consultants and volunteers to assist with the collection of digital rights-related legal data in Sub-Saharan Africa.


The CYRILLA Collaborative (www.cyrilla.org) is producing an open resource toolkit and online database, to accelerate the structuring, sharing, comparison, visualization, and interoperability of legal information on digital rights. At its core, CYRILLA aims to organize, and make accessible, the world’s digital rights–related laws and cases so that a wide range of actors can more readily and confidently assess legal trends as they shape and impact digitally-networked spaces, highlighting threats to human rights and opportunities for legal reform. While the open database is the most visible part of CYRILLA, the Collaborative comprises several organizations developing open tools that can be adopted and adapted as needed by any individual or organization grappling with questions involving legal restrictions on digital rights.

How to Get Involved

To achieve and sustain our vision of providing a comprehensive first-look at the emerging legal frameworks for human rights in the digital age, the CYRILLA Collaborative is always seeking new partners and volunteers to help us collect the latest bills, law, case law, and analyses related to digital rights. The Center for Intellectual Property and Information Technology (CIPIT) at Strathmore Law School in Kenya is our Sub-Saharan African partner in the Collaborative. We’re seeking consultants across Sub-Saharan Africa, specifically in Lusophone and Francophone countries, with experience in legal research or policy analysis who can contribute legal data for national jurisdictions. CIPIT’s funds in this regard are limited. 


As a consultant for the Collaborative, you can assist us in the following ways:

  • Obtaining the latest information on digital rights-related laws, policies, regulations, cases and developments in Sub-Saharan African countries
  • Translating and adapting Portugese and French case citations and summaries for upload to the ICT Policy Africa database;
  • In regions where information is not available online or in an accessible format, reaching out to authorities to obtain this information.

Consultants can expect a time commitment of 20 hours per week. 
Time commitment for volunteers is flexible.

Countries of Interest

We welcome assistance from all parties who are getting interested in getting involved, but are particularly in need of consultants for the following Lusophone countries:

  • Angola
  • Cape Verde
  • Guinea-Bissau
  • Mozambique
  • São Tomé
  • Príncipe

Crediting Contributors

Ultimately, the data will be uploaded to CIPIT’s soon-to-be-launched ICT Policy Africa database, as well as the main CYRILLA database. All researchers will be properly credited as CYRILLA contributors on our website, unless they wish to remain anonymous. CIPIT and the CYRILLA Collaborative will also produce a blogpost highlighting the work of each organization or individual. 

If you would like to get involved, please send an email to cipit@strathmore.edu  and collaborative@cyrilla.org.

October Roundup: Whose internet is it anyway?

Image via Vincent Yu/AP

Our monthly roundup highlights trends in digital rights law from around the world. In October, Singapore and Nigeria introduced stricter regulations to curb the spread of disinformation that may also curb press freedom. While Zimbabwe, Indonesia, and Hong Kong authorities battle it out for the most innovative way to stifle uprisings using social media. Finally, some tips to stay connected and safe during the protests in Lebanon.

Fake news; real consequences


This month, Singapore’s Protection from Online Falsehoods and Manipulation Act finally went into effect. The law requires social media platforms and search engines to remove any content the government considers false. Ministers can unilaterally censor information, posted anywhere in the world, and wrongdoers face hefty fines and up to 10 years in prison. The move was welcomed by Singapore’s Prime Minister, who called it “a practical arrangement” to solve the pressing problem of disinformation. However, pretty much anyone who isn’t an elected official fears the law will be used to stifle free speech and persecute journalists who disagree with them – a development consistent with the country’s decline into authoritarianism. 


Quite literally taking their cue from Singapore, Nigeria’s government is also fighting the “cancer” of hate speech and disinformation that pose “a clear and imminent danger” to the country. President Muhammadu Buhari approved of the new regulatory code, which strengthens the powers of the National Broadcasting Commission by allowing for police intervention to close media stations, and increasing the value of fines imposed on offenders. Press freedom activists and human rights organizations are concerned that the new code will legitimize the government’s recent strong-arming of journalists, like the arrests of prominent newspaper editors for exposing oil revenue corruption in Nigeria’s southern Delta State.

The revolution will be live-tweeted

Hong Kong

A court in Hong Kong granted the Secretary of Justice a temporary injunction blocking information shared online which “promotes, encourages or incites” violence. The injunction application refers specifically to messages shared on Telegram and LIHKG – two of Hong Kong’s most popular messaging forums, and key platforms for organizing and communicating during the city’s almost six month-long protests. This is just the latest government attempts to bar protestors from using the courts; in addition to the legislature’s emergency ban on face-covering, and threatened internet restrictions. The injunction will remain in place until a formal hearing is held in mid-November.


Over in Zimbabwe, President Mnangagwa’s cabinet passed the Cyber Crime, Cyber Security and Data Protection Bill, which criminalizes the sharing of misleading or offensive content via social media platforms like WhatsApp. The President believes he’s cleaning up the country’s “cyber-space”, but human rights organizations and democracy watchdogs consider this an excuse to monitor citizen communications and suppress any potential uprisings. The Bill was first introduced under former President Robert Mugabe, after protests against his Presidency were fuelled by local Twitter campaigns. Mnangagwa has also faced severe public anger in the past: in January, he ordered a social media blackout after violent protests broke out in response to fuel price hikes. Now, with rising dissatisfaction pending austerity measures, the Bill is another avenue to silence his critics and crackdown on protestors.


An investigation by the BBC and the Australian Strategic Policy Institute has revealed a large-scale social media campaign that uses bots to share pro-government content about the Papua province of Indonesia – a region whose strong separatist movement has long called for independence. Because access to the island is heavily restricted and controlled, social media is often the only way foreign press can receive information about the political situation, and the campaign appears to be an attempt to skew the international perceptions of the unrest. Facebook ads targeting users in the US, UK and Europe were paid for by a Jakarta-based media company, but the Indonesian government has denied its complicity in the campaign.


Lebanese protestors staged sit-ins at major state institutions in Beirut, including the Ministry of Justice, following the anti-government demonstrations that erupted in mid-October. Locals are demanding accountability and a change in the country’s sectarian political system, which has been marred by inefficiency and corruption. The scale of the protests are unprecedented in Lebanon’s history, and largely driven by young people. To support the movement, local digital rights organization and CYRILLA partner, SMEX, released a guide on how protestors can communicate safely and securely if the internet is shut down or throttled by authorities. More tips and updates can be found on their Twitter and Facebook.


September Roundup: Slander-in-Chief

Image via Emmanuel Herman/Reuters

Our monthly roundup highlights trends in digital rights law from around the world. In September, Indonesian, Ugandan and Tanzanian authorities went to bat for their heads of state by cracking down on media and individuals who criticize them online. Over on the subcontinent, the courts played a crucial role in enabling access to the internet for citizens, while in Ethiopia, digital rights organizations and activists convened for the 2019 Forum on Internet Freedom in Africa.

Nothing but respect for MY President

Indonesia’s legislature was ready to resurrect a 400 year old law that would “criminalize contempt” of virtually any entity that exercises state power – from the President to the courts to state agencies. Despite the Constitutional Court deciding in 2006 that the law had no place in the country’s democracy, the government agreed on amending the penal code to reintroduce it. The basis of the decision was the current criminalization of contempt for the national flag, anthem and symbols: the failure to also criminalize contempt for the nation’s leader was considered “bizarre.” But critics noted that this new law could be exploited by authorities to stifle media freedom and opposition, and, amid this fervent pushback, the President himself postponed the vote for further feedback from the public.

Although affirming the right to freedom of expression in its Constitution, Uganda uses a portfolio of laws to restrict it anyway. The country is notorious for its determined application of outdated defamation laws, which endangers activists who use the internet to oppose the government and its policies. As covered in last month’s roundup, the Computer Misuse Act is also weaponized against activists under its provisions prohibiting “cyber harassment” and “offensive communications.” Various other laws, such as those targeting terrorism, have been used to fragrantly justify interception and monitoring of communications. The President’s arsenal also includes arbitrary internet shutdowns, and a social media tax to pay for the consequences of internet “gossip” Turns out expression isn’t really free after all.

Another country in the running for most creative ways to silence dissent is Tanzania, who initially detained investigative journalist, Erick Kabendra, for questioning over his citizenship in July. Kabendra, known for criticizing President Magufuli’s government, then faced allegations of sedition, before he was eventually charged with tax evasion, money laundering, and organized crime. He’s currently being held in a maximum security prison, where he reports that his health is deteriorating rapidly. His trial has been postponed for the 6th time, and is now scheduled for October 11th, 2019.

It’s because you’re always on that phone

In a landmark judgment for digital rights in India, the Kerala High Court declared that access to the internet is part of the fundamental rights of free expression, education, and privacy under the country’s Constitution. A college student approached the court after she was expelled for violating a rule that restricted the use of mobile phones in her hostel. The court found that mobile phones are now “part and parcel of the day to day life and even to a stage that it is unavoidable to survive with dignity and freedom.” The court explained that access to the internet enhanced educational opportunities for students more than it hampered them. Additionally, restrictions could not be placed on students who were at the age of majority even if they were supported by parents, and the restriction could not only apply to girls: access to the internet also included the agency to decide when and how to access it.

Image via Islamabad High Court

The Islamabad High Court in Pakistan also emphasized the pervasiveness of the internet in our lives by holding that rights that are traditionally safeguarded offline, must also be protected online. The court held that the Pakistan Telecommunications Authority (PTA) was not empowered to block websites or regulate content without due process, transparency, and oversight. It must instead inform the allegedly infringing party before any action is taken against them and give them an opportunity to respond. The decision comes after the PTA shut down the website of a political party just weeks before the general election, as well as their blocking of news sites during the 2017 Faizabad protests.

The Other, Cooler FIFA

Image via Africa Internet Rights Alliance

The 2019 Forum on Internet Freedom in Africa was held in Addis Ababa from September 23rd to 26th. We were represented by one of our partners, the Centre for Intellectual Property and Information Technology (CIPIT), who shared details about CYRILLA with our colleagues in digital rights. Several initiatives towards both access and safety were launched at the forum, including South Africa’s 7-point plan for universal internet access and digital equality, Together! and Data4Change‘s project making online educational tools accessible to the visually impaired, and Safe Sister’s guide for digital security trainers in Sub-Saharan Africa. The forum culminated with host, Collaboration on International ICT Policy for East and Southern Africa (CIPESA), releasing their 2019 edition of the State of Internet Freedom in Africa report. Other discussions included the prevalence of internet shutdowns on the continent, the attack on independent media online, exploring feminism on social media, and the relationship between democracy and the internet. You can find more info on the sessions on CIPESA’s YouTube channel or via #FIFAfrica19.


CYRILLA Publishes Collection of Right to Information Laws

During its first session in 1946, the UN General Assembly adopted Resolution 59: ‘Freedom of information is a fundamental human right and is the touchstone of all the freedoms to which the United Nations is consecrated.’ Now, we can fit the entirety of human knowledge in our back pockets, our holiday destinations are decided by cookies, and some of you may even be reading this on your fridge. We’re living in a digital age, and information is supreme. 

To enable and protect access to this information, CYRILLA has teamed up with the Global Right to Information (RTI) Rating publish their collection of national right to information laws on our database. The Global RTI Rating, a collaborative project between the Centre for Law and Democracy and Access Info Europe, assesses and compares the strength of national right to information laws based on certain indicators, as well as providing access to these laws. The quality and reliability of the RTI Rating has been recognized by numerous leading access to information experts, and it is regularly relied upon by a range of both official and civil society actors. By publishing the collection on CYRILLA, we hope to contextualize right to information law within the broader digital rights law movement.

At least 120 countries boast right to information laws, which provide for access to information held by public authorities, including institutional data, financial records, and environmental assessment reports. The results are encouraging: In Brazil, government departments began publishing their budgets online, which allowed media and citizens to track their spending against the programs they were scheduled to implement. The effort led to the exposure of state corruption and resulted in a number of public officials being investigated and removed from office. In another case, poor students in India gained admission to schools after local NGOs enquired about the availability of seats reserved for children from low-income families. With the information about how power is exercised by their governments, people can demand it be exercised as it should.

This isn’t to say right to information laws are the straightforward solution to holding corrupt, authoritarian regimes accountable. Unfortunately, in many countries, enforcement of these laws often falls short of the desired standard. Governments are known to circumvent access to information due to “national security” concerns, and persecute journalists who facilitate this access as well.

By publishing the RTI Collection, CYRILLA allows users to connect national right to information laws with relevant court cases decided before and after their implementation, providing more insight into their real-world effectiveness. Users can further compare a country’s right to information laws against its Constitution and other laws which impact or limit access. We are also uploading analyses of national right to information laws by academics and think-tanks in, to better inform advocacy campaigns, research, and strategic litigation efforts. 

All national right to information laws are now available on CYRILLA.

Toby Mendel, the Executive Director of the Centre for Law and Democracy,  is hopeful about the collaboration: “The RTI Rating is happy to collaborate with CYRILLA as we see this as a mutually beneficial partnership. For our part, we expand the range of relevant resources available through CYRILLA, while they help take our invaluable resources to new audiences. This, in turn, should help to promote strong right to information laws in countries around the world.”

You can find the RTI collection of laws on CYRILLA here and you can find more information about RTI in the “Collections” section of our website.

August Roundup: Freedom of Expression on Trial

Supporters of the jailed academic, Stella Nyanzi, after the sentencing. Dr. Nyanzi appeared at the court session on Friday via video link from a maximum-security prison.
Supporters of Stella Nyanzi, an imprisoned Ugandan researcher, after she was sentenced on August 2. Sumy Sadurni/Agence France-Presse — Getty Images

Our monthly roundup highlights trends in digital rights law from around the world. Last month, Ukraine, Uganda, and Kenya put free speech on trial; Nepal and Turkey introduced new laws restricting freedom of expression; and India’s annexation and blackout in Kashmir spurred criticism from both inside and outside the country.

Freedom of Expression on Trial

In August, courts in Uganda and Ukraine ruled against freedom of expression, while courts in Kenya took a positive step towards protecting free speech.

On August 2, a court in Uganda sentenced researcher Stella Nyanzi to 18 months in prison after she criticized President Yoweri Museveni on Facebook. The court claimed her criticism constituted cyberharassment, exploiting communication laws like The Computer Misuse Act to prosecute her. According to Joan Nyanyuki, director for East Africa at Amnesty International, the Kenyan government has repeatedly used this act to restrict free expression online. 

Then, on August 6, a judge in Kiev ruled that news site Hromadske defamed CP14, a far-right group, because the site referred to them as a “neo-nazi” group. Despite the court ruling, CP14 has regularly promoted neo-Nazi viewpoints. Therefore, the case “harms freedom of expression” because it “might have a ‘dissuading effect on journalistic work’”, preventing news organizations from covering the actions of CP14 and similar groups in the future.

In a more positive move, a judge in Kenya found section 84 (D) of the Kenyan Information Act, which bans “obscene material” online, unconstitutional. The judge alleged that the law is too vague and ruled in favor of blogger Cyprian Nyakundi, who faced charges under this section for criticizing Kenyan authorities.

Nepalese Activists Warn Against New Mass Media Bill

In Nepal, the Ministry of Law and Justice is drafting a controversial Mass Media Bill. Post Online Media obtained a copy of the Bill, revealing that journalists face fines up to $88,000 and a maximum of 15 years in prison if they are found to be publishing or broadcasting any content against sovereignty, territorial integrity and national unity. Ramesh Bista, general secretary of the Federation of Nepali Journalists, explained that “some provisions in the draft bill are clearly aimed at controlling media houses and journalists”, and confirmed that politicians did not reach out to any journalists when drafting this law.

Countries Create New Restrictions for Media Registration

Countries around the world continue to introduce legislation requiring social media users to register as media entities. On August 1, Turkey’s Radio and Television Supreme Council passed an amendment that will further stifle freedom of expression. Under this law, “streaming services and online broadcasters” need to obtain a license that costs up to $18,000 in order to keep publishing. Similarly, the Uganda Communications Commission also extended its requirements for online publishers to register. Since March 2018, authorities have imposed a fee of $20 per year to publishers, and now the measure will include news organizations and citizens with many followers, in a move that will affect influencers like musicians and athletes, and also limit dissent.

India’s Actions in Kashmir Threaten Free Press

Meanwhile, India’s annexation and communications blackout of Jammu and Kashmir is drawing criticism from both inside and outside of the country. Indian state West Bengal’s chief minister, Mamata Banerjee, stated that Narendra Modi’s government is preventing the press from reporting from Kashmir. Likewise, UN Special Rapporteur on Freedom of Opinion and Expression, David Kaye, described the communication blackout in Kashmir as “unprecedented” in a democratic society. Digital Rights Foundation and 65 other digital rights organizations have condemned the blackout, stressing that it violates fundamental rights.

Authorities in Southeast Asia Impose Extralegal Censorship

Over the course of the year, a number of countries in Southeast Asia have taken measures limiting free speech, and unfortunately that trend is continuing. In Singapore, Law and Home Affairs minister Kasiviswanathan Shanmugam compelled both Facebook and YouTube to block a satirical rap video, which he claimed was prejudiced against Chinese Singaporeans. The ability of the Singaporean political leaders to censor content has raised concerns amongst civil society especially because the government recently passed a fake news law.

In Indonesia, the government-run North Sumatra University fired the entire staff of Suara USU, a news website managed by students, after they published a queer love story. The university authorities accused the students of “promoting homosexuality” and violating “the vision and mission of the university”. A trial between the individuals that used to run the website and the rector is currently taking place after the students filed a petition.

Read last month’s round-up here

July Roundup: New Laws Restrict Free Expression

Legal experts held a meeting on July 10 in the Cambodian Ministry of Interior to review the content of the draft law on cybercrime. | Facebook

CYRILLA’s monthly roundup highlights digital rights legal updates and trends to contextualize the legislation and caselaw in our database. As governments continue to propose restrictive new laws in the name of progress, the CYRILLA Collaborative is committed to documenting these instances. Al-Jazeera English recently covered our efforts to catalogue legislation and caselaw in the Middle East and North Africa in an article about the continued threats newly introduced “cyberspace” legislation poses to activism.

This month, we explore legislation that threatens free expression in Southeast Asia, the worsening environment for freedom of expression in Hong Kong, a Turkish court ruling, and a number of detentions that infringe on fundamental rights.

A Dangerous Pattern for Free Expression in Southeast Asia

In Southeast Asia, a number of new laws restrict digital rights. In Cambodia, the ministries of Interior and Justice are reviewing a draft law on cybercrime, allegedly to catch up with other developing countries’ legislation. However, Cambodian activists and human rights defenders have expressed concerns that the government might use the law to restrict the freedoms of critics of the government.

In Singapore, the government recently passed the Protection from Online Falsehoods and Manipulation Act (POFMA) in May, citing the need to prevent the spread of “fake news.” The law gives ministers the ability to order social media companies to “correct” or remove content that the government disagrees with. Many journalists and press-freedom activists state that the law, which will come into force later this year, is a “straightforward power grab” and a “mechanism for expanding government controls into digital world.”

Deteriorating Situation for Freedom of Expression in Hong Kong

In Hong Kong, the legislation has not necessarily gotten worse, but the situation for freedom of expression has deteriorated. Amidst the protests, which have turned increasingly violent, The Hong Kong Journalists Association (HKJA) recently published their annual report, which claims 2019 is “the worst year” for freedom of expression since the city’s post-colonial history begun in 1997. The study, “Red Line Stifles Freedoms,” documents a number of incidents that demonstrate the government’s strong control over the press. In an official statement, HKJA urged the government “to reaffirm their commitment to freedom of expression and freedom of press through concrete actions,” including withdrawing the controversial extradition bill and enacting a freedom to access information law.

Turkish Court Rejects Claim it Violated Right to Freedom of Expression

Earlier this month, the Turkish Constitutional Court rejected a complaint claiming authorities violated the right to freedom of expression by censoring online content. Academics Kerem Altıparmak and Yaman Akdeniz submitted the complaint, which contained examples of blocked Twitter accounts and domains “belonging to individuals and organizations critical of the government.” From 2014 and 2018, Turkish authorities prevented users from accessing between 245,825 websites and domains, according to a report by the Istanbul Freedom of Expression Association (İFÖD).

Human Rights Defenders Detained for Expressing Their Right to Free Speech

Authorities detained a number of human rights defenders, artists, and activists. Recently, Israeli authorities arrested Dareen Tatour, a Palestinian poet. She was released nine months ago after a five month prison term and three years of house arrest. Last week, Israeli prosecutors filed an appeal with the Supreme Court to reopen a case against her concerning a poem she posted online.

In Nigeria, authorities have detained journalist Jones Abir again. He had been detained for two years without a trial until August 2018, because as Amnesty International states, “journalists, bloggers and people that stand up for human rights in Nigeria are constantly being arrested, harassed and intimidated by the authorities.” According to human rights groups, the government continually trumps up charges to jail people who speak against them.

Burmese filmmaker Min Htin Ko Ko Gyi has has also spent three months under arrest after he criticized the military on Facebook.

If you have any feedback or would like to suggest a story, let us know in the comments or send us an email at collaborative[at]CYRILLA.org.

After RightsCon: What’s Next for CYRILLA?

Early Saturday morning at Columbia University’s Global Center in Tunis. June, 2019.

Work continues full-steam ahead with the CYRILLA Collaborative! Last time, we updated you on our inaugural strategic partners’ meeting, hosted at Harvard University Law School and the Berkman Klein Center back in January. Last month, we were fortunate to keep that momentum going at our second strategic partners’ meeting for the CYRILLA Collaborative, held immediately after RightsCon 2019 at Columbia University’s Global Center in Tunis. 

On June 15th, partners SMEX, Association for Progressive Communications, CIPIT, Columbia Global Freedom of Expression, Derechos Digitales, and HURIDOCS came together once again for a full day of continued collaboration. We not only picked up where we left off with some of the great work emerging from the previous meeting, but also explored some fascinating new topics with exciting implications for the CYRILLA digital rights legal database. We had a guest from GUARDINT, another initiative initiative working at the intersection of law and digital rights, present to the group about their work tracking surveillance-related case law in Europe, as well as learn more about our data model and taxonomy.

From developing the data model to incorporating machine learning capabilities, here are some of the highlights and key outcomes of our gathering:

Iterating the CYRILLA Data Model and Taxonomy

In Tunis, we reviewed and revisited the core component of the CYRILLA suite of open tools – the open data model and collaboratively produced taxonomy of digital rights topics. While the data model is in its final stages, we also discussed a few key issues, such as:

  • How can users to not only identify and filter courts by their specific names, but also to compare similar court types across jurisdictions? For now, we are adopting the Judicial Body filter list from the Columbia Global Freedom of Expression database, but will continue to think this question through.
  • Currently, individual laws in the database exist as singular entities – but what about digital rights-relevant amendments to these laws? As amendments are only sometimes, but not always, integrated into publicly available legislation, we decided they should be considered linked entities in order to maintain consistency across the data model.
The current draft of the CYRILLA data model. June, 2019.
  • As we come closer to finalizing the data model, we will circulate it for broader community input and review before implementing on CYRILLA and the databases of some of our partner organizations. Please reach out to collaborative@cyrilla.org if you would like to be part of the review process!

Incorporating Machine Learning into the CYRILLA Database

We were also eager to begin the process of incorporating machine learning capabilities into the CYRILLA database. Our technical partner HURIDOCS has taken the lead on this effort, with the support of grants they received from NESTA and Google. 

  • During RightsCon, in the days before our meeting, HURIDOCS Artificial Intelligence Specialist Natalie Widmann conducted a short study with a number of our partners. By analyzing their interactions with the documents from Columbia Global Freedom of Expression’s database, the study sought to surface patterns about how users of the platform locate and categorize documents.
  • At the meeting, Natalie shared the findings of her study with the rest of the group. Then, she briefed the group on her work at HURIDOCS and the different machine learning techniques that can improve CYRILLA’s usability. HURIDOCS intends to use the data from this study to begin implementing a semantic search function that will make it easier for CYRILLA users to locate and tag documents across different datasets.

Looking to the Future: Governance of the CYRILLA Collaborative

We’re almost a whole year into our grant for the CYRILLA Collaborative, and our time together in Tunis was a wonderful opportunity to reflect and take stock of everything we’ve been able to achieve together with our partners! 

  • To make sure that this work can continue sustainably, we continued earlier conversations from our last partners’ meeting about governance models for CYRILLA. The broad consensus was that CYRILLA should become a stand-alone entity with a board to oversee it. 
  • In support of this, over the coming months, we will be working together with our partners and the broader community to begin developing terms of reference for a CYRILLA governance board and its individual members, as well as visioning documents to chart the medium and long-term development goals of the Collaborative.
  • We also discussed exploring linking CYRILLA to a larger, potentially academic, entity, but all agreed that we did not want the Collaborative to lose its identity as a network of global south–based organizations. 

Over the coming months, we will be uploading a ton of legislation and case law from South Asia, Latin America, and sub-Saharan Africa. If you’d like to collaborate with us, we want to hear from you! Email collaborative@cyrilla.org to get in touch.

Becoming CYRILLA: A Quick Recap of the Past Year

Welcome! This is CYRILLA’s most recent update to the Digital Rights Law mailing list, but we wanted to share it with everyone following the project as well. If you are interested in the development of digital rights law, you can subscribe to the mailing list.

We’re excited to share with you some news on the significant progress we’ve made in the past year! We’ve now transformed our early Arab Digital Rights Datasets into the CYRILLA Collaborative, a global initiative to map and analyze legal frameworks for digitally networked spaces through open research methodologies, data models, taxonomies, and databases.

The CYRILLA Collaborative (CYRILLA stands for Cyberrights Research Initiative and Localized Legal Almanac) is a joint effort across a number of digital rights research and advocacy organizations. It seeks to make legislation and case law that affects human rights in digitally networked spaces more accessible to a wider range of actors, so they can more readily and confidently assess digital rights legal trends and their impacts. The core tools of the Collaborative are an online database (hosted on the HURIDOCS Uwazi platform) and suite of open tools, which can be adopted and adapted by any individual or organization grappling with questions involving the legal realization of digital rights:

  • A working definition of digital rights
  • A legal research methodology to help researchers locate laws that affect digital rights in existing and evolving legal frameworks.
  • An open data model on top of which developers will be able to build new applications, including those that pull and merge data from other similar datasets (in development).
  • A collaboratively produced taxonomy of digital rights topics (in development).
  • An open API

Get Involved!

CYRILLA is a community-supported, network-centric resource, for which we actively and enthusiastically seek broad participation and contribution. There are several ways you can get involved:

  1. Mapping the legal framework for digital rights in your country or across a specific issue area
  2. Alerting us to new digital rights law, case law, or related analysis in real time, by forwarding links to collaborative@cyrilla.org or tagging @cyrilla in a tweet
  3. Becoming a trusted contributor or peer reviewer of new law, case law, or analysis on cyrilla.org
  4. Reviewing our developing digital rights issue taxonomy and/or data model
  5. Visualizing the data we have in new and interesting ways
  6. Developing new tools on top of our API
  7. Experimenting with our datasets using machine learning, natural language processing, or other techniques?

Whatever makes sense for your work, we want to explore how to get you involved! Email collaborative@cyrilla.org to get in touch, or follow us on Twitter at @cyrilla

The CYRILLA Collaborative used string and index cards to develop a draft of the data model at the partner meeting. February 2019.

Meanwhile, here are some highlights and updates from the past few months:

CYRILLA Partners’ Meeting

  • Over the course of three days, we set key thematic and semantic parameters for a digital rights legal taxonomy, mapped the foundation for the CYRILLA data model, created user stories for the design of the database’s user interface and taxonomy, and explored how to maximize collaborative synergies between partners.

Presentations, Panels and Workshops

  • In August 2018, incubating director and SMEX executive director Jessica Dheere presented CYRILLA at the Annenberg Oxford Media Policy Summer Institute, which coincided with the formal launch of the project. In November 2018, CYRILLA Collaborative partners met at the Internet Governance Forum in Paris, where SMEX’s session “Making National Laws Good for Internet Governance,” had been accepted into the program.
  • Finally, earlier this month, SMEX presented on the CYRILLA collaborative and database at the 2019 Internet Freedom Festival in Valencia, Spain, during which SMEX explained how to navigate the website through specific user stories, introduced the CYRILLA Collaborative, and explained how people could get involved (including joining this mailing list!).

In the Coming Months

  • The Association for Progressive Communications will begin to upload data from its Unshackling Expression report for South and Southeast Asia to the CYRILLA database;
  • CIPIT will expand and reformat its trademark database of Africa ICT policy to make it more interactive and searchable;
  • Derechos Digitales will follow suit and improve the data in its RedLatam database for the Latin America region;
  • Columbia Global Freedom of Expression will add an Arabic language database of seminal case law on free expression as well as cases from across the global south;
  • SMEX will continue to refine the CYRILLA database and add more caselaw in the Middle East and North Africa.
  • Likewise, HURIDOCS will continue working to make the Uwazi platform more amenable to the collaborative’s data.

Again, if you’d like to collaborate with us, we want to hear from you! Email collaborative@cyrilla.org to get in touch.

Use Case: Using CYRILLA for Global Partners Digital Encryption Map

Global Partners Digital (GPD), a UK-based social purpose company committed to protecting human rights in digital spaces, maps legislation that impacts the use of encryption technologies, highlighting the key articles that limit or restrict the use of these technologies. To help GPD expand its World map of encryption laws and policies to include countries in the Middle East and North Africa, SMEX used the CYRILLA database of global digital rights law to explore encryption laws in Algeria, Egypt, Iraq, Jordan, Lebanon, Morocco, Saudi Arabia, Syria, Tunisia, and the United Arab Emirates. 

The GPD research guidance asks researchers to assess the overall environment for encryption regulation in a country, analyzing six indicators: 

  1. the general encryption law,
  2. minimum or maximum encryption standards,
  3. licensing and registration requirements for encryption technologies,
  4. import and export controls,
  5. provider assistance provisions, and
  6. the power of the government to enforce decryption.

In most of the Arab League countries, relevant information about encryption legislation is not readily available in a single law, but spread across an array of laws, including telecommunications laws, anti-cybercrime laws, anti-terrorism laws, intellectual property laws, and, in some cases, stand-alone encryption laws. Moreover, depending on the country’s political system, these provisions do not always appear in independent statutes, but can also be found in amendments, regulations, and decrees. 

Navigating CYRILLA By Keyword Filter 

To find the relevant legislation, SMEX initially selected the “encryption law” keyword on the right toolbar to filter the stand-alone encryption laws and started the research with the two countries that had them: Morocco and Tunisia. SMEX also learned that many countries did not have a stand-alone encryption law. Instead, we expected, that the telecommunications laws, information crimes laws, and potentially other types of laws would have language that dealt with encryption technologies. Even in the countries that did have stand-alone laws, we suspected that other laws also contained provisions that affected encryption. Therefore, to ensure that our search was as comprehensive as possible, we expanded our search to include terms related to encryption and across a number of laws.

CYRILLA’s filter function, 2018.
The card for the Moroccan law that deals with encryption, October 2018.

Using Full-Text Search

To find the encryption provisions in laws that do not exclusively deal with encryption, SMEX used the platform’s full-text search function to find laws that contained the words “encryption,” “cryptography,” “decryption,” and “التشفير,” the Arabic word for “encryption.” From this search, SMEX was able to identify many more telecommunications laws, information crimes laws, and electronic transactions laws with articles that related to encryption.   

The first two results when you search “encryption” in the CYRILLA database, October 2018.

After taking these steps for countries with and without independent encryption laws, SMEX noticed that the report lacked information about the licensing, import, and export of encryption technologies. To remedy this problem, SMEX added the search terms “import,” “export, “licensing,” and “registration,” and their corresponding Arabic translations. This expanded search allowed SMEX to find articles that did not mention encryption directly, but still applied to the import and licensing of encryption technologies. For example, Article 44 of Egypt’s Telecommunications Law “prohibits the import, manufacture or assembly of any telecommunication equipment without a licence from the National Telecom Regulatory Authority.”   

Through CYRILLA, SMEX was able to locate the articles that permitted or restricted encryption and provide copies of the relevant laws to GPD in Arabic, French, and English. Most of the laws required for this research were readily available in CYRILLA, with the exception of a few specific data protection regulations in Tunisia, which researchers had not found in previous research. After locating the regulations online, SMEX added them to the database.

A search for “import” in CYRILLA, October 2018.


Throughout the process, there were a couple of structural challenges. Most notably, some of the PDFs are snapshots and not text-searchable; therefore, the search function only found laws that contained the terms in their metadata, which prevented SMEX from searching the full text of some laws. For these laws, SMEX had to spend more time reading through the law. While technology exists to make English language PDFs text-searchable, the same technology does not exist for Arabic language PDFs. HURIDOCS, the developer of Uwazi, the platform on which CYRILLA is built, is working to solve this problem. 

Keeping the laws in the database up-to-date remains a challenge as well. When SMEX identified a few of the missing data protection regulations in Tunisia, they also realized that the database did not have the most current amendments of a couple laws that these regulations referenced. Once SMEX came to this realization, they were able to find the most recent amendments online and add them to the database. Not only did finding the laws take additional time, but SMEX realized that some of their initial analysis needed to be revised. 

Key Takeaways 

As CYRILLA evolves, research projects and other practical use cases help us ensure that the information on the platform is up to date and encourage us to think more critically about the best way to present, sort, and contextualize the data. This project, in particular, pushed us to consider how CYRILLA should index and display keywords as we improve the current version. For example, some telecommunications laws contain importation and exportation requirements for all telecommunications-related equipment, which can include encryption technologies, but does that mean that this law should be categorized as an encryption law? Does the platform need a hierarchy for keywords? As a first step, the CYRILLA Collaborative will convene at the Berkman Klein Center at Harvard University this week to develop a draft digital rights law taxonomy that will improve the navigability and data structure of this database and perhaps others. 

If you would like to be notified about future use cases, contribute to the draft taxonomy, or otherwise get involved, or if CYRILLA has been helpful to your work or research in any way, please let us know at collaborative@cyrilla.org.

ADRD at IFF: Learning Who Will Use the Datasets, and How

A persona created to represent a user of the Arab Digital Rights Datasets at IFF in March, 2017.
A persona created to represent a user of the Arab Digital Rights Datasets at IFF in March, 2017.

In early March, I and the Datasets’ legal adviser, Nani Jansen, led a session on the datasets at the Internet Freedom Festival (IFF), a weeklong gathering in Valencia, Spain, of digital rights advocates from all over the world. We used the session — Data Exploration Hackathon: Visualizing the Relationship between Rule of Law and Digital Rights in MENA and Beyond — to introduce phase 3 of the project and explore who might use this data and exactly how.

Among the very dedicated attendees of the session—who spent three hours with us in Taller 6, the smallest, stuffiest room at the otherwise muy cómodo Las Naves—were lawyers, journalists, advocacy directors and activists, human rights researchers and academics, as well as program officers from international agencies and donors.

This was the first public presentation of the Datasets since the previous year at IFF. We began by introducing the history of the project and how the methodology and categorization of laws has developed over the past several months, leading up to the current data collection phase, during which 13 legal and human rights researchers are identifying laws, regulations, draft laws, caselaw, and specific articles of interest related to digital rights in the legal frameworks of the 22 countries of the Arab League. We’ll be posting more about these processes here soon.

We spent the rest of the session in breakout groups gathering input on who our stakeholders are and what they want from such a dataset, by developing user personas and user stories. These outputs, commonly used by software and website developers to get a sense of who their users are, will ultimately help us develop the technical specifications for the technological interpretation of the dataset, which we expect to include both a simple website where users can conduct simple queries and perhaps a plan for an API.

For instance, one user persona/story went like this:

Basma, an independent activist, blogger is in her late twenties. Her first experiences in activism started in college. Basma writes about social and political issues on her blog and she has a dedicated following. She changes jobs frequently and has a small income from ads on her blog. Her political activities are a financial burden for he and she cannot afford unexpected expenses, such as fines or legal costs. Basma visits the Datasets frequently so she can stay up to date on laws that apply to her blog. She also finds data that she can use in her blogposts.

Another imagined Samya:

A freelance outreach coordinator on Internet freedom issues for international audience. She lives in France and once, when trying to communicate with her parents in Morocco, she realized that she couldn’t speak to them over VOIP. This promoted her to do background research on the issue, which she also does for outreach initiatives and campaigns she advises. She also needs to assess legal threats posed by her work and to her clients and their partners. She often needs to write situation assessments and other reports quickly, but must be sure that the information she’s citing is accurate, so as not to compromise her credibility or that of her clients. Also, if she can’t find the laws she needs, she must be able to explain why–so it’s crucial that she be able to assess how complete the Datasets are and how frequently they are updated.

Several journalist personas were also created, as follows:

I’m a professional, female, Arabic journalist working int he region and am a member of my national journalists’ syndicate. I need to know what are the current provisions of the laws so I can provide expert input into a government consultation/public hearing.

I’m a foreign freelance journalist (female, mid-20s) on a tight budget. I’m covering a story in Tunisia and I need to know the laws on defamation, freedom of expression, social media, etc., so that I can keep myself and my fixer safe.

I’m an experienced English-speaking journalist based in New York. I need to know which countries criminalize posting “false news” online, so that I can write an article about the dangers. If I can’t verify my information beyond a shadow of a doubt, my editor won’t run the story. Plus, I need examples of individuals who have been prosecuted under these laws. Oh, and I’m on a very tight deadline.

Another group developed a persona for a researcher, approaching the Datasets from an academic’s perspective:

Leila, a researcher investigating the state of digital rights across the MENA region, wants to conduct comparative research and longitudinal research, and to be able to correlate her findings with external themes. Specifically, she wants to know how the political changes of 2011 changed government attitudes towards the right to privacy in MENA countries, looking at the period from 2006 to 2016.

Finally, the last group imagined a policy analyst at a foreign ministry, an advocate/funder at an international media development organization, and a technologist/digital security expert. Here are there stories:

James, a technologist/digital security trainer needs an up-to-date reference source of locally verified information to pass on to his co-trainers in the field, so that they can do a pre-training assessment of the legality/risks/usefulness of various tools and practices, which will help them prioritize which topics to cover in the limited time they have.

Hannan, who develops partnerships with local organizations, wants an interactive, customizable index or map or database that will help her detect trends and even upload locally collected data to model/manipulate programmatic interventions. The data should be splice-able at national, regional, and global levels.

Giselle is a policy analyst at a foreign ministry that invests millions of dollars each year into internet freedom initiatives. She needs a queryable database of cyber-related laws so that she can look at trends and comparative data that can inform her critiques of flawed legislation and draft model language.

Many of these personas actually represented many of the people in the room. While this deviated somewhat from the typical aim of the user persona and user stories exercise, which is meant to get entrepreneurs, developers and technologists, away from building for what they think people need. But it’s hard to argue that these ideas don’t reflect the spectrum of needs we’re hoping that the Datasets serve.

At the same time, there are some perspectives that weren’t represented, such as that of lawyers—particularly human rights defenders—and activists, who we also think might find the Datasets useful for developing arguments in court or identifying problem areas for targeted policy reform. It was also suggested that we host a similar workshop (or series) back in Lebanon with only participants from the region, or only one kind of stakeholder, researchers, for example. This, it was suggested, would help us drill down even more into how this data can better benefit the primary communities it’s meant to serve.

Another hack that was suggested was to develop personas not as a subset of the stakeholder groups (journalists, activists, lawyers, etc.) but according to how they would use the data and/or their specific decision-making processes and workflows.

We’re planning to do that. But first, we’ll run a similar exercise at RightsCon next week, on Friday at noon, in the Demo Room. If you’re in Brussels, we’d love to see you there.