[kictanet] [Skunkworks] Kenya IGF 2010, Discussions :Day 7 of 8 Theme:E-Crime, Online Privacy & Data Security- Continuation

Tue Jul 13 10:38:43 EAT 2010

Listeners,

I think the first thing would be to commend the innovation we are
experiencing in our country. Who would have thought we would have such great
ICT solutions today. Just two years ago you could not check about your voter
registration credentials by sending a text message! (now to 3007), or get
yellow pages access from 5991! We all agree that this comes with it's
security limitations but this should be viewed as an opportunity to build
secure systems that our government can benefit from. If we push it back to
government the process of securing public online privileged information may
take too long to get done. This now opens a new avenue for the private
sector and perhaps a joint venture with government to build this secure
systems we desire.

In my humble view we should not be asking the question why this or why that
but how can we make this better and more secure!

On E-crime in Kenya I think this is a growing concern because typical
e-crime would happen over the internet, accessed via  a computer. In our
situation internet access is mostly on the go. (On your hand held) You have
access to your virtual bank (MPesa, MKesho, Zap, Yu Cash and others) and
real bank. Should this interaction be compromised huge losses would follow.
I have not yet heard of any groups or persons who have successfully
compromised this systems but it's only a matter of time. However there are
other forms of e-crime that is happening in the country where people
harassed through their mobile phone or social networking sites. For more
information on the local situation contact Alice on the forum to get access
to the cyber crime against women in Kenya report.

Sammy.

On Tue, Jul 13, 2010 at 8:36 AM, wesley kirinya <kiriinya2000 at yahoo.com>wrote:

>
>  i)      Sim card registration
> 1. Where is this database located? Is it at the private companies (Telecos)
> or some government office?
>
> 2. Do the police have the hardware and software to cheaply, efficiently and
> conviniently access the data? Who within the police authorizes access to
> such data? What measures are there to prevent an authorized person viewing
> the data from abusing it because now the person not only sees numbers, but
> knows the names and residential addresses of people contacting a particular
> number.
>
> 3. Why give an ID number and birth info, yet this birth info was used when
> getting the ID? It seems the govenment needs to put it's data in order.
>
> --- On *Tue, 7/13/10, Judy Okite <judyokite at gmail.com>* wrote:
>
>
> From: Judy Okite <judyokite at gmail.com>
> Subject: [Skunkworks] Kenya IGF 2010, Discussions :Day 7 of 8
> Theme:E-Crime, Online Privacy & Data Security- Continuation
> To: "KICTAnet ICT Policy Discussions" <kictanet at lists.kictanet.or.ke>,
> "Skunkworks forum" <skunkworks at lists.my.co.ke>
> Date: Tuesday, July 13, 2010, 6:47 AM
>
>
> Good Morning,
>
> As we near, closing these discussions we, feel free to contribute to the
> former threads by clicking on the correct subject/title.
>
> Today we continue with ,
>
>
>    - a)      E-crime- situation in Kenya
>    - b)      E- Voting- where Kenya is @
>
> And today we add
>
> c)      c)  Online privacy and data security
>
>  i)      Sim card registration-  on the 21st June 2010 the government
> through  CCK(Communication Commission of Kenya) declared it mandatory for
> all mobile users to register their Sim cards
>
> More info: http://www.cck.go.ke/news/2010/news_21june2010.html
>
> “The exercise is aimed at safeguarding the public against acts of
> insecurity, including the wide spread threats posed by terrorism, drug
> trafficking, money laundering, extortion, fraud, hate messages, and
> incitement that are now wide spread throughout the world, “said the Minister
> for Information and Communication.
>
> Currently we have 18million (I stand to be corrected ) mobile users in
> Kenya, In these forms, one has to give their residential area , their
> identity card number, their birth information etc… That is a whole lot of
> data on Kenyans… in short , a grand database! From yesterday’s discussions
> we saw that currently we have no LAW  to guard this database.
>
> Q. What will stop the Authority from using my details wrongly?
>
> Q. What happens if I don’t register by 31st of July? I will be
> disconnected? Under what LAW?
>
>
>
>
> ii) When I send a SMS to 3007 with an ID card number, it returns with voter
> details, full names, place of voting and voter card number of the ID card
> holder, however,
>
> 1, the system put in place, does not verify in any way that it’s the real
> owner of the ID card, that has sent this query?
>
> a)      Can this data be manipulated? Then what?
>
> A question, on top of my head, with all these ongoing, what creates demand
> for LAW?(if there is anything, like that)
>
>
>
> Your queries, comments, inputs, corrections are welcome!
>
>
>
> Kind Regards,
>
>
>
>
> --
> “To live is to choose. But to choose well, you must know who you are and
> what you stand for, where you want to go and why you want to get there.”
> Kofi Annan
>
> -----Inline Attachment Follows-----
>
> _______________________________________________
> Skunkworks mailing list
> Skunkworks at lists.my.co.ke <http://mc/compose?to=Skunkworks@lists.my.co.ke>
> http://orion.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
> ------------
> Skunkworks Server donations spreadsheet
>
> http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1fbjAwOUE&hl=en
> ------------
> Skunkworks Rules
> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
> ------------
> Other services @ http://my.co.ke
>
>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> This message was sent to: sam.gatere at gmail.com
> Unsubscribe or change your options at
> http://lists.kictanet.or.ke/mailman/options/kictanet/sam.gatere%40gmail.com
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20100713/6cea34bb/attachment.htm>