Kenya's Communications Authority wants to regulate the use of public internet access points

Users of public internet connections such as cybercafés and open wi-fi connections in Kenya will need to provide the details of their national identity card, birth certificate or passport before using the internet, according to new regulations from the Communications Authority of Kenya.

All internet users in cybercafés or in hotels and restaurants will have to log all their personal details with the premises before they log onto the internet. These regulations come in the wake of increasing cases of cyber crime and terrorism.

Mobile service providers will also be required to retain data that will allow them to trace and identify the source of communication, the type of gadget used (phone, tablet or computer), the destination, the date, time and duration of the communication and the geographical location of the sender and recipient of the message.

Those giving internet services will have to install closed-circuit television cameras that will record the identity of the clients and also maintain a register of the clients.

In Kenya, it is now law that anyone who owns a SIM card has to register with the mobile operator leaving behind details, but the new thing is that even when accessing public hotspots or free internet anywhere, these details will be mandatory. This information shall be kept for a year and be provided to the authorities on request.

The new regulations make it an offence to use an unregistered mobile phone number to access the internet. The fine for such is a maximum of Sh3 million or a maximum jail term of seven years in prison.

Additionally, the regulations will prohibit the use of private internet protocol (IP) address and virtual private networks (VPNs) on computers. Service providers will be required to keep information on internet use in their premises. It is unclear if this extends to browser histories, login information and downloads.

Anyone running a cyber café or providing internet services will need the permission of the authority.

“Operators of cyber cafés and Public Wireless Hotspots shall ensure that system logs are retained in their original for periods of not less than one year from the date of the communication. CA may issue guidelines on retention of communication logs from time to time,” read the Kenya Information Communications (Cyber Security) Regulations.

Kenyans reacted to the new regulations with incredulity, with some questioning just how practical the measures will be.
https://twitter.com/Keguro_/status/682099688871313408


It’s obvious that the guys that wrote this law have no clue on how the Internet works or the story is not true.

Any which way, if there is a will there is a way. Don’t worry, your Nigeria brothers will be willing to provide you with SSL tunnels and let’s see how they can sniff that out.

The story is legit. The draft regulations can be found here. I do agree that the regulations are very shortsighted, and they’ll probably bring about more harm than good…

So it’s still under public consultation and not yet made law. I will suggest you contribute and suggest why the idea is stupid and it’s against basic human rights to privacy. The mere fact that the folks that produced the initial proposal are not technically competent is good grounds for the proposal to be thrown out.

You may also check out a similar consultation in the UK which was for Pornography controls - https://www.gov.uk/government/speeches/the-internet-and-pornography-prime-minister-calls-for-action - for some ideas from the guys that were against the blocks as they highlighted why a Goverment controlled Internet is bad for the people and nation as a whole.

1 Like