i) Sim card registration 1. Where is this database located? Is it at the private companies (Telecos) or some government office? 2. Do the police have the hardware and software to cheaply, efficiently and conviniently access the data? Who within the police authorizes access to such data? What measures are there to prevent an authorized person viewing the data from abusing it because now the person not only sees numbers, but knows the names and residential addresses of people contacting a particular number. 3. Why give an ID number and birth info, yet this birth info was used when getting the ID? It seems the govenment needs to put it's data in order. --- On Tue, 7/13/10, Judy Okite <judyokite@gmail.com> wrote: From: Judy Okite <judyokite@gmail.com> Subject: [Skunkworks] Kenya IGF 2010, Discussions :Day 7 of 8 Theme:E-Crime, Online Privacy & Data Security- Continuation To: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke>, "Skunkworks forum" <skunkworks@lists.my.co.ke> Date: Tuesday, July 13, 2010, 6:47 AM Good Morning, As we near, closing these discussions we, feel free to contribute to the former threads by clicking on the correct subject/title. Today we continue with , a) E-crime- situation in Kenyab) E- Voting- where Kenya is @ And today we add c) c) Online privacy and data security i) Sim card registration- on the 21st June 2010 the government through CCK(Communication Commission of Kenya) declared it mandatory for all mobile users to register their Sim cards More info: http://www.cck.go.ke/news/2010/news_21june2010.html “The exercise is aimed at safeguarding the public against acts of insecurity, including the wide spread threats posed by terrorism, drug trafficking, money laundering, extortion, fraud, hate messages, and incitement that are now wide spread throughout the world, “said the Minister for Information and Communication. Currently we have 18million (I stand to be corrected ) mobile users in Kenya, In these forms, one has to give their residential area , their identity card number, their birth information etc… That is a whole lot of data on Kenyans… in short , a grand database! From yesterday’s discussions we saw that currently we have no LAW to guard this database. Q. What will stop the Authority from using my details wrongly? Q. What happens if I don’t register by 31st of July? I will be disconnected? Under what LAW? ii) When I send a SMS to 3007 with an ID card number, it returns with voter details, full names, place of voting and voter card number of the ID card holder, however, 1, the system put in place, does not verify in any way that it’s the real owner of the ID card, that has sent this query? a) Can this data be manipulated? Then what? A question, on top of my head, with all these ongoing, what creates demand for LAW?(if there is anything, like that) Your queries, comments, inputs, corrections are welcome! Kind Regards, -- “To live is to choose. But to choose well, you must know who you are and what you stand for, where you want to go and why you want to get there.” Kofi Annan -----Inline Attachment Follows----- _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://orion.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1fbjAwOUE&hl=en ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke