Supplementary Submission to SABC inquiry: Concerns of Communications Surveillance and State Security Abuses at the Public Broadcaster
16 January 2017
Following Mr Micah Reddy’s appearance before the Committee on 14 December 2016, the Committee asked Right2Know to give supplementary information about concerns of the State Security Agency’s (SSA) conduct at the South African Broadcasting Corporation (SABC). This brief supplementary submission will outline: (1) Concerns of communications surveillance of SABC employees, either by SABC management or a third party; (2) The SSA’s conduct at the SABC; (3) Recommendations for further view and reform.
The clandestine nature of state-security activities, and the extreme lack of transparency of the State Security Agency even in matters of overall policy and non-sensitive operational activities, has undermined public understanding and oversight of this issue. Similarly, the lack of candour from SABC’s leadership means that the full picture of exactly what was taking place at the SABC has yet to be fully understood.
However, as this submission will recount, the evidence that is available suggests there are serious causes for concern regarding the conduct of both the SSA and SABC management regarding investigations and scrutiny of SABC employees, which has greatly contributed to a climate of fear and self censorship at the public broadcaster.
It should also be noted that from early 2015 to the end of 2016, there was no Inspector General of Intelligence, meaning that SSA operations have not been subject to basic independent oversight and individuals prejudiced by their actions have had no recourse.
Interception of Employee Communication at SABC
The spectre of communications surveillance (“phone-tapping” and “email-tapping”) has become a regular feature of scandals surround the SABC.
The need to protect against communications surveillance at the SABC is at least three-fold. First, it is vital in any context to protect the constitutional right of any person to private communications; any interference with that right can only be justifiable in the narrowest possible contexts. Second, in the context of a media organisation, protecting the integrity and confidentiality of journalists’ communications with or about sources must be given the highest possible protection, in keeping with a basic tenet of media freedom and the protection of journalistic sources. In the context of a media organisation that has been subject to internal censorship pressures, protecting journalists’ communications is especially important. Third, given the clear pattern of maladministration, mismanagement and abuse of power in the upper echelons of the SABC, the interception of employee communications poses a grave threat to whistleblowers1.
Despite this, there have been a number of problematic incidents that suggest, at best, employee communications are not adequately protected against interception; at worst, that SABC staff may be subject to unlawful interception of communications. Some of these are outlined below. As the Committee is aware, such interception would have to be governed by the Regulation of Interception of Communications and Provision of Communication-Related Information Act (RICA). Right2Know has raised a range of concerns about the constitutionality of RICA, including its lack of transparency and lack of safeguards2. For brevity’s sake these will not be detailed in this submission, except to note that even interceptions that occur in terms of RICA may not be properly lawful, justifiable or adequately guarded against abuse.
A few specific incidents have been highlighted, in the main dealing with evidence of communications surveillance either being threatened or actively used against SABC employees by those in a leadership role at the public broadcaster.
1.1. SABC chairperson statement in 2014
In January 2014, then SABC chairperson Zandile Ellen Tshabalala reportedly told staff in an editorial meeting that their communications may be intercepted by intelligence services, apparently in relation to perceived information leaks. This incident was made public by representatives of the Broadcasting, Electronics, Media and Allied Workers’ Union (Bemawu) at the time, and reported to the Committee in Ms Thandeka Gqubule’s submission3. According to accounts at the time, Ms Tshabalala incorrectly cited the SABC office’s status as a National Key Point to justify possible interception of communications4.
While the inferred risk of spying on SABC employees is problematic on its own, it is worth noting as an aside that the National Key Points Act gives no special justification for communications interception. In recent years there have been several public examples of SABC management falsely invoking the National Key Points Act to justify lack of transparency, candour and due process in human resources and governance issues, simply because several SABC offices that have National Key Points status.
1.2. Employee contracts on interception of communications
Evidence has come to our attention of changes to the wording of at least some manager-level contracts to broaden the SABC’s discretion to intercept and “act on” the electronic communications of employees. Right2Know has studied a manager’s contract signed within the past two years which requires the Employee:
“to consent the SABC to intercept, monitor, read, block or act upon any of the Employee’s electronic and other communications which shall include, but not be limited to, telephone conversations, emails and any stored files.”
This appears to be an expansion of the SABC management’s discretion to intercept employees communications, including personal communications, as the clause did not occur in manager-level contracts from previous years obtained by Right2Know.
1.3 Investigation of SABC Parliament employee, 2014
The Committee has already heard testimony on the matter of a member of SABC’s Parliamentary office who was suspected of ‘leaking’ information to a Member of Parliament in late 20145. Right2Know understands from a person familiar with the investigation that the employee’s laptop was confiscated by two individuals identifying themselves as representatives of SABC’s IT department and forensics department, and this device was in the possession of SABC forensics for several weeks without explanation. At a later stage, the employee was interrogated by representatives of the SABC’s forensics, and eventually cleared of wrongdoing. As to how the employee came under suspicion, it appears to have involved interception and tracing of the employee’s communications. Aside from the significant distress caused for the employee, the incident speaks to a climate of extreme paranoia and willingness to violate workers’ privacy and other rights to clamp down on perceived dissent.
1.4 Lack of adequate policies to safeguard against unlawful retention and interception of communications
While it is unclear how many contracts contain the above mentioned clause, Right2Know did speak to several SABC workers whose contracts from several years ago did not contain this provision. When R2K sought to assess the provisions of the SABC’s email retention policy, we discovered that the SABC does not have an adopted email policy – there is a draft policy on “Electronic Communication” (TE002/02), dated September 1998, which appears never to have been adopted6 (attached as Appendix 1 to this submission). In any case, this draft policy lacks necessary details, such as whether emails sent through the SABC servers are retained, and if so for how long, and in what circumstances if any they could be searched or used in an investigation, and by whom. This means there are no internal stipulations that guide or restrict how SABC employees’ electronic communication may be monitored and intercepted.
However, it does also mean that if employees have not opted into an agreement to allow their employee to intercept their communications (however problematic such an agreement may be), any interception of their communication by management may be unlawful in terms of RICA, and may constitute a form of covert intelligence gathering. In terms of the National Strategic Intelligence Act 39 of 1994, no organ of state other than the intelligence agencies may develop a covert intelligence capacity.
It should also be noted, and which is further discussed below, that the National Strategic Intelligence Act authorises the State Security Agency to intercept communications as part of security clearance investigations – again, only if such interception is undertaken subject to the restrictions in RICA.
SSA conduct at the SABC
The State Security Agency’s vaguely defined and expansive role in supporting and intervening in security-related matter at public bodies, including but not limited to security vetting, has contributed to a climate of fear at the public broadcaster and created substantial risk of abuse and clampdown. Effectively, in these matters, SABC managers handed over control of governance to the state security structures.
2.1 SSA role in security vetting
It is evident that the State Security Agency’s role in vetting SABC employees and directors is a subject of controversy. The Committee has already received testimony from SABC employees raising concerns about the SSA’s role in security vetting at the SABC, and SABC employees have raised such concerns in numerous media reports as well7. This concern has also been raised in direct engagements between Right2Know and union representatives of SABC employees, and various SABC employees themselves.
The National Strategic Intelligence Act 39 of 1994 mandates the State Security Agency to conduct security vetting investigations for any person employed or applying to be employed to any organ of state. Such an investigation may extend to a startlingly wide range of information about a person, including criminal and financial records, as well as personal information and “any other information that is relevant”. The methods for such an investigation may include invasive measures such as a polygraph test or interception of private communication, subject to the provisions of RICA. Vetting procedures, through the Z204 security clearance form, subject candidates to other invasive processes, such as requiring disclosure of candidates’ sex life and identity of partners, and requiring candidate’s therapists to provide a written report of their mental health (a possible breach of patient confidentiality).
The vetting system sets up a one-sided and fundamentally unequal process; the Act gives full discretion to the SSA to determine the scope and methods of such investigations, and make its own findings, and strips the employee and public body itself of any role or say. A person whose security clearance is refused or withdrawn may only appeal to the Minister of State Security, but without necessarily having sight of the case against which they are arguing. Furthermore the Act stipulates that security-vetting regulations should not be published or released via Government Gazette, meaning that vetting teams are following a rulebook that only they can read.
It is a basic principle in international human rights law that invasive measures must be necessary and proportionate, and subject to maximum possible limitations. To say the least the National Strategic Intelligence Act lacks appropriate limitations and safeguards against over-reach in security vetting processes.
2.2 SSA unexplained operation in SABC Durban office in 2015
In August 2015, Bemawu received complaints from members at the SABC Durban office that SSA officials had “instructed employees to leave their offices whereafter operators spent between two and three hours per office for a purpose unknown to the employees.”8 According to the initial complaint, employees were threatened against discussing or reporting the incident. While it has been speculated that this operation may have related to interception of communications, to date there has been no explanation of this incident.
2.3 SSA ‘investigation’ of leaks in 2015
The Committee has already heard testimony on the SSA’s investigation of several senior managers at the SABC at the behest of management. Those identified as the targets are Messrs Itani Tseisi, Henk Lamberts, Angus Summers, and Andries van Dyk. Ms Mandiwe Nkosi’s testimony to the Committee supported the view that this investigation was aimed at identifying the source of leaks of financial information at the SABC; in other words, the SSA was enrolled in an operation to identify whistleblowers within the SABC, reportedly at the behest of Mr Hlaudi Motsoeneng9. Mr Tseisi has subsequently reported that an SSA official questioned him on his testimony to the Public Protector’s inquiry into Mr Motsoeneng’s appointment10.
The same article reports that another employee under investigationhad his laptop confiscated and wiped of all data. It remains unclear why the SSA had become involved in an internal matter. While the operation has been defended as being in line with the SSA’s mandate to provide security-related services to other government departments, in terms of the National Strategic Intelligence Act, as with security-vetting matters, this mandate is at best vaguely defined and not subject to appropriate limitations.
3.1 Investigation of SSA activity
We recommend that Parliament requests a full investigation by the Office of the Inspector General of Intelligence, to determine:
- The scope of all operations and activities of the State Security Agency at the SABC
- Who authorised these activities and to whom did they report
- Whether any SABC employees were subject to covert intelligence gathering or other invasive methods, and whether this was lawful.
This investigation should be conducted with maximum speed and maximum transparency, and the findings should be made fully public.
3.2 Steps to protect communication and private data of SABC employees
Given the need for specific protections of SABC employees’ communications, both to protect whistleblowers and to protect journalistic freedom at the public broadcaster, the Committee’s findings should include recommendations to overhaul SABC’s policies on protecting electronic communication, as well as any whistleblower policy of the institution (or the urgent adoption of one).
In addition, we recommend a review of the role, powers, and internal checks of the SABC’s internal investigations capacity (referred in Ms Mandiwe Nkosi’s testimony to the committee as “internal audit11), to curtail any potential for internal investigations to target perceived ‘dissenters’ within the SABC or clamp down on critics.
3.3 Review of State Security Agency’s role and powers in other public bodies
This submission touched briefly on concerns of the SSA’s role in security vetting and other security-related matters per the National Strategic Intelligence Act. These roles are poorly defined in the Act and lack transparent and appropriate limitations and safeguards. This needs to be addressed urgently in a review, or the concerning practices which have spooked SABC workers will surely repeat themselves not only at the public broadcaster, but at other public bodies as well.
1Right2Know could not establish if the SABC has any specific code or policy to promote and protect whistleblowing.
2R2K memorandum, 26 April 2016, online: http://www.r2k.org.za/2016/04/26/memorandum-demands-to-stand-against-surveillance-and-fix-rica/
3Testimony of Ms Gqubule, Ad Hoc Committee on SABC Board Inquiry hearing, 12 December 2016
4R2K & SOS statement, 13 April 2014, online: http://www.r2k.org.za/2014/04/13/open-letter-to-sabc-chair-on-the-national-key-points-act/
5Testimony of Mr Calata, Ad Hoc Committee on SABC Board Inquiry hearing, 12 December 2016
6Communication with an SABC spokesperson to seek confirmation of this did not receive a response.
7For example, City Press 27 November 2016, and Sunday Times 23 November 2016.
8Bemawu head office letter to Frans Matlala, 25 August 2015
9Ad Hoc Committee on SABC Board Inquiry hearing, 9 December 2016
10Quoted in Sunday Times, 23 December 2016.
11Testimony of Ms Nkosi, Ad Hoc Committee on SABC Board Inquiry hearing, 12 December 2016