Thanks Moses for sharing. The law is very clear that any disclosure should be through a court order. According to this report, the weak point is the communications companies who "feel they cannot decline agencies' requests". The companies are clearly breaking the law by giving out such information. Given the competence our judiciary has shown of late, it would be interesting to see the price the communications companies may be made to pay if someone sued them. We need stronger individuals entrusted with our information On Mar 15, 2017 11:15 AM, "Mose Karanja via kictanet" < kictanet@lists.kictanet.or.ke> wrote:

Privacy International just released a chilling report on how Kenya’s National Security organs, and especially the Intelligence office, carries out unregulated communication surveillance with the aid of telecommunication companies and shares this with units of law enforcement outside the legal procedures.

-----

*Key Revelations:*

- Communications surveillance is being carried out by Kenyan state actors, essentially without oversight, outside of the procedures required by Kenyan laws. Intercepted communications content and data are used to facilitate gross human rights abuses - to spy on, profile, locate, track and ultimately arrest, torture, kill or 'disappear' suspects. - Intelligence gained by intercepting phone communications, primarily by the National Intelligence Service (NIS), is regularly shared with units of the police to carry out counter-terrorism operations, particularly the GSU-Recce company and Anti-Terrorism Police Unit (ATPU). These police units have well-documented records of abuses including torture and extrajudicial killing - Despite constitutional and other privacy protections, telecommunications operators regularly hand over customer data to both intelligence and law enforcement agencies. Sources who spoke with PI feel that they cannot decline agencies’ requests. - The NIS appears to have direct access to communication networks across Kenya. Direct access means an actor has backdoor access the phone communications that flow through service providers. In this case, it is unlikely that the network operators had knowledge of the state's interception. - NIS officers use various techniques to access both call content and call data records, including using mobile interception devices. Further methods are documented in the report. - Law enforcement agents are present within telecommunications operators’ facilities with the providers’ knowledge. NIS are also informally present in the telecommunication operators’ facilities, apparently undercover, according to current and former telecommunications, Communications Authority and NIS staff interviewed by Privacy International. This investigation details both the 'above the board' and informal practices. Agency and company responses to requests for comment by Privacy International are included in the report. - In advance of the August 2017 Presidential elections, the Communications Authority has launched several disturbing initiatives, including a project to monitor social media content, whose potential capacities are discussed in this report.

——

You can read the full report here: https://privacyinternational.org/ reports

_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/

Unsubscribe or change your options at https://lists.kictanet.or.ke/ mailman/options/kictanet/kivuva%40transworldafrica.com

The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.

KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.