Kenya:CA sparks storm with plan to spy on users of mobile telephones •

The acquisition of a snooping device by the telecoms sector regulator, the CA, has sparked an industry storm that is expected to persist in coming months as the country goes to the polls.

The device, which can collect text, voice and identity data from devices is facing strong opposition from consumer rights protection groups and mobile phone operators fearing a possible slowdown in the take-up of their services as consumers move to safer channels of communication.

It has emerged that the Communications Authority of Kenya (CA) has quietly installed and is testing a Device Management System (DMS), which rides on mobile networks to remotely identify electronic devices and their users as well as collect voice and text data.

The CA has, however, insisted that the device will only identify and ban counterfeit, stolen or illegal mobile devices from being used on local networks.

Telecoms market-leader Safaricom and a consumer lobby have, however, raised concern that the DMS could be used as a backdoor to gain access to sensitive customer data – exposing telecoms operators to legal risks.

“We are aware that the Communications Authority intends to implement a monitoring system, whose objectives include getting access to customer information…. All operators (and here I believe I speak for the industry) are not in favour of any third-party system that would have access to confidential customer information,” said Safaricom corporate affairs director Steven Chege.

Mr Chege, who was answering questions on the Kenya ICT Action Network, an online industry forum, said Safaricom had communicated to the regulator its “strong reservations” on the system.

Airtel Kenya, Kenya’s second largest telecoms operator, declined to “discuss” the monitoring system, but had said in earlier tweets that it was in talks with the regulator on how to operate it “without infringing on the consumers’ rights.”

Telkom Kenya, the third operator, said it has its own system to track mobile devices and that its acceptance of the DMS would depend on ongoing negotiations with the regulator.

“The proposal is still under discussion with the MNOs (mobile network operators) on among other issues, whether its implementation will infringe on customer privacy; the pushback from the MNOs is essentially on any design that will infringe on this privacy,” the company said in a statement.

The CA invited bids for the DMS last year and indicated that the technology would be connected to the networks of Kenya’s mobile operators. The system is expected to build a database of all active mobile devices in Kenya.

It can identify the devices by their International Mobile Equipment Identity (IMEI) number, a unique 15-digit identifier that is given to mobile phones in the factory.

The system also comes with the capability to identify devices that are in use, but are not type-approved. SIM Boxes, devices that facilitate illegal termination of international traffic in Kenya, will also be targeted.

Kenyans, who import phones and fail to register them with customs agencies, will also be on the spot as the system will identify the devices. Once the data is collected, subscribers will be asked to authenticate illegal devices or have them blocked from network use in Kenya.

“All mobile operators will be required to connect to the DMS and ensure that blacklisted devices do not access their services,” the CA said in a statement.

Credit: Business Daily