State linked to mass mobile phone surveillance plot

Cell phone users in Thika. PHOTO | AFP

Global human rights organization Article 19 has warned that installing a tracking device on cell phone networks would expose Kenyans to mass surveillance.

Article 19, in an appeal pending before the Supreme Court, states that the installation of Device Management Systems (DMS) subjects the population to indiscriminate surveillance.

The Communications Authority of Kenya (CA) wants the court to drop petitions aimed at blocking the rollout of DMS over concerns it will give the telecoms regulator access to other customer data, including calls, messages and financial transactions .

The human rights organization believes that any system that generates and collects data about individuals without attempting to limit the dataset to well-defined targets is a form of mass surveillance.

“Surveillance opens a Pandora’s box for a range of other human rights abuses such as profiling. It is therefore clear that the DMS restricts the right to privacy in a way that is not compatible with Article 24 of the Constitution,” according to Article 19 in court documents.

The Law Society of Kenya (LSK) moved to the Supreme Court after the CA was allowed by the Court of Appeal to proceed with the installation of the device, on condition that the public be involved in the process.

According to the LSK, the DMS will not only collect mobile data from devices in the system, but also provide the ability to match this data with personal data stored in other government databases.

Conversations on mobile phones, the Bar Association argues, are extremely private and should not be monitored by the regulator and agents or third parties involved in the installation and use of the DMS.

“It is therefore clear that DMS will restrict the right to privacy of almost all mobile phone users in the country,” says the LSK.

Article 19 supports the LSK’s position, stating that due to its intrusive nature, the DMS will be able to monitor people using their mobile phones.

“If communications and locations are not private, the use of the DMS will automatically have an adverse deterrent effect on the right to freedom of expression in the country,” says the human rights organization.

Safaricom had expressed concerns that the surveillance devices would give the regulator access to other customer data held by telecom operators.

The CA has defended the DMS, arguing that the system’s installation was intended to combat counterfeiting by creating a device identification registry (EIR) that detects all devices, quarantines illegal ones, and denies counterfeit services.

The agency argues that fake device vendors have gone high tech and started cloning real IMEI numbers onto the fake devices, making detection more difficult.

However, Article 19 states that counterfeiting is not a new crime and that regulators and law enforcement have used other effective methods to deal with it.

The agency wrote to Safaricom, Airtel and Orange (Telkom) in January 2017, demanding that a contractor it hired be allowed access to the operators’ sites to install the sniffer, sparking public uproar.

The telecoms market regulator had defended the move on the grounds that it would help weed out counterfeit phones from the local market.

Fake phones, imported primarily from Asia, are widespread in many African countries, and regulators say they are widely used by criminals because they are difficult to trace.

The agency has shut down counterfeit cellphones in the past but says consumers are still exposed to such devices, so a better surveillance system is needed.

In the complaint, the regulator says it has a mandate to oversee compliance with the Kenya Information and Communications Act (KICA) and that the DMS is not a new policy but is only intended to control the proliferation of illegal devices.

→ [email protected]