The world marked Safer Internet Day on 11th February 2020. Safer Internet Day is aimed at creating both a safer and better internet, where everyone is empowered to use technology responsibly, respectfully, critically and creatively. The campaign aims to reach out to children and young people, parents and guardians, teachers, educators and social workers, as well as industry, decision-makers and politicians, to encourage everyone to play their part in creating a better internet space.
In marking the occasion, Associate in the Telecommunications, Media & Technology practice, Joyanne Wanjiru, was featured on the BBC’s special feature marking the Safer Internet Day where she provided thoughts and insights about the regulation of the internet.
Introduction
There has been an increased appetite for the evolution of cyberspace and online safety by both private and state actors. This is especially about cybersecurity, virtual marketplaces, data privacy and data protection that transcends global borders.
Recent Developments
Google recently announced its grant of KES 100 million grant to promote safe internet use by children, young people and families in Africa to be confident explorers of the online world.
The grant will support training by non-profit and social enterprises focusing on privacy, trust and safety in Africa as well as providing organisations with funds to support the online safety efforts for children.
Children are more than 30% of Internet users and the fastest-growing online demographic. By 2022, another 1.2 billion new users will be added to this figure. The program was launched in Kenya, Nigeria, and South Africa last week.
Kenyan telecommunications companies, Safaricom, Telkom Kenya, Jamii Telecom and Airtel Kenya, signed the Kenya Child Online Protection Industry Charter in November 2018. The charter is part of the We Care Campaign in partnership with GSMA and backed by the Communication Authority of Kenya and the Ministry of ICT.
Additionally, the Kenyan Government through the Communications Authority also established the National Kenya Computer Incident Response Team Coordination Centre (National KE-CIRT/CC) in 2018, which is responsible for the national coordination of cybersecurity as well as Kenya’s national point of contact on cybersecurity matters. The National KE-CIRT/CC operates on a 24/7 basis and detects, prevents and responds to various cyber threats targeting the country, and also coordinates response to cybersecurity matters at the national level in collaboration with relevant actors locally and internationally.
Latest statistics from the National KE-CIRT/CC, show that deeper investment in cyber-security is gradually paying off. The National KE-CIRT/CC detected 25.2 million cyber threat events as compared to the 26.6 detected in the period between April and June 2019.
Legal Landscape
In a bid to firm up Cyber resilience and protect the information of persons in the cyberspace, Kenya has recently enacted key pieces of legislation, i.e. the Computer Misuse and Cybercrime Act (2018) and the Data Protection Act (2019) in the past 2 years.
This is concordant with international impetus in the form of The African Union’s Convention on Cyber Security and Personal Data Protection, the Council of Europe’s Cyber Crime Convention (Budapest Convention) and the EU General Data Protection Regulations.
In 2014, Kenya launched its National Cyber Security Strategy to raise cybersecurity awareness and equip Kenya’s workforce to address cybersecurity needs. In line with this strategy, Kenya amended its information and communications law to criminalise unauthorised access to computer data.
The Computer Misuse and Cybercrime Act is expected to curb cybercrimes and computer-related offences to enable timely and effective detection, prohibition, prevention, response, investigation and prosecution of computer and cybercrime. Key among its provisions is the protection of minors from Child Pornography.
The Data Protection Act, on the other hand, is meant to give effect to Articles 31 (c) and (d) of the Constitution on privacy rights. The overall object and purpose of the Act is to regulate and lay down the principles under which the processing of personal data ought to be done.
Conclusion
There has been increased impetus in the regulation of the internet space as internet penetration increases within the country and region at large. Hence, organisations ought to adopt a proactive approach in anticipating hurdles that may affect the day-to-day running of their businesses. This may extend to effectively putting up effective cyber resilience structures and implementing sound policies that relate to the data life cycle.