The biggest for me is user awareness, this is where i feel we have the biggest gap. There is great need for users to know their rights as regards data. The second group that needs awareness are the data controllers who need to make their data protection policies on the finger tips of their staff, that way user data could at-least be given some respect. Thirdly on the laws, we could look at the GDPR as a more recent example that could start conversations. Regards Rop On Wed, Jul 11, 2018 at 8:30 AM, <kictanet-request@lists.kictanet.or.ke> wrote:

Send kictanet mailing list submissions to kictanet@lists.kictanet.or.ke

To subscribe or unsubscribe via the World Wide Web, visit https://lists.kictanet.or.ke/mailman/listinfo/kictanet or, via email, send a message with subject or body 'help' to kictanet-request@lists.kictanet.or.ke

You can reach the person managing the list at kictanet-owner@lists.kictanet.or.ke

When replying, please edit your Subject line so it is more specific than "Re: Contents of kictanet digest..."

Today's Topics:

1. Kenya IGF Online Discussions Day 2: Strengthening Data Security in the Context of Emerging Trends (Grace Bomu) 2. Re: Kenya IGF Online Discussions Day 1: Content Regulation on the Internet (Beryl Aidi)

----------------------------------------------------------------------

Message: 1 Date: Wed, 11 Jul 2018 07:52:39 +0300 From: Grace Bomu <nmutungu@gmail.com> To: KICTAnet ICT Policy Discussions <kictanet@lists.kictanet.or.ke> Subject: [kictanet] Kenya IGF Online Discussions Day 2: Strengthening Data Security in the Context of Emerging Trends Message-ID: <CAMwG4pxojL1L_FrXGmUiFMhmXBEV9GA6gKY5R+ fYWubi+1CUKw@mail.gmail.com> Content-Type: text/plain; charset="utf-8"

Listers, Thank you to all who contributed to yesterday's topic. The thread is still open for those who may have further thoughts on content regulation. Welcome to Day 2 of online pre KIGF debates where out topic today is Strengthening Data Security in the Context of Emerging Trends. We shall look at cybersecurity in the context of data.

Barely a few weeks ago, social media was awash with memes of Wazir Boniface Chacha, the young man alleged to have conned MPs after getting access to their phone data. Later when this was used as a justification in debates for the Cybercrime Act, some wondered whether the political process had used the Chacha saga to justify the quick passage of a law creating offences.

But beyond "small data" in our personal possession, many SMEs , corporations, institutions, societies and other bodies are holding significant amounts of data. In this community, the wider issue of cyber security has been a recurring theme in KIGF. It is generally agreed that the best approach is a multi-pronged one that includes the law, good practices, effective mitigation and response to incidences at multiple levels, creation of awareness and technical solutions among others. Having gotten a new law in the form of the Cybercrimes Act, are we assured of data security? Are our existing mechanisms for mitigation and response to incidences adequate for emerging threats? Do we have positive cases or good practices to imitate? What challenges that remain and how can we address them?

Welcome to the discussion.

-- Grace Mutung'u Skype: gracebomu @Bomu PGP ID : 0x33A3450F