The President of the Kenya Editors’ Guild recently called a press conference to allege that they had received reports of an imminent phone and internet shutdown. Despite providing no evidence or substantiating detail, the allegation was hours later addressed by the President of Kenya, who assured us all that there is no possibility of such a shutdown in this day and age. Breathing a sigh of relief, Kenyans got on with their usual browsing, gambling, gossip and political commentary.
I am here to tell you, Government won’t ever shut your internet down, because it is the single most important source of information about what you feel and what you will do about it, thus the usual suspects are happy to allow you to stay online whilst they harvest your communications on an industrial scale.
I know you might think that I too am making unsubstantiated claims, but the Kenyan problem of mass surveillance technology in the hands of government agencies is real. The right not to be spied on, the constitutional right to privacy, is honoured in the breach only.
Have no doubt you are, even today, being spied on by our own and even foreign services. I had always assumed that our intelligence shared information and cooperated on the friendliest terms with Western agencies, so I was surprised seven years ago to learn that the UK’s GCHQ hacked former President Kibaki, Raila Odinga and Chris Kirubi.
Earlier, WikiLeaks exposed hacking capabilities including a programme called Weeping Angel that could turn your Samsung television into a full audio-visual peephole via a ‘fake-off’ facility which fools you into believing that you’ve switched off your TV, when you have not. But it took ex-NSA officer, Edward Snowden, to reveal that as of 2014, Kenyans were subject to American surveillance programmes (Mystic / Somalget / Duskpallet) which were constantly scooping up all Kenyan cell phone metadata, including when and who you call, text and send Mpesa to. Eight years ago, it was expected that the US would achieve content potential “at a later date.” Did they meet these expectations?
Only the snoopers or the willfully ignorant will claim to be unaware of the extent to which Kenyan authorities too have a tendency to engage in domestic data-harvesting exercises under the rubric of Counter Terrorism and Counter Narcotics law enforcement.
On paper, Kenyan law requires such to be supported by court warrants, but we know that’s not always the case. Six years ago, the Director General of the Communications Authority even tried to order mobile network providers to place monitoring devices on their backbones, not to spy on Kenyans, he said, but to detect fake phones in use. Three years ago we found out from The Citizen Lab, a Canadian internet watchdog, that Kenya is one of 45 countries worldwide using Pegasus, a targeted spyware software developed by the Israeli technology firm NSO. The software targeted customers of Safaricom and Simbanet. Pegasus allows zero-click remote access to mobile phones, and is known to be used by governments to spy on journalists, human rights defenders, and political opponents.
Collectively, we have allowed a creeping surveillance state in the name of protection from terrorists and other bad people. Thus I am filmed without being asked for permission each and every day on roads and as I enter buildings across Kenya. Kenyans accept CCTV without question, on the dubious argument that only the guilty or criminal would object to security cameras. Perhaps it is too late to reverse this situation.
But we should be aware that Telcos being ordered to bug mobile phone subscribers is a global issue. Since 2014, Vodafone (controlling owner of our Safaricom) has courageously published an annual report revealing that Kenya is one of 29 countries in which it operates where the government demands warrantless direct access (to subscribers’ metadata and actual content) and attempted to embed intelligence agents.
Vodafone states that “all telecommunications operators can be required to allow the installation of a lawful interception capability in accordance with the Security Laws (Amendment) Act (2014), Article 69, which is an amendment of the Prevention of Terrorism Act.”
Vodafone, however, believes that it is gagged and maintains that it would not be lawful to publish statistics about how many requests it receives from the GOK. But we do know that the only technical limitation which in 2014 prevented complete direct access no longer exists. Back then, a very large number of subscribers had unregistered phone lines. Four years later, the Police upgraded its CCTV command centre to include facial recognition and artificial intelligence technology to monitor major roads and highways. 2023 capability must be mind-blowing.
The State is not the only snooping Big Brother. Private security contractors are known to be deploying surveillance technology in Kenya on behalf of, for example, political campaigns. Early this year an investigation by Haaretz revealed the role of Talal Hannan and the Jorge crew in hacking the Telegram accounts of a sitting CS, a sitting CAS and the personal assistant to the sitting President during last year’s elections. It is not clear for whom they were working, but these Israeli hackers boasted to Haaretz that they disabled the phone and computers of Nigerian opposition politicos on the day of the 2015 Nigerian presidential election. The same thing allegedly recently happened to Raila Odinga associates on the morning of 20th March ahead of his first day of 2023 mass action.
That said, surveillance tools can do some good.
The DCI has an entire department that does nothing other than track mobile phone signals, and forensically audit computer hardware and internet connections; this is invaluable when used to trace missing persons or criminals on the run.
Investigative journalism deploys surveillance technology effectively, and it’s now commonplace for secret recordings of conspiratorial conversations to appear on the internet. Just the other day, Aljazeera put “Goldenberg” Kamlesh Pattni on camera in an unwitting extended interview on his proficiency in the art of forgery and gold smuggling.
That he is a forger was recorded in the paragraph 707 of the final report of the Goldenberg Commission of Inquiry, wherein it is written “Pattni is therefore shown conclusively and largely on his own admissions and documents, to be a perjurer (one who gives false evidence on oath) a forger, a fraudster and a thief.” But supposing he were not all these things, and the recorded conversations were of a nature not criminal, would Kamlesh Pattni have recourse if the recording took place in Kenya?
Undoubtedly, Kenyans are being targeted not only by the intelligence service, and telecommunications and Internet service providers, but also by criminals, employers, friends, private companies, and family members. Amateur recording devices and phone surveillance technology have been democratized, and reports are appearing of wives, husbands and partners (personal and business) spying on each other. Spyware salesmen, scammers, and blackmailers are also having a field day.
Widespread surveillance, and awareness of it combined with unofficial impunity, is having a chilling effect on the work of human rights defenders. Two years ago, a study reported on the impact of surveillance technologies on the work of human rights defenders. Defenders Coalition found that a majority of Kenyan HRDs believe that they have already been under communication surveillance because of their work. This includes through phone tapping and hacking of their social media and email accounts.
The efficacy of the various privacy provisions in Article 31 of our Constitution, the Information and Communications Act, the Computer Misuse and Cybercrimes Act and the Data Protection Act are questions for another day perhaps, but we all need to wrap our heads around the conflicting privacy, security, ethical and moral dilemmas which attend mass surveillance technology enabled by the devices we carry with us all day long. It is a subject worthy of the attention of the Kenyan mainstream media and the Editor’s Guild on a consistent basis.