What Does the Computer Misuse and Cybercrimes Act, and The Huduma Bill Really Mean for a Kenyan Citizen?

By Hilder Nyakwaka /

How often do you “forward as received” messages on WhatsApp? Do you usually take a few minutes to verify whether that information is true or do you usually believe that every text you receive is written with the best intention? Do you believe you are absolved of any negative consequence of forwarding a message you have not verified? Well, the Computer Misuse and Cybercrimes Act begs to differ! These were some of the things we tried to decipher at this month’s #InternetPizzaFriday session. Together with the startup community, we took a deep dive into what the Computer Misuse and Cybercrimes Actand the National Integrated Identity Management System (NIIMS) Actmeans for techpreneurs and the tech community in general.

Bias In Legal Systems.

One aspect of the session that was particularly interesting to note, was the fact that the majority of attendees believe that the process of acquiring legal identification was not on an equal opportunity basis. This happened to be the situation with one of the participants, a Kenyan whose community is considered a border tribe as they come from the Kenya-Uganda border. They explained that despite being born and living in Kenya their entire life, they were required to undergo a vetting process so as to be given a national ID card, a process that is not meted out on other Kenyans. This is not unique to this participant. National identity systems in Kenya have been repetitively revealed to be biased in the past and this was reiterated in the recent Huduma Namba court casein which several bodies including the Nubian Rights Forum petitioned to halt the process.

Data Collection and Protection Principles

Another key insight to this was that most participants were not adequately informed on the purposes for data collection and the security measures for their data for the digital identity (Huduma Namba) process. This for us constitutes an important aspect of public participation in light of the operalization of the Data Protection Act; explicit consent for data collected. While most believe it was their civic obligation to provide all the personal information that they did, they were not cognizant of their right to question and be fully informed on how their data would be used,and securely processed and stored.

(Tess Wandia explains the NIIMS judgment)

Deepfakes as a Tool of Incitement.

The concept of deep fakesin information sharing is also taking centre in Kenya given the lack of civic awareness especially on digital platforms. As noted in our discussions, this mostly affected the attendees when political tensions were high such as during the elections. This took mostly the form of manipulated tweets and promoted messages on social media platforms. Manipulated messaging is so deeply ingrained in dissemination that the average citizen is unable to decipher what is real from what is fake, a dangerous position to be in as a country as this could instigate ethnic-based violenceas happened in the past. This also brings to attention, the penalties attached to spreading false information both online and offline with the intention to discredit or smear one’s character, a clause that many in the room were worried could be misused by politicians to avoid accountability and transparency. 

Data Protection Compliance Workshop for the iHub Community.

As a follow up to the session, the iHub will be hosting a series of data protection act compliance workshops, starting on 20th March 2020 . The cost will be Ksh. 3,000 per startup, and you will have the opportunity to send two representatives from your company to benefit from the workshop. If you are interested in enrolling yourself or your startup for the workshop, please fill this formout or send an email to nyakwaka@ihub.co.ke

Leave a Reply

Your email address will not be published. Required fields are marked *