We must tread carefully on cyber security


In most African families we rarely allow our children to explore. There are just too many rules that stand in the way of creativity and innovation.

In Kenya, we have done extremely well in the adoption of ICTs. This is a field that requires a lot of creativity, but we may just end up killing that creativity with too many rules and regulations in trying to counter computer crime sometimes referred to as cybercrime or netcrime.

Netcrime is defined as criminal exploitation of the Internet. Halder and Jaishankar authors of ‘‘Cybercrime and the Victimisation of Women: Laws, Rights, and Regulations,’’ define cybercrimes as: “Offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm to the victim directly or indirectly, using modern telecommunication networks such as Internet and mobile phones.’’

Such crimes may threaten a nation’s security and financial health. Issues surrounding these crimes have become high-profile, particularly those surrounding cracking, copyright infringement, child pornography, and child grooming.

There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise such as the Snowden case in America. Even with crime, there is a compelling case for allowing Internet to grow.


The recent McKinsey report, ‘‘Lions go Digital: The Internet’s transformative potential in Africa,’’ says 16 per cent or 163 million Africans use the Internet.

Internet contributes $18 billion to GDP and by 2025, it will add more than $300 billion to GDP. Mobile penetration is getting close to 80 per cent. The report shows how to unlock the Internet’s full potential in several sectors including health, education, financial services, retail, agriculture and government.

Here in Kenya, productivity gains especially from financial services are redefining the global financial landscape.

In the agriculture sector, mshamba and i-cow are recreating future agricultural practices. A pilot digitalisation project at Kenyatta National Hospital shows we can cut as much as 40 per cent of the health cost.

But to deepen these gains in productivity, it will not be just applications. We must digitalise government services such as payments and registries as well as educational material.

Africa is barely getting into the Internet economy yet we want to put excessive legislation in place. By 2017, the global cyber security market is expected to skyrocket to $120 billion from $64 billion in 2011.

The industry sometimes lies with statistics that in most cases do not make any sense. Gullible nations are spending a fortune on cyber security. Even countries with less than one per cent Internet penetration are talking about cyber security.

The truth of the matter is that not much of Africa’s content is on-line and as such is not vulnerable to any attacks. Further, if you compare the actual amount lost in cyber security verses the gains in productivity, such an amount is inconsequential.

Virtually all studies on cyber security confirm that the dangers of cyber-crime are the result of malicious insiders to organisations in both (as evidenced in two high profile cases in America) public and private sectors.

Cyber-attacks are often a popular way for insiders to commit crimes, simply because in their countries, so much business in the public and private sectors is done electronically, and because even non-technical employees - particularly in the younger generations - are more technologically savvy than they have been in the past. But focusing protection efforts on cyber controls alone is a mistake.

There is need for broader understanding why such crime takes place. Proper parenting and behavioural change may yield better results than excessive legislation.

It is for this reason in my view that national electronic legislations are sufficient. The African Union has come up with a Draft law, African Union Convention on the Confidence and Security in Cyberspace (“the AUCC”) which is scheduled for final passage at an AU meeting in January 2014.

The AUCC, if passed in its current form, will have substantial negative effects to Africa’s online economy and social culture.

It is in this regard that we implore the AU to delay passage of the AUCC until stakeholders within individual African countries have been given a formal opportunity to be heard. The problem of cybercrime presents us with great opportunity for technological innovation.

Dr Ndemo is a senior lecturer at University of Nairobi and a former permanent secretary, Ministry of Information and Communication.