I second you Gideon, especially on the awareness bit. Its worth noting that service providers (software, etc) in Kenya pay very little attention to providing content on Privacy Policy and upholding such policies - if ever they did develop them in the first place. The fact that end users have no idea they are entitled to privacy is not a small issue - its a big one. Its tied to consumer rights and abuse of these rights because there is no policy around it. I think policy needs to make any publicly available service provide a privacy policy at the least. And this should be applicable throughout the board - including on e-government sites and services. Civil society organizations should also be encouraged to train consumers on consumer rights and privacy. Because I know for a fact people outside these forums have no idea what it is really about. On Thu, Jun 30, 2016 at 4:31 PM, Alex Watila via kictanet < kictanet@lists.kictanet.or.ke> wrote:
As I read through the policy I wonder how much work has been done to link with other policies. For example, KEBS has been pushing for the adoption of ISO 27001 (Information Security Management Systems) standard by Kenyan Organizations.
Applying a best practice like ISO 27001 would prevent organizations from having to reinvent the wheel.
Regards,
Alex
-----Original Message----- From: kictanet [mailto:kictanet-bounces+awatila=yahoo.co.uk@lists.kictanet.or.ke] On Behalf Of Barrack Otieno via kictanet Sent: Thursday, June 30, 2016 7:29 AM To: awatila@yahoo.co.uk Cc: Barrack Otieno <otieno.barrack@gmail.com> Subject: [kictanet] Draft National ICT Policy Discussions Day 7 of 10: How to enhance Cybersecurity
Listers,
Many thanks to those who contribued to day 6 discussions. The thread is still open, we also encourage listers to edit the policy directly on the Jadili platform (http://jadili.ictpolicy.org/docs/kenya-ict-policy).
Today we focus on the following areas:
*Online Citizen Safety, *Child Protection *Privacy issues *Security business transactions (Info-Security) *Security & Reliability of Critical ICT infrastructure
The Background:
The more we automate and rely on digital services, the more vulnerable we become as a society to cybercrime and other threats facing the digital society.
The regulator has a Computer Emergency Response Team (CERT), the industry (TESPOK) also has a CERT, the Department of Criminal Investigation & National Intelligence also have CERT. What is not clear is whether there is a framework to have these teams working together and their capacity to counter a full-blown cyber attack against our digital national assets.
Additionally, the tension between citizen privacy and national security, citizen privacy and business (profit) concerns remain perhaps due to lack of Data Protection, eTransaction and other laws. Finally, special protection for vulnerable groups (children) going online is non-existent.
What needs to be done around these issues?
Kindly submit your views.
Best Regards
-- Barrack O. Otieno +254721325277 +254733206359 Skype: barrack.otieno PGP ID: 0x2611D86A
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/awatila%40yahoo.co.uk
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/ultimateprogramer%40gm...
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- *Ahmed Maawy* Executive Director - SwahiliBox / M-Power (CBO) Curator - Global Shapers Mombasa Hub Ambassador - Open Knowledge Director - Startup Grind Mombasa Software Developer - AJ+ / EveryLayer (KE) +254 714 960 627 Skype: ultimateprogramer swahilibox.co.ke globalshapers.org www.okfn.org <http://okfn.org/> startupgrind.com ajplus.net www.everylayer.com