Listeners,

I think the first thing would be to commend the innovation we are experiencing in our country. Who would have thought we would have such great ICT solutions today. Just two years ago you could not check about your voter registration credentials by sending a text message! (now to 3007), or get yellow pages access from 5991! We all agree that this comes with it's security limitations but this should be viewed as an opportunity to build secure systems that our government can benefit from. If we push it back to government the process of securing public online privileged information may take too long to get done. This now opens a new avenue for the private sector and perhaps a joint venture with government to build this secure systems we desire.

In my humble view we should not be asking the question why this or why that but how can we make this better and more secure!

On E-crime in Kenya I think this is a growing concern because typical e-crime would happen over the internet, accessed via  a computer. In our situation internet access is mostly on the go. (On your hand held) You have access to your virtual bank (MPesa, MKesho, Zap, Yu Cash and others) and real bank. Should this interaction be compromised huge losses would follow. I have not yet heard of any groups or persons who have successfully compromised this systems but it's only a matter of time. However there are other forms of e-crime that is happening in the country where people harassed through their mobile phone or social networking sites. For more information on the local situation contact Alice on the forum to get access to the cyber crime against women in Kenya report.



Sammy.



On Tue, Jul 13, 2010 at 8:36 AM, wesley kirinya <kiriinya2000@yahoo.com> wrote:

 i)      Sim card registration
1. Where is this database located? Is it at the private companies (Telecos) or some government office?
 
2. Do the police have the hardware and software to cheaply, efficiently and conviniently access the data? Who within the police authorizes access to such data? What measures are there to prevent an authorized person viewing the data from abusing it because now the person not only sees numbers, but knows the names and residential addresses of people contacting a particular number.

3. Why give an ID number and birth info, yet this birth info was used when getting the ID? It seems the govenment needs to put it's data in order.

--- On Tue, 7/13/10, Judy Okite <judyokite@gmail.com> wrote:

From: Judy Okite <judyokite@gmail.com>
Subject: [Skunkworks] Kenya IGF 2010, Discussions :Day 7 of 8 Theme:E-Crime, Online Privacy & Data Security- Continuation
To: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke>, "Skunkworks forum" <skunkworks@lists.my.co.ke>
Date: Tuesday, July 13, 2010, 6:47 AM


Good Morning,

As we near, closing these discussions we, feel free to contribute to the former threads by clicking on the correct subject/title.

Today we continue with ,

  • a)      E-crime- situation in Kenya
  • b)      E- Voting- where Kenya is @

And today we add

c)      c)  Online privacy and data security

 i)      Sim card registration-  on the 21st June 2010 the government through  CCK(Communication Commission of Kenya) declared it mandatory for all mobile users to register their Sim cards

More info: http://www.cck.go.ke/news/2010/news_21june2010.html

“The exercise is aimed at safeguarding the public against acts of insecurity, including the wide spread threats posed by terrorism, drug trafficking, money laundering, extortion, fraud, hate messages, and incitement that are now wide spread throughout the world, “said the Minister for Information and Communication.

Currently we have 18million (I stand to be corrected ) mobile users in Kenya, In these forms, one has to give their residential area , their identity card number, their birth information etc… That is a whole lot of data on Kenyans… in short , a grand database! From yesterday’s discussions we saw that currently we have no LAW  to guard this database.

Q. What will stop the Authority from using my details wrongly?

Q. What happens if I don’t register by 31st of July? I will be disconnected? Under what LAW?

 


ii) When I send a SMS to 3007 with an ID card number, it returns with voter details, full names, place of voting and voter card number of the ID card holder, however,

1, the system put in place, does not verify in any way that it’s the real owner of the ID card, that has sent this query?

a)      Can this data be manipulated? Then what?

A question, on top of my head, with all these ongoing, what creates demand for LAW?(if there is anything, like that)

 

Your queries, comments, inputs, corrections are welcome!

 

Kind Regards,





--
“To live is to choose. But to choose well, you must know who you are and what you stand for, where you want to go and why you want to get there.” Kofi Annan

-----Inline Attachment Follows-----

_______________________________________________
Skunkworks mailing list
Skunkworks@lists.my.co.ke
http://orion.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
------------
Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1fbjAwOUE&hl=en
------------
Skunkworks Rules
http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
------------
Other services @ http://my.co.ke


_______________________________________________
kictanet mailing list
kictanet@lists.kictanet.or.ke
http://lists.kictanet.or.ke/mailman/listinfo/kictanet

This message was sent to: sam.gatere@gmail.com
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/sam.gatere%40gmail.com