My friend Andrew Rens sent me a troubling story from Zimbabwe – “Mugabe’s spies to infiltrate internet cafés“. According to this Mail and Guardian story, members of the Zimbabwean Central Intelligence Organization and the PISI (Police Internal Security Investigations – the unit that monitors pro-opposition policeman) will be staking out cybercafes, masquerading as employees or as ordinary customers. Their targets? Zimbabweans who are providing information to journalists outside the country on activities within Zimbabwe.
In one of my earlier posts on Zimbabwe, I observed that there’s access to opposition media in Zimbabwe, but that this media is generated, for the most part, outside the country and shipped into the country. Zimbabwe can’t prevent South African press from coming into the country without risking a trade battle with their critical trading partner. Instead, Zimbabwe’s government will focus on the sources of information on the ground, intimidating their citizens, who could face up to twenty years in prison from “publishing false information or statements that are prejudicial to the state or are likely to cause, promote or incite public disorder, or adversely affect the security or economic interests of the country.”
There’s two ways to read this development. One is that the government is already monitoring net communications and realizes that cybercafe usage is a weak link in their surveillance system. I think this is pretty unlikely – the tests I ran in Zimbabwe showed no overt net filtering and no blockage of proxies, Tor or other circumvention tools. That means that cybercafes are hardly the biggest security hole from the government’s perspective. More likely, I think, is that this is part of the overall Zimbabwean strategy to encourage self-censorship through intimidation. If CIO and PISI officers could be in any cybercafe, you might think twice about sending information to friends outside the country. It doesn’t matter if the officers are actually there or not – if you think they might be, you’re likely to self-censor.
(Furthermore, if the Zim government were really watching the Internet closely, they’d be able to intercept unencrypted communications with journalists outside the country and trace them to an individual cybercafe. By requiring cybercafe patrons to register and show ID before using computers, they could keep close track of where this information was coming from. Putting intelligence officers in cybercafes is basically an admission that the government doesn’t have the expertise or resources to monitor the network, and therefore needs to try the more inexact process of monitoring people’s posting of information…)
It’s not hard to understand why the Mugabe government wants to control the flow of information coming out of the country. Videos like the one documenting the beating of ZCTU activists show the government in an extremely unflattering light. But it’s worth pointing out that the ZCTU footage wasn’t posted from a cybercafe – it was smuggled out of the country on CDROM and edited and uploaded from South Africa. It’s very difficult to control the flow of information out of a country without controlling the flow of people and goods as well.