Users of public internet connections such as cybercafés and open wi-fi connections in Kenya will need to provide the details of their national identity card, birth certificate or passport before using the internet, according to new regulations from the Communications Authority of Kenya.
All internet users in cybercafés or in hotels and restaurants will have to log all their personal details with the premises before they log onto the internet. These regulations come in the wake of increasing cases of cyber crime and terrorism.
Mobile service providers will also be required to retain data that will allow them to trace and identify the source of communication, the type of gadget used (phone, tablet or computer), the destination, the date, time and duration of the communication and the geographical location of the sender and recipient of the message.
Those giving internet services will have to install closed-circuit television cameras that will record the identity of the clients and also maintain a register of the clients.
In Kenya, it is now law that anyone who owns a SIM card has to register with the mobile operator leaving behind details, but the new thing is that even when accessing public hotspots or free internet anywhere, these details will be mandatory. This information shall be kept for a year and be provided to the authorities on request.
The new regulations make it an offence to use an unregistered mobile phone number to access the internet. The fine for such is a maximum of Sh3 million or a maximum jail term of seven years in prison.
Additionally, the regulations will prohibit the use of private internet protocol (IP) address and virtual private networks (VPNs) on computers. Service providers will be required to keep information on internet use in their premises. It is unclear if this extends to browser histories, login information and downloads.
Anyone running a cyber café or providing internet services will need the permission of the authority.
“Operators of cyber cafés and Public Wireless Hotspots shall ensure that system logs are retained in their original for periods of not less than one year from the date of the communication. CA may issue guidelines on retention of communication logs from time to time,” read the Kenya Information Communications (Cyber Security) Regulations.
Kenyans reacted to the new regulations with incredulity, with some questioning just how practical the measures will be.
https://twitter.com/Keguro_/status/682099688871313408