Zimbabwe’s new online “Spying law”

Garikai Dzoma Avatar

online-spyingIn this post PRISM era people are decidedly edgy about their online privacy and any laws that are perceived to be aiding official spying are treated with the utmost suspicion and even alarm. On 1 October the new “spy law” was gazetted by the Zimbabwean government sending a lot of news outlets into panicked frenzy as fears of this law being used to spy on us started spreading.

The offending law is known as the Postal and Telecommunications Regulations which comes in the form of Statutory Instrument number 142 of 2013. It deals primarily with the registration of subscribers by service providers. The term service providers is used to refer to Land line operators (Telone), mobile network operators (both traditional operators like Econet and Telecel as well as CDMA operators), VoIP operators such as Guroo, ISPs, IAPs and other people involved in offering telecommunications services.

After getting a copy of the law I decided to peruse the entire text and ponder on it.

Generally speaking the law is nothing new. It is just a codification and interpretation of legislation that already exists and deals primarily with subscriber registration and the access and maintenance of such information. It however expands on the scope by including Internet Providers and allows law officers to gain access to this information without a court order.

Here is a summary of the provisions:

  • Service providers are not allowed to provide services like internet and cellular services to unregistered users.

  • All subscribers must be registered by 31 October or they will be disconnected.

  • The required information shall be: A full name, permanent address, nationality, gender, SIM number and ID or passport number.

  • The subscriber must submit a completed form with this information to the network operator(or their agent instead.) It is not clear however if electronic copies will be permitted. Services like Guroo use an online form. Network operators are required to verify the accuracy of the information.

  • Changes to this information (an address change for example) must be communicated to the network operator within a space of 21 days after making the change. This will mean lodgers who are constantly on the move will have to keep updating this information.

  • If you lose or break your SIM card you need to call the police and they will issue you with a written report. I am guessing Network operators will now require a police report in order to issue a new SIM card.

  • Network operators shall maintain a register with this personal information and retain information up to 5 years after the subscriber has stopped using the service or after the network operator has closed shop.

  • The Authority (POTRAZ) will maintain a central database of this information for to ensure compliance with the requirements, law enforcement purposes, emergency services, national security purposes (oh! oh!) and research purposes.

  • POTRAZ will do unspecified stuff to ensure that this data is secure and the information is not transferable outside Zimbabwe but we are guessing hackers could still get their information anyhow.

  • An officer of the Rank Assistant commissioner or a similar rank can write a letter requesting data relevant to an authority.

  • Researchers (we are guessing the media is also included) can also get access to the data if they submit a request.

There is other mumbo jumbo stuff in the instrument but this is the gist of it. In the next instalment I will take a look at some of the implications of the law as well as provide a comparison with the NSA’s PRISM project.

You can read a scanned copy of the law here for further details.

12 comments

  1. Farai Sairai

    Well we all knew that the ever since PRISM broke out, every country now has started or is implementing this kind of system. Before it was done under cover but now, they may as well tell everyone that they are being spied on for “security” reasons.

    While I agree with this scenario as every Gvt is/was/maybe doing it, it is the unwarranted access to this data without a court order that does not seem right. So if I am a senior Gvt official of whatever department that has been given absolute access to this data, they can access this information willy nilly? Check on my wife/hubby, girl/boyfriend, relative, competitor, etc. There are so many scenarios were this can be abused and given the high corruption rates in Zimbabwe, we all know that someone will be bought to extract this information.

    And as for POTAZ making this data secure………..

  2. Joe Black

    Let me tell you where this becomes crap – before, when police needed to access your telephone records (or such data) they required a written order from a magistrate.

    Although limited (and I doubt there’s a scenario where a Zim magistrate refused said no to the police) this was at least SOME FORM OF JUDICIAL OVERSIGHT.

    The new regulations removes all judicial authority from the equation, leaving “An officer of the Rank Assistant commissioner or a similar rank” with carte blanche to do what they want.

    This leaves the entire system, at police/prosecutorial level, without any oversight at all, and vulnerable to abuse.

    And we know what happens with a system that has potential for abuse – IT WILL GET ABUSED.

    1. CDE

      All detractors and anti revolutionaries will be in for it. They were hiding behind anonymity now we will expose them. Aint nothing wrong with that the Chinese do it, the North Koreans and even the very democratic nation of Iran.

      1. fiend

        Silly and shallow

  3. John Doe
  4. Tsenny

    Police Report to replace sim card? I see some organisation making money out of people

  5. purple

    Obviously thats where we where headed for…….

  6. Eish

    Tiri kuuraya nyika akomana. When will we realize this?

  7. tinm@n

    Its regressive. Its tolitarian.

    What it means is that access to technology and communication will be taken away from a great number of people.

    How many Zimbabweans have permanent addresses?

    How many people from or in the rural areas who do not have presentable documentation?

    How many people do not have some kind of lease agreement with their landlords?

    How many students from all sorts of places (including rural areas), now far from home….that have no proof of residence?

    How many people have stable residence?

    Congrats our beloved Government,you’ve just succeeded in disconnecting and inconveniencing a very large number of people who’s lives have greatly improved since the cellphone first came here.

    P.S. Thanks in advance for the corruption and hand greasing that will result from this. You rock!

    1. Farai Sairai

      I think cell lines need to be registered but not continuously if you move/shift residence. Once is enough. Just update the details when ever you can. I think this is one piece of legislation that will not stick. People will simply do it once and move on.

      On the corruption side, this will be the bane of this system. It is so endemic and I see so much abuse. I could simply pay off these people to access information I want about certain people. I think such records are like your own financial records. They should not be open to every Jane and Joe to see and do whatever they like. A court order is definitely a requirement so that we all know that the law was followed.

      We are all entitled to some level of privacy and protection from potential abuse of our information. No wonder why citizens start to think of loopholes in systems and engage in other systems to by pass legal avenues.

  8. Muzivi

    Let the games begin!!

  9. Eric

2023 © Techzim All rights reserved. Hosted By Cloud Unboxed