Kenya as a Technological Hub
Kenya is one of the leading innovation hubs in Sub-Saharan Africa. With over 70% internet penetration, an innovation ecosystem, and access to regional and international markets, Kenya’s technological muscle has been tightening (as reported by Kenya Investment Authority). Nonetheless, with the growth and development in technology, the Confidentiality, Integrity and Availability (CIA) of our data have come into question. How are our local companies protecting our data assets against data breaches?
Complaints on Data Breaches and Other Privacy Concerns
Reading through tweets by Kenyans On Twitter (#KOT), a serious concern has been raised over the safety of our local data systems. For instance, let me sample two of their observations:
- Safaricom – Through Safaricom’s “mySafaricom App”, some users were able to view transactions, phone numbers and even linked third party accounts (KPLC, Banks etc.) of “other” users.
- Equity Bank – Some users of Equity Bank have complained of abnormal transactions on their statements. Some have had their account balances cleared by unknown people, and some have had their accounts closed and deleted from the Equity bank systems.
All these occurrences are not merely coincidences but point to design and development flaws that do not uphold the CIA of cyber security. Mark you, these are just two examples of the many.
In the past couple of months, we have witnessed a boom in loan application apps. Branch, Tala, OKOA and many others seem to be a pre-determined feature for almost every smartphone. During registration, these apps collect a user’s data assets with some requiring special permission to view user contacts, gallery, messages, and call logs. It is however not clear what this data is used for. An article worth your attention by Standard Digital is “Why your favourite loan app might turn you into a pariah”. Another interesting read is “Survey: Lenders breaching privacy”.
Ignorance Vs. Insufficient Information
As consumers of these technologies, are we simply ignorant of these data breaches or are we poorly informed about the importance of our cyber security? Do we have enough valuable channels to sensitize us on the need for accountability or are we resigned to this fate? Do we even value our cyber space? We need to take up a proactive role in ensuring that our local companies show the bare minimum effort towards the safety of our data. You have no idea what your leaked email, phone number, bank account or any other data can be used to bring you down to your news. You can ask those who had their bank accounts cleared what they feel about data protection and security. For now, think about it.