[kictanet] MPESA 'Hakikisha' Privacy Issues

Ali Hussein ali at hussein.me.ke
Thu Jan 23 18:20:10 EAT 2020 

Arya

The new Permission Marketing best practice is opt-in, NOT opt-out.

Regards

*Ali Hussein*


Tel: +254 713 601113

Twitter: @AliHKassim

Skype: abu-jomo

LinkedIn: http://ke.linkedin.com/in/alihkassim
<http://ke.linkedin.com/in/alihkassim>




Any information of a personal nature expressed in this email are purely
mine and do not necessarily reflect the official positions of the
organizations that I work with.


On Thu, Jan 23, 2020 at 4:10 PM Arya Jeipea Karijo via kictanet <
kictanet at lists.kictanet.or.ke> wrote:

> I think they will argue that they have provided options for opting out.
> But the thing is you have to go looking for it... it is not in your face.
>
> But as I have said before - the threshold of compliance with data
> protection and also in getting users to read "software license agreements"
> should be as high as the same level companies use to market their products.
>
> That means if a company can go all out with a video to advertise their
> service... then the "Software license agreement" should be a fancy video...
> "think of it a little bit like the little ones they have on the flights
> telling you about safety" - in extreme case scenario the sales person
> should "educate" the user into what they are signing up for.
>
>
> With kind regards
>
>
> Jeipea
>
> Believe in yourself then you can change your world
>
> ____________________________________________
> Skype: john.paul.em
> Cell: +254735586956
>
>
> On Thu, Jan 23, 2020 at 12:00 AM Nick Ngatia via kictanet <
> kictanet at lists.kictanet.or.ke> wrote:
>
>> In 2020, Safaricom should do something about the data privacy concerns
>> raised in various fora.
>>
>> I think one of the most controversial features that was introduced in
>> 2019 was Hakikisha. Touted as a way to reduce money sent to the wrong
>> recipients, it has become a major headache for those who are
>> conscious about privacy of personal data. It is a good thing that you can
>> only 'hakikisha' upto 5 times per day. However, this limit does not seem to
>> work on mySafaricom app.
>>
>> The basic argument is that just because I need to send you money, you
>> don't have to know my full names as they appear on ID. Secondly, this
>> service has been abused by fraudsters multiple times to access personal
>> data that they should otherwise have not access to. The lack of a limit on
>> MySafaricom App means that a fraudster can guess random Safaricom numbers
>> and get their full names as they appear on ID many many times in a day.
>> The problem is that Safaricom does not seem to do anything about all the
>> concerns raised from different quarters about the Hakikisha feature.
>>
>> One viable recommendation has been to give each MPESA user a unique
>> 'SafaricomID'. This ID, whether numeric or alphanumeric, *should be
>> displayed* when sending or receiving money via MPESA. In the Safaricom
>> registry, this ID should mirror all the users legal data and can be easily
>> accessed by an authorized person if an
>> issue/crime/money-sent-to-the-wrong-person-case comes up. This simple
>> action will cut down the fraudsters who propagate their business via mobile
>> money by at least half.
>>
>> If you look at it deeply, I think it is your problem if you are not
>> diligent enough and send money to a wrong number. You simply tell MPESA
>> what to do just like you fill a transaction advice at a bank. You can't
>> blame the teller if you missed a digit when writing the account number and
>> the money ended in the wrong account.
>>
>> Your phone number has now become a virtual nametag which you wear waiting
>> for whoever cares, even strangers, to read your full names. I think this
>> should stop in 2020!
>>
>> *And btw, anyone has a case study of the much hyped data protection law
>> being implemented?*
>> --------------------------------
>>
>> *Nick Ngatia*
>> Email <nick.ngatia at childrenyouth.org> *|* Facebook
>> <http://www.facebook.com/niccoswagg1> *|* *Twitter
>> <http://www.twitter.com/nickngatia> **| LinkedIn
>> <https://www.linkedin.com/in/nick-ngatia-a6b06a7b?trk=nav_responsive_tab_profile_pic> *
>> *Skype:* *nick.ngatia** |* *Phone:* *+25**4 (0) 711 42 2015*
>>
>> *"Development Towards Sustainability is far too more important to leave
>> it to chance."*
>> ---------------------------------
>> _______________________________________________
>> kictanet mailing list
>> kictanet at lists.kictanet.or.ke
>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>> Twitter: http://twitter.com/kictanet
>> Facebook: https://www.facebook.com/KICTANet/
>>
>> Unsubscribe or change your options at
>> https://lists.kictanet.or.ke/mailman/options/kictanet/johnpaulem%40gmail.com
>>
>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>> for people and institutions interested and involved in ICT policy and
>> regulation. The network aims to act as a catalyst for reform in the ICT
>> sector in support of the national aim of ICT enabled growth and development.
>>
>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>> online that you follow in real life: respect people's times and bandwidth,
>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>> not spam, do not market your wares or qualifications.
>>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: https://www.facebook.com/KICTANet/
>
> Unsubscribe or change your options at
> https://lists.kictanet.or.ke/mailman/options/kictanet/info%40alyhussein.com
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20200123/e9ba54c8/attachment.htm>

More information about the KICTANet mailing list