There has been remarkable trend in the past decade regarding the manner in which many African governments have enacted several cyber security legislations, laws and policies to thwart insecurity in the cyber space and mitigate cybercrime. Countries like Uganda, Kenya, Tanzania and several African countries enacted cyber laws such as the Computer Misuse act aimed at curbing crime on the cyber space, but yet inadvertently; and as of recent been increasingly used to punish human rights activists, arrest journalists and completely stifle dissenting voices and opinions. The case of Erick Kabendera and Sebastian Atilio in Tanzania over their critical views and holding the Tanzanian government accountable via online and social media platforms such as Whtasapp is instructive. In Uganda, Dr. Stella Nyanzi, the Makerere University Academician is in jail over what analyst attribute to political persecution by the state over her critical views against the President and the First Family.
The International Telecommunication Union defines cyber security in many ways but significantly, as concepts, tools, policies, security safeguards and risk management practices among others to secure the cyber environment. If this definition is informative, then how come cyber security laws have been increasingly used by repressive African governments to undermine people’s fundamental rights to freedom of expression in the digital world?
Its important to note that cyber security evolved in the post cold war period when proponents argued that threats arising from the digital revolution could have devastating societal consequences. Many ideas around securing the information networks and critical network infrastructures of states became the dominant view and philosophy under which the US Government, think thanks and military academies fashioned the whole insecurity logic in the cyber space. The realization that the cause, means of fighting the next war was not likely to be based on the traditional military and conventional methods but through some form, and or sort of what became an ‘information warfare’ discourse, influenced the actions of many countries around the globe. Consequently, many cyber security laws and policies were enacted in some instances, based on risks and assumptions as well as reactions and narratives of many countries in the global north but outside the normal realities of an existential threat.
In addition, cyber security safeguards and protection became a tool of foreign policy with which many countries in the global South looked up to from global north for possible prescription and treatments. Uganda for instance, after several cyber laws were passed between 2009-2015 had even commissioned a cyber capacity review assessment towards a cyber security capacity building framework. But even more importantly at the time, the country did not have a cyber security strategy and what was considered to be critical network infrastructures of the state was not listed and actually according to the report of the assessment was unknown to staff within Govern Ministries, Departments and Agencies. By end of 2016 Uganda had some of these cyber security laws; the Computer Misuse Act 2011, The Regulation on interception of communication Act 2009, the Electronic Transaction Act, 2010, the Electronic Signatures Act 2010, the Uganda Communications Commission Act, the National Cyber Security Strategy and the National Information Security framework among others.
In order to be able to provide a diagnostic of insecurities, an understanding of the concept of security is crucial. Wolfers work (1952) and Baldwin (1997) agree on the lack of universal definition of the term security. Wolfers for instance, talks about ambiguity in security definitions to the extent that its very wide, an often many divergent policies can be interpreted as policies of security. Whereas Baldwin, argues on the contestability of security as a concept and how value laden the term security is or may be implied. Consequently, and in line with literature on security, security policy formulation in many African context have been enacted without a clear focus and understanding of the term security. For example, the traditional conception of security in terms of military, territorial integrity and defensive purposes have changed over the years. The debates have widened among scholars on what security really mean.
The 1994 Human development report addressed the need to focus attention to human security away from nuclear security. The UN secretary general report in 1995 called for a conceptual breakthrough going beyond armed territorial security to enhancing or protecting the security of people in their homes, jobs and communities. Security in its widest definition is even argued to mean “absence of anxiety upon which a happy life depends” according to Rothschild (1995).
A critical examination of the notion of protection or preservation of national security which is often and characteristically advanced by most African governments is mainly and largely rhetorical in nature. A closer look at what really national security mean or implies shows; emphasis on authority and how threats are constructed including the state’s ability to make decisions and adopt emergency measures. So, the question is, “could there be a problem with the construction of security issues in many African repressive governments”? Before we even answer this question, Buzan (1998) for instance reminds us that nation states tend to exaggerate their security fears outside the normal realities of an existential threats. So, if this is the case, the question we should be interrogating is how security issues or threats are constructed, what are the referent objects of the state that are threatened. We probably, before talking about insecurity due to killings, abductions, assassinations need to define and answer the question of who is affected, whose security is being protected and, in whose interests, and to whom do security agencies report and how is the security of those considered threatened guaranteed?
The problem is that many definitions and even articulation of security problems are done without specification. And most often than not, politics, personal interest of politicians and actors of security have determined what is considered a security issue. The consequence of such arrangement of things is that insecurity is often looked and or relegated to crime prevention which means laws, policies and regulations will be drafted as an end in itself. However, as seen already having the best legislative frameworks as well as institutional mechanisms alone is not a sufficient condition for mitigating cybercrime.
There has been a number of murders in Kampala city of children, women, government officials and citizens but security policy and laws haven’t addressed the actual problems or even prevented such. The President of the republic of Uganda in 2018 designed a 7 point security plan to eliminate rising assassination and gun violence in urban centers especially Kampala in his state of the nation address. However, murder, disappearance and torture continue to happen and the most recent involved the murder of President’s cousin and a female confidant due to unclear circumstances along the Entebbe express highway. So, the question could be what has gone wrong? Certainly, many factors converge to influence security or insecurity issues in a given nation state.
Without going into intricate details of security, this article attempted to show the divergent views around security and whether securing the cyber space is a quintessential process of mitigating crime. It also questioned the constructive articulations of security issues and argued that politics and other personal interests of security actors converge to determine why something is label security issue or not. So in conclusion, Buzan (1998) still informs us that in today’s repressive environment where the state is highly critical of dissenting voices and opinions, where dissident groups connive with other actors to undermine regime or state security etc, any security issue can be easily dramatized and presented as an issue of “supreme priority” and thus by labeling it that way, a security agent claims the right to treat it by extraordinary means. Therefore, researchers, scholars and interested actors need not to really try to assess some objective threat that really endanger some object to be defended or secured but to clearly investigate the processes that entails the construction of what is collectively believed to be a threat by agents of security. If this prescription is taken, then it is possible and easier to unravel the mysteries that surrounds security policy formulation in in Africa including aspects of cyber security.
Let me take this golden opportunity to extend my sincere gratitude to Mr. Moses Owiny, for this insightful and scholary imbibing in security.
Many thanks also to CFMA for providing the world with this forum as such an important and strategic theater for independent and objective insights and analyses by applying paradigms of international relations in the quest of understanding and making sense of discourses and narratives that shape policies and frameworks in both public and international arenas.
Cyber security is security at the highest level on the biggest and toughest problems in the world today. It demands the best practitioners and students to make it work. The CFMA provides the best tools and frameworks of analysis; with their natural talents and new insights, the practitioners and students, are now equipped to change the world.
As states tend to exaggerate their security fears outside the normal existential threats, and due to the widening and deepening of the concept security in the contemporary times; the regulation of the cyber space will not curb down the cyber threats and crime.
Mohammed Ayoob warn against too much broadening, citing the danger of security becoming a catchall concept. The African countries lack comprehensive, systematic and systemic cyber security strategy; the frameworks keep shifting depending on the politics and personal interests and preferences. This puts these countries in a disadvantaged position in dealing with the irony of our information age; the very technologies that empower us to create and build, also empower those who would disrupt and destroy.
Most of the African states are cases of aggravated state formation and regime maintenance. The concept of cyber security is thus of limited utility.
African states have unique security environment and threats are peculiar to their settings and societies. The threats of state capacity, ethnicity, corruption, diseases, poverty, porous borders, religion, fluidity and fragility of African states, as envisaged in Kaplan’s thesis; put Africa in a neglected arena in the mainstream analyses of international security. All these put African states in an endangered position where ‘ the all material for combustion’ exists and maybe an unregulated cyber space may provide a spark.
In other words, in critical debates and discourses on international cyber security, the ‘periphery should be treated as core’. Since the perils of the security predicament of the periphery, spill over to the center/core, thus, paralysis in the international security.