be done, this advocacy has forced corporate gatherers of personal information to be mindful of protecting data
from misuse or theft, leaving users
more protected. Without such a strong
notion of privacy rights in Africa, this
advocacy is disturbingly absent in the
nascent field of African information
security. For instance, in 2004 the
South African Post Office decided to
sell the personal information of citizens in its database. Without any legal
mechanism to protect personal information, individuals had no means of
protecting their own privacy. 6 Few protections of personal information mean
that sensitive data can all too easily fall
into the wrong hands.
Finally, too many African governments demonstrate a willingness to
operate outside the rule of law and
with little accountability. In such
an environment, mobile phones become an unprecedented tool to track
a citizen’s activities. An unscrupulous
government could easily use the cellular network to track an individual’s
movement, listen to conversations,
and access financial records. While
such behavior is not absent in Europe
and North America, it is generally
limited due to robust legal systems
and privacy watchdogs. Where such
systems are absent, as in many African states, government snooping can
have a chilling effect on a population
and negate the many gains provided
by mobile service.
Because the potential gains are so
great for Africa, it is vital that malevolent forces do not spoil this moment
of opportunity. Further, we must not
forget that in such an interconnected
world, a problem for Africa is very
much a problem for everyone else.
Once a continent with very limited
broadband connectivity, undersea
fiber cables now span the length of
each of Africa’s coasts and the development of several new cables is under
way. While desperately needed, this
additional bandwidth can serve as a
conduit to import and export mobile
viruses and other forms of malware
from and to the rest of the world. It is,
therefore, imperative that this potential information security nightmare be
addressed. Like so many security problems in the cyber world, however, the
solutions are not evidently at hand.
The compelling rise
of mobile telephony
across africa is
not a passing
phenomenon.
Of particular concern is the current lack of information security professionals in Africa. What is a significant problem in developing countries
is compounded in Africa where few
countries have the resources to educate and train the work force needed
to protect the cellular networks. Along
the same lines, governmental capacity
to develop the necessary institutions
is largely missing. Western assistance,
when offered, is rarely given in a sustainable manner that would allow for
true security work to persist. Finally,
political sensitivities tend to limit the
amount of assistance home nations
are willing to accept relating to security issues. All of this leaves Africa with
an absence of internal capacity coupled with weak outside assistance. It is
therefore difficult to imagine positive
scenarios in which the onslaught can
be avoided.
Conclusion
In considering possible solutions,
it is clear that device manufacturers
and service providers must contrib-
ute. Too often private interests place
security low on the list of priorities,
especially when not encouraged by
government entities. Yet for African
networks to be safe, it will be essen-
tial for manufacturers and providers
to offer adequate security. Steps such
as encrypting all sensitive data passed
through the network and ensuring the
privacy of personal information of-
fer adequate user protection. African
governments must also find ways to
train information security profession-
als. While increasing this work force
will certainly carry a high cost to gov-
ernments that often have little money
to spend, the costs otherwise will be
far greater, although distributed more
broadly among the population.
References
1. a horrendous trade. The Economist. (jan. 17, 2009), p.
50.
2. gady, F. africa’s cyber Wmd. Foreign Policy (mar. 24,
2010).
3. georgia tech information Security Center. Emerging
Cyber Threats Report for 2009. (oct. 15, 2008); http://
www.gtisc.gatech.edu/pdf/Cyberthreatsreport2009.
pdf.
4. itU. Information Society Statistical Profiles 2009:
Africa; http://www.itu.int/dms_pub/itu-d/opb/ind/d-
ind-rpm.aF-2009-pdF-e.pdf.
5. itU. Key Global Telecom Indicators for the World
Telecommunication Service Sector; http://www.itu.int/
itU-d/ict/statistics/at_glance/ Keytelecom.html.
6. olinger, h., britz, j., and olivier, m. Western privacy
and/or Ubuntu? Some critical comments on the
influences in the forthcoming data privacy bill in
South africa. The International Information & Library
Review 39 (2007), 31–43.
7. the mother of invention. The Economist (Sept. 24,
2009), 8–12.
Seymour (Sy) Goodman ( goodman@cc.gatech.edu)
is professor of international affairs and Computing at
georgia tech in atlanta, ga.
Andrew harris ( harrisar@gatech.edu) is a researcher at
georgia tech’s Sam nunn School of international affairs
in atlanta, ga.