Data protection or Data
Privacy (Information Privacy) is the new regular bullied kid bullied regularly on
the streets of Nairobi. Orange Kenya’s employee last week incident raises a lot
of questions on how secure data entrusted to them is. Clearly the data they
collect and how they use them needs to be questioned, regulated and clearly
outlined as to how and what extend/ level they can manage such information.
It is merely question of
what information they collect and what they use it for. But before I dig deeper
into that, let me highlight some of the flaws depicting luck of a know-how and
proper policy regulation in the sector.
What is the relationship
between your Cellphone contacts and Security Entrances?
I happen to be the one
of those people who never leaves their contacts in the security entrances. Have
you ever asked yourself why and how is it that they need this data, even after
leaving your ID with them? While you struggle with that, would you share your
contacts with a stranger you just met along Moi Avenue? No, unless there’s a
connection and a reason to trust.
You may know this; most
companies outsource Security Guard Services in Kenya. That brings in a third party,
whom you need to trust with your data. While most security guards are not very
conversant with Data protection, but Property protection! And even if that was
the situation, does their Legal Contract highlight on these issues?
We should be cautious on
how much and what extend of information we share in public. Giving out of so
much Personal Details to the public is just a step into a fraud world, more so
in this web village world. Stolen identities and loss of properties will be
your regular visitor.
There is NO relationship
between your personal cellphone contacts with security checks; you may give
your office contacts though.
Personal Data
Safety
A large percentage of
data loss is by employees within the Organization.
Your data safety is highly
dependent on you and your environment. The environment being your Friends,
Government institutions and the Places/People you associate with. We all
receive mobile SMS Notifications from our Banks, Insurances, and Clinics etc.
But each one of us has had some other institutions contact you mainly as a
marketing text or invitation.
The question is, where
do these institutions collect this data? I’m talking of WomeninTech, Microsoft,
KRU in my situation, to you it might be SportPesa, BetIn and other
short code SMSs. Clearly we’ve all submitted our data knowingly or unknowingly
to their databases.
I’m not sure if the most
annoying thing is these institutions sharing our data with other third parties
or their daily annoying SMSs, text or Alerts. How long and how regular do they
update their databases? Say delete my contacts because I ceased being their
member or customer. My 2007 Bank still sends me birthday SMSs and alerts, even
after I closed the account.
Under EU law, personal
data can only be gathered legally under strict conditions, for a legitimate
purpose. Furthermore, persons or organisations which collect and manage your
personal information must protect it from misuse and must respect certain
rights of the data owners which are guaranteed by EU law.
Clearly this is one
sector that needs a lot of regularization and deep policy review.
Allow me to highlight on
another issue, this time it’s on you and me, some of us have these things
called Business Cards. Basically most of us have had them printed with almost
all of our personal details.
Stay informed. Subscribe to our newsletter
Think about this
situation, His Excellency Uhuru Kenyatta gave someone his Business card, in
this case with all his Personal Details, and this guy happens to have dropped
it in the streets! While you think of luck, I think of Information in the wrong
hands. Most of us prefer our office contacts being on our business cards.
Cellphones being stolen
on the streets not only brings a loss of information but data insecurity. So
please be sure you have online back-ups, phone encryptions or remote wipes for
safety of yourself and colleagues.
Another option, which I
highly recommend is to have a personal cellphone line; I call it a family
number, and another for public use. That way you can audit your callers. Your
contacts being out there, solely depends on you and your social group.
How safe are the apps
and cellphone data in your phone?
This is one field that
most people have become victims of data violation, most of the time not
knowing. About four years ago at Westgate shopping mall, just outside Safaricom
customer services. A lady comes out of the shop crying and feeling upset for
not getting the necessary help from the shop’s customer services.
Well her complains were
that her calls and copies of SMSs were being shared to her spouse’s cellphones
and her marriage was breaking apart. To her it was the Service providers’
fault, but upon checking it was hers, well there was an installed cellphone spy
on her phone. Clearly she wasn’t conversant with what apps were installed in
her phone.
All Apps come with
privacy policy; we choose to grant them permission on installing to access
several features in our phones. This is one sector full of loopholes and
insecurities. It’s very wide and what I recommend is you read on every app
Privacy Policy and Reviews before installing.
One other thing is never
avoid linking your personal contacts with public accounts. Restrict view of
personal contacts as much as possible.
Do we have enough Data
Protection Laws?
Well in Kenya Data
Privacy (The Data Protection) still remains wanting.
Kenya seemingly is the
Hour Clock arm running after the Seconds Clock arm, when it comes to putting
proper policies, regularization and laws in the ICT sector. The truth is this
sector is growing so fast, people are innovating or borrowing new technologies without
the proper laws to regulate them.
Mobile Banking sector is
one heavily affected sector. There are a lot of Data Privacy issues affecting
the sector. Millions of Money is lost through fraud, accelerated by lack of
proper data privacy policies. While it’s good to note of major improvements to
gap these fraudulent activities in this sector, it is still clear that a lot
still needs to be done.
For instance, what banks
don’t want to tell us is that there is lack of privacy brought in by Mobile
Banking Agents. This is because we end up trusting Mobile Banking Agents with
our Personal details and records of our Financial Transactions.
They need to work on
taking away some records from their agents’ hands or better still bind their
agents to a law and regular audit.
Not only are we slow in
putting proper regulations in place but even introducing industrial driven ICT
curriculums in our Higher Educations. We import some technologies and spend
years before a curricular is introduced to generate enough skills to steer
regulations in the sector.
One would think Kenya
having an upper hand on M-pesa Mobile money transfer would have set up a
Curriculum in the University, let alone research institution on these
technologies.
Under the 2009 Science,
Technology, Innovation Policy and Strategy, it is recognized that social and
economic growth of any country is largely a result of the transformation of
knowledge, science and technology into goods and services. Integration of ST &
I in national production processes is central to the success of Government’s
policy priorities and programmes as outlined under Kenya Vision 2030.
In the meantime, take
time to learn about new technologies and don’t be so fast to use them before
understanding their Data Privacy Policies. Plus, please consult with and IT
conversant person or trust your search Engine reviews.
The power is on your
hands.
The choices you have are
to be wise and cautious. This is a chameleon sector, every day a new technology
is on the market and the power to protect your data is handed to you, so you
better know where to tick, ignore or put on pending.
There is so much power
placed on you as a user. Don’t just click agree or install. Read those tedious
terms, it’s a data world.
It isn’t new that social
networking sites and Apps are growing fast and taking an integral active part
of many lives, a large percentage of Kenyan youth population use either of the
social networks, but you probably won’t be happy to know that the social media
is also being used by marginal (criminal) groups in society-, Burglars, Drug
peddlers, Inciting Tool etc.