<p dir="ltr">I get you Tony,</p>
<p dir="ltr">Me thinks it's the states business to stop you from using your tools in a way that causes harm to others. On the issue of authority, I don't think the proposed legislation was written with one authorizing body in mind. Private parties can authorize.<br>
Anyone can report of a breach of this law when they so believe that it has happened. Since it's criminal law, burden of proof lies on the prosecution to show how one's activities amount to a breach of this law. </p>
<p dir="ltr">Francis Monyango </p>
<div class="gmail_quote">On Jul 14, 2016 7:43 AM, "Tony White via kictanet" <<a href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">@Francis - agreed, but I didn't feel it was clear enough as to<br>
who was able to authorise, and for the tester, to possess the 'tools<br>
of the trade' - remember, a tool - even a panga - may be used for<br>
legitimate purposes, or for committing crimes - possession of the tool<br>
does not constitute the crime.<br>
<br>
Cheers,<br>
Tony<br>
<br>
<br>
On 14/07/2016, Francis Monyango via kictanet<br>
<<a href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a>> wrote:<br>
> I have read the bill.I have noted major loopholes that can be used to<br>
> breach the fundamental human right to privacy. But now to answer Tony on<br>
> clauses that penetration testing, section 4(2) of the bill talks about<br>
> unauthorized access. I believe if one is doing a 'pen test', they have been<br>
> authorized to access that system. Section 6(2) of the bill is on<br>
> interference. It also talks about permissions hence, not a crime to do a<br>
> pentest. Lastly, section 8 (3)(a) states that activities described in<br>
> the section do not constitute an offence if the acts are intended for<br>
> the authorised training, testing or protection of a computer<br>
> system.<br>
><br>
> There you have it. I hope I haven't gone all legalese on that one.<br>
><br>
> Francis Monyango<br>
> On Jul 13, 2016 2:17 PM, "Tony White via kictanet" <<br>
> <a href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a>> wrote:<br>
><br>
>> I have read through the bill, and - although I am not a lawyer - it<br>
>> looks like it has been well thought out and makes sense (unlike<br>
>> *another* recent bill!).<br>
>><br>
>> My main concern, with this (or any other) bill, is where it may be<br>
>> open to abuse, intimidation, and/or corruption. I hope those with<br>
>> 'legal' minds may discover the specific areas which may be open to<br>
>> abuse, and where further clarification within the bill may address<br>
>> those concerns.<br>
>><br>
>> Specifically, related to those whose work involves the provision,<br>
>> and/or testing of the security of systems to guard against possible<br>
>> cybercrimes. I would like to see a section where specific exemption<br>
>> is allowed where permission by a person in authority over a computer<br>
>> system or telecommunications network is given to a specific person or<br>
>> organisation to conduct testing of a system's security - commonly<br>
>> referred to as 'penetration testing' or 'pentest'<br>
>><br>
>> My initial thoughts.<br>
>><br>
>> Tony<br>
>><br>
>><br>
>> On 13/07/2016, Walubengo J via kictanet <<a href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a>><br>
>> wrote:<br>
>> > Listers,<br>
>> > I know we have just come from an intensive 2week review of the ICT<br>
>> > Policy.But PS Itemere says there is more work need on the Cybercrime<br>
>> > Bill<br>
>> > @<a href="http://www.mygov.go.ke/?p=11234" rel="noreferrer" target="_blank">http://www.mygov.go.ke/?p=11234</a><br>
>> ><br>
>> ><br>
>> > Plse send your views on the Cyber Crime Bill and spread the word.<br>
>> > @ Mose- could u put this up on Jadili as well?@ Skunkworks - Someone<br>
>> forward<br>
>> > to these hackers as well. I seem to have been kicked off their list at<br>
>> one<br>
>> > point.<br>
>> > walu.<br>
>><br>
>><br>
>> --<br>
>> Tony White<br>
>><br>
>> _______________________________________________<br>
>> kictanet mailing list<br>
>> <a href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a><br>
>> <a href="https://lists.kictanet.or.ke/mailman/listinfo/kictanet" rel="noreferrer" target="_blank">https://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>
>><br>
>> Unsubscribe or change your options at<br>
>> <a href="https://lists.kictanet.or.ke/mailman/options/kictanet/monyango93%40gmail.com" rel="noreferrer" target="_blank">https://lists.kictanet.or.ke/mailman/options/kictanet/monyango93%40gmail.com</a><br>
>><br>
>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform<br>
>> for people and institutions interested and involved in ICT policy and<br>
>> regulation. The network aims to act as a catalyst for reform in the ICT<br>
>> sector in support of the national aim of ICT enabled growth and<br>
>> development.<br>
>><br>
>> KICTANetiquette : Adhere to the same standards of acceptable behaviors<br>
>> online that you follow in real life: respect people's times and<br>
>> bandwidth,<br>
>> share knowledge, don't flame or abuse or personalize, respect privacy, do<br>
>> not spam, do not market your wares or qualifications.<br>
>><br>
><br>
<br>
<br>
--<br>
Tony White<br>
<br>
_______________________________________________<br>
kictanet mailing list<br>
<a href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a><br>
<a href="https://lists.kictanet.or.ke/mailman/listinfo/kictanet" rel="noreferrer" target="_blank">https://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>
<br>
Unsubscribe or change your options at <a href="https://lists.kictanet.or.ke/mailman/options/kictanet/monyango93%40gmail.com" rel="noreferrer" target="_blank">https://lists.kictanet.or.ke/mailman/options/kictanet/monyango93%40gmail.com</a><br>
<br>
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.<br>
<br>
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.<br>
</blockquote></div>