The limited space for online expression continued to deteriorate alongside an increasing crackdown on bloggers. The Zone 9 bloggers arrested in April 2014 were charged with terrorism in July 2014 and subsequently subjected to a series of sham trials through mid-2015. In July 2015, two of the imprisoned Zone 9 bloggers were unexpectedly released and acquitted of all charges, leaving four in prison alongside five other individuals who were arrested in July 2014 and charged with terrorism for their various ICT activities. Independent journalists in the diaspora were targeted with Hacking Team surveillance spyware.
Legal Environment
The 1995 Ethiopian constitution guarantees freedom of expression, freedom of the press, and access to information, while also prohibiting censorship.
[58] These constitutional guarantees are affirmed in the 2008 Mass Media and Freedom of Information Proclamation, known as the press law, which governs the print media.
[59] Nevertheless, the press law also includes problematic provisions that contradict constitutional protections and restrict free expression, such as onerous registration processes for media outlets and high fines for defamation.
[60] The Criminal Code also penalizes defamation with a fine or up to one year in prison.
[61]
In 2012, the government introduced specific restrictions on an array of ICT activities under amendments to the 1996 Telecom Fraud Offences Law,
[62] which had already placed bans on certain communication applications, such as Voice over Internet Protocol (VoIP)
[63] like Skype and Google Voice, call back services, and internet-based fax services.
[64]Under the 2012 amendments, the penalties under the preexisting ban were toughened, increasing the fine and maximum prison sentence from five to eight years for service providers, and penalizing users with three months to two years in prison.
[65] The law also added the requirement for all individuals to register their telecommunications equipment—including smartphones—with the government, which security officials typically enforce by confiscating ICT equipment when a registration permit cannot be furnished at security checkpoints, according to sources in the country.
Most alarmingly, the 2012 Telecom Fraud Offences Law extended the violations and penalties defined in the 2009 Anti-Terrorism Proclamation and criminal code to electronic communications, which explicitly include both mobile phone and internet services.
[66] The anti-terrorism legislation prescribes prison sentences of up to 20 years for the publication of statements that can be understood as a direct or indirect encouragement of terrorism, a vaguely defined term.
[67]
According to a December 2014 news report by Ethiopian State Television, a draft Computer and Internet Crime Bill is currently in the works by the Information Network Security Agency (INSA). The news report featured remarks by the INSA director, who insisted that the draft cybercrime law aimed to strengthen the government’s powers to prevent, control, investigate, and prosecute cybercrimes, including on social media. Observers are concerned that the law will empower state agencies to monitor private social media activities without oversight.
[68]
Prosecutions and Detention for Online Activities
Ethiopia is among the world’s top five jailers of journalists.
[69] In 2014-2015, the authorities intensified their crackdown against bloggers and online journalists, using the country’s harsh laws to arrest and prosecute individuals for their online activities and silence dissent. Most alarmingly, six bloggers from the critical Zone 9 blogging collective and three journalists with alleged associations to Zone 9 were arrested in late April 2014. The arrests occurred just days following a Facebook post announcing the group’s plans to resume its activism after taking a seven-month hiatus due to “a considerable amount of surveillance and harassment” the bloggers had previously suffered at the hands of security agents for their writings and social media activism.
[70]
Initially held for three months without charges, the bloggers were charged in July 2014 with terrorism under the harsh Anti-Terrorism Proclamation for conspiring with the banned opposition group Ginbot 7, which the government classifies as a terrorist group.
[71] The bloggers were further accused of encrypting their communications to disseminate seditious writings with the intent of overthrowing the government, the latter of which is an offense under the criminal code.
[72] The government reportedly submitted 30 pages of phone and surveillance records spanning a period of three years as evidence of the terrorism charges,
[73]alongside email communications and digital security handbooks.
[74]
Despite widespread international condemnation of the Zone 9 arrests, the detainees were denied bail and brought to court dozens of times without any progress to their case for more than a year.
[75] They remained in jail throughout the first half of 2015 until early July, when two of the bloggers and three associated journalists were unexpectedly released without charges. The four remaining Zone 9 bloggers were acquitted in October.
[76] During the trials between June and November 2014, at least three other individuals were arrested temporarily for posting updates and pictures of their trials on social media via mobile devices.
Several other critical bloggers and online activists were arrested in July 2014, including Abraha Desta and Zelalem Workagegnehu, both academics and bloggers who were held without charges for four months until October 2014 when they were charged for their alleged support of the opposition group Ginbot 7.
[77] They were also charged with using social media to contact members of Ginbot 7.
[78] Widely known for his Facebook posts criticizing the ruling party, Abraha Desta was reportedly beaten brutally before being taken to an unidentified prison.
[79] Three other individuals—Yonatan Wolde, Abraham Solomon, and Bahiru Degu—were also arrested around the same time for allegedly applying for an internet security and social media training abroad.
[80] At a court hearing in August 2015, the defendants’ cases were delayed until November.
[81]
Meanwhile, the well-known dissident journalist and blogger Eskinder Nega is still carrying out an 18-year prison sentence handed down in July 2012 under the anti-terrorism law.
[82]
Surveillance and Anonymity
Government surveillance of online and mobile phone communications is pervasive in Ethiopia, and evidence has emerged in recent years that reveal the scale of such practices. According to 2014 Human Rights Watch research, there are strong indications that the government has deployed a centralized monitoring system from the Chinese telecommunications firm ZTE, known as ZXMT, to monitor phone lines and various types of communications, including mobile phone networks and the internet.
[83]Known for its use by repressive regimes in Libya and Iran, ZXMT enables deep packet inspection (DPI) of internet traffic across the EthioTelecom network and has the ability to intercept emails and web chats.
Another ZTE technology, known as ZSmart, is a customer management database installed at EthioTelecom that provides the government with full access to user information and the ability to intercept SMS text messages and record phone conversations.
[84] ZSmart also allows security officials to locate targeted individuals through real-time geolocation tracking of mobile phones.
[85] While the extent to which the government has made use of the full range of ZTE’s sophisticated surveillance systems is unclear, the authorities frequently present intercepted emails and phone calls as evidence during trials against journalists and bloggers or during interrogations as a scare tactic.
[86]
There has been an increasing trend of exiled dissidents targeted with surveillance malware in the past few years (see “Technical Attacks”). Recent Citizen Lab research published in March 2015 uncovered the use of Remote Control System (RCS) spyware against two employees of the diaspora-run independent satellite television, radio, and online news media outlet, Ethiopian Satellite Television Service (ESAT), based in Alexandria, Virginia, in November and December 2014.
[87] Made by the Italian company Hacking Team, RCS spyware is advertised as “offensive technology” sold exclusively to law enforcement and intelligence agencies around the world, and has the ability to steal files and passwords, as well as to intercept Skype calls and chats.
[88]
While Hacking Team claims that they do not deal with “repressive regimes,”
[89] the social engineering tactics used to bait the two ESAT employees made it clear that the attack was targeted. Moreover, analysis of the RCS attacks uncovered credible links to the Ethiopian government, with the spyware’s servers registered at an EthioTelecom address under the name “INSA-PC,” referring to the Information Network Security Agency (INSA), the body established in 2011 to preside over the security of the country’s critical communications infrastructure.
[90] INSA was already known to be using the commercial toolkit FinFisher—a device that can secretly monitor computers by turning on webcams, record everything a user types with a key logger, and intercept Skype calls—to target dissidents and supposed national security threats.
[91]
Given the high degree of online repression in Ethiopia, political commentators use proxy servers and anonymizing tools to hide their identities when publishing online and to circumvent filtering, though the ability to communicate anonymously has become more difficult. The Tor Network anonymizing tool has been blocked since May 2012.
Anonymity is further compromised by strict SIM card registration requirements. Upon purchase of a SIM card through EthioTelecom or an authorized reseller, individuals must provide their full name, address, government-issued identification number, and a passport-sized photograph. EthioTelecom’s database of SIM registrants enables the government to cut-off the SIM cards belonging to targeted individuals and to restrict those individuals from registering for new SIM cards. Internet subscribers are also required to register their personal details, including their home address, with the government. In 2013, an inside informant leaked worrying details of potential draft legislation that seeks to mandate real-name registration for all internet users in Ethiopia, though there are no further details of this development as of mid-2015.
[92]
While the government’s stronghold over the Ethiopian ICT sector enables it to proactively monitor users, its access to user activity and information is less direct at cybercafes. For a period following the 2005 elections, cybercafe owners were required to keep a register of their clients, but the requirement has not been enforced since mid-2010.
[93]Nevertheless, some cybercafe operators revealed that they are required to report any “unusual behavior” to security officials, and officials often visit cybercafes (sometimes in plainclothes) to ask questions about specific users or to monitor user activity themselves.
[94]
Intimidation and Violence
Government security agents frequently harass and intimidate bloggers, online journalists, and ordinary users for their online activities. Independent bloggers are often summoned by the authorities to be warned against discussing certain topics online, while activists claim that they are consistently threatened by state security agents for their online activism.
[95] Prior to their imprisonment in April 2014, the Zone 9 bloggers reported suffering a considerable amount of harassment for their work, leading them to go silent for several months. Shortly after the bloggers announced a resumption of activities on Facebook in April 2014, six Zone 9 bloggers were arrested and sent to a federal detention center in Addis Ababa where they were reportedly mistreated and tortured to give false confessions throughout the year.
[96] The active Gmail accounts belonging to several of the Zone 9 bloggers while in detention suggests that they may have been forced give their passwords to security officials against their will.
[97]
Ethiopian journalists in the diaspora have also been targeted for harassment, according to one reporter of the diaspora-based website ECADF, who received death threats from an alleged government spy in Netherlands for his reporting.
[98]
Technical Attacks
Opposition critics and independent voices face frequent technical attacks, even when based abroad. In recent years, independent research has found evidence that the Ethiopian authorities use sophisticated surveillance malware and spyware, such as FinFisher’s FinSpy and Hacking Team’s Remote Control Servers (RCS), to target exiled dissidents. The most recent attack was recorded in December 2014 by researchers at Citizen Lab, who discovered RCS spyware in attached documents sent in emails to journalists with the Ethiopian Satellite Television Service (ESAT), an independent TV, radio, and online news outlet run by members of the Ethiopian diaspora in Virginia.
[99] Having been targeted with the RCS spyware before,
[100] the journalists did not download the attachments that would have installed the spyware and enabled the attackers to access files on the infected computers. The journalists believe the attack was an effort by the authorities to ascertain ESAT’s sources within Ethiopia.
Meanwhile, a technical attack in late 2012 and early 2013 on an exiled dissident (and American citizen) is currently the basis of an ongoing legal case at a U.S. District Court filed by the Electronic Frontier Foundation (EFF).
[101] In April 2013, EFF sued the Ethiopian government in a U.S. court on behalf of the anonymous Ethiopian dissident for implanting malicious FinSpy malware on the individual’s computer. Linked to a server belonging to EthioTelecom, FinSpy had secretly recorded dozens of Skype calls, copied emails the individual had sent, and logged a web search conducted by his son on the history of sports medicine for a school research project.
[102]
