[kictanet] ICT bill discussion

[aki]

After a few days of reading the draft bill in relation to ICT sections
42-86, I wish to commend the various players, ict professionals for the
excellent points contained in the bill which are stepping stones for further
development. However, I'd like to make some comments about sections require
better definitions in the near future or if possible amendments before it
became law. Due to the nature of the vagueness, the laws can be exploited by
self interpretations and could lead to misuse.

If I may list these ( going by the draft as I do not have the final version
) :

- Section 57 : More specifics needed

- Section 61 to 67 : computer related and security. Is this about public or
private networks and computers/servers connected to these?
There is no provision in the bill that public sector/ private sector who
deal with financials, senstitive info etc must comply with tougher systems
that are not easily broken into or abused. This must be a two way street.
How easily a system can be compromised depends on how well it is defended
with appropriate technology.

- Section 69 : More specifics needed

- Section 70 : More specifics needed

- Section 71 : More specifics needed

- Section 73 :  More specifics needed, similar to 61-67,70

- Section 74, 75 :  More specifics needed

Also not covered is data co-location services that should be mandatory for
public sector and possibly private sector that hold financial, public
databases and records incase of fire/theft or "sudden" disappearences.

Clarity on paper would make the bill a huge success within the ICT portions.

With Rgds.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20081216/7689b50f/attachment.htm>