News / National
Zim govt to spy on cellphones
01 Oct 2013 at 05:51hrs | Views
GOVERNMENT has, with effect from today, permitted its security agencies to spy into people's telephone call records, text messages and Internet communication.
This has been done through the enactment of Statutory Instrument 142 of 2013 on Postal and Telecommunications (Subscriber Registration) Regulations, 2013, which was gazetted last Friday.
Previously, government could only have access to people's phone records when it was absolutely necessary, usually when following up criminal or other serious offences. In such cases, permission had to be sought through the court which would grant court orders for such interception after satisfying itself there were justifiable reasons to do so.
Legal experts yesterday said the newly-gazetted laws would be, in fact, illegal according to the Constitution of Zimbabwe. The experts said the gazetted new law was not in harmony with Section
57 of the Constitution as it infringes on people's several rights including the right to privacy of communication.
According to the Statutory Instrument, telecommunication companies are now required to set up a central subscriber data base for all users from which information about subscribers would be released to law enforcement agents on demand.
Such information could also be released for educational and research purposes.
The law also compels companies to disclose subscriber data upon receiving a "written request signed by a law enforcement agent who is not below the rank of Assistant Commissioner of police or a co-ordinate rank in any other law enforcement agency".
"The written notice to be issued by the law enforcement agency pursuant to subsection (2) shall indicate the rank of the official of the law enforcement agent, and the purpose for which subscriber information is required," section 9 (3) of the Statutory Instrument reads.
Telecommunications companies will no longer be allowed to activate any SIM card that is not fully registered, the law says. Providing false information upon registering a SIM card, such as regarding one's residential address, is now an offence.
According to the new law, the creation of the database shall "assist law enforcement agencies or safeguarding national security", "assists with the provision of mobile-based emergency warning system" and "authorise research in the sector", among other reasons.
With only the signature of an Assistant Commissioner or higher rank now required, legal experts said the system could be grossly abused. There are no mechanisms within the law to protect the ordinary person against abuse by those authorised to snoop.
Experts said the word "purpose" was too wide, general and without justification to an adjudication board that could assess the validity of the reasons such information may be required.
They said a more strict way like the use of the judiciary as was the case in the past was the only way subscribers could be protected.
"It means the decision to release information is now between the police and the service provider. There is no adjudicating body playing a judicial function. There should be a quasi-judicial body to play the role of guaranteeing the rights of the people. Without an adjudicating authority, the subscribers will be exposed," said a lawyer who preferred to remain anonymous.
"The new law does not specify under what circumstances it should be legal to divulge such information. The motive is good to combat crime, but my fear, which will also be everyone else's, is that the law will not be used only to meet such a purpose."
According to the Interception of Communication Act, Chapter 11:20, it used to be cumbersome to get a warrant to access subscriber call records, while interception would need the approval of the minister administering the Postal and Telecommunications Act, the Police Commissioner-General and the Director-General of Intelligence.
A court magistrate would decide on whether the police could be given a warrant to access call records.
"The gazette is not constitutional. It is not justiciable. For example, how do you use subscriber information for research? Will this be by the consent of the subscribers? We will end up having a lot of cases where law enforcement agents will be paid to track unfaithful spouses," said another lawyer.
Human rights lawyer Chris Mhike said government should strike a balance between subscriber needs and its need to combat crime and terrorism.
He said the greatest weakness was the new law's failure to allow information to be subjected to judicial scrutiny, which is the most competent forum for determining compliance with any law.
"While Section 9 (4) of the Regulations forbids release 'where such release of subscriber information would constitute a breach of the Constitution of the Republic of Zimbabwe (and) any other enactment . . .' there are no clear guidelines as to the circumstances that would amount to constitutional breaches," Mhike said.
"For the release of information to be fair and reasonable in a constitutional democracy, it must be a precondition that a court order be secured. Since that precondition is missing, this latest legislation remains highly susceptible to abuse and misuse from authorities and those with access to the central subscriber data base."
He added: "The fact that in terms of Section 8 (13) of the Regulations 'any person who is aggrieved by any unlawful use of his personal data shall have the right to seek legal redress', does not cure the monumental flaws of the statutory instrument. The damage would already have been inflicted, possibly to irreparable levels. In its present form, Statutory Instrument 142 of 2013 is an inherently bad and dangerous law."
Another human rights lawyer Alec Muchadehama said he would have preferred a situation where the courts had the discretion on whether access to call records can be allowed.
"Warrant of search can be abused by the police," Muchadehama said.
Recently, there was an uproar in the United States after leaks by intelligence operator Edward Snowden showed that the government was snooping on virtually every citizen. In South Africa, a similar law had to be withdrawn after a public outcry.
This has been done through the enactment of Statutory Instrument 142 of 2013 on Postal and Telecommunications (Subscriber Registration) Regulations, 2013, which was gazetted last Friday.
Previously, government could only have access to people's phone records when it was absolutely necessary, usually when following up criminal or other serious offences. In such cases, permission had to be sought through the court which would grant court orders for such interception after satisfying itself there were justifiable reasons to do so.
Legal experts yesterday said the newly-gazetted laws would be, in fact, illegal according to the Constitution of Zimbabwe. The experts said the gazetted new law was not in harmony with Section
57 of the Constitution as it infringes on people's several rights including the right to privacy of communication.
According to the Statutory Instrument, telecommunication companies are now required to set up a central subscriber data base for all users from which information about subscribers would be released to law enforcement agents on demand.
Such information could also be released for educational and research purposes.
The law also compels companies to disclose subscriber data upon receiving a "written request signed by a law enforcement agent who is not below the rank of Assistant Commissioner of police or a co-ordinate rank in any other law enforcement agency".
"The written notice to be issued by the law enforcement agency pursuant to subsection (2) shall indicate the rank of the official of the law enforcement agent, and the purpose for which subscriber information is required," section 9 (3) of the Statutory Instrument reads.
Telecommunications companies will no longer be allowed to activate any SIM card that is not fully registered, the law says. Providing false information upon registering a SIM card, such as regarding one's residential address, is now an offence.
According to the new law, the creation of the database shall "assist law enforcement agencies or safeguarding national security", "assists with the provision of mobile-based emergency warning system" and "authorise research in the sector", among other reasons.
With only the signature of an Assistant Commissioner or higher rank now required, legal experts said the system could be grossly abused. There are no mechanisms within the law to protect the ordinary person against abuse by those authorised to snoop.
Experts said the word "purpose" was too wide, general and without justification to an adjudication board that could assess the validity of the reasons such information may be required.
"It means the decision to release information is now between the police and the service provider. There is no adjudicating body playing a judicial function. There should be a quasi-judicial body to play the role of guaranteeing the rights of the people. Without an adjudicating authority, the subscribers will be exposed," said a lawyer who preferred to remain anonymous.
"The new law does not specify under what circumstances it should be legal to divulge such information. The motive is good to combat crime, but my fear, which will also be everyone else's, is that the law will not be used only to meet such a purpose."
According to the Interception of Communication Act, Chapter 11:20, it used to be cumbersome to get a warrant to access subscriber call records, while interception would need the approval of the minister administering the Postal and Telecommunications Act, the Police Commissioner-General and the Director-General of Intelligence.
A court magistrate would decide on whether the police could be given a warrant to access call records.
"The gazette is not constitutional. It is not justiciable. For example, how do you use subscriber information for research? Will this be by the consent of the subscribers? We will end up having a lot of cases where law enforcement agents will be paid to track unfaithful spouses," said another lawyer.
Human rights lawyer Chris Mhike said government should strike a balance between subscriber needs and its need to combat crime and terrorism.
He said the greatest weakness was the new law's failure to allow information to be subjected to judicial scrutiny, which is the most competent forum for determining compliance with any law.
"While Section 9 (4) of the Regulations forbids release 'where such release of subscriber information would constitute a breach of the Constitution of the Republic of Zimbabwe (and) any other enactment . . .' there are no clear guidelines as to the circumstances that would amount to constitutional breaches," Mhike said.
"For the release of information to be fair and reasonable in a constitutional democracy, it must be a precondition that a court order be secured. Since that precondition is missing, this latest legislation remains highly susceptible to abuse and misuse from authorities and those with access to the central subscriber data base."
He added: "The fact that in terms of Section 8 (13) of the Regulations 'any person who is aggrieved by any unlawful use of his personal data shall have the right to seek legal redress', does not cure the monumental flaws of the statutory instrument. The damage would already have been inflicted, possibly to irreparable levels. In its present form, Statutory Instrument 142 of 2013 is an inherently bad and dangerous law."
Another human rights lawyer Alec Muchadehama said he would have preferred a situation where the courts had the discretion on whether access to call records can be allowed.
"Warrant of search can be abused by the police," Muchadehama said.
Recently, there was an uproar in the United States after leaks by intelligence operator Edward Snowden showed that the government was snooping on virtually every citizen. In South Africa, a similar law had to be withdrawn after a public outcry.
Source - newsday