By Victor Bwire
Your online identity must be handled with the same seriousness as your offline identity, and by extension, your personal safety. Journalists and human rights activists are especially familiar with this reality. This has been evident, most recently, after the June 25, 2024, Gen Z demonstrations, where arrests of activists were aided by digital mass surveillance methods and digital products such as mobile phones.
At the policy level, human rights defenders and freedom of expression advocates continue to push governments to stop enacting laws and administrative codes that criminalize the use of digital platforms and content in Kenya. Yet, it is clear that we also need deliberate efforts to promote personal online etiquette and safety practices to reduce exposure to harassment, especially by security agencies.
Even though it is evident that mass surveillance by security agencies, communication data extraction with the help of telecom providers, and digital identity sharing by states constitute a clear invasion of privacy and violation of data protection rights, it is naïve to assume that such practices are fully restrained by law. Laws such as the National Intelligence Service Act, the Prevention of Terrorism Act, and other national security-related statutes still allow various forms of surveillance. Your private communication is routinely monitored, and your location may be shared for various reasons, just consider how mobile scammers or Kamiti-based fraudsters are tracked and apprehended.
It is therefore imperative for those working on sensitive issues, including journalists and activists, to invest in digital safety measures. This is especially crucial even as advocacy campaigns continue to fight against the use of digital spaces to track, abduct, or restrict freedom of expression and association, both fundamental human rights.
Read More
Globally, internet and telecommunication service providers have been reported to share communication data, including locations, contacts, and private content, with security agencies, even as they publicly deny these claims. The use of spyware and other digital tools to extract data from phones used by journalists and activists, such as unlocking devices and searching for evidence, is now a known fact. Users must be alert and cautious.
Phone tapping is probably the most familiar form of surveillance used against journalists and activists. For example, how do police manage to locate and arrest a person in Busia and transport them to Nairobi in the middle of the night? Even ordinary criminals can exploit your online activity to track, harm, or rob you. Many people unwittingly expose their locations by posting photos or updates like “Mombasa, here I come.” Simply using a mobile phone, connecting to the internet, or checking your email can leak your location. Some software, including instant messengers and social media apps, are especially vulnerable. SMS messages are particularly easy to intercept since they pass through service providers who retain the data.
Vulnerable data includes email traffic, instant messages, and browsing history. Instant messaging platforms such as WhatsApp, Facebook Messenger, and older services like MSN and Yahoo! Messenger are as susceptible to interception as emails, use encrypted platforms like Signal or even Skype where possible.
The unchecked rise of secret mass surveillance, unregulated access to private communication by security agencies, and the digital vulnerabilities of users all contribute to self-censorship, exposure of journalistic sources, and grave risks to journalists, activists, and even their families and friends, especially in cases of abduction involving either rogue security agents or criminals.
There is growing concern about the governance of digital platforms in Kenya, as in many other parts of the world. And while the benefits of a free and open internet outweigh the risks, there is an increasing push for control of the digital space. This has raised legitimate fears over laws that permit unauthorized snooping, not just of journalists and activists, but of ordinary Kenyans, threatening their right to privacy.
Kenya can learn from international and European legal standards, which recognize that information collected or created for journalistic purposes enjoys a special level of protection from search and seizure. Courts have acknowledged that such searches, like extracting data from a journalist’s laptop at a border, can be used to bypass the protection of sources and create a chilling effect on press freedom. These acts are not only alarming and intimidating but can also discourage individuals from continuing their legal professional activities.
We urgently need more public engagement and discourse around the responsible use of digital platforms, particularly in security-related operations, to protect the public from rogue security agents and criminal actors. While the law allows for procedural access to communication data in criminal investigations, who protects Kenyans from the abuse of that very access?
For digital platform users, especially those in sensitive fields: know this, Big Brother is watching. Be a responsible and informed digital citizen.
Remember, when communication and internet providers work with security agencies, they often become the weakest link in protecting your privacy and data, especially if you are a journalist or an activist.
Mr Victor Bwire is the Head of Media Development and Strategy at the Media Council of Kenya.
-1740990380.jpg)
