[kictanet] CCK & ISPs to Block of Websites?

Fiona Asonga tespok at tespok.co.ke
Fri May 9 12:50:23 EAT 2014


Hallo Ali 

Thanks for the interest in the subject matter, kindly find my responses inline: 

Fiona Asonga 
Chief Executive Officer 
Telecommunications Service Providers Association of Kenya/ Kenya Internet Exchange Point 
Member Strategic Committee of the Africa Computer Emergency Response Team 

NRO Number Council http://www.nro.net/about/number-council.html 

ASO Address Council http://aso.icann.org/ac/ 


14 th Floor, Bruce House 
Standard Street 

Tel: +254 20 2245 036 
Cell: +254 721 713 504 

Website: www.tespok.or.ke 



“Industry voice in Telecommunications, Providing Policy and Direction 
within the Industry and Government” 





Fiona Asonga 
Chief Executive Officer 
Telecommunications Service Providers Association of Kenya/ Kenya Internet Exchange Point 
Member Strategic Committee of the Africa Computer Emergency Response Team 
NRO Number Council http://www.nro.net/about/number-council.html 
ASO Address Council http://aso.icann.org/ac/ 

14 th Floor, Bruce House 
Standard Street 

Tel: +254 20 2245 036 
Cell: +254 721 713 504 
Website: www.tespok.or.ke 


“Industry voice in Telecommunications, Providing Policy and Direction 
within the Industry and Government” 
----- Original Message -----

From: "Ali Hussein" <ali at hussein.me.ke> 
To: tespok at tespok.co.ke 
Cc: "KICTAnet ICT Policy Discussions" <kictanet at lists.kictanet.or.ke> 
Sent: Friday, May 9, 2014 11:32:22 AM 
Subject: Re: [kictanet] CCK & ISPs to Block of Websites? 


Fiona 


Thanks for speaking out. Appreciated. 


May I make some comments/ask some questions? 


We must balance the needs for privacy and national security. Where this country is at the moment we should appreciate the government's fundamental duty of safeguarding citizens' security and the country's infrastructure. Having said that it is also incumbent on the industry to have some transparency as required by our constitution. For avoidance of doubt has the industry:- 


1. Received requests to monitor individual email and search activity in Kenya? 
There has been no request to monitor any individual emails in Kenya. 
However, as an industry we have been concerned about certain amendments to the KCA carried out in 2008 that were rather vague giving excessive power to network operators to carry out the above. When liability of network content is placed on the network operator as opposed to the network users what is there to protect the users privacy if the the network operator proceeds to prey in the name of protecting themselves from liability? This is one important issue that we hope will be amended once we have the Data Protection Act in place. 


2. Is there any report that the industry puts together where we can see:- 
a) Govt request of the above? 
We are still in the initial process of negotiating the operational framework of how government can work in partnership with private sector. We are yet to receive a request from government. When the requests start coming in we shall document and have a both a public and detailed reports of our operations. 


b) How many were obliged and how many refused? 
None have come through yet 


3. Cyber security breaches and how they were dealt with? 
>From our reports on the usalama site you will notice that the cyber security breaches numbers vary depending on the type of threat, source and country out of which attack is stemming from. We have presented the reports as per month and quarter with all the breached we observed. 
On dealing with the security breaches: 
TESPOK has a 24/7/365 monitoring system that send alerts based on the threat priority to the TESPOK technical team. Then we begin to engage the ISP 
1st point of contact is the respective ISP security staff whom we contact with breach details and recommendations and give them time to remedy situation. 
2nd point of contact is the Network/IT head to report the status from our end 
3rd point of contact is the CEO of the respective ISP if his team is unable to remedy situation, we request permission to assist resolve the breach at no extra cost to the ISPs. We also provide the CEO all the information they require about the breach in the event that the public need to be informed. In the last one year we have had 2 major breaches that saw us follow this process and introduce engagement with Kenya Bankers Association due to the financial institutions that were at risk. 
We are working on a program for the financial sector that will be deployed as soon as Kenya Bankers Association have finalized implementation issues at their end. 



Kenya is at the top of Internet freedom worldwide. We must temper this freedom with responsibility. Its a fine balance and requires both the private sector, non-governmental players and the government itself to work in tandem to ensure this freedom is not abused. 
I couldn't have put it better, online security is a space we all need to participate in a stakeholders of the shared platform. 



On the part of Government, we must urge them that while they ensure and safeguard our borders both within and without they must do it within the purviews of humanity and decency - after all that is what differentiates us from those who seek to destroy what we hold dear. 



Ali Hussein 


+254 770 906375 / 0713 601113 



Twitter: @AliHKassim 
Skype: abu-jomo 
LinkedIn: http://ke.linkedin.com/in/alihkassim 
Blog: www.alyhussein.com 



"I fear the day technology will surpass human interaction. The world will have a generation of idiots". ~ Albert Einstein 

Sent from my iPad 

On May 9, 2014, at 9:02 AM, "Fiona Asonga" < tespok at tespok.co.ke > wrote: 




Hallo Listers, 

TESPOK the umbrella body for service providers that runs the KIXP has taken time to follow up on the posts in the preceding emails. 

TESPOK as the industry body for service providers has been running a Computer Security Incident Response Team since 2009. We have realtime user access to for service providers to view auto-generated reports of their network status. CCK has been working with TESPOK since 2011 to ensure network integrity for the safety of Internet users. The working arrangements places TESPOK as the face of the ISPs in as far as CCK and cyber security is concerned. We are unable to confirm any requests to block websites or blogs, however ISPs have been requested by both TESPOK and CCK to have dedicated Network Security staff. 

It is my view that the request to engage may have been mis-understood or mis-communicated. KIXP is dependent on content and it would be counter productive for TESPOK to support blocking of websites thus reducing content access at the KIXP. 

In the event that we note changes to our mode of engagement with CCK in a manner to negatively impact on the end users' experience we shall not hesitate to speak up. For more details on our cyber security program kindly visit www.cyberusalama.co.ke or www.usalama.co.ke 

kind regards 


Fiona Asonga 
Chief Executive Officer 
Telecommunications Service Providers Association of Kenya/ Kenya Internet Exchange Point 
Member Strategic Committee of the Africa Computer Emergency Response Team 

NRO Number Council http://www.nro.net/about/number-council.html 

ASO Address Council http://aso.icann.org/ac/ 


14 th Floor, Bruce House 
Standard Street 

Tel: +254 20 2245 036 
Cell: +254 721 713 504 

Website: www.tespok.or.ke 



“Industry voice in Telecommunications, Providing Policy and Direction 
within the Industry and Government” 

----- Original Message -----

From: "Ali Hussein via kictanet" < kictanet at lists.kictanet.or.ke > 
To: tespok at tespok.co.ke 
Sent: Wednesday, May 7, 2014 2:16:25 PM 
Subject: Re: [kictanet] CCK & ISPs to Block of Websites? 



Wash & all 


Its not the blocking that worries me. It's the big brother syndrome that concerns me. That Govts worldwide have this syndrome is a foregone conclusion. The ones who are not in the news just haven't been caught yet or are openly doing it - China, Russia, Middle East countries etc. 


Ali Hussein 


+254 770 906375 / 0713 601113 




Twitter: @AliHKassim 

Skype: abu-jomo 

LinkedIn: http://ke.linkedin.com/in/alihkassim 

Blog: www.alyhussein.com 



"I fear the day technology will surpass human interaction. The world will have a generation of idiots". ~ Albert Einstein 

Sent from my iPad 

On May 7, 2014, at 1:21 PM, Odhiambo Washington via kictanet < kictanet at lists.kictanet.or.ke > wrote: 





I think it's not going to be easy to block web content unless the govt buys the equipment the ISPs need for this purpose - content filtering. You can block a website, but it's another game altogether to block the content. Content can be moved very easily to other hosts. Plus, it's gonna be futile, because that very content will be shared on Social Media the moment the govt opens its mouth:) You know that once it's in social media, it's not just a website anymore we're talking about. 




So, IMHO, I believe the govt will NOT be doing this. 


Victor, is there a law that allows the govt or it's agents to block web content? What are the provisions within that law, and are those provisions violated by those websites. 





On 5 May 2014 21:23, Victor Kapiyo via kictanet < kictanet at lists.kictanet.or.ke > wrote: 




Dear listers, 

I came across this tweet earlier today. I'm not sure of the legitimacy of the claim, but could someone from CCK, any ISP or lister respond to the allegations / shed more light on this? 


Tweet from Robert Alai (@RobertAlai) 

Robert Alai (@RobertAlai) tweeted at 1:22 PM on Mon, May 05, 2014: 

Now the govt through CCK wants ISPs to block some 15 websites and blogs critical of the government. 

( https://twitter.com/RobertAlai/status/463262331695550464 ) 

Victor 
_______________________________________________ 
kictanet mailing list 
kictanet at lists.kictanet.or.ke 
https://lists.kictanet.or.ke/mailman/listinfo/kictanet 

Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/odhiambo%40gmail.com 

The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development. 

KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications. 




-- 
Best regards, 
Odhiambo WASHINGTON, 
Nairobi,KE 
+254733744121/+254722743223 
"I can't hear you -- I'm using the scrambler." 



_______________________________________________ 
kictanet mailing list 
kictanet at lists.kictanet.or.ke 
https://lists.kictanet.or.ke/mailman/listinfo/kictanet 

Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/info%40alyhussein.com 

The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development. 

KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications. 
_______________________________________________ 
kictanet mailing list 
kictanet at lists.kictanet.or.ke 
https://lists.kictanet.or.ke/mailman/listinfo/kictanet 

Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/tespok%40tespok.co.ke 

The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development. 

KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications. 




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20140509/adf0d496/attachment.htm>


More information about the KICTANet mailing list