[kictanet] [isoc_ke] Computer and Cyber crimes bill 2016 Day 1 of 5 Part 2 Offences

Kamotho Njenga kamothonjenga at gmail.com
Tue Jul 26 09:02:36 EAT 2016


Thanks Barrack for bringing up this for discussion,

With regard to cyber squatting, it is logical that whoever is first to
register a domain name should acquire full proprietary rights. The
alternative would be to require that every time you wish to register a
particular domain you move around asking everyone whether a particular name
might be their trademark. In deed I am of the view that cyber squatting and
domain name hawking ought to be recognized as a legitimate trade.

Further issues on the Cyber crime Bill revolve around how the crime angle
dovetails with technological dynamics and realities. Essentially, cyber
crimes are perpetrated by a sophisticated lot. Technology tools are also
evolving speedily making thus the need for a forward looking cyber crime
legislation. From a preliminary perspective some of the aspects that
require further reflection appertain to the following:

1. Cyber crime in the context of technology convergence- Conventionally,
computers have been the most potent ICT tools. Yet, evolving trends point
towards the mobile phone as an extremely powerful computing tool. As a
matter of fact, few stationary devices can match the capabilities of an
average smart phone, including its propensity to orchestrate lethal cyber
crimes. From a cursory look at the Bill, I am unable to tell the placement
of the mobile phone. Is it included and if so what are the possible
scenarios that may play out during enforcement of this proposed law. Is
there anything for instance which would preclude a police officer from
obtaining a warrant as per section 21 to confiscate your mobile phone for
investigation purposes?

2. Cloud Based services- How will crimes relating to data that resides on a
Virtual Hosting server be treated. For instance, if someone procures cloud
facilities from Safaricom and uses the same for prohibited purposes such as
storage of child pornography, who will be held liable in this case? Is it
the client or the service provider? I can almost see Sir Bob Collymore and
his principal officers being jailed under section 16.

3. Dark net and unconventional browsers- Use of disguised and anonymous web
navigation tools such as onion routers and others that provide secret
system access is getting prevalent. It is even possible for cyber criminals
to store rogue content in your computer system or to use them to commit
cyber crime without your knowledge. What will prevent investigators from
taking innocent victims of circumstances to Pangani to "assist" police with
investigations.

4. Investigation and Enforcement- Cyber crimes are very technical in
nature. Requiring the police to enforce the Act without affording them
specialized training on cyber security will be asking for too much. In the
fullness of time, there will be need to legally provide for a dedicated
unit to pursue a multi-pronged approach that encompasses cyber incident
detection, prevention and deterrence.


Kamotho

On Mon, Jul 25, 2016 at 9:02 PM, Kelvin Kariuki via kictanet <
kictanet at lists.kictanet.or.ke> wrote:

> Dear Listers,
>
> The bill clearly outlines the unauthorized disclosure of a password as a
> crime, however, it is silent on a situation where an employee 'refuses' to
> hand-over passwords of certain accounts including servers, and web domain
> registrar or claims to have 'forgotten' those passwords, especially in
> situations where they have lost their job . So my questions are:
> 1. Is that a criminal offence?
> 2. Should it be dealt with the company policy or should it be included in
> this bill?
>
>
> On Mon, Jul 25, 2016 at 8:12 PM, Francis Monyango via kictanet <
> kictanet at lists.kictanet.or.ke> wrote:
>
>> On Cyber squatting, I don't see the rationale of it being a criminal
>> offence. It being a civil wrong, maybe yes. But as lawyers say, equity aids
>> the vigilant and not the indolent.
>> On Jul 25, 2016 2:34 PM, "Barrack Otieno via kictanet" <
>> kictanet at lists.kictanet.or.ke> wrote:
>>
>>> Many thanks Ali,
>>>
>>> Indeed such things happen when elections are around the corner, i also
>>> think the Computer and Cyber Crimes Bill will become more relevant as
>>> we approach elections, reading the act i cant help but observe that
>>> some of the offenses attract fines for as much as 7 million shillings
>>> are we getting over excited or is this the norm internationally? i
>>> hope other listers have had a change to review the bill.
>>>
>>> Regards
>>>
>>> On 7/25/16, Ali Hussein <ali at hussein.me.ke> wrote:
>>> > Barrack and all
>>> >
>>> > To address the issue of uhuru.co.ke in relation to the cyber crime
>>> Bill
>>> > 2006.
>>> >
>>> > Let me first address the issue of cybersquatting as opposed to the
>>> practice
>>> > of selling domains in the Domain After Market.
>>> >
>>> > Cyber-Squatting is best described as the practice of registering names,
>>> > especially well-known company or brand names, as Internet domains, in
>>> the
>>> > hope of reselling them at a profit. For example:-
>>> >
>>> > Walmart.co.ke
>>> > Carrefour.co.ke
>>> > Yahoo.co.ke (which incidentally I once owned when I didn't know any
>>> better!
>>> > :-) )
>>> > Google.co.ke (which incidentally was free once not too long ago)
>>> >
>>> > The domain aftermarket is the secondary market for Internet domain
>>> names
>>> > which a party interested in acquiring a domain that is already
>>> registered
>>> > bids or negotiates a price to effect the transfer of registration from
>>> the
>>> > registered holder of that domain name.
>>> > The professional pursuit of speculation in the domain aftermarket is
>>> known
>>> > as domaining. The domain aftermarket has grown substantially, as an
>>> > increasing number of generic domains names that promise 'marketing
>>> appeal'
>>> > and 'desirability' are registered by domain warehouses, or resellers.
>>> >
>>> > The domain aftermarket is facilitated by auction houses which provide
>>> > communication methods for buyers and sellers to interact, often
>>> anonymously,
>>> > to negotiate and close a transaction. They often provide additional
>>> > services, such as financial escrow services and domain parking.
>>> >
>>> > Now let's address the uhuru.co.ke case. This is similar to the Evans
>>> Kidero
>>> > case sometime back. In that particular case the Good Governor's team
>>> had the
>>> > good sense to negotiate and acquire the domain that had slipped through
>>> > their fingers.
>>> >
>>> > So is Uhuru a Brand Name or a Generic Name?
>>> >
>>> > A quick look at Google search results indicate that the word Uhuru has
>>> a
>>> > generic meaning (freedom) and is also a name.
>>> >
>>> > So which one is it? A Brand Name or a Generic one.
>>> >
>>> > Let's do another exercise.
>>> >
>>> > Word. Generic name or brand name for one of the most successful
>>> computer
>>> > programs ever?
>>> >
>>> > You get the picture..
>>> >
>>> > Does this issue belong in the Cyber-Security bill?
>>> >
>>> > My take:- A resounding NO. Let's apportion the blame where it
>>> belongs..with
>>> > the guys who should have known better and let such a valuable Generic
>>> Name
>>> > lapse.
>>> >
>>> > KeNIC are you listening? Seems like some people need 101 lessons on
>>> > Defensive Domain Registration.
>>> >
>>> > And to Corporates out there here's my advise for free:-
>>> >
>>> > Move your domain custodian services from the IT Department to the
>>> Marketing
>>> > Department.
>>> >
>>> > My two cowrie shells..
>>> >
>>> > Ali Hussein
>>> > Principal
>>> > Hussein & Associates
>>> > +254 0713 601113 / 0770906375
>>> >
>>> > Twitter: @AliHKassim
>>> > Skype: abu-jomo
>>> > LinkedIn: http://ke.linkedin.com/in/alihkassim
>>> >
>>> >
>>> > "Discovery consists in seeing what everyone else has seen and thinking
>>> what
>>> > no one else has thought".  ~ Albert Szent-Györgyi
>>> >
>>> > Sent from my iPad
>>> >
>>> >> On 25 Jul 2016, at 9:45 AM, Barrack Otieno via isoc <
>>> isoc at lists.my.co.ke>
>>> >> wrote:
>>> >>
>>> >> Listers,
>>> >>
>>> >> As you prepare your comments, we had an interesting case last week of
>>> >> www.uhuru.co.ke. Apparently the owner of the domain was ready to part
>>> >> with it for a tidy sum of money. There were counterarguments as to
>>> >> whether the domain was a generic name or whether it was a trademark
>>> >> :-)(you know what i mean), it also brought to fore the issue of
>>> >> cybersquatting and whether it is an illegal activity on the dot Ke
>>> >> space. There are those who felt that this is a genuine mode of
>>> >> business akin to speculation in real estate. Was this an offence in
>>> >> light of the Computer and Cybercrimes bill 2016?
>>> >>
>>> >> Regards
>>> >>
>>> >>> On 7/25/16, Barrack Otieno <otieno.barrack at gmail.com> wrote:
>>> >>> Listers,
>>> >>>
>>> >>> As announced last week, online discussions on the Computer and
>>> >>> Cybercrimes bill 2016 will start today.  The Computer and Cybercrimes
>>> >>> bill can be accessed using the following link
>>> >>> http://www.mygov.go.ke/?p=11234.
>>> >>>
>>> >>> Today we focus on part II of the bill which focuses on the offences:
>>> >>>
>>> >>> Questions
>>> >>>
>>> >>> 1. Does the section address computer and cyber crime related offenses
>>> >>> in a comprehensive manner and according to International standards ?
>>> >>> 2. If it does not can you point out areas that need to be
>>> incorporated
>>> >>> into the bill?
>>> >>> 3. Are there clauses in this section that will impede the growth of
>>> >>> electronic commerce or affect online citizen participation as seen on
>>> >>> Kenyans on Twitter (KOT) ? If that is the case , how should the same
>>> >>> be phrased?
>>> >>> 4. Do you have any other proposals that can be incorporated into part
>>> >>> 2 to improve it?
>>> >>>
>>> >>> We welcome your feedback on the questions above,
>>> >>>
>>> >>> Thank you
>>> >>>
>>> >>>
>>> >>> Kelvin and Barrack
>>> >>> --
>>> >>> Barrack O. Otieno
>>> >>> +254721325277
>>> >>> +254733206359
>>> >>> Skype: barrack.otieno
>>> >>> PGP ID: 0x2611D86A
>>> >>
>>> >>
>>> >> --
>>> >> Barrack O. Otieno
>>> >> +254721325277
>>> >> +254733206359
>>> >> Skype: barrack.otieno
>>> >> PGP ID: 0x2611D86A
>>> >>
>>> >> _______________________________________________
>>> >> isoc mailing list
>>> >> isoc at lists.my.co.ke
>>> >> http://lists.my.co.ke/cgi-bin/mailman/listinfo/isoc
>>> >
>>>
>>>
>>> --
>>> Barrack O. Otieno
>>> +254721325277
>>> +254733206359
>>> Skype: barrack.otieno
>>> PGP ID: 0x2611D86A
>>>
>>> _______________________________________________
>>> kictanet mailing list
>>> kictanet at lists.kictanet.or.ke
>>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>>
>>> Unsubscribe or change your options at
>>> https://lists.kictanet.or.ke/mailman/options/kictanet/monyango93%40gmail.com
>>>
>>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>>> for people and institutions interested and involved in ICT policy and
>>> regulation. The network aims to act as a catalyst for reform in the ICT
>>> sector in support of the national aim of ICT enabled growth and development.
>>>
>>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>>> online that you follow in real life: respect people's times and bandwidth,
>>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>>> not spam, do not market your wares or qualifications.
>>
>>
>> _______________________________________________
>> kictanet mailing list
>> kictanet at lists.kictanet.or.ke
>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>
>> Unsubscribe or change your options at
>> https://lists.kictanet.or.ke/mailman/options/kictanet/kelvinkariuki89%40gmail.com
>>
>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>> for people and institutions interested and involved in ICT policy and
>> regulation. The network aims to act as a catalyst for reform in the ICT
>> sector in support of the national aim of ICT enabled growth and development.
>>
>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>> online that you follow in real life: respect people's times and bandwidth,
>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>> not spam, do not market your wares or qualifications.
>>
>
>
>
> --
> Best Regards,
>
> Kelvin Kariuki
> Twitter Handle: @teacherkaris
> Alt email: kkariuki at mmu.ac.ke
> Mobile: +2547 29 385 557
>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> Unsubscribe or change your options at
> https://lists.kictanet.or.ke/mailman/options/kictanet/kamothonjenga%40gmail.com
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20160726/52041b5b/attachment.htm>


More information about the KICTANet mailing list