Scielo RSS <![CDATA[The African Journal of Information and Communication]]> http://www.scielo.org.za/rss.php?pid=2077-721320190001&lang=en vol. 23 num. lang. en <![CDATA[SciELO Logo]]> http://www.scielo.org.za/img/en/fbpelogp.gif http://www.scielo.org.za <![CDATA[<b>Asymmetry in South Africa's Regulation of Customer Data Protection: Unequal Treatment between Mobile Network Operators (MNOs) and Over-the-Top (OTT) Service Providers</b>]]> http://www.scielo.org.za/scielo.php?script=sci_arttext&pid=S2077-72132019000100001&lng=en&nrm=iso&tlng=en This article examines the asymmetry that currently exists in South Africa in the regulatory treatment of customer data usage by mobile network operators (MNOs) and over-the-top (OTT) service providers. MNOs and OTTs must receive customer "consent", in terms of the Protection of Personal Information Act (POPI Act) and its Regulations, before sharing the customer's "personal information" with a third party. But MNOs have an additional requirement to meet, in terms of the Regulation of Interception of Communications and Provision of Communication-Related Information Act (RICA), which is not applicable to OTTs: a requirement whereby a customer must provide "written authorisation" to an MNO before the MNO can share "communication-related information which relates to the customer concerned" with a third party. In this article, I examine and analyse provisions of the POPI Act, POPI Act Regulations, RICA, other relevant legislation, court decisions, records of a Parliamentary hearing, the standard terms and conditions and privacy policies of two South African MNOs (Vodacom and MTN), and two international OTT service providers (Google and Facebook). Based on the analysis, I argue that the unequal regulatory treatment between the MNOs and OTTs, if allowed to persist, threatens to undermine the growth of key elements of South Africa's digital economy. <![CDATA[<b>Conceptual Design of a Cybersecurity Resilience Maturity Measurement (CRMM) Framework</b>]]> http://www.scielo.org.za/scielo.php?script=sci_arttext&pid=S2077-72132019000100002&lng=en&nrm=iso&tlng=en African countries are at high risk with respect to cybersecurity breaches and are experiencing substantial financial losses. Amongst the top cybersecurity frameworks, many focus on guidelines with respect to detection, protection and response, but few offer formal frameworks for measuring actual cybersecurity resilience. This article presents the conceptual design for a cybersecurity resilience maturity measurement (CRMM) framework to be applied in organisations, notably for critical information infrastructure (CII), as part of cyber risk management treatment. The main thrusts of the framework are to establish, through assessment in terms of quantitative measures, which cybersecurity controls exist in an organisation, how effective and efficient these controls are with respect to cybersecurity resilience, and steps that need to be taken to improve resilience maturity. The CRMM framework we outline is conceptualised as being applicable both pre- and post-cyber attack. Drawing on the NIST cybersecurity framework (NIST CSF) and other relevant frameworks, the CRMM approach conceptualised in this article would be able to depict an organisation's cybersecurity practices and gauge the organisation's cybersecurity maturity at regular intervals. This CRMM approach is grounded in the idea that, by quantifying an organisation's current practices against established baseline security controls and global best practices, the resulting status measurement can provide the appropriate basis for managing cyber risk in a consistent and proportionate fashion. The CRMM framework defines four cybersecurity resilience quadrants (CRQs), which depict four different degrees of organisational preparedness, in terms of both risk and resilience. <![CDATA[<b>A Proposed "Agricultural Data Commons" in Support of Food Security</b>]]> http://www.scielo.org.za/scielo.php?script=sci_arttext&pid=S2077-72132019000100003&lng=en&nrm=iso&tlng=en This article identifies a data governance model that could help reduce dataset access inequities currently experienced by smallholder farmers in both developed-world and developing-world settings. Agricultural data is globally recognised for its importance in addressing food insecurity, with such data generated and used by a value chain of contributors, collectors, and users. Guided by the modified institutional analysis and development (IAD) framework, our study considered the features of agricultural data as a "knowledge commons" resource. The study also looked at existing data collection modalities practiced by John Deere, Plantwise and Abalobi, and at the open data distribution modalities available under the Creative Commons and the Open Data Commons licensing frameworks. The study found that an "agricultural data commons" model could give greater agency to the smallholder farmers who contribute data. A model open data licence could be used by data collectors, supported by a certification mark and a dedicated public interest organisation. These features could engender an agricultural data commons that would be advantageous to the three key stakeholders in agricultural data: data contributors, who need engagement, privacy, control, and benefit-sharing; small and medium-sized-enterprise (SME) data collectors, who need sophisticated legal tools and an ability to brand their participation in opening data; and data users, who need open access. <![CDATA[<b>Towards a Tiered or Differentiated Approach to Protection of Traditional Knowledge (TK) and Traditional Cultural Expressions (TCEs) in Relation to the Intellectual Property System</b>]]> http://www.scielo.org.za/scielo.php?script=sci_arttext&pid=S2077-72132019000100004&lng=en&nrm=iso&tlng=en The World Intellectual Property Organisation (WIPO) has, for nearly two decades, engaged in formulating the nature and content of a text-based legal instrument or instruments for the effective protection of genetic resources (GRs), traditional knowledge (TK), and traditional cultural expressions (TCEs, also known as folklore) within or relating to the international intellectual property (IP) system. This task has been the job of WIPO's Intergovernmental Committee on Intellectual Property and Genetic Resources, Traditional Knowledge and Folklore (IGC), established in 2000. In this article, I explore the context and rationales for, and evolution of, one of the IGC's evolving contributions: development of a tiered or differentiated approach to the protection of TK and TCEs. The article discusses and analyses the empirical ramifications and challenges of the tiered approach-alternatively referred to as differentiated approach-with reference to examples of forms of TK and TCE in Africa, North America and Australia. I conclude that the approach is a work in progress, still evolving, which provides a useful broad policy framework at the international level while, at the same time, its details are contingent on many considerations better addressed at national and local levels. <![CDATA[<b>Treatment of Kenya's Internet Service Providers (ISPs) under the Kenya Copyright (Amendment) Bill, 2017</b>]]> http://www.scielo.org.za/scielo.php?script=sci_arttext&pid=S2077-72132019000100005&lng=en&nrm=iso&tlng=en Kenya's Copyright (Amendment) Bill, 2017, is nearing its final stage of consideration by Parliament. In this article, we provide a review of the Bill's provisions in respect of its treatment of internet intermediaries, specifically internet service providers (ISPs). We seek to establish the impact that the intermediary liability provisions in the Bill could have on ISPs' operations if the Bill is passed into law in its present form. We applaud the Bill's provision for a "safe harbours" regime, whereby ISPs would incur no liability, or limited liability, for certain specific intermediary actions. However, we also note that the framing of the Bill's notice-and-takedown provisions would require quasi-judicial skills on the part of ISPs, which may not be appropriate. We conclude by providing recommendations for how legislators could address the weaknesses in the Bill's treatment of ISPs. <![CDATA[<b>The Role of Discursive Constructions in Nigeria's ASUU-FGN Labour Conflict of 2013</b>]]> http://www.scielo.org.za/scielo.php?script=sci_arttext&pid=S2077-72132019000100006&lng=en&nrm=iso&tlng=en The performance of Nigeria's tertiary education sector has been undermined on numerous occasions by labour conflicts. While these labour disputes are widely reported in the media, there has been only minimal scholarly examination of the discourses that predominate in the media during these conflicts. Using the critical discourse analysis (CDA) and conceptual metaphor (CM) frameworks, this study examined the discursive features of a labour conflict in 2013 between the Academic Staff Union of Universities (ASUU) and the Federal Government of Nigeria (FGN). Statements by ASUU and FGN officials and their supporters, as published by Nigerian print and online news sources during the dispute, were purposively sampled, along with media outlets' editorial statements and readers' online comments. It was found that the labour dispute was discursively and metaphorically constructed in militaristic terms, as a conflict between two enemies engaged in a kind of battle or war. It was also found that both ASUU and the FGN engaged in propagandistic discourses in line with their militaristic discursive constructions, and that the two sides propagated disparaging discourses in respect of each other's motivations and behaviours. It was also found that certain readers reproduced elements of the prevailing discourses in their online comments on media coverage of the strike. <![CDATA[<b>Book Review: Telecommunications Law and Regulation in Nigeria</b>]]> http://www.scielo.org.za/scielo.php?script=sci_arttext&pid=S2077-72132019000100007&lng=en&nrm=iso&tlng=en The performance of Nigeria's tertiary education sector has been undermined on numerous occasions by labour conflicts. While these labour disputes are widely reported in the media, there has been only minimal scholarly examination of the discourses that predominate in the media during these conflicts. Using the critical discourse analysis (CDA) and conceptual metaphor (CM) frameworks, this study examined the discursive features of a labour conflict in 2013 between the Academic Staff Union of Universities (ASUU) and the Federal Government of Nigeria (FGN). Statements by ASUU and FGN officials and their supporters, as published by Nigerian print and online news sources during the dispute, were purposively sampled, along with media outlets' editorial statements and readers' online comments. It was found that the labour dispute was discursively and metaphorically constructed in militaristic terms, as a conflict between two enemies engaged in a kind of battle or war. It was also found that both ASUU and the FGN engaged in propagandistic discourses in line with their militaristic discursive constructions, and that the two sides propagated disparaging discourses in respect of each other's motivations and behaviours. It was also found that certain readers reproduced elements of the prevailing discourses in their online comments on media coverage of the strike.