Like other continents, Africa is experimenting a spectacular spread of surveillance technology, mostly without adequate checks and balances. Authoritarian regimes benefit from Chinese expertise but also European, Israeli and American ones to spy on their citizens.
As internet penetration and smartphone usage is growing in Africa, states are increasing their digital surveillance, often to the detriment of privacy and essential freedom. In an article published in December 2020 by the Africa Centre for Strategic Studies, Ph D student at Harvard University’s Department of African and African American Studies, Bulelani Jili, warns that: “The spread of surveillance technology in Africa without adequate checks and balances is reshaping the governance landscape while potentially enabling another tool of repression.” At least 18 African Countries have already deployed surveillance technology. The list includes Algeria, Botswana, Côte d’Ivoire, Egypt, Equatorial Guinea, Ethiopia Ghana, Kenya, Malawi, Morocco, Nigeria, Rwanda, Togo, South Africa, Tanzania, Uganda, Zambia and Zimbabwe.
Activists and digital rights organisations are ringing the alarm bell since these technologies render citizens more vulnerable to political surveillance and repression. Remote-control hacking which enables governments to access files on targeted laptops and log passwords to turn on webcams and microphones is becoming common across the continent. Eavesdropping is also increasingly allowing governments to access calls, texts and locations of phones in Botswana, Equatorial Guinea, Kenya, Morocco, Nigeria, Zambia and Zimbabwe. All this is occurring without much public debate, deplores Bulelani Jili.
This South African researcher mentions the case of Ethiopia which is using information and communication technology to strengthen its local administrative capacity, connecting its districts (woredas) with the ministries but he stresses that at the same time Ethiopia has a poor internet freedom record, including regular shutdowns motivated by political objectives.
Besides, Ethiopia like half of African countries lacks the adequate legislation to regulate privacy and data protection. In addition, many African countries lack also the expertise to facilitate the implementation of cybersecurity policy and regulatory frameworks
In 2014, an African Union Convention on Cyber Security and Personal Data Protection was established to provide a framework for cybersecurity across the continent. Yet, it has not entered into force because it was ratified by only five countries (Namibia, Senegal, Ghana, Guinea, and Mauritius) instead of the required minimum of 15.
Facial recognition is become increasingly common and exposes citizens to potential harms such as hacking, invasion of privacy and bias, warns Karen Allen, Senior Researcher at the Pretoria-based Institute for Security Studies (ISS). She mentions the case of Uganda where the Chinese telecoms giant company Huawei has installed facial recognition systems as part of its Safe City initiative. This concept makes use of a range of interconnected tracking devices such as videocams, software and cloud storage systems to tap public and private platforms. In 2019, the Kampala police procured $126 million worth of closed-circuit television camera surveillance, officially to help control the city’s crime problem. But opposition and civil society sources claim that the aim is also to track government critics. In August 2019, the Wall Street Journal reported that Huawei technicians helped the Kampala government to hack the WhatsApp and Skype accounts of the musician and opposition presidential candidate Robert Kyagulanyi aka Bobi Wine.
According to the American paper, Huawei employees also encouraged Ugandan security officials to travel to Algeria to study Huawei’s intelligent video surveillance system operating there.
In Zambia, Huawei technicians helped the government to crack the communications of opposition bloggers and enabled the police to track and arrest them.
Huawei which is also present in Morocco, Cameroon, Mali, Côte d’Ivoire, Botswana and Mauritius, has used Nairobi as a showcase for its first African Safe City system which connected 1,800 high-definition cameras and 200 high-definition traffic surveillance infrastructures in the Kenyan capital. Other Chinese companies like Hikvision, Dahua, and ZTE are supplying surveillance technology in Africa.
Yet, the spread of surveillance technology does not involve only Chinese companies, reminds UN Special Rapporteur on Freedom of Expression, David Kaye. According to a paper on the global expansion of artificial intelligence surveillance published in September 2019 by the Carnegie Endowment for International Peace, Japan’s NEC Corporation has a network of 15 companies in Africa. U.S. companies IBM and Cisco are also present on the continent alongside with Palantir, a corporation which was established with the help of seed capital from a Central Intelligence Agency-linked investment body, and is analysing the date of the UN’s World Food Programme, reported the UN IRIN news agency
in February 2019.
Several European companies have sold sensitive surveillance technology to authoritarian regimes in Africa. In 2015, thousands of confidential documents and e-mails from the Italian company Hacking Team, which sells spy software to police administrations, were disclosed by WikiLeaks. They revealed that sensitive products were sold to Eritrea and Sudan which are notorious for their human rights violations. Ethiopia in 2015 purchased eavesdropping software from Hacking Team, to target members of an opposition group and spy on journalists. Ethiopia also acquired invasive surveillance software called FinSpy from the UK-based Gamma Group which allowed to use an image of an opposition group as bait to infect users and monitor their digital activity.
In 2011, the Paris-based International Federation of Human Rights FIDH filed a claim against the French company Amesys which signed a contract with Muammar Gadafi’s government for the sale of a surveillance technology system to spy on opponents who were later arrested and tortured. In 2018, the French magazine Telerama reported that a company called Ercom sold to Egypt’s military intelligence mass surveillance systems and a software to intercept SMS messages and calls, to monitor the internet and to locate targets, despite Amnesty International’s reports that hundreds of people had been tortured or disappeared whereas some 50,000 political prisoners still remained in Egyptian gaols.The deal also ignored EU recommendations to stop the sale of surveillance equipment to Egypt if there were indications that they could be used to violate human rights.
Amesys also sold surveillance technology to Côte d’Ivoire, Mali and Gabon, says Telerama. Now, the EU itself is teaching African countries how to spy, deplores Privacy International.This NGO obtained hundreds of documents detailing phone and internet surveillance techniques used in controversial trainings of the police in Algeria, Tunisia and Morocco organised by the European Union Agency for Law Enforcement
According, these documents, during a training of Algerian gendarmes in April 2019, CEPOL experts advised participants to use anonymous and fake profiles to gather intelligence that are harder to trace, despite that such tactics explicitly contradict the EU’s own policies on disinformation. On the last 9 November, the European Parliament and the European Council of the 27 EU member states agreed however to strengthen the regulation for surveillance technology exports.
Another important provider is Israel. According to a report from the University of Toronto’s Citizen Lab, cyber-weapons of the Circles Israeli telecoms companies, have been sold to governments in Botswana, Nigeria, Kenya, Zimbabwe, Zambia, Equatorial Guinea, and Morocco. They are used to snoop on communications of opponents, rights activists and journalists. Circles’ technology can identify the location of phones anywhere in the world within seconds without the consent of telecom companies enabling governments to track targets across borders without needing a warrant.
In 2019, Zambian authorities were able to arrest bloggers running an opposition news site by pinpointing their physical location using a Circles cyber-surveillance unit at the country’s telecommunications regulator. Citizen Lab also found evidence of Pegasus Software, a highly sophisticated form of spyware, produced by a rival Israeli company called NSO Group, whose main shareholder is the American private equity firm Francisco Partners, in South Africa, Rwanda, Côte d’Ivoire, Kenya, Togo, Uganda and Zambia. Big brother is watching