The state of internet policy making in Ethiopia

Kinfe Michael Yilma, a scholar at Brunel University London UK, discusses Ethiopia’s internet policies and participation in internet governance forums.

Ethiopia is among those countries with the lowest level of internet penetration and use. A 2014 World Internet Stats report, for instance, claims that Ethiopia has had only 1.9% internet penetration. Similarly, the World Economic Forum also rated the number of internet users in Ethiopia at 1.1%, ranking the country 142 out of 144 countries surveyed in 2012/13. As of December 31, 2013, that number had only risen to 5.5%, according to a report released by the Ethiopian government. Indeed, it was only in 1997 that Ethiopia introduced the internet, and not until 2005 that the first four thousand kilometers of fiber optic backbone were laid in Addis Ababa. This delay in the proliferation of the internet has played a role in delaying the development of internet policies including legislative measures surrounding the internet.

Ethiopia’s internet policies are part of the country’s broader information and communication technology (ICT) policy. The first Ethiopian ICT policy was drafted and submitted to the Council of Ministers (CoM) in 2002. The policy envisioned, among other developments, the improvement of the social and economic well-being of the Ethiopian people through the exploitation of opportunities created by ICTs. Only a few measures based on the ICT policy of 2002were implemented, most notably the promulgation of the first set of cybercrime rules as part of the Criminal Code of the 2004. The CoM, however, replaced the 2002 policy with a more comprehensive policy in August 2009.

This more elaborate version of national ICT policy and strategy gears its strategic focus towards seven major areas: ICT infrastructure, human resource development, ICT legal systems and security, ICT for government administration and services, ICT industry and private sector development, and research and technology transfer. The national ICT policy and strategy is executed through specific ICT strategic documents. One example of such a document is the Ethiopian e-government strategy. The strategy envisions the implementation of several government electronic services, including informational and transactional services. The government has made significant achievements in rolling out various e-government services, such as WoredaNet – used to network various remotely located administrative divisions of the government, SchoolNet – used to network various schools sharing resources such as a digital library and video lessons, and EthERNet – used to network all public universities in the country.

The 2009 ICT policy makes it clear that the current legal framework is insufficient for coping with the challenges of the fast-developing national and global ICT sectors. The ICT policy even outlines the legislative instruments that are needed to govern cyber-related activities, such as data protection laws, cybercrime laws, and intellectual property laws. Only a couple of these legal instruments have thus far been enacted to implement the national 2009 ICT policy. Among them is the telecom fraud legislation, a major piece of Ethiopian internet law adopted in 2012. This legislation not only prevents frauds on telecom networks and services, but also deals with matters such as obscenity on the internet. Another piece of internet legislation is the national payment services proclamation, which governs, among other services, online payment services such as internet banking. There are also a handful of legislations currently under deliberation among legislators. For example, a modern and comprehensive cybercrime legislation is set to replace the existing cybercrime rules when the Ethiopian parliament returns from recess in October. The e-commerce, electronic signature, and data protection proclamations, which were initially crafted in 2010, are also in the pipeline.

Regarding the institutional framework, two entities play major roles in shaping internet policies in Ethiopia. The Ethiopian Ministry of Communication and Information Technology (MoCIT) is the principal government organ in charge of ICTs in general. It has the power and duty to initiate policies and laws in ICT areas [1]. MoCIT also sets and implements standards to ensure provision of quality, reliable, and safe ICT services. Each regional state has its own Communications and Information Technology Agency entrusted with implementing on-the-ground laws, policies, and standards on ICTs adopted at the federal level, making MoCIT the principle internet policy organ in Ethiopia. The Information Network Security Agency (INSA) is an institution parallel to MoCIT that has statutory powers to formulate and enforce national policies, laws, and standards to ensure key information and computer-based infrastructure [2].While MoCIT is bestowed with a broad mandate for general ICT regulation, INSA is specifically dedicated to dealing with information security. In terms of cyber-related legislation, MoCIT has thus far written the e-commerce, e-signature, and data protection proclamations (all of which are still drafts), whereas INSA drafted the cybercrime legislation (still a draft) and the already adopted telecom fraud offense proclamation and Ethiopian Information Security Policy of 2011.

The Ethiopian government is completely absent from the global internet governance ecosystem, especially in regards to internet governance forums. Despite being the sole institution for critical internet resource administration in the country, the Ethiopian government does not attend the Internet Corporation for Assigned Names and Numbers (ICANN) meetings, the Internet Governance Forum (IGF), or sub-regional IGF forums such as the African Internet Governance Forum (AfIGF) and the East African Internet Governance Forum (EAfIGF). The Ethiopian government has never been represented at the Government Advisory Committee (GAC) or the Country Code Names Supporting Organization (ccNSO) of ICANN, despite the fact that the Ethiopian government, through MCIT, manages the .et domain name [3]. Ethiopia also did not have a seat at the much-talked-about World Conference on International Telecommunications (WCIT) held in December 2012 in Dubai, UAE despite the country being one of the early members of the International Telecommunication Union (ITU).

It is also rare to see notable participation from Ethiopian civil society, industry, or academia in the internet governance ecosystem. Potential stakeholders have also not been keen on holding the government accountable for its statutory obligation to coordinate all stakeholders in the management of the country code top level domains [3]. That said, it is important to mention the remarkable participation, if not decisive roles, of some individual Ethiopians in the internet governance ecosystem. Noteworthy examples include Ms. Sophia Bekele, who spearheaded a widely known – and controversial – bid to run the dotafrica top level domain, and Dr. Dawit Bekele, regional director of the internet society (ISOC). ICANN’s fellowship program has also recently enabled a handful of young academics to attend its public meetings held across the globe, which has in turn opened doors for them to join stakeholders groups within ICANN, mainly the Non Commercial Stakeholders Group of the GNSO.

There is much progress to be made regarding the state of internet policy making in Ethiopia. Internet policies and legislation are increasingly being outpaced by developments in the ICT field. There remain many areas of internet policy, such as government surveillance, that are presently untouched by the current legal and policy framework. For example, a number of emerging government electronic surveillance practices were recently unveiled by Human Rights Watch. These reports document a range of surveillance tools actively being used by the government without any clear policy framework or oversight mechanisms.

This state of affairs makes clear the need to lay out a requisite legal and policy framework that respects the rights of citizens while ensuring transparency and accountability within government processes for all internet activities. This need is more urgent than ever due to developments at the regional level in Africa. Recently, the African Union (AU) adopted a broad cyber convention that covers three major areas of internet law and policy: cybercrime, personal data protection and electronic commerce. Ethiopia, as an important member of the AU, will most likely adopt the convention in due time, which makes it an opportune time for Ethiopian policy makers to gear up to the real task of internet policy making. Adopting the convention will have to be preceded or accompanied by the requisite leveling of the internet policy and legal landscape so that rules of the convention can be harmoniously integrated. Readiness is also desirable at this stage, particularly in terms of implementing laws, policies, and institutions, as well as readiness for professionals who will have to put these rules and policies into effect.

1. Proclamation to Provide for the Definition of Powers and Duties of the Executive Organs of the Federal Democratic Republic of Ethiopia, Federal Negarit Gazeta, Proclamation No. 691/2010, Art 10 (1(a)) [deleted] Art 24.

2. Information Network Security Agency Re-establishment Proclamation, Federal Negarit Gazeta, Proclamation No. 808/2013, Art 6(2).

3. Note that MCIT is obliged under Art 24(1(h)) of Proclamation No. 691/2010 to coordinate all stakeholders for the creation and proper implementation of country code top level domains.

Kinfe Michael Yilma was formerly a lecturer-in-law at Hawassa University Law School in Ethiopia. He received his Bachelor of Laws (LLB) degree from Addis Ababa University with great distinction in July 2009 and his Master of Laws (LLM) degree in Internet Law from the University of Oslo in December 2012. He also studied Internet privacy at the University of Oxford, Oxford Internet Institute in 2012. His earlier research and teachings focused on the Ethiopian tax law regime on which he produced a number of articles published in reputable journals. He recently devotes his time on researching and writing on the intersections of human rights and technology. He particularly writes on the interplay between privacy and the Internet.

Originally posted on