Tomorrow (13 April), the African Union (AU) Peace and Security Council (PSC) is expected to convene its 1148^th session to discuss the impacts of cyber threats to peace and security in Africa.

The session opens remarks by Abdelhamid Elgharbi, Permanent Representative of Tunisia and Chairperson of the PSC for the month of April followed by a statement of AU Commissioner for Political Affairs, Peace and Security (PAPS), Bankole Adeoye. The AU Mechanism for Police Cooperation (AFRIPOL); the Committee of Intelligence and Security Services of Africa (CISSA); the AU Department of Infrastructure and Energy; AU Office of the Legal Counsel and the United Nations (UN) International Telecommunication Union (ITU) are also expected to participate in the session.

It was at its 850^th session that the PSC, recognising the growing relevance of cyberspace in Africa and the importance of ensuring the safety and security of this space, decided to commit an annual meeting on cyber security. Although this decision hasn’t been regularly implemented, the PSC has dedicated various sessions to the theme, including the 1097^th session which last addressed concerns related to cyber security in Africa. Among other critical points, the 1097^th session drew attention to the need for enactment of necessary legislations and regulations at national, regional and continental levels to govern issues related to cyberspace. Tomorrow’s session serves to follow up on efforts being deployed to mainstream cybersecurity in all peace and security mechanisms of the AU, Regional Economic Community and Regional Mechanisms (RECs/RMs) and member states.

This session is coming against the background of the major cyberattack against the AU cyber infrastructure. Early in March, the AU was forced to suspend various operations following a massive cyberattack on its data centre, compromising various IT assets and user devices. This attack has led to not only the disruption of the ordinary functioning of the AU but also the loss of data. As a clear illustration of the susceptibility of African infrastructure to cyberattacks and the enormous costs that such attacks occasion, it would be of interest for members of the PSC to seek information on the source of the attack, the scale of damage caused and the measures required for rebuilding and instituting protective measures to address the vulnerabilities in the AU system that were exploited for orchestrating the attack.

There is also anecdotal data that the extent of threats to the cyberspace in Africa is increasing. This is mostly on account of the weak cyber security arrangements. According to the International Criminal Police Organization (INTERPOL)’s 2021 Africa Cyber Threat Assessment Report, over 90 percent of companies in Africa operate without the necessary cyber security protocols.  Many African institutions and businesses have also come under cyberattack over recent years and continue to be susceptible to the perpetration of various cybercrimes.

The impacts of this are multifaceted. One of the many negative consequences of unprotected cyberspaces is that they result in considerable financial loss as well as data theft, including those related to intellectual property and protected business information. At a larger scale, such form of cyber threats manifest in the form of infrastructural sabotage affecting critical social and economic activities, including trade and commerce. Reports have indicated that in recent years, such form of sabotages have particularly been escalating in the continent, specifically targeting national banks and maritime infrastructures. Ultimately, this will have an adverse impact on Africa’s endeavours to advance economic development.  As emphasised by the PSC at its 850^th session, a secure cyberspace is a necessary precondition for ‘reaping the dividends of the digital transformation of Africa and the world and for promoting economic development throughout the Continent’.

Another and perhaps more grave consequence of weak cyber security practices in government and non-governmental institutions in Africa is the fertile ground it creates for anti-peace activities ranging from espionage, to organised crimes and the use of digital space for incitement of violence. With little to no measures put in place to secure the cyberspace, anti-peace entities including terrorist organisations will have ease not only in accessing sensitive data and classified government information, but also in diverting finances to fund their activities, plan their attacks as well as recruit and train others to join their network. It also opens the space and creates the opportunity for the spread of misinformation and incitement of violence, particularly in settings characterised by polarised political tension and dissent. Terrorist groups’ usage of cybercriminals to raise funds through cryptocurrencies and exploration of the dark web by human trafficking networks to lure in travellers through fake tour agency accounts are also among the cyber threats in Africa identified by AFRIPOL.

The imperative for a more robust cybersecurity in Africa will only continue to rise as the continent continues to expand its reliance and use of cyber operated technologies not only for socio-economic activities but also for security purposes as the expansion of the use of drones and unmanned aerial vehicles (UAVs) as well as other artificial intelligence (AI) for enhancing military operations shows. As far as the use of such technologies, particularly what are known as autonomous weapons systems (which Africa is not in possession of), is concerned, Africa has the responsibility for promoting the development and strict enforcement of rules that ensure effective human control over and full responsibility of states for how such technologies are used as the surest means for averting not only breaches of human rights and international humanitarian law rules but also damages that may result from hacking of such technologies.

Africa’s internet and telecom market which has experienced a major boost in recent years is only expected to grow significantly in the near future to accommodate the demands of the continent’s massive population. While this creates great opportunities to advance Africa’s socio-economic and developmental aspirations, it also expands further the nature and extent of cyber threats expected to be experienced. If relevant strategies are not put in place well in advance to avert, manage and effectively respond to these threats, the continent may be facing complex peace and security challenges. According to the 2021 Global Cybersecurity Index, only 29 African countries have introduced cyber security legislation while the remaining majority are yet to adopt relevant rules and regulations to deal with this specific area of concern. This indicates the need for heightened awareness among member states of developments in Africa’s cyberspace and their commitment to take solid steps towards securing it, including through the adoption of relevant normative standards to regulate the safe and secure utilisation of cyberspace.

At the continental level, the AU has already adopted key legal instruments and frameworks relevant to the regulation of cyberspace and for ensuring cyber security in Africa, including the AU Convention on Cyber Security and Personal Data Protection (Malabo Convention); the 2020-2030 Digital Transformation Strategy for Africa; the AU Data Policy Framework and the AU Interoperability Framework for Digital ID. In line with the decision of the Executive Council’s 32^nd Ordinary Session [EX.CL/Dec.987(XXXII)], the AU has also established the Cyber Security Expert Group (AUCSEG) which is charged with providing advice to the AU Commission on matters related to cyber security. Few member states such as Botswana, Ghana, Lesotho and South Africa have also made commendable strides towards securing the cyberspace through the adoption of Cybercrimes and Cybersecurity Acts. Despite these encouraging developments, the current efforts to respond to cyber threats are largely disproportional to the magnitude of the challenge in Africa.

The expected outcome of tomorrow’s session is a Communiqué. The PSC is expected to express grave concern over the recent cyberattack the AU experienced and commend AFRIPOL and other relevant AU organs for committing the necessary efforts to resolve the issue. It may emphasise that with growing digitalisation and socio-economic development come increasing cyber threats and as such, call on member states to mainstream cyber security throughout all of their digital endeavours. The PSC may take note of the increasing significance of the digital space for trade and commerce in Africa and call on all relevant stakeholders including member states and the private sector to protect transactions by investing on cyber security measures. It may stress the importance of establishing the normative framework for cyber security and urge member states to adopt the necessary legislation to regulate cyberspace in a manner compatible with human rights norms guaranteeing fundamental rights and freedoms. It may urge member states to ensure responsible use of emerging technologies in efforts aimed at enhancing military capabilities and to put in place the necessary cyber security measures to avert hacking and diversion of such technologies. It may also highlight the need to ensure implementation of existing continental legal frameworks for the protection of cyberspace including the Malabo Convention. It may further encourage RECs/RMs to contribute to cyber security efforts through enactment of relevant strategies for enhancing regional collaboration in taking action against cyber threats. The PSC may call on the AU Commission, AFRIPOL, CISSA working with relevant expert bodies to develop guidance for member states, RECs/RMs and AU institutions on identifying vulnerabilities for cyberattacks and instituting effective cybersecurity measures to avoid the kind of attacks the AU experienced recently.

Tomorrow (04 August), the African Union (AU) Peace and Security Council (PSC) will hold its 1097^th session on a relatively new thematic issue on “Emerging technologies and new media: Impact on democratic governance, peace and security in Africa”.

Following opening remarks of the Permanent Representative of The Gambia to the AU and Chairperson of the PSC for the month, Jainaba Jagne, AU Commissioner for Political Affairs, Peace and Security (PAPS), Bankole Adeoye is expected to make a statement. The Director of the AU Commission Department of Infrastructure and Energy, representative of the African Peer Review Mechanism (APRM) and expert on emerging technologies, Thompson Chengeta, will deliver presentations. Representatives of Amani Africa and Institute for Security Studies (ISS) are also expected to make intervention.

While the PSC discussed specific issues relating to emerging technologies and new media, this is the first time that the Council has a dedicated session on emerging technologies and new media in general, with a focus on their impact on democratic governance and peace and security in Africa. This strategically important session helps the PSC to grapple with a theme whose ramifications and significance have been expanding at a pace that continues to widen the gulf between the rate of change of these technologies and media and the response of policy makers.

The use of emerging technologies and new media including access to the internet and mobile technology continue to contribute positively to democratic governance and the promotion of peace and security in Africa, as in other parts of the world. For example, drones have improved the way healthcare is provided in Rwanda as they are being used to deliver blood in remote areas, thus enhancing access by overcoming geographic limitations. Mobile phones and social media also present opportunities to empower citizens and transform their relationship with the state. Real-time photos and videos uploaded to social media can expose government corruption or abuse and increase government responsiveness to citizen concerns. These technologies have also revolutionized people’s ability to organize and coordinate protest movements as well as electoral campaigns.

A case in point is the 2016 elections in the Gambia. According to one study, 92% of people interviewed believed that social media played the most role compared to traditional media. Especially, they affirmed that social media platforms such as WhatsApp or Facebook allowed the population to receive and spread information, even when the then incumbent government closed the access to the Internet. Furthermore, social media allowed locals to get in contact with Gambians living abroad. The interviewees affirmed that WhatsApp and Facebook ‘dominated the transmission of ideas’ and were able to ‘educate a larger number of people about the necessity of change’. In Mali, the mobile application ‘MonElu’ has been utilized as a medium to strengthen citizen participation in governance by facilitating dialogue with elected officials and in the process increasing accountability to citizens. In Kenya, Kenyan civil society successfully deployed crowd-sourcing technologies (Ushahidi) to map out the unfolding post-election violence in the country in 2008 election.

Council has taken note of the contribution of new media in various at its various sessions including the 589^th, 791^st and 1062^nd sessions convened under the theme of “Elections in Africa”. For example, at  its 1062^nd session it stressed ‘the important role of … responsible media, both print and electronic, in electoral processes and encouraged these entities to always contribute more positively towards promoting the integrity and credibility of elections and maintenance of peace and stability in Member States, especially by promoting civic education and accurate public information, as well as refraining from inflammatory reporting and miscommunication that may incite violence.’

In terms of the role of new technologies for promoting clean elections and limiting the rigging of elections, there is a need for identifying optimal conditions under which technologies contribute for enhancing the confidence of the electorate in the role of elections for advancing democratic governance in Africa. This is also important in terms of strengthening the quality of AU election monitoring through the use of relevant technologies and new media both for planning and conducting the election monitoring work of the AU.

In terms of positive contribution of emerging technologies for peace and security, the use of these technologies helps in timely exposing risks of violence and crises thereby strengthening early warning capabilities. Increasing use of these technologies by conflict actors also mean that it has increasingly become possible to establish the positions, motivations and movement of conflict actors, thereby enabling the planning of informed policy responses and mediation and peace-making efforts. The use of these technologies in peace processes has not only enabled mediators and peace support operations to have strong situational awareness, but to also engage in public diplomacy. These technologies also contribute to enhancing the legitimacy of peace processes by enabling engagement with various stakeholders. Admittedly, the extent to which AU peace processes, whether in mediation or in peace support operations, are able to harness these positive contribution of these technologies depend on their possession of the requisite skills and capabilities for using these technologies for such ends.

In the light of the foregoing, one issue that would be of interest to the PSC is the need for examining the current state of how AU and Regional Economic Communities and Regional Mechanisms (RECs/RMs) peace processes are using and harnessing the potentials of emerging technologies and new media for their work in conflict management and resolution.

It is clear from the foregoing that emerging technologies and new media have significant actual and potential contribution for the achievement of AU’s Agenda 2063 broadly and those relating to democratic governance and peace and security in particular. But the optimization of their current contributions and the harnessing of their enormous potentials depends on expanding access to these technologies and the technical know-how of and digital literacy for various areas of public life.

Emerging technologies and new media are not however without peril. Indeed, previous engagements of the PSC and recent and current experiences illustrate the adverse impacts of emerging technologies and new media in Africa.

Internet and social media platforms have been misused for spreading misinformation and inciting violence, particularly during election periods, undermining democratic processes and imposing serious risk to peace and security. In this regard, Council’s 653^rd and 713^th sessions have been particularly critical in drawing attention to the abuse and misuse of the media space by some political actors, which has the impact of undermining the credibility of electoral processes. A relatively newer trend Council may wish to note at tomorrow’s session is also the manipulation of algorisms by social media platforms to shape perceptions of people during elections, with the core purpose of precipitating artificially engineered electoral outcomes.

Aside from the context of elections, the more general abuse of media space for spread of hate speech and incitement of violence has also been a matter of serious concern in the continent. For example, in cases where it is difficult to trace the individual(s) or group(s) engaged in disinformation or misinformation operations, the distribution of content, such as images, memes, videos, and even voice messages, leads to a high level of violence among communities. In Nigeria, images of corpses in mass graves were used to fuel animosity between the Fulani Muslims and Berom Christians, which resulted in violence and killing. The perilous use of these technologies is something that the PSC has addressed, particularly in the context of its thematic agenda on hate crimes and prevention of genocide. At its 761^st session for example where Council highlighted how the misuse of social media has the potential of escalating the ideology of hate and genocide and how the abuse of media space can disrupt social cohesion and endanger national unity, it urged member States to set up mechanisms for monitoring the use of media.

The use of new technologies for surveillance and disinformation by state actors has also become a major source of concern as it dampness the positive contribution of these technologies and new media by exposing people with dissenting voices to serious peril. The 2020 titled a roadmap for digital cooperation noted, ‘new technologies are too often used for surveillance, repression, censorship and online harassment’ and that ‘greater efforts are needed to develop further guidance on how human rights standards apply in the digital age.’ The PSC may in this regard welcome the initiative of the African Commission on Human and Peoples’ Rights’ under its resolution 473 on artificial intelligence, robotics and other new and emerging technologies.

Council’s 850^th session addressing the theme of “Cyber Security” has highlighted the ‘importance of a safe and secure cyber space for reaping the dividends of digital transformation of Africa’. On the adverse side, a number of PSC’s sessions on terrorism and violent extremism have expressed concern over the growing use of technologies and media by terrorist groups. In addition to emphasising the concerning use of technologies such as UAVs by terrorist groups, as well as the manipulation of internet for purposes of radicalisation and recruitment, it is also important for Council to reflect on the use of new technologies in armed conflicts and the impact thereof. In recent years, the demand for military drones in Africa has significantly been on the rise, driven by a growing number of internal conflicts and counter-terrorism operations. Libya for instance is often even called the world’s largest ‘drone war theatre’, with multiple countries supporting one of the warring parties militarily in the civil war through the delivery of drones. France is deploying armed drones in the Sahel region against militants in Mali, Burkina Faso and Niger, and both US and French air strikes in Africa are notorious for injuring and killing civilians, often without any transparency or accountability regarding civilian casualties.

According to the latest drone study reports, African countries have also increasingly acquired and used (armed) drones themselves in their fights against armed groups. At the same time, armed groups are increasingly putting effort into weaponizing small commercial drones, turning these into surveillance and combat drones, of which Boko Haram is a primary example. These developments make clear that military drones have become an essential tool for armed forces in their operations, but that their use gives rise to questions about clear legal norms, wider military-strategic considerations and improved export controls.

The expected outcome of the session is a Communiqué. Council may recognize the enormous contribution and potential of emerging technologies and new media in addressing the socio-economic, governance and peace and security challenges and for the implementation of AU’s Agenda 2063. It may call for the imperative for enhancing Africa’s participation both in the development of and access to emerging technologies and use of new media for the advancement of the wellbeing of the people of the continent. It may express concerns about the threats posed by actors that use emerging technologies to disseminate malicious online contents that diminish trust for democratic governance. The Council may call for the development of regulatory framework for ensuring that technology firms strengthen their supervisory mechanisms to prevent the use of their technologies for destructive purposes. It may request for greater collaboration between member States, RECs/RMs, the AU Commission, and the Private Sector in promoting the development and responsible use of emerging technologies and new media. Having regard to upcoming elections in the continent, particularly Kenya’s general elections scheduled to take place 09 August, Council may also urge all relevant stakeholder to refrain from misuse of new media and task the AU election observers to pay particular attention to the impact of new media with a view to propose ways of more effectively addressing the increasing adverse use to which new media and technologies are used in tampering electoral processes. It may also call on member States to ensure respect of human rights and international humanitarian law (IHL) standards in their use of new technologies including weapons such as battle drones and UAVs.