Home 9 Digital rights 9 MISA Lesotho rejects Communications (Subscriber Identity Module & Mobile Device Registration) Regulations 2021

MISA Lesotho rejects Communications (Subscriber Identity Module & Mobile Device Registration) Regulations 2021

16 Jun, 2021
This post was broadcasted from MISA Lesotho.
MISA Lesotho calls on the government of Lesotho to rescind the promulgation of the  Communication (Subscriber Identity Module & Mobile Device Registration) Regulations of 2021 as it is a violation of citizens' privacy.

MISA Lesotho has learned with shock and dismay about the recent gazettement of Communications (Subscriber Identity Module & Mobile Device Registration) Regulations of 2021,  which makes it a requirement for all citizens and non-citizens using mobile phones in Lesotho to have their personal information banked with the Lesotho Communications Authority and accessed by security agencies with ease without their consent, in direct violation of their privacy and freedom of expression rights, among others. 

The regulations make way for the establishment and maintenance of a database of personal information of all telecommunications subscribers in Lesotho and have it stored in a “Central Database” held by the LCA on behalf of the government of Lesotho. 

Upon commencement of the regulations, mobile device subscribers shall have their biometrics and other personal information captured, registered and transmitted to the central database at the time they acquire mobile devices, as well as when they activate their sim cards. 

The regulations force telecommunications service providers to transmit all captured information of their customers to the central database at LCA. 

With the regulations, security agencies no longer need courts of law orders to access the private and personal information of the subscribers. They simply just need authorization from a senior officer equal to the rank of assistant commissioner of police to have access to every subscriber information from the database. 

The regulations do not spare international diplomats and expatriates, whether using local networks or roaming, from having their private information accessed. 

The regulations have been promulgated unilaterally and surreptitiously by the LCA and gazetted last month by the then Communications, Science and Technology Minister Keketso Sello (now with the public service following a cabinet reshuffle early this month). LCA is an arm of the ministry.

MISA Lesotho is not only disappointed because the process of establishing the regulations was not consultative with stakeholders, but worse; that the regulations are tantamount to the worst form of violation of freedoms of privacy, expression, association, dignity and media, among others.  

MISA Lesotho is an advocacy and lobby non-governmental organisation dedicated to promoting media freedom, independence, plurality and self-sufficiency, as well as free speech. 

MISA Lesotho wishes to categorically condemn the promulgation of the Communications (Subscriber Identity Module & Mobile Device Registration) Regulations of 2021. Our submission  is premised on the following direct violations of law and of fundamental human rights: 

  • The regulations contravene Section 14 of the Constitution of Lesotho (1993), which states that; every person shall be entitled to, and, except with his own consent, shall not be hindered in his enjoyment of freedom of expression, including the freedom to hold opinions without interference, freedom to communicate ideas and information without interference, whether the communication be to the generally or to any person or class of persons, and freedom from interference with his correspondence. 
  • The regulations contravene Section 11 of the Constitution of Lesotho (1993), which states:  Every person shall be entitled to respect for his private and family life and his home. 
  • Lesotho has acceded to The Declaration of Principles of Freedom of Expression and Access to Information in Africa adopted by the African Commission on Human and People’s  Rights on November 10, 2019. Principle 40 of the Declaration refers to Privacy and the  Protection of Personal Information. It states:

    1. Everyone has the right to privacy,  including the confidentiality of their communications and protection of their personal  information; 
  1. Everyone has the right to communicate anonymously or use pseudonyms on the  internet, and to secure the confidentiality of their communications and personal  information from access by third parties through the aid of digital technologies; 
  2. States shall not adopt laws or other measures prohibiting or weakening encryption,  including backdoors, key escrows and data location requirements unless such measures are justifiable and compatible with international human rights law and standards. 
  • Principle 41 refers to Privacy and Communication Surveillance. It says:
    1. States shall not  engage in or condone acts of indiscriminate and untargeted collection, storage, analysis  or sharing of a person’s communication;

    1. States shall only engage in targeted communication surveillance that is authorized by  law, that conforms with international human rights law and standards, and that is  premised on specific and reasonable suspicion that a serious crime has been or is being  carried out, or for any other legitimate aim; 
    2. States shall ensure that any law authorizing targeted communication surveillance  provides adequate safeguards for the right to privacy, including: 
    3. a) The prior authorization of an independent and impartial judicial authority, b) Due process safeguards, 
    4. c) Specific limitation on the time, manner, place and scope of the surveillance, d) Notification of the decision authorizing surveillance within a reasonable time of the  conclusion of such surveillance, 
    5. e) Proactive transparency on the nature and scope of its use; and  
    6. f) Effective monitoring and regular review by an independent oversight mechanism.

    • Principle 42 provides for Legal Framework for the Protection of Personal Information:
      1)  States shall adopt laws for the protection of personal information of individuals in  accordance with international human rights law and standards; 
    1. The processing of personal information shall, by law, be: a) with the consent of the  individual concerned; 
    2. b) conducted in a lawful and fair manner; 
    3. c) in accordance with the purpose for which it was collected, and adequate, relevant and  not excessive; 
    4. d) accurate and updated, and where incomplete, erased or rectified 
    5. e) transparent and disclose the personal information held; and  
    6. f) confidential and kept secure at all times  
    • The government of Lesotho has also acceded to the International Covenant for Civil and  Political Rights. Article 19 of the Covenant provides that: 
    1. Everyone shall have the right to hold opinions without interference, 
    2. Everyone shall have the right to freedom of expression; this right shall include freedom to seek, receive and impart information and ideas of all kinds, regardless of frontiers, either orally, in writing or in print, in the form of art, re through any other media of his choice.

MISA Lesotho, therefore, calls on the government of Lesotho to rescind promulgation of the  Communication (Subscriber Identity Module & Mobile Device Registration) Regulations of 2021, lest the country falls on rankings in the Human Freedom Index and risks international sanctions. 

MISA Lesotho intends to seek legal recourse on this matter if the government refuses to budge. 

Issued by
Lekhetho Makhanya Ntsukunyane, National Director
MISA Lesotho 

 

About MISA

The Media Institute of Southern Africa (MISA) was founded in 1992. Its work focuses on promoting, and advocating for, the unhindered enjoyment of freedom of expression, access to information and a free, independent, diverse and pluralistic media.

Share this

Related news