|
Back to Index
Zimbabwe’s
new online spying law
Gariako Dzoma, Technology Zimbabwe
October 09, 2013
http://www.techzim.co.zw/2013/10/zimbabwes-new-online-spying-law
In this post
PRISM era people are decidedly edgy about their online privacy and
any laws that are perceived to be aiding official spying are treated
with the utmost suspicion and even alarm. On 1 October the new “spy
law” was gazetted by the Zimbabwean government sending a lot
of news outlets into panicked frenzy as fears of this law being
used to spy on us started spreading.
The offending
law is known as the Postal
and Telecommunications Regulations which comes in the form of
Statutory Instrument number 142 of 2013. It deals primarily with
the registration of subscribers by service providers. The term service
providers is used to refer to Land line operators (Telone), mobile
network operators (both traditional operators like Econet and Telecel
as well as CDMA operators), VoIP operators such as Guroo, ISPs,
IAPs and other people involved in offering telecommunications services.
After getting
a copy of the law I decided to peruse the entire text and ponder
on it.
Generally speaking
the law is nothing new. It is just a codification and interpretation
of legislation that already exists and deals primarily with subscriber
registration and the access and maintenance of such information.
It however, expands on the scope by including Internet Providers
and allows law officers to gain access to this information without
a court order.
Here is a summary
of the provisions:
- Service
providers are not allowed to provide services like internet and
cellular services to unregistered users.
- All subscribers
must be registered by 31 October or they will be disconnected.
- The required
information shall be: A full name, permanent address, nationality,
gender, SIM number and ID or passport number.
- The subscriber
must submit a completed form with this information to the network
operator(or their agent instead.) It is not clear however, if
electronic copies will be permitted. Services like Guroo use an
online form. Network operators are required to verify the accuracy
of the information.
- Changes
to this information (an address change for example) must be communicated
to the network operator within a space of 21 days after making
the change. This will mean lodgers who are constantly on the move
will have to keep updating this information.
- If you lose
or break your SIM card you need to call the police and they will
issue you with a written report. I am guessing Network operators
will now require a police report in order to issue a new SIM card.
- Network
operators shall maintain a register with this personal information
and retain information up to 5 years after the subscriber has
stopped using the service or after the network operator has closed
shop.
- The Authority
(POTRAZ) will maintain a central database of this information
for to ensure compliance with the requirements, law enforcement
purposes, emergency services, national security purposes (oh!
oh!) and research purposes.
- POTRAZ will
do unspecified stuff to ensure that this data is secure and the
information is not transferable outside Zimbabwe but we are guessing
hackers could still get their information anyhow.
- An officer
of the Rank Assistant commissioner or a similar rank can write
a letter requesting data relevant to an authority.
- Researchers
(we are guessing the media is also included) can also get access
to the data if they submit a request.
There is other
mumbo jumbo stuff in the instrument but this is the gist of it.
In the next instalment I will take a look at some of the implications
of the law as well as provide a comparison with the NSA’s
PRISM project.
Please credit www.kubatana.net if you make use of material from this website.
This work is licensed under a Creative Commons License unless stated otherwise.
TOP
|
