Dear Linda,

Thanks for sharing your insights. I agree with you on the need to review our penalties in the CMCA as imposing higher and more stringent penalties for cybercrimes will act as a powerful deterrent, discouraging potential criminals from engaging in such activities due to the increased risk of severe consequences. But this begs the questions, which other listers can chip in,  i.e.:

1. How high a penalty do you think will suffice? 
2. How do we accurately compute the enhanced penalties which we so need?

For example:
S.31 on cyber terrorism has penalties of up to 10 years imprisonment, a fine of Kshs. 5 million or both.
S.21 on cyber espionage has penalties of up to 20 years imprisonment, a fine of Kshs. 10 million or both.

Then there is S.19 pertaining to unauthorized disclosure of passwords or access codes  which has penalties of up to 3 years imprisonment or a fine of Kshs. 5 million or both. 

And yet with GOK embracing e-governance, with over 14,000 services uploaded on E-Citizen with a target total of 21,000 services, with the private sector also embracing digital transformation the unauthorized disclosure of passwords and access codes can have serious socio-economic and national security repercussions to our Republic. 

Remember the Colonial Pipeline cyberattack that brought gas and fuel supplies to most of the East Coast of the USA was due to one compromised password. 

Stay happy,
Mutheu.





On Thu, Aug 15, 2024 at 3:00 PM Linda Wairure via KICTANet <kictanet@lists.kictanet.or.ke> wrote:

Dear David, 


This is a timely and interesting discussion. My responses are as follows;


1.       Do you believe that legal actions taken under the CMCA have been effective in deterring computer misuse and cybercrimes?  To some extent  

If not then why do you think they have been ineffective?

Some of the challenges include limited resources due to the nature of the cases, lack of awareness on the legal actions available under the CMCA, proper recruitment of technical expertise and slow judicial processes have hindered its full effectiveness. Additionally, the ever-evolving nature  of cyber threats often outpaces legislative frameworks, making it difficult to address new forms of cybercrimes.

 

2.       In your opinion are the penalties prescribed by the CMCA sufficient to deter cybercriminals? If not then which sections do you think need higher penalties, and what penalties would you propose in such an instance?

These penalties may not be sufficient, especially for offenses like cyber espionage, cyber terrorism, and large-scale financial fraud. Increasing penalties for these offenses could enhance deterrence. For example; enhancing penalties for cyber terrorism (Section 33) and cyber espionage (Section 21) to include longer imprisonment terms and higher fines could be considered.


Kind regards,

Linda Gichohi.


On Tue, 13 Aug 2024 at 23:55, David Indeje via KICTANet <kictanet@lists.kictanet.or.ke> wrote:

Our Day 2  discussion on the Computer Misuse and Cybercrimes Act (CMCA) will focus on: 


Section 3: Effectiveness of Legal Actions Pursuant to the CMCA.

  1. Do you believe that legal actions taken under the CMCA have been effective in deterring computer misuse and cybercrimes? If not then why do you think they have been ineffective?
  2. In your opinion are the penalties prescribed by the CMCA sufficient to deter cybercriminals? If not then which sections do you think need higher penalties, and what penalties would you propose in such an instance?
  3. Are there instances of misuse of the CMCA for political purposes or to target specific individuals or groups?
  4. How has the public perception of the CMCA and its enforcement impacted the effectiveness of legal actions under the CMCA?

Section 4: Effectiveness of Safeguards Under the CMCA.

  1. Are the safeguards in place to prevent abuse of the CMCA, such as those related to surveillance, search, and censorship, adequate? If not then what can be done to enhance them?
  2. How can these safeguards be strengthened to protect individual rights and freedoms?
  3. Have there been instances of abuse of the CMCA that have come to your attention?
  4. What mechanisms are in place to hold accountable those who misuse the CMCA?



--
Kind Regards,

David Indeje

@KICTANet Communications 
_____________________________________

+254 (0) 711 385 945 |  +254 (0) 734 024 856
KICTANet portals
Connect With Us
______________________________________

_______________________________________________
KICTANet mailing list -- kictanet@lists.kictanet.or.ke
To unsubscribe send an email to kictanet-leave@lists.kictanet.or.ke
Unsubscribe or change your options at: https://mm3-lists.kictanet.or.ke/mm/lists/kictanet.lists.kictanet.or.ke/

Mailing List Posts Online: https://posts.kictanet.or.ke/

Twitter: https://twitter.com/KICTANet/
Facebook: https://www.facebook.com/KICTANet/
Instagram: https://www.instagram.com/KICTANet/
LinkedIn: https://www.linkedin.com/company/kictanet/
YouTube: https://www.youtube.com/channel/UCbcLVjnPtTGBEeYLGUb2Yow/
WhatsApp Channel: https://whatsapp.com/channel/0029VaQsX4w6mYPIctLsGh1K

KICTANet is a multi-stakeholder Think Tank for people and institutions interested and involved in ICT policy and regulation.
KICTANet is a catalyst for reform in the Information and Communication Technology sector. Its work is guided by four pillars
of Policy Advocacy, Capacity Building, Research, and Stakeholder Engagement.

KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's
times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your
wares or qualifications.

PRIVACY POLICY: See https://mm3-lists.kictanet.or.ke/mm/lists/kictanet.lists.kictanet.or.ke/

KICTANet - The Power of Communities, is Kenya's premier ICT policy engagement platform.
_______________________________________________
KICTANet mailing list -- kictanet@lists.kictanet.or.ke
To unsubscribe send an email to kictanet-leave@lists.kictanet.or.ke
Unsubscribe or change your options at: https://mm3-lists.kictanet.or.ke/mm/lists/kictanet.lists.kictanet.or.ke/

Mailing List Posts Online: https://posts.kictanet.or.ke/

Twitter: https://twitter.com/KICTANet/
Facebook: https://www.facebook.com/KICTANet/
Instagram: https://www.instagram.com/KICTANet/
LinkedIn: https://www.linkedin.com/company/kictanet/
YouTube: https://www.youtube.com/channel/UCbcLVjnPtTGBEeYLGUb2Yow/
WhatsApp Channel: https://whatsapp.com/channel/0029VaQsX4w6mYPIctLsGh1K

KICTANet is a multi-stakeholder Think Tank for people and institutions interested and involved in ICT policy and regulation.
KICTANet is a catalyst for reform in the Information and Communication Technology sector. Its work is guided by four pillars
of Policy Advocacy, Capacity Building, Research, and Stakeholder Engagement.

KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's
times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your
wares or qualifications.

PRIVACY POLICY: See https://mm3-lists.kictanet.or.ke/mm/lists/kictanet.lists.kictanet.or.ke/

KICTANet - The Power of Communities, is Kenya's premier ICT policy engagement platform.