GILAB: New Intelligence Bill a blueprint for State Capture 3.0
The General Intelligence Laws Amendment Bill, coming on the heels of the Zondo Commission, was an opportunity for SA’s top executive to show they were serious about intelligence reform. Instead, it paves the way for State Capture 3.0.
Want to start a “non-governmental organisation”, “religious institution” or “private security company”? You may need security clearance from the state intelligence services if the new GILAB 2022 becomes law. (Download the draft Bill here.)
The bill per se is no surprise. Major issues in the State Security Agency (SSA), South Africa’s lead intelligence organisation, emerged from the report of the 2018 High Level Presidential Review Panel‘s (HLRP) investigation of the SSA. These included the “serious politicisation and factionalisation of the intelligence community” and “an almost complete disregard for the Constitution, policy, legislation and other prescripts”. During the Judicial Commission of Inquiry into State Capture, witnesses testified about the SSA’s infiltration of civil society organisations, political factionalism, and large-scale looting of the secret account funds.
The final report concluded that the SSA contributed significantly to State Capture, and squandered the opportunity to prevent it.
To its credit, GILAB 2022 does make a few important changes, one of which is to address a problem that both the HLRP and Zondo Commission highlighted: It splits the SSA into two intelligence-gathering departments, one domestic, one foreign. The idea is that it will be harder to abuse agency resources if there are two directors-general heading up each department (as opposed to having power over the entire agency concentrated in the hands of one person, who only has to report to a minister).
The problem, however, is that most of the GILAB amendments are to give effect to this restructuring, and the bill has some shocking new requirements — and glaring omissions. There are too many to discuss, so here are the top three most terrifying, which set the stage for a second potential state capture, in no particular order.
Damage by vetting
Number one: In a worst-case scenario interpretation of the bill, you would have to undergo security vetting should you wish to “establish and operate” a new non-governmental or religious organisation, or to “establish” a private security company. In such cases, intelligence services “must” (not could or may) subject you to a “vetting investigation” in order to “determine” your “security competence”. Denial of security clearance would presumably mean that your ambitions to formalise your organisation would grind to an abrupt halt.
Alternatively, you could lodge an appeal with your nearest minister of intelligence, and hope for the best.
Being vetted by the South African state is a highly invasive process, usually reserved for those with access to state-classified information and national key points.
Vetting is meant to establish if you pose a threat to the state. For instance: Are you a chronic gambler with access to government secrets? Perhaps the state has contracted you to maintain infrastructure at a national key point, but you’re also having an affair that could wreck your marriage? That’s important for intelligence services to know, because a foreign state that wants you to provide them with classified information or access to secret facilities may more easily bribe or blackmail you.
Thus, if you are the subject of a vetting investigation, intelligence officers are granted access to your most sensitive information. That’s made clear in the National Strategic Intelligence Act of 1994, just one of three laws affected by GILAB 2022. (The other two are the Intelligence Services Act, and the Intelligence Oversight Act.)
For vetting, spooks can “gather information related” to criminal and financial records, personal information, and “any other information which is relevant to determine the security clearance of a person”. They may compel you to undergo a polygraph test. They could also intercept your communications or get copies of your cellphone records or internet browsing history — by going through the same legal procedures police would use for a serious criminal investigation.
There are three explanations for the inclusion of vetting requirements of non-governmental organisations and churches. Firstly, it could be a misprint. Secondly, this could be a misinterpretation: it’s possible that the bill, the wording of which is at some times unclear, ambiguous and inconsistent, is meant to refer only to non-governmental organisations or churches that service the government and/or somehow have access to state secrets.
The third possible explanation is terrifying.
‘Non-governmental organisations’ have historically been a bane for intelligence services in both autocratic and democratic dispensations around the world. That’s because they can disrupt the status quo, and spread narratives countering the ideologies propping up the powers-that-be. A good local example is the #FeesMustFall student movement that erupted in 2015, with disruptions at campuses nationwide. At the Zondo Commission, witnesses testified to how the SSA implemented Project Academia to undermine the movement.
Vetting would give South Africa’s state intelligence services the power to far exceed the type of damage done to non-profits during the state capture years.
First off, intelligence services could shut down an organisation’s formal registration (and therefore opportunities for formal funding) by denying security clearance. It would not necessarily have to fabricate reasons for such denial; it could simply blame the eternal vetting backlog. (By April this year, the new Joint Standing Committee of Intelligence – the parliamentary body responsible for holding the intelligence services publicly accountable – was unable to commence its work because all members hadn’t been vetted.)
Even if an organisation is granted clearance, it would mean that intelligence services could gain a detailed profile of people in the organisation – the type of information crazed FBI founder J Edgar Hoover incessantly collected on NGOs and church groups that irked him.
To boot, since the compulsory vetting also applies to those “operating” NGOs, vetting could arguably be extended to include staff members handling day-to-day operations. This could include not only staff members of newly registered organisations, but of organisations that have been operating (and bothering) intelligence services for years.
The result is intensive, state-sanctioned surveillance with which targets of vetting would be forced to comply.
All of this is made more worrisome by the fact that neither GILAB nor any of the legislation it amends provides (or refers to) a legal definition of the term “non-governmental organisation”, leaving it open to a myriad interpretations. Is the bill referring to a non-profit organisation, such as the 251 875 registered with the Department of Social Development as of February 2022? Because that could include reading groups for pre-school children, or neighbourhood food distribution organisations, academic think tanks, research agencies, or activists movements.
Whatever the case may be, a broad definition would suit intelligence services, since it gives them leeway to legally conduct operations against civil society that are, in reality, politically motivated. It wouldn’t be that unusual, given the ANC’s historical aversion to and paranoia about NGOs being rogue agents of change or puppets of the CIA – a discourse that normally surfaces when such organisations or movements agitate for basic human rights.
Immense power on mass surveillance
Neatly dove-tailing the compulsory vetting provision, is the second terrifying flaw: the flimsy, vague regulations suggested for an immensely powerful, clandestine mass communications interception facility under the control of the State Security Agency: the National Communications Centre (NCC).
In addition to the damning findings of the HLRP and the Zondo Commission, there was one other issue that GILAB urgently needed to address. In February 2021, in a landmark ruling, the Constitutional Court upheld a High Court decision that the NCC was unlawful.
The decision was part of a larger ruling on the constitutionality of the country’s surveillance legislation, the Regulation of Interception and Provision of Communications-related Information Act (RICA). As documented in recent research published by Intelwatch and the Media Policy and Democracy Project, the court ordered several changes to the law, including notifying a person who was surveilled once that surveillance operation was over (given that such notification wouldn’t jeopardise the investigation). Other important changes included introducing measures that would ensure that the special judge issuing the interception warrants would be impartial, as well as giving special consideration to the sensitivity of communications of journalists and lawyers.
Report: Reforming communication surveillance in South Africa in the wake of AmaBhungane
GILAB virtually ignores all the gains made by the ConCourt ruling on RICA, and instead sets up framework ripe for abuse.
For one, it provides for a retired judge to be appointed to issue warrants for interceptions done through the NCC. But that judge is hand-picked by the president, and assisted by two “interception experts” appointed by the minister in charge of intelligence. Testimony heard during the Zondo Commission painted a picture of how a president and minister of security ran our intelligence services into the ground, precisely because of their virtually unlimited power. The oversight setup with the NCC is eerily similar.
But there’s another major problem, and that’s located in the very nature of the NCC: it is a mass interception facility. That means it scans millions of communication signals, constantly, and searches for keywords of potential interest to intelligence services. The rationale behind this is to locate threats, like terror attacks, before they happen. All this is powered by potent, sophisticated software. Once a pattern of keywords are observed, the NCC can focus on specific people or groups’ communications. It’s one massive sifting process, most of it through the communications of innocent people.
To boot, it’s unclear just what the NCC’s capabilities are (which is another failure of GILAB), but mass communications technology can potentially allow for the conversations of thousands of persons to be stored. This includes internet data traffic (social media messaging, Zoom calls, etc.) or simple conversations over a phone or landline. If it has a digital footprint, your communications can be captured. It is possible to store an entire country’s communications, and retrospectively analyse it to find people of interest. These people can then be targeted by intelligence agencies.
Yet GILAB does nothing to truly, in detail, regulate this type of surveillance. For instance, what are the limitations upon keyword searches? Can bulk recordings be retained? If so, what would be a legitimate reason, and for how long would retention be allowed? These are questions not unique to the South African situation; regulating mass surveillance is something with which jurisdictions the world over are still grappling.
Apartheid hangover
Then, finally the third, and perhaps GILAB’s greatest flaw, since it provides the foundation for corruption that fuelled state capture: the bill fails to remedy three grievous errors that have been with us since the apartheid days. These include the Security Service Secret Account Act of 1969, the Secret Services Account Act of 1978, and the Protection of Information Act of 1982.
Together, these three acts deal a devastating blow to democracy.
As documented in recent research published by Intelwatch and the Media Policy and Democracy Project, the first two provide for a legal, unlimited slush fund to spend in secret on whatever state intelligence services wish. That is possible because the third law allows intelligence services to classify documents willy-nilly. That means they can withhold the documents that Parliament needs to conduct oversight of their operations, and that the Auditor-General needs to fully inspect their books.
GILAB could have revoked these laws and replaced them with democratic alternatives that facilitate transparency and accountability. None of that happened.
On top of these three secrecy laws, the final nails in the coffin of accountability, are shortcomings in the Intelligence Oversight Act, which do not go far enough to give Parliament’s Joint Standing Committee on Intelligence and the Auditor-General access to classified documents. In addition, the Inspector-General of Intelligence, where the public can lay complaints of misconduct against intelligence services, can investigate, but cannot make legally binding findings. In essence, intelligence oversight mechanisms are hamstrung. Here, the new bill fails spectacularly.
GILAB – almost five years after the HLRP and a year after Zondo – was an opportunity for the country’s top executive, and especially President Cyril Ramaphosa, to show that they were serious about intelligence reform. Instead, they deliver a document that paves the way for State Capture 3.0.
You can find a copy of the 2022 General Intelligence Law Amendment Bill here.
- This analysis by Heidi Swart, research and journalism coordinator for Intelwatch, first appeared in News24.
