Parliament’s National Assembly has approved a new version of the notorious ‘Spy Bill’, aka the General Intelligence Laws Amendment Bill of 2023 (GILAB). A previous version of the Bill, approved by Cabinet last year, called for compulsory security vetting of non-governmental and faith-based organisations (NGOs and FBOs). Ostensibly, the purpose of this would have been to assess if organisations posed a threat to national security. 

The Bill wasn’t clear on the consequences of a negative vetting outcome for an organisation. But there were fears that an organisation might be forced to shut down, or that the state might require the expulsion of board members and employees that the SSA deemed untrustworthy. Needless to say, civil society was immediately critical. 

A cautious celebration 

Fortunately, the latest version of the Bill, approved by the National Assembly on 26th March, seems to have dropped the vetting provision entirely. After being rushed through the law-making process, which started in November 2023, the Bill is now with the National Council of Provinces (NCOP) and is scheduled to be adopted by the NCOP in mid-May. However, GILAB is a section 75 Bill, which means the NCOP’s approval isn’t required. It’s therefore likely that it will be signed into law by the president before the national election in May. 

It’s a win for civil society members who fought hard against the proposed vetting. But the Bill’s path through parliament made it clear that NGOs and FBOs should remain wary of state intelligence services. Throughout the law-making process, despite widespread public pressure, the SSA remained hellbent on legalising a practice commonly seen in authoritarian regimes. Think Russia and China, where no non-profit is free from state regulation aimed at stifling dissent. 

After (and perhaps due to) widespread public criticism of the first version of the Bill, the second draft appeared. Explicit references to vetting of NGOs and FBOs had been replaced by a broader term: “persons or institutions of national security interest”. In other words, anyone or anything that the SSA wanted to investigate behind a veil of secrecy. Again, civil society raised the alarm. The first version of the Bill had made the securocrats’ intentions quite clear. There was no reason to believe that “persons or institutions of national security interest” would not include non-profits, churches, and even businesses. 

In mid-December last year, parliament kicked off the legally required period for public submissions on GILAB. Several organisations used the opportunity to blast the intelligence services for the new vetting provision. Yet, despite major pushback, intelligence services stuck to their guns: in its response to the public submissions, the SSA again argued that the definition of vetting had to be broadened to allow it to investigate people or institutions of national security interest. 

What is vetting?

Throughout the law-making process, and despite widespread public pressure, the SSA remained hellbent on legalizing a practice commonly seen in authoritarian regimes.

To get a better idea of why this use of vetting is so problematic — and why it’s a favourite with authoritarians — it helps to take a look at what vetting entails within a democracy and how the SSA wanted to repurpose it through GILAB. 

In democratic South Africa, vetting has always been applicable to people (like government employees or contractors) who would have access to sensitive, classified state information during the course of their work. The aim is to check that such a person is trustworthy. If, for instance, vetting reveals a person to be in debt, this could make them vulnerable to bribes from hostile foreign agents or criminals. If a person is married but having an affair, that may make them vulnerable to blackmail or be an indicator that they are dishonest and untrustworthy. 

To obtain information of such an obviously intimate nature, the SSA can legally access any personal information it deems relevant, including medical and financial records. Additionally, a person can be subjected to a lie detector test and also have their personal communications intercepted. 

After vetting, if the candidate is deemed low-risk, they are issued with a security clearance certificate, which means they can carry on working with state secrets. But if clearance is withheld, revoked, or downgraded, the vetted person’s access to classified information will be restricted. The bottom line is that you cannot work with classified information if you don’t have an appropriate level of clearance.

The ‘greylist’

The SSA’s rationale for vetting NGOs and FBOs is obviously a deviation from this norm. But they argue that it’s a necessity to combat terrorism financing and money laundering. This stance is, at best, a sign of ignorance. At worst, it is sheer disingenuity. 

Enter the Financial Action Task Force (FATF). This is an international body that works with countries to improve local laws to combat cross-border financial crimes. The FATF put South Africa on a so-called ‘greylist’ because it had failed to comprehensively implement FATF standards for “anti-money laundering (AML) and counter-terrorist financing (CFT)”. (One of the many FATF standards, known as “recommendation 8”, specifically deals with non-profit organisations. In a nutshell, it requires countries to put policies in place and take firm action to prevent non-profit organisations from laundering money and supporting terrorism.) 

Secret investigation

But the SSA’s idea of firm action was to investigate non-profits suspected of financial crimes, while avoiding the usual legal busywork reserved for ordinary folks. When, for instance, police investigate any crime, there are legal restraints. They must open a docket, collect and preserve evidence, and eventually charge the accused with a crime, after which the court will decide the matter. The accused person will also have a defence attorney who will have access to whatever evidence the state has against the accused. 

Vetting, on the other hand, can occur in secret. There is no obligation in law for the SSA to explain what information it accessed, what they were investigating, or why they chose to withdraw, deny or degrade a person’s security clearance. In fact, the SSA can classify any information they deem necessary to protect national security. Thus, those being vetted have no protection from the courts, and little recourse should their security clearance be denied.

Existing laws sufficient

What makes the SSA’s proposal to use vetting to get South Africa off the FATF greylist even more bizarre is that it is simply not necessary. The government recently enacted two new laws specifically to implement FATF recommendations. These include the General Laws (Anti-money laundering and combating terrorism financing) Amendment Act 22 of 2022 and the Protection of Constitutional Democracy Against Terrorism and Related Activities Amendment Act 23 of 2022. These acts give both the police’s Directorate for Priority Crime Investigation (the Hawks) and the Financial Intelligence Centre (FIC) greater investigative powers to address financial crimes. 

Yet, if either of the first two GILAB versions were enacted, the SSA would effectively have been able to ride roughshod over the Hawks’ and FIC’s efforts; while the latter two would be dealing with warrants, affidavits and court applications, the spooks would be conducting off-the-book investigations without legal restraints. 

Act 22 also aims to thwart financial crimes by placing new restrictions and more stringent reporting requirements on registered non-profits. These include, for instance, additional information (the nature of which is to be determined by the FIC and the finance minister) to be added to an organisation’s annual report to the Department of Social Development. Such information can include, for example, details about board members and management of operations. In another change, people found guilty of crimes like theft, fraud, perjury, and forgery can no longer serve on non-profit boards. 

Act 22 seems to have gone some way to improving the FATF’s opinion of South Africa’s approach to its non-profit sector; as of February 2023, South Africa still had to address eight ‘strategic deficiencies’ to get off the greylist, but none of them concerned the non-profit sector. 

Reason for caution

During the Zondo Commission, details from an internal SSA report emerged, revealing how the agency had surveilled non-profit organisations, including Greenpeace Africa, the Right2Know Campaign, South Africa First, and the Council for Advancement of the South African Constitution (CASAC). The SSA also infiltrated the #ZumaMustFall campaign leadership and trade unions. 

Yet perhaps the most compelling reason to mistrust the SSA’s push for extended vetting powers, is its history of undermining NGOs in order to further the interests of certain factions within the ruling African National Congress. 

During the Judicial Inquiry into State Capture Allegations (the Zondo Commission), details from an internal SSA report emerged, revealing how the agency had surveilled non-profit organisations, including Greenpeace Africa, the Right2Know Campaign, South Africa First, and the Council for Advancement of the South African Constitution (CASAC). The SSA also infiltrated the #ZumaMustFall campaign leadership and trade unions. It didn’t take much to warrant infiltration — “groups considered hostile” were generally targeted, according to the Commission’s report on the SSA. 

Civil society may have won this round and successfully warded off draconian security regulations. But the drafting of GILAB has shed light on a terrifying reality: South Africa’s intelligence services simply don’t get democracy. 

Heidi Swart is the research and journalism coordinator for Intelwatch, a non-profit organisation based in South Africa, dedicated to strengthening public oversight of state and private intelligence actors in Africa and around the world.