A CONSORTIUM of civil society organisations says members of parliament should consider getting submissions from stakeholders regarding the dangerous provisions in the Cyber Security and Cyber Crimes Bill of 2021 that need to be addressed before it can be passed.

In a joint statement, Thursday, Chapter One Foundation, ActionAid Zambia, Alliance for Community Action, Caritas Zambia, CISCA, Centre for Trade Policy and Development, Transparency International Zambia, Zambia Council for Social Development, Council of Christian Churches in Zambia, GEARS Zambia and Peoples’ Action for Accountability and Good Governance in Zambia said the Bill provided several avenues for abuse of the cyber space by state organs.

“We urge the members of parliament before whom this Bill will be tabled to consider submissions from CSOs, NGOs and other stakeholders regarding the dangerous provisions in the Bill that need to be addressed before it can be passed. We wish to remind the representatives of the people that they too may at any given time fall prey to legislature that limits their freedom of speech and right to privacy. We also urge members of the public to take time to read the Bill and engage their elected representatives on the need to sufficiently scrutinise its provisions,” read the statement, which was signed by Chapter One Foundation executive director Linda Kasonde.

“In his address to the National Assembly dated 12th February 2021 on the progress made in the application of the national values and principles, His Excellency the Republican President Edgar Lungu, made reference to the use of social media platforms to criticise the government. He further stated that the proposed Bill is meant to curtail social media abusers who abuse innocent people online. We note that while the Bill does provide for protection from cybercrimes, it also provides several avenues for abuse of the cyber space by state organs which threaten the constitutionally guaranteed freedom of expression and right to privacy. These will need to be addressed and eliminated with equal enthusiasm.”

The CSOs said the Bill in its current form fell short of several regional and international set standards.

“In its current form, the Bill falls short of several regional and international set standards on human rights aligned laws such as the African Union Convention on Cyber Security and Personal Data Protection (Malabo Convention) which sets the standard for cyber security and personal data protection laws as well as capacity building, knowledge exchanges and experience sharing among signatories,” they stated.

“We also wish to highlight that Zambia has specific obligations under several human rights treaties which guarantee in no uncertain terms the rights of all Zambian citizens to freely express themselves and to have their privacy respected. Having ratified the Malabo Convention, Zambia should provide clear implementation frameworks on how the provisions of the conventions will be executed and achieved. In addition, there is also a wealth of international law on global and regional standards and best practices with regard to cyber security such as Budapest Convention on Cybercrimes that the legislature would do well to consider.”

The CSOs expressed concern that they were not consulted on the bill.

“We wish to state from the outset that while several statements have been made regarding the creation of new cyber laws, there has been little to no engagement and/or consultation of NGOs, CSOs and other stakeholders in the drafting processes. Several issues that the Bill raises could have long been addressed had there been sufficient consultation. We, the undersigned civil society organisations, note the proposed changes to the law regulating the cyber space in form of the Cyber Security and Cyber Crimes Bill of 2021. While it is imperative to ensure the safety of the public at large against cyber security threats, this must invariably be balanced with the right to freedom of expression and the need to maintain the right to privacy enjoyed by all members of the public,” the stated.

They highlighted several provisions which had potential to facilitate and even enhance the wanton surveillance and censorship of members of public through interception of communications.

“While the Bill contains progressive provisions particularly with regard to the cyber security of children, we note several provisions that have potential to facilitate and even enhance the wanton surveillance and censorship of members of public through interception of communications. Provisions such as section 15 of the proposed Bill which empowers ZICTA to institute investigations upon receiving information regarding an alleged cyber security incident or cyber security threat are particularly worrying. The provision does not describe the source of this information or even define what a cyber security threat is or how it will be determined. In instituting such an investigation, ZICTAs cyber inspectors may require a person to attend at any place in order to be questioned or to provide any information which they deem relevant. A person who refuses to cooperate with a cyber inspector faces a fine of up to K60,000 and/or imprisonment for two years,” read the statement.

They stated that it was unclear what department or ministry the Central Monitoring and Coordination Centre fell under.

“Another particularly worrisome provision is section 27 of the Bill which establishes the Central Monitoring and Coordination Centre which is to be the sole facility through which intercepted communications and call-related information is to be forwarded. The Centre is to be managed and controlled by an entity described only as the “department responsible for government communications”. It is unclear what department this is and/or which Ministry it falls under. What is clear however is that this department is an organ of the government of the day and therefore susceptible to the interests and intentions of that government. Intercepted information regarding private communications, calls and even locations of specific individuals who are considered to pose cyber threats are to be forwarded to this Centre,” they stated.

“Such vague provisions have potential to be utilised to seek out, locate and prosecute members of the public who are considered threatening to particular interests. These and similar provisions are an attempt to police the cyber space.The Bill also seeks to introduce an offence of harassment utilising means of electronic communication yet does not define “harassment” which may lead to arbitrary abuse by the implementing authorities. A person who is found guilty of this offence is liable to a fine of up to K150,000.00 and/or imprisonment for up to 5 years.”

The CSOs stated that the censorship would only increase an alleged cyber security threat.

“This censorship will only increase for fear of being investigated for a vaguely defined cybercrime or an alleged cyber security threat. We have only given a few examples of the worrying provisions of the proposed Bill. It is worth noting that the Government has plans to also introduce the Data Protection Act and Electronic Communications and Transactions Bill which will further regulate the digital space. In a shrinking civic space, social media platforms and other online media present alternative platforms for members of the public to air their views on matters of public interest and gather virtually to share such views without the inhibitions of the much-abused Public Order Act,” read the statement.

“This platform has become even more important as the country and the world at large grapples with the Covid-19 pandemic and the regulations it necessitated. However, even this free uninhibited discussion of national affairs in the cyber space has in recent times been threatened by thinly veiled attempts to intimidate and even prosecute members of the public who air their opinions on online platforms. This has led to self-censorship and a general fear to express criticisms.”