CA refutes claims it plans to monitor citizens’ calls and messages through its device management system


Communications Authority of Kenya (CA) has refuted claims that is implementing a device management system (DMS) with the express intention of monitoring and accessing private data of mobile phone users.

The Authority has further denied more reports that they have, at the behest of government, asked mobile network operators and service providers to allow CA’s agents to modify mobile networks to gain access to all information on mobile devices, including details on subscribers’ communications such as voice calls and SMS messages, as well as mobile money transactions, in blatant breach of existing laws.

On Thursday 16th February, 2017, Consumers Federation of Kenya (COFEK) announced its opposition to the plan, calling it an attempt to monitor citizens’ calls and text messages with the help of a device management system set to be imposed on mobile network operators.

COFEK announced on its site: “We are shocked to learn that the Communications Authority has imposed on mobile network operators a device management system – a mechanism that will effectively compromise consumer privacy, indiscriminately monitor calls and text messages while exposing consumers to higher billing and occasion poor quality services.”

In response, the CA released a statement noting that over the years it has deployed various systems to ensure that only authorized communications devices are in use in the market, as provided for in the ICT sector law.

The statement further said that the deployment of these systems is informed by the fact that telecommunications systems and devices only work well if they comply with the prescribed technical standards. Compliance with technical standards ensures conformance and interoperability between the various systems that constitute the telecommunications network and goes a long way in addressing the challenge of illegal termination of telecommunications traffic, the Authority added, noting that the law only allows type-approved and genuine mobile telecommunications equipment to be used in the country.

“The proliferation of counterfeit devices, often illegally imported and acquired by the public, presents a serious challenge to mobile networks and subscribers. Besides compromising the optimization of mobile networks, such illegal devices degrade the quality of service available to users. The use of counterfeit devices poses a great security threat, because such devices do not provide for effective identification or traceability of network transactions/users,” added Director General CA, Francis Wangusi in a statement.

SIM-boxing, which is used by unscrupulous people to illegally divert and terminate telecommunications traffic, not only poses a security threat but also leads to loss of revenue to both mobile operators and government through evasion of taxes, the CA said.

The implementation of this system is also intended to meet the requirements of the East African Region under the Northern Corridor Integration Project Heads of State Summit, which directed each member state to deploy systems that curb illegal by-pass and termination of telecommunications traffic within the context of the One Network Area, the CA added.

The statement also noted that it was against this background that the Authority has continued to revamp the framework for the management of illegal telecom devices in the country, and that the acquisition of a DMS is the second phase of an initiative that saw mobile network operators switch off counterfeit mobile devices in Kenya in 2010.

Subsequently, the Authority, following extensive consultation with industry and other stakeholders including COFEK, facilitated the set up of an SMS-based mobile device verification service, through use of the “1555” short code for use by consumers in confirming the status of mobile devices before purchase. The set up of the device verification system was undertaken with the understanding that there would be a second phase that would involve deployment of a more comprehensive system that would address importation of illegal devices, pre-shipment verification of devices as well as denial of service of devices already in the market, the CA said.

Arising from the above, the Authority said it is in process of deploying the second phase of the system in order to manage the menace of counterfeit devices. The DMS, it added, is being deployed in close consultation with the local mobile network operators. Contrary to the claims raised through COFEK, the implementation of the system is being coordinated by a team that has the involvement of the mobile network operators, CA and other relevant government agencies.

According to the CA, the DMS is a comprehensive system that is not only able to manage entry of devices into the country but equally prevent access of illegal communication devices to mobile telecommunications services. The DMS will be populated by data of all genuine devices (a whitelist), to uniquely identify each device. Once deployed, the DMS shall facilitate denial of service to all illegal communications devices within the country including SIM boxes, counterfeit, substandard, non-type approved and stolen devices.

The DMS has capability to isolate and deny services to the illegal devices as they have the potential of being used by those with criminal intent to compromise security, the CA said.

“It is important to note here that the system is deployed in a manner that facilitates mobile network operators to make reference to the database of all genuine devices (a whitelist) to solely verify the status of the phone device before providing service to the user. This is contrary to reports that the system will be extracting subscriber data for use by third parties,” said Eng. Wangusi.

He further stated that all operators will be required to connect to the DMS and ensure that blacklisted devices do not access mobile services. This process was initiated with the understanding of the operators through a consultative process from the conceptualization stage, he added, concluding that the system will not access subscriber personal information details, and cannot access personal data as claimed in some media outlets and in social media posts.

Do you have a story that you think would interest our readers?
Write to us


Please enter your comment!
Please enter your name here
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.