The Cabinet Secretary for Interior and National security is inviting comments from the public on the draft Computer Misuse & Cybercrimes regulations 2023. A taskforce appointed by the ministry in May this year has successfully formulated the draft regulations.
Hence, the Taskforce invites institutions, organizations and individuals to submit their comments. The public participation phase is an important step and a constitutional requirement.
The public are advised to share their comments and submissions via email or to hand deliver to the taskforce secretariat at Harambee house. In addition, Taskforce will hold open citizen engagement forums in eight regions across the country. You may view the different venues, email and physical address here.
Notably, this call for submissions runs from 29th August to 19th September 2023.
Computer Misuse & Cybercrimes Regulations 2023 Objectives
Of the note, the draft regulations primarily focus on the following items:
- Provide a framework to monitor, detect and respond to cybersecurity threats in the cyberspace belonging to Kenya.
- Provide for frameworks for establishment and management of Cybersecurity Operations Centres.
- Provide for protection, preservation and management of critical information infrastructure.
- Provide for audit and inspection of national critical information infrastructure.
- Provide for recovery plans in the event of a disaster, breach or loss of national critical information infrastructure or any part of it.
- Provide a framework for capacity building on prevention, detection and mitigation of computer and cybercrimes and matters connected.
- Promote coordination, collaboration, cooperation and shared responsibility amongst stakeholders in the cybersecurity sector including critical infrastructure protection.
- Provide for mechanisms for cybercrime management among others.
The heavy focus on cybersecurity will be welcome given recent reports that critical systems and infrastructure in Kenya have been subject to cyber-attacks in recent weeks. In addition physical infrastructure have been subject to attacks by bad actors eg. Al shabaab
Another item worth noting is the provision for regulatory frameworks to manage the National Public Key Infrastructure (NPKI). The taskforce is the first to formulate policies and standards for the NPKI.
The NPKI refers to a system for the creation, storage, and distribution of digital certificates which are used to verify the online identities of individuals or institutions.