I'm looking forward to a formal statement on the CA website on this matter. *Cyber Security* I just don't see how this works out. If the aim is combating cybersecurity, any (black hat) hacker worth his/her salt will obfuscate their identity/location using any number of ways. And getting online via a public hotspot is only one of a myriad of ways. What defines public wifi? How would this be enforced? Is it even possible? Any android smart phone can be turned into a (public) wifi hotspot, how would this be 'policed'. Cyber security is a big deal in this connected world, but I do not think that this is the way to combat it. *Local Hosting* Enforced Local hosting: This is really simple; why get involved in what is essentially a business decision? If we want local hosting done locally, we need to help the likes of Angani be competitive globally, I don't think legislation is the way there. I'm really looking forward to this edition of the KIGF. Timing couldn't be better. On Wed, Jul 1, 2015 at 1:32 PM Grace Githaiga via kictanet < kictanet@lists.kictanet.or.ke> wrote:

Looking at the story, I wondered if the journalist had misunderstood the DG or really KENIC is going to be given the role of policing WIFIs. Is this really feasible and is it KENIC's role? It just does not sound right.

A response from CA may set the record straight!

------------------------------ Date: Tue, 30 Jun 2015 16:31:06 -0700 To: kelvin@skysys.co.ke CC: isoc@lists.my.co.ke Subject: Re: [isoc_ke] Fwd: [kictanet] Tough new rules force all Internet users to list their gadgets From: isoc@lists.my.co.ke

Security is a function of personal freedom. This binary concept of privacy or security pushes people to compromise on privacy in the myopic idea that security if paramount. However, unless the people feel safe enough to express themselves, share ideas, organize and basically have that democratic culture, the state understanding of security keeps drifting away from how the citizens understand it.

Cyber crime is, as expected, related to growth in internet connection. Not just in Kenya but globally. Let no one sound the alarm as if Kenya is a special case.

I think the solution lies most importantly in enabling the user defend herself online. 123456 is not a password, no Nigerian will send you USD250,000 just for sharing your name...and a host of behavioral reverse engineering tricks.

That is our first line of defence, while investing seriously in technical capacity locally.

How enforceable are these directives anyway?

On Wed, Jul 1, 2015 at 2:19 AM, Kelvin Githira via isoc < isoc@lists.my.co.ke> wrote:

Hi All,

I will keep this as simple and as short as i can, just the way i know how to.

The fight against cyber crime is wide and cannot just be won by casting the net on free wifi users. forms of crime vary from sms, phone calls. emails and on chat applications.

To even get close to keeping cyber crime at bay a few things (among others) in my opinion will need to happen in no given order

-cast the net wider to include the use of pen registers and as well as trap and trace devices by the law enforcement authority ( while doing so define what is to be surveyed, is it mass surveillance or only where there is suspicion of crime ? -Substantiate between devices used to access and platforms used to access i.e a cell phone with mac address x and an email address used by user y ( while doing so define notification to unsuspecting users as well as define the Gag rule to ISP mandated on this process -define broadly information revealed by "digital dialed" over circuit switched telephony networks as well as information reveled by addressing on packet switched internet networks. - while tapping into this various forms of communication , law enforcement will need the cooperation of third parties such as the ISP's and telephone companies, to what extend i ask ?

again we are faced with the dilemma, how far should we allow our government to go in there efforts to protect us against crime and terrorism while protecting freedoms and privacy? or is it a case of giving up liberties for more security? Simply put others will argue that the intent is access the internet and sign up freely for surveillance.

regards, kelvin

On Tue, Jun 30, 2015 at 5:07 PM, Barrack Otieno via isoc < isoc@lists.my.co.ke> wrote:

---------- Forwarded message ---------- From: Grace Githaiga via kictanet <kictanet@lists.kictanet.or.ke> Date: Tue, 30 Jun 2015 20:55:10 +0000 Subject: [kictanet] Tough new rules force all Internet users to list their gadgets To: otieno.barrack@gmail.com Cc: Grace Githaiga <ggithaiga@hotmail.com>

Kenyans using Wi-Fi to connect to the Internet in public places will be required to register their mobile devices with the Kenya Network Information Centre (Kenic), under new rules aimed at fighting cybercrime.The customers will be required to provide their telephone numbers and identity card details, which can be used to track them down should they use their gadgets to commit cybercrimes such as fraud or hacking websites. Read on: http://www.nation.co.ke/news/CA-WiFi-Internet-Rules-Cybercrime/-/1056/277111...

-- Barrack O. Otieno +254721325277 +254-20-2498789 Skype: barrack.otieno http://www.otienobarrack.me.ke/

_______________________________________________ isoc mailing list isoc@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/isoc

-- Kind Regards, Kelvin Githira ----+254723284562 Business Development Manager www.skysys.co.ke

_______________________________________________ isoc mailing list isoc@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/isoc _______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet

Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/josiah.mugambi%40gmail...

The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.

KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.

GG My thoughts exactly. Whilst there is a need to do something about cybercrime what is proposed in this story is a Fool’s Errand.. Thanks & Regards Ali Hussein ali@hussein.me.ke +254 770 906375 Twitter: @AliHKassim Skype: Abu-Jomo LinkedIn: http//ke.linkedin.com/in/alihkassim Blog: www.alyhussein.com

On Jul 1, 2015, at 1:30 PM, Grace Githaiga via kictanet <kictanet@lists.kictanet.or.ke> wrote:

Looking at the story, I wondered if the journalist had misunderstood the DG or really KENIC is going to be given the role of policing WIFIs. Is this really feasible and is it KENIC's role? It just does not sound right.

A response from CA may set the record straight!

Date: Tue, 30 Jun 2015 16:31:06 -0700 To: kelvin@skysys.co.ke CC: isoc@lists.my.co.ke Subject: Re: [isoc_ke] Fwd: [kictanet] Tough new rules force all Internet users to list their gadgets From: isoc@lists.my.co.ke

Security is a function of personal freedom. This binary concept of privacy or security pushes people to compromise on privacy in the myopic idea that security if paramount. However, unless the people feel safe enough to express themselves, share ideas, organize and basically have that democratic culture, the state understanding of security keeps drifting away from how the citizens understand it.

Cyber crime is, as expected, related to growth in internet connection. Not just in Kenya but globally. Let no one sound the alarm as if Kenya is a special case.

I think the solution lies most importantly in enabling the user defend herself online. 123456 is not a password, no Nigerian will send you USD250,000 just for sharing your name...and a host of behavioral reverse engineering tricks.

That is our first line of defence, while investing seriously in technical capacity locally.

How enforceable are these directives anyway?

On Wed, Jul 1, 2015 at 2:19 AM, Kelvin Githira via isoc <isoc@lists.my.co.ke <mailto:isoc@lists.my.co.ke>> wrote:

Hi All,

I will keep this as simple and as short as i can, just the way i know how to.

The fight against cyber crime is wide and cannot just be won by casting the net on free wifi users. forms of crime vary from sms, phone calls. emails and on chat applications.

To even get close to keeping cyber crime at bay a few things (among others) in my opinion will need to happen in no given order

-cast the net wider to include the use of pen registers and as well as trap and trace devices by the law enforcement authority ( while doing so define what is to be surveyed, is it mass surveillance or only where there is suspicion of crime ? -Substantiate between devices used to access and platforms used to access i.e a cell phone with mac address x and an email address used by user y ( while doing so define notification to unsuspecting users as well as define the Gag rule to ISP mandated on this process -define broadly information revealed by "digital dialed" over circuit switched telephony networks as well as information reveled by addressing on packet switched internet networks. - while tapping into this various forms of communication , law enforcement will need the cooperation of third parties such as the ISP's and telephone companies, to what extend i ask ?

again we are faced with the dilemma, how far should we allow our government to go in there efforts to protect us against crime and terrorism while protecting freedoms and privacy? or is it a case of giving up liberties for more security? Simply put others will argue that the intent is access the internet and sign up freely for surveillance.

regards, kelvin

On Tue, Jun 30, 2015 at 5:07 PM, Barrack Otieno via isoc <isoc@lists.my.co.ke <mailto:isoc@lists.my.co.ke>> wrote: ---------- Forwarded message ---------- From: Grace Githaiga via kictanet <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke>> Date: Tue, 30 Jun 2015 20:55:10 +0000 Subject: [kictanet] Tough new rules force all Internet users to list their gadgets To: otieno.barrack@gmail.com <mailto:otieno.barrack@gmail.com> Cc: Grace Githaiga <ggithaiga@hotmail.com <mailto:ggithaiga@hotmail.com>>

Kenyans using Wi-Fi to connect to the Internet in public places will be required to register their mobile devices with the Kenya Network Information Centre (Kenic), under new rules aimed at fighting cybercrime.The customers will be required to provide their telephone numbers and identity card details, which can be used to track them down should they use their gadgets to commit cybercrimes such as fraud or hacking websites. Read on: http://www.nation.co.ke/news/CA-WiFi-Internet-Rules-Cybercrime/-/1056/277111... <http://www.nation.co.ke/news/CA-WiFi-Internet-Rules-Cybercrime/-/1056/2771118/-/mbci1a/-/index.html>

-- Barrack O. Otieno +254721325277 <> +254-20-2498789 <> Skype: barrack.otieno http://www.otienobarrack.me.ke/ <http://www.otienobarrack.me.ke/>

_______________________________________________ isoc mailing list isoc@lists.my.co.ke <mailto:isoc@lists.my.co.ke> http://lists.my.co.ke/cgi-bin/mailman/listinfo/isoc <http://lists.my.co.ke/cgi-bin/mailman/listinfo/isoc>

-- Kind Regards, Kelvin Githira ----+254723284562 Business Development Manager www.skysys.co.ke <http://www.skysys.co.ke/>

_______________________________________________ isoc mailing list isoc@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/isoc _______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet

Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/info%40alyhussein.com

The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.

KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.