Kenya and the fallacy of trading individual privacy for national security · Global Voices
Chepkoech Rotich

Image by NoName_13 from Pixabay. Used under a Pixabay license.
Kenya is a democratic nation with a population of over 54 million, and an internet penetration of nearly 50 percent. Like many nations in the global south, this advancement into the digital age is paralleled by inadequate awareness of the right to privacy. In 2021, a survey found that about 54 percent of people have never heard of the right to privacy, creating a dangerous loophole that exposes citizens’ data privacy to exploitation and violation by the state.
True to this, in recent years Kenya has seen a worrying trend of surveillance featuring unbridled data collection exercises conducted by state agencies as well as disproportionate internet and communications monitoring. This kind of unchecked surveillance power is symbolic of the underlying autocratic tendencies of the Kenyan government, and presents the perfect  opportunity for state-occasioned human rights abuse in the exertion of political control. The right to privacy is often dishonestly portrayed by the government as a fair price in exchange for national security. Therefore it is imperative, now more than ever, for Kenyans to demand that protecting national security need not be fatal to their right to privacy.
A key highlight of the surveillance trend in Kenya is the integration of a Device Management System (DMS). Over several dates in January of 2017, the Kenyan government through its Communications Authority notified all the local mobile operator networks (MNOs) of plans to install a DMS.
The three telecommunications service providers — Orange-Telkom Kenya, Airtel Kenya, and Safaricom PLC — were ordered to allow the Communications Authority to create connectivity between the DMS and their own systems in order to grant access to information of the subscribers on their network.  The integration of a DMS has been impugned by Kenyan civil society actors who are concerned particularly with its potential to surveil, collect and store among other things, citizens’ call data records, SMS, and mobile money transaction data. In fact, Safaricom PLC which is the MNO with the largest market share in the country refuted the installation of a DMS calling it a “snooping device.”
The Kenyan High Court initially ruled that the DMS posed a threat to the right to privacy. However, within a week, this ruling was overturned by the Court of Appeal, which was of the view that the High Court was jumping the gun, and that there was no real evidence that the right to privacy was under threat.
The Communications Authority has maintained that the installation of a DMS is for the purpose of spying on Kenyans. According to the authority, the intentions of the Kenyan government are to address national security concerns including blocking the use of illegal mobile devices, minimise mobile device theft, rid the market of counterfeit devices, stop SIM box fraud and mitigate revenue leakages from mobile operators within the region. Further, the authority holds that the integration of a DMS is necessary in accordance with Kenya’s international obligations.
These justifications are however disputable as the national security concerns cited are not new or unique to Kenya. By the time that the DMS was introduced, the Communications Authority in collaboration with local MNOs already had a system in place that effectively dealt with the insurgence of counterfeit devices. The country was able to identify counterfeit devices and block or switch off millions of illegal devices. With this in mind, one is only left to view the Kenyan government’s “national security” justifications for DMS as a motte and bailey fallacy.
In framing this debate, it is not uncommon for governments to promulgate national security concerns as tangible threats with the potential of “real” harm against the intangible threats and harms of privacy violations. The issue here is that the right to privacy is depicted as a reasonable barter for national security. When surveillance is painted as something that is necessary for safety, the infringement of the right to privacy doesn’t seem so bad.
This trivialises the true effect of surveillance on civil liberties and human rights and the reality is much more bleak. When the right to privacy is fractured on a national scale by actions such as surveillance, a myriad of other human rights suffer in a sort of domino effect. This is owing to the fact that human rights are intersectional; the right to privacy supports the enjoyment of other fundamental freedoms such as expression, information, association, as well as various rights of arrested persons — such as the right against self incrimination.
For marginalised communities, such as the LGBTQ+, the right to privacy is quite literally a matter of life and death as they rely on anonymity to exist safely online and offline. For women, there exists a direct correlation between data privacy violations and online gender based violence. This brings into question whether national security can truly exist in a society devoid of individual privacy. The intersectional nature of human rights demonstrates that the right to privacy is integral to the full enjoyment of civil liberties in a democratic society. Therefore it cannot be sacrificed without compromising the entire web of global human rights.
As Kenya, and the rest of the world (the global south in particular) advances into the digital age, there is an apparent need to bolster the right to privacy. Kenyan civil society is taking steps towards the implementation of digital security literacy programs, a good example of which is the ongoing collaboration between Amnesty and the Office of the Data Protection Commissioner who in May 2023 concluded a pilot for county-awareness digital security and data privacy trainings. This requires that we reframe the right to privacy vs national security debate to reflect the necessity of the right to privacy in our democratic worlds. Further, we need to be more sceptical and critical of the justifications for limiting the right to privacy.