Kenya's controversial new security law leverages technology

Surveillance powers are being debated

Some of the most economically developed nations in the world have for some time used technology for surveillance and intelligence-gathering to combat terrorism. Now, Kenya, which has been hit with terrorist attacks in the recent past, aims to enhance security via recent controversial legislation that includes key technology elements.

The Security Laws (Amendment) Act 2014 was hurriedly passed in Kenya's National Assembly, with lawmakers citing the urgency to have laws that will help security agencies to fight an increase in crime and terrorism.

An amendment act seeks to add or change existing laws. There are sections of the law that aims to promote the use of technology to fight crime that are expected to elevate Kenya to another level among its peers in Africa. Eight clauses of the security act, however, have been challenged in court and will be reviewed by the Supreme Court.

Among other initiatives, the act looks to have a digitized database for all foreign and diplomatic vehicles and their owners in the country. This move is meant to help the police quickly track the owners of cars, in case they are used in criminal activity.

Clause 38 of the act stipulates that: "The Authority shall create, maintain and update a database of all motor vehicles with diplomatic number plates which are owned or operated by foreign nationals, and shall require such number plates to be surrendered upon the end of the tour of duty, retirement or sale of the motor vehicle."

For general Kenyan registered cars, the ministry of transport launched a project that would see microchips fitted in a new number plate system.

The law also seeks to have a digital record of all persons who pass through the prison system in the country. This is stipulated in clause 33 of the amendment act. The digital information will also include biometric data from the convicted. Part of this section reads: "The Commissioner shall maintain an integrated biometric system to enable sharing of information within the criminal justice system."

In addition, clause 31 is a pivotal provision of the law, allowing electronic information as evidence in a court of law. It states "In any legal proceedings, electronic messages and digital material shall be admissible as evidence."

Another part of the law, clause 30, stipulates rules and guidelines that will govern cases done through teleconferencing.

Inasmuch as these provisions would elevate the country to a whole new level, how they are implemented is key.

Tom Makau, a telecommunications consultant and chief technology officer at Imarasat Mauritius and a technology analyst, says that implementation is key to bringing out the best in these initiatives.

"Laws can be sufficient but it is the implementation that will determine their effectiveness. Kenya has very good laws but we have failed in their implementation," Makau comments. He adds that, "A solution to this failure is implementing technology that will do two things: 1) Deter criminal activities by preventing criminals from entering the country or by effective use of surveillance systems. By effective I mean any info gathered by the system is passed to law officers in a timely manner and acted upon. 2) invest in forensic technology that will quickly and accurately investigate crime and lead to the arrest of criminals."

In a bid to try and get ahead of the data gathering, the drafters of the law included provisions for security agencies to obtain information by way of interception. For example, clause 69 looks to insert this amendment: "The National Security Organs may intercept communication for the purposes of detecting, deterring and disrupting terrorism in accordance with procedures to be prescribed by the Cabinet Secretary."

This provision caused an uproar, with people saying that not enough safeguards were put in place to ensure that power it is not abused.

Tom Makau puts the burden of using technology responsibly on the shoulders of the government: "The most important thing for the government to note is that technology cannot be used to fight or prevent crime in isolation, we need a functioning ecosystem of enough, well trained and equipped law enforcement units."

In any case, Kenya's efforts in fighting crime are currently focusing on technology. One of the biggest telecommunications company in East Africa, Safaricom, got a government contract to put up a surveillance system for the security agencies. These include hundreds of closed circuit television (CCTV) across Nairobi and Mombasa. The police will have a command center where they will monitor various parts of the country, in a bid to cut down on crime that has overtaken the region.

It's expected that if all these efforts are to be implemented with focus and precision, then technology can be relied upon to provide timely information and surveillance that will provide early warning system and prevent most of the terrorist attacks and make Kenya a safer place.

Join the CSO newsletter!

Error: Please check your email address.

Tags Imarasat Mauritiussecurity

More about

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Vince Matinde

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts