Kenya’s Communications Authority (CA) has issued a directive requiring firms handling critical services to register their web addresses on Kenyan internet domains (.ke domains) within six months. This decision, announced by CA Director-General David Mugonyi on August 1, is aimed at enhancing cybersecurity for essential national infrastructure.
The mandate stems from a meeting of the National Computer and Cybercrimes Coordination Committee (NC4) held on March 14. NC4, a multi-agency entity, coordinates national cyber security matters and facilitates international cooperation in addressing computer and cybercrime issues in Kenya.
The directive applies to a wide range of critical entities, including mobile communication and internet connectivity firms, judicial institutions, the national electoral body, and security agencies. It also encompasses national health institutions, food quality and safety entities, aviation systems, railway and road transport support services, power generation and transmission structures, and other essential services.
Mugonyi emphasized that these organizations must ensure the security and reliability of any .ke domain names they use. Currently, several major organizations have yet to comply with this order. Airtel Kenya, national carrier Kenya Airways, and the Kenya Seed Company still use .com domains for their web addresses. Similarly, the Kenya Agricultural & Livestock Research Organisation (KALRO) continues to use a .org domain.
Proponents of the local domain argue that it offers several advantages. It facilitates easier access to target markets for businesses and other entities, encourages interactions with specific markets, and potentially provides better control and security oversight for the country.
The Kenya Network Information Centre (KeNIC) is the body responsible for registering and issuing .ke domains in the country. Recent data from the CA shows growth in the adoption of local domains. During the first quarter of 2024, the number of registered .ke domains increased by 2.3%, rising from 105,936 in December 2023 to 108,338. The .co.ke sub-domain remains the most popular, accounting for 84.8% of the market share.
This initiative aligns with global trends, where countries are increasingly focusing on localizing critical digital infrastructure to enhance national cybersecurity. By mandating the use of .ke domains for critical services, Kenya aims to create a more controllable and potentially more secure online environment for its essential services.
The six-month timeline given by the CA suggests urgency in implementing this change. This move may also have implications for international businesses operating critical services in Kenya, as they will need to adapt their online presence to meet these new requirements.