Namibia’s mass surveillance framework is out of step with recent African human rights guidance
Just as Namibia was about to operationalise its new mass state surveillance framework, it was already apparent that this framework does not align with African best practice guidelines.
On 1 April 2024, Namibia’s enhanced mass communications surveillance framework came into force with the full implementation of mandatory SIM card registration and data retention regulations.
These regulations operationalise Part 6 of Chapter 5 of the Communications Act 8 of 2009, which establishes the legal basis for interception and monitoring of all digital communications in Namibia.
As has already been numerously pointed out, the SIM card registration regulations (gazetted in March 2021) and the data retention regulations (gazetted in April 2022) constitute a significant threat to the right to privacy, and associated human rights, including free expression and association.
Not only that, the framework coming into force with the new regulations does not meet the standards set by various principles, notably Principle 41 (Privacy and communication surveillance), of the new Declaration of Principles on Freedom of Expression and Access to Information in Africa (the Declaration), adopted by the African Commission on Human and Peoples’ Rights (ACHPR) in 2019.
Now the ACHPR has adopted Resolution 573, that emphasises just how out of sync the Namibian and most other African states’ mass state surveillance regimes are with the Declaration and international best practice.
Resolution 573
Resolution 573, “on the deployment of mass and unlawful targeted communication surveillance and its impact on human rights in Africa”, was adopted on the last day of the 77th ordinary session of the ACHPR, which was held at Arusha, Tanzania, from 20 October to 9 November 2023.
With the Resolution, the Commission expressed concern at “the unrestrained acquisition of communication surveillance technologies by State actors without adequate regulation” and the “lack of adequate national frameworks on privacy, communication surveillance and the protection of personal data” in Africa.
The Commission also expressed concern “about the prevalence of mass surveillance and unlawful targeted communication surveillance that does not conform with international human rights law and standards, and the disproportionate targeting of journalists, human rights defenders, civil society organisations, whistleblowers and opposition political activists, without appropriate safeguards for privacy rights”.
In the wake of the adoption of the Resolution, the Media Institute of Southern Africa (MISA) noted that mass state surveillance was “a massive threat to freedom of expression in the region” and that governments “must be more transparent in deploying surveillance equipment and the information they seek”.
The Centre for Human Rights, at the University of Pretoria, in South Africa, noted that the Resolution was “a significant step by the African Commission in recognising the importance of human rights protection in an increasingly interconnected world, particularly the need to safeguard privacy rights in the face of evolving technological advancements”.
The Resolution makes a five-point call on African governments, specifically: First, states are called to ensure “that all restrictions on the rights to privacy and other fundamental freedoms, such as freedom of expression, freedom of association and freedom of assembly, are necessary and proportionate, and in line with the provisions of international human rights law and standards.
Second, states should “align approaches on the regulation of communication surveillance with relevant international human rights law and standards, considering safeguards such as the requirement for prior authorisation by an independent and impartial judicial authority and the need for effective monitoring and regular review by independent oversight mechanisms”.
Third, states should “only engage in targeted communication surveillance that is authorised by law, that conforms with international human rights law and standards, and premised on reasonable suspicion that a serious crime has been or is being carried out”.
Fourth, states should “promote and encourage the use of privacy-enhancing technologies and desist from adopting laws or other measures prohibiting or weakening encryption”.
And, fifth, states are called to “ensure that victims of violations arising from arbitrary surveillance measures have access to effective remedies and take specific measures to investigate and prosecute cases of illegal and indiscriminate surveillance”.
‘Substantially flawed’
A benchmarking of Namibia’s mass state surveillance framework against the the Resolution, by the Institute for Public Policy Research (IPPR) in a policy brief published online on 5 March 2024, found that on all five points the Namibian framework “is substantially flawed and does not meet the standards set by the Declaration”.
The benchmarking for the IPPR was done by the author of this article.
The IPPR brief notes that “given the graveness of the emergent threat … that Namibia changes course”.
And it recommends, among others, “wide-ranging amendments to Part 6 of the Communications Act, sections 24-28 of the Namibia Central Intelligence Service Act, and the relevant Regulations issued under the Communications Act”.
This is because only “a full reform process [will] provide better protections and safeguards for communications and communication data, drawing on developing guidance, standards and best practice internationally and in the region”.
A version of this blog was first published in the The Namibian newspaper of 12 March 2024. This article is an output of a surveillance research project supported by the British Academy’s Global Professorship Programme, through the School of Social and Political Sciences, University of Glasgow.
