[kictanet] Has IEBC Voter Register Been Compromised

Harry Karanja kkairo at gmail.com
Tue Feb 12 06:35:52 EAT 2013


On interrogation of legislation I've actually found that the Kenya Communication (Amendment) Act imposed stiff penalties for unauthorized access of data. So whether it came from retail agents or telcos (which is highly improbable) this MP is not supposed to have my data. I'd also discount the idea of cell broadcasting - which to the best of my knowledge had not been activated in Kenya for commercial use. The SMS originated from a UK number.

What is indisputable is that the aspiring MP accessed my personal data without authorization. The next challenge is who should be held accountable and how do I do this?  As mentioned earlier, targeted campaigning or marketing is only one use of this data - but what if someone based on my surname surmises that I do not fit into the electoral map, will there be another form of targeting to evict me from that constituency? (Here lies the futility of SIM registration as these SMS can easily be sent from UK or India)

The fears I have are real, for its happened before, and as most on this list can attest, technology has the power to make this process more efficient.

Regards, 
Harry Karanja

Sent from my iPad

On Feb 11, 2013, at 10:40 AM, Edith Adera <eadera at idrc.ca> wrote:

> Harry,
>  
> Indeed the sources are many as others have said. Do we have a data protection law (and FOI law) in place? Or the 10th parliament left “hurriedly” without enacting it?
>  
> The scenarios of how an individual voter can be targeted are many and scary, to say the least.
>  
> Edith
>  
> From: kictanet [mailto:kictanet-bounces+eadera=idrc.ca at lists.kictanet.or.ke] On Behalf Of Harry Karanja
> Sent: February 10, 2013 10:44 PM
> To: Edith Adera
> Cc: KICTAnet ICT Policy Discussions
> Subject: [kictanet] Has IEBC Voter Register Been Compromised
>  
> Listers,
>  
> This morning I received the oddest message. Through a bulk sms provider, one of the aspirants for MP in my constituency sent me an SMS appealing me to vote for him in the upcoming elections? Now I say odd because to the best of my knowledge I have never communicated to this politician my number and my constituency. In fact the only person I have ever given this dual information is the IEBC during voter registration. 
>  
> Which begs the question, could IEBC or its registration clerks be making voter registers available to politicians for consideration or otherwise? I'm also curious if this is an isolated event or its happening elsewhere?
>  
> Now I don't need to emphasize on the very serious implications if politicians are in possession of such specific data on the electorate. I previously blogged (http://www.startupkenya.info/2010/08/chopping-up-big-green-giant-safaricom.html) on the dangers of telcos in possession of too much personal data, but it is nothing compared to politicians with this data especially in a country that has experienced deadly post election violence. 
>  
> I'm curious what measures IEBC has in place for the protection of our personal information and if my experience this morning portends the compromise of all future governmently held e-data?
> 
> Regards, 
> Harry Karanja
>  
> Sent from my iPad
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20130212/3550054d/attachment.htm>


More information about the KICTANet mailing list