Are we cybercriminals without knowing it, or are we so afraid of being cybercriminals that we are limiting our own freedom of expression?
This was the question at stake at the ‘Are you a cybercriminal?’ discussion organised by Making All Voices Count and Twaweza on 25 August, and discussed with over 30 participants and panel members including representatives from the police force and Tanzania’s Communications Regulatory Authority (TCRA), Change Tanzania founder Maria Sarungi Tsehai, Jamii Media Director Maxence Melo and Advocate Deogratias Bwire from the Tanzania Human Rights Defenders Coalition.
In Tanzania, Making All Voices Count works with nine partners to implement and learn from projects that use data and technology to improve communication between citizens and their governments. Through this exchange of experience, one issue comes up again and again as an inhibiting factor for innovation within the tech for governance sector: the cybercrimes act.
The Cybercrimes Act (2015) is often quoted in Tanzania as an important constraint to (online) freedom of expression in Tanzania but very few people actually know exactly what it says or what it forbids, and there are few statistics available to demonstrate its negative or positive effects.
A few high profile cases that have received coverage by the media have helped create an impression that the Act is mostly used to prosecute people insulting high government officials in WhatsApp and Facebook posts.
But who knew that in 2015 there were a total of 5172 cybercrime cases reported to the police, and that in that same year 1.5 billion shillings (approximately 669.000 USD) were stolen in electronic transactions? And that the powers given to the police in that Act are simply echoing their mandate under other laws?
Putting the Cybercrimes Act in the spotlight
There was a general agreement among the panel members that the introduction of the Act shortly before the 2015 elections under a certificate of urgency has made it difficult to shake off its reputation as a tool for curtailing free speech. This is compounded by a tendency of the media to only focus on those cases with a political dimension. A more balanced coverage would help show how the Act is helping to create greater online security for ordinary citizens, and reduce the current trend of self-censorship. The police needs to provide clearer statistics, and ensure these are shared with the broader public. This includes admitting where there are challenges.
While talking with you, I have learned that we need to openly identify the problems and seek partners to help us with those problems. – Member of Police Force
During the discussion, both the police and TCRA invited the media and other interested parties to come to them to get more information and statistics about cybercrimes in the country, and how the Cybercrimes Act is helping the authorities to deal with these.
Invite us to your events and information sessions, it will cost you nothing to have us there but we will help greatly. - Member of the Tanzania Communications Regulatory Authority (TCRA)
What has made the Act problematic - according to the participants - is that law enforcers seem to free to decide what are reasonable grounds of suspicion for arresting someone on cybercrime charges. Many of those arrested are released without charges a few hours or days later because the case is not strong enough to stand up in court. This lack of clarity -on stipulating what reasonable grounds for arrest are- has opened up the Act to abuse.
Whatever the intentions of the Act may be, it needs to be recognised that the fear of arrest is contributing to self-censorship within media, civil society and members of the public. Regulations are needed to make it clearer both to potential offenders and to law enforcers what constitutes reasonable suspicion, and thus reduce opportunities for abuse of power. And this, in turn, needs to take into account the broader context.
The TCRA argued that the crimes noted under the Cybercrimes Act, and the powers invested in the law enforcement agencies to investigate such crimes, are grounded in other laws. The Cybercrimes Act does not make new crimes punishable, nor does it give the police more power. Those protesting against the criminalisation of petty offences under the Act, or the perceived unprecedented access to personal data by law enforcers, need to take this into account and tackle these serious issues in a much broader legal context.
Is our fear of being a cybercriminal curtailing our freedom online?
The answer after our discussion was still unclear. Yes, legislation is needed to provide more clarity on when there are reasonable grounds for suspicion and thus arrest. But the media and civil society also need to put more effort into testing the Cybercrimes Act in their work, including unearthing facts about what the Cybercrimes Act has done over the last two years to combat real cybercrime. Those campaigning for improvements in the Act need to recognise how it sits within the broader legal environment.
The police and TCRA spokespersons have invited civil society to submit concrete proposals for legislation to the authorities, and help them improve the implementation of the law. Civil society participants have asked for more inclusion in the drawing up of new laws, such as the upcoming Personal Data Protection Act.
Collaboration and clarification will reduce the risk of ordinary citizens being labeled cybercriminals just for expressing an opinion online.