We seem short of legal redress, and none more so than in the cyberspace amphitheater where the different stakeholders; including cybercriminals have, in the recent past and with zeal evergreen, been asserting their respective claims within this boundless space. This scramble in turn has ushered the fourth industrial revolution, the information age, with might and fright that in its booming veracity, has set stage for a tasking roller coaster of online gregariousness.
The mobile phone era (error maybe?)
Take mobile telephony for example, whose evolution has been rapid; probably an understatement, but nonetheless descriptive enough of how brisk the evolution of the mobile phone has been-that no sooner does one settle into the comfort zone of owning the latest device than the next in the series is launched. Just the other day, the world was abuzz and alive both prior and post the release of the iPhone 7. And true to the hype, a day before the official release, Apple announced that it had already run out of its initial batches of its most expensive device, iPhone 7 Plus, during the pre-order period. This in a loose sense, indicates the current attitude towards the fourth industrial revolution. A well supported attitude as evidenced by the robust efforts aimed towards digital inclusion-from affordable devices to a range of connectivity options and soon enough to the Internet of Things, and all so fast! But at what cost?
Plato once opined that a good decision is based on knowledge and not numbers although within the information society, it may be argued that many would prefer to seek conformity by joining the masses than carefully dissecting the full array of the pros and cons that attach to the maze of actions they take. Here, we do not condemn those who revel in joining the ever-growing information society. In contrast, we invite them to understand some degree of inattention that may inevitably, albeit unintended, prove costly in the fashionable pursuit of online presence.
Online Privacy and the abandonment or manipulation of this right
Few will disagree that online or internet presence is firmly the trend. That more and more people are striding towards cementing their online presence and in a world of vast opportunities, no one wants to lag behind; partly explaining the desire to keep afloat with the demands of the age, yet even less a number would care to worry about the hidden cost at which the buzzword ‘online presence’ is acquired. But as often is said, an adage as some may please to term or otherwise, a book cannot conclusively be judged by looking at its cover. As such, the benefits of online presence cannot be isolated from the myriad concerns that continue to mar the internet space. A solid call for equal attention to the two sides of the cyber-coin which must be taken as different units comprising one. By so doing, we will ensure that the uptake of the online opportunities is buttressed with sound attention to the potential risks that marry such opportunities.
To understand this call, we draw reference to the common online platforms through which individuals can ‘enter appearance’ and maintain online ‘locus standi‘ within the internet arena. Google, Facebook and Amazon span some of the platforms that boast global outreach translating into international utility. To the consumer of these services the platforms offer convenient solutions to many a traditional bottlenecks such as research, communication, socializing and shopping to mention but a few. Additionally, these services come at a relatively affordable price-subscription to an internet service provider through whose infrastructural intervention an IP address can be assigned to a subscriber thereby providing the much adored gate-pass to the cyber-world – what some would call data bundles.
But as we warmly appreciate the benefits that have underpinned some of these internet services, we almost gladly sacrifice our privacy rights at altar of online presence. A classic example would be the creation of a Google account part process of which requires acceptance of certain terms and conditions-privacy included. A quick glance at the Google privacy policy reveals the extent to which almost each user of the service voluntarily abandons their right to privacy in the often acclaimed pursuit of being trendy. From device information, to log information, to location information mentioning bit part of the information collected by Google, both from the information we give to them and that they obtain through our use of their services and all in the name of creating tailored content to suit the needs of the account owner. And even though Google affords users an option to control and manage ‘some’ of the collected and stored information, there is little guarantee of the security of user information.
The increased adoption and consequent rampant presence through avenues such as internet searches (Google), social media (Facebook) and online shopping platforms (Amazon) to cite a few have ensured that no longer is it necessary to flip through bushels of dusty papers, or obtain a search warrant authorizing physical searches through volumes of files in criminal investigation, or rely on informers to furnish you with leads that may help to uncover a potential terror threat, or the daunting task of having to go to great lengths in an effort to obtain information relating to a target individual-for their rampant and continuous online presence over time has ensured that their digital footprints remain traceable thereby exposing them to the ever growing threats of data infringement.
The legal response
It is easy to posit that the right of privacy is well established under international law with the core privacy principle unequivocally expressed under Article 12 of the Universal Declaration of Human Rights which postulates that no one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor, to attacks upon his honour and reputation. And that closer home, Article 2 of the African Convention on Cyber Security and Personal Data Protection states that each state party shall commit itself to establishing a legal framework aimed at strengthening fundamental rights and public freedoms, particularly the protection of personal data, and punish any violation of privacy without prejudice to the principle of free flow of data.
With the Convention only adopted in June 2014, its recency highlights the infancy of the data protection arena in the African region. Thus whilst the uptake of digitization has increased significantly, the legal response to the digital environment has hazardously lagged behind with the immediate consequence of exposing data subjects to the wide array of data threats that conjoin to murk the benefits otherwise apparent from technological developments. Kenya on her part attempted to respond to these threats through its 2013 Data Protection Bill which was aimed at giving effect to Articles 31 (c) and (d) of the Constitution but the Bill is yet to see the light of day. All factors constant, we still run the risk of falling victim to misuse of personal information online, receiving unsolicited commercial adverts in the name of tailored content, potential abuse of privacy by state agencies through unjustified surveillance for example and adverse sharing of online information unless we make deliberate effort of crafting responsive legal mechanisms that will contain or curb this threats.
Else, the tragedy awaiting the internet consumers can be captured in the words of Lord Hoffman who in R v Brown [1996] All ER 555-556 eloquently observed that one of the less welcome consequences of the information technology revolution is the ease with which it is now possible to invade the privacy of an individual…in greater comfort and safety (thereby) exposing the right to keep to oneself under technological threat.