THE United States of America (US) embassy in Lesotho has expressed concern over the passing of the “intrusive” Communications (Subscriber Identity Module and Mobile Device Registration) Regulations of 2021 by the government.
In a statement to the Lesotho Times last night, the embassy said it was still analysing the “nuances of these new regulations” but was nonetheless “concerned” by the apparent intrusion into the lives of subscribers.
“The new regulations will touch on the privacy and personal liberties of every Lesotho citizen who owns a telephone,” the embassy said in its statement.
“Given the breathtaking scale of this regulatory action, the Embassy urges Lesotho’s parliamentarians, civil society organizations and public to engage in a thorough review and robust debate on the issue.
“The Embassy notes that while the new regulations will potentially intrude into the daily life of every person in Lesotho who uses a telephone, the justification for this intrusion is unclear. Therefore, the Embassy encourages the government of Lesotho to forthrightly explain to the public how the interests of the Basotho people will be served by these new regulations.”
The embassy said it had always encouraged Lesotho to “exercise great care and consideration before undertaking any regulation of the communications of its citizens and visitors”.
“Any interference with privacy and other relevant rights and freedoms must be consistent with the International Covenant on Civil and Political Rights and the UDHR (Universal Declaration of Human Rights). We also note that treatment of diplomatic personnel must be in accord with the Vienna Convention of 1961, of which Lesotho is a state party.”
The embassy also questioned how Lesotho will “overcome complex challenges” to accomplish its aim of registering all subscribers.
“The Embassy notes that the collection and storage of sensitive personal data pose complex challenges. One such challenge is preventing access by unauthorised users. In the past year, the computer systems of the government of Lesotho have been subject to repeated penetration by hackers. This brings several questions to the fore; how will the biometric data collected under these new regulations be protected from unauthorised access?
“What will the government of Lesotho do to protect or compensate its citizens after hackers steal their biometric data? Will the government hire an outside consultant to manage this data, and if so, how will this consultant be selected, managed, and held accountable?
“The Embassy also encourages the government of Lesotho to clarify for the public some of the issues left unresolved in the Legal Notice (gazette). Will there be any limits on how the data is used—for instance, will tracking of biometrically linked phones be permitted, and if so, under what circumstances? How will the government solve the practical problem of biometrically registering a million-plus users in six months? How will the government undertake this complex task while simultaneously delivering on other pressing public matters, like elections and COVID-19 vaccine deployment?,” the embassy asked.