This will be a step in the right direction if it comes to pass. Of
implementation???
On Thu, 29 Oct 2020, 08:57 simiyu mse via kictanet, <
[email protected]> wrote:
> A recent development with regards to data accessibility and portability.
>
> ‘Technology giants like Twitter, Facebook and Google will soon come under
> government scrutiny for their handling of personal information belonging to
> Kenyans, the nominee for the position of Data Protection Commissioner told
> Parliament Wednesday.
>
> Appearing before the National Assembly’s ICT committee for vetting,
> Immaculate Kassait said the multinational technology companies will be held
> liable for the use of data belonging to Kenya or Kenyans whether they
> operate locally or outside the country.
>
> The data protection law, approved in November last year, sets out
> restrictions on how personally identifiable data obtained by firms and
> government entities can be handled, stored and shared.
>
> The Data Protection Act 2019 gives the commissioner sweeping powers on the
> investigation of data breaches. These include powers of entry and search
> and issuing administrative fines.
>
> “Even if they are internationally based companies and as long as they have
> data about Kenya, they have responsibility to adhere to laws of Kenya,†Ms
> Kassait, the current director of voter education at the Independent
> Electoral and Boundaries Commission (IEBC), said.
>
> Facebook said in 2018 the personal information of up to 87 million users
> may have been improperly shared with political consultancy Cambridge
> Analytica.
>
> [Link]
>
>
> www.businessdailyafrica.com/bd/economy/facebook-twitter-put-on-notice-for-personal-data-breach-2724682
>
> Regards.
>
> Simiyu.
>
> On Wed, Oct 28, 2020, 3:32 PM Rafe Mazer via kictanet <
> [email protected]> wrote:
>
>> I think the issue is not that there is technically an ability to access
>> your data, it’s that the laws make no ability to make that easy, and easily
>> transferable to third parties to acquire new products and services. The
>> data portability language in the DPA gives up to 30 days, and allows for a
>> “reasonable fee” to be assessed. Those are subtle but significant barriers
>> to achieving the impact of portability being realized in other
>> jurisdictions and I think was an opportunity wasted when the DPA was
>> drafted–despite recommendations to revise this language during the
>> comments period.
>>
>> On Mon, Oct 26, 2020 at 5:00 PM Sidney Ochieng via kictanet <
>> [email protected]> wrote:
>>
>>> A bit late to this discussion. I’m surprised that the entirety of this
>>> discussion didn’t mention GDPR’s data portability requirements or Kenya’s
>>> own Access to Information(A2I) act. The mechanisms for this exist though
>>> this data is not necessarily accessible via API. GDPR even explicits
>>> says <gdpr-info.eu/art-20-gdpr/> that the data be machine
>>> readable and freely transferable.
>>>
>>> GDPR has helped with this in Europe, and it applies to every company
>>> that has data on European citizens no matter where in the world they are,
>>> and it comes with stiff fines for non-compliance. If we look at it locally
>>> I’m yet to find any public entity that is in compliance with any part of
>>> the practical aspects of A2I act, including the CA of whom I’ve made a
>>> couple of requests that seem to have disappeared into the ether.
>>>
>>> Even organisations like Safaricom that have the technical and financial
>>> capicity don’t make it clear how to go about getting information from them,
>>> given that for sure they have Europeans on their network I wonder whether
>>> they’re GDPR compliant and if that process is accessible to Kenyans.
>>>
>>> Listers the A2I was passed in 2016. How many of us have tried to use it
>>> to get information from an entity, public or private? What was the outcome?
>>>
>>> On Tue, 13 Oct 2020 at 11:11, John Kieti via kictanet <
>>> [email protected]> wrote:
>>>
>>>> Dear Listers,
>>>>
>>>> Just a random thought. What if the law entitled users to a periodic
>>>> (eg. quarterly) download of all data collected of them by large platform
>>>> companies (including telcos); and the users could grant file access to the
>>>> competitors as the user migrates? What if it was API-based data access that
>>>> the user could grant to third parties including competitors?
>>>>
>>>> What if there was an automated data depository eg. for telcos; whereby
>>>> I can invoke the right to access all the data the telco holds of me, and I
>>>> proceed to grant the data depository access to my data, automatically
>>>> retrieved from my telco A. That way my data *anonymized or otherwise
>>>> permitted* can be accessible from the depository and aggregated with
>>>> other peoples’ to develop services on top of the data layer by third
>>>> parties such as startups, data mining & research services, and even telco B
>>>> which competes as an underdog with telco A.
>>>>
>>>> The assumption would be that the user owns the data held by the
>>>> platform/telco which has already got its head start with appropriating my
>>>> data by collecting it in realtime. It would also be assumed that access to
>>>> my data in the depository is only by licensed entities under stringent
>>>> rules that respect my access permission settings.
>>>>
>>>> What could go wrong with such an approach to user data? What could go
>>>> well?
>>>>
>>>> Any thoughts?
>>>>
>>>>
>>>> —
>>>>
>>>> John Kieti
>>>> Phone: +254-735-764242 // +254-722-764242
>>>> Twitter: @johnKieti
>>>> Blog: gmeltdown.com <www.gmeltdown.com> // LinkedIn:
>>>> ke.linkedin.com/in/*kieti* <ke.linkedin.com/in/kieti>
>>>>
>>>> The ordinary just won’t do
>>>> _______________________________________________
>>>> kictanet mailing list
>>>> [email protected]
>>>> lists.kictanet.or.ke/mailman/listinfo/kictanet
>>>> Twitter: http://twitter.com/kictanet
>>>> Facebook: www.facebook.com/KICTANet/
>>>>
>>>> Unsubscribe or change your options at
>>>> lists.kictanet.or.ke/mailman/options/kictanet/sidney.ochieng%40gmail.com
>>>>
>>>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>>>> for people and institutions interested and involved in ICT policy and
>>>> regulation. The network aims to act as a catalyst for reform in the ICT
>>>> sector in support of the national aim of ICT enabled growth and development.
>>>>
>>>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>>>> online that you follow in real life: respect people’s times and bandwidth,
>>>> share knowledge, don’t flame or abuse or personalize, respect privacy, do
>>>> not spam, do not market your wares or qualifications.
>>>>
>>>
>>>
>>> —
>>> Regards,
>>> Sidney
>>>
>>> *Twitter:* @princelySid
>>> sidneyochieng.co.ke
>>> *Skype: *sidney.ochieng | *Github:* princelySid
>>> <github.com/princelySid>
>>> _______________________________________________
>>> kictanet mailing list
>>> [email protected]
>>> lists.kictanet.or.ke/mailman/listinfo/kictanet
>>> Twitter: http://twitter.com/kictanet
>>> Facebook: www.facebook.com/KICTANet/
>>>
>>> Unsubscribe or change your options at
>>> lists.kictanet.or.ke/mailman/options/kictanet/rafe.mazer%40gmail.com
>>>
>>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>>> for people and institutions interested and involved in ICT policy and
>>> regulation. The network aims to act as a catalyst for reform in the ICT
>>> sector in support of the national aim of ICT enabled growth and development.
>>>
>>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>>> online that you follow in real life: respect people’s times and bandwidth,
>>> share knowledge, don’t flame or abuse or personalize, respect privacy, do
>>> not spam, do not market your wares or qualifications.
>>>
>> _______________________________________________
>> kictanet mailing list
>> [email protected]
>> lists.kictanet.or.ke/mailman/listinfo/kictanet
>> Twitter: http://twitter.com/kictanet
>> Facebook: www.facebook.com/KICTANet/
>>
>> Unsubscribe or change your options at
>> lists.kictanet.or.ke/mailman/options/kictanet/kensimiyu%40gmail.com
>>
>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>> for people and institutions interested and involved in ICT policy and
>> regulation. The network aims to act as a catalyst for reform in the ICT
>> sector in support of the national aim of ICT enabled growth and development.
>>
>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>> online that you follow in real life: respect people’s times and bandwidth,
>> share knowledge, don’t flame or abuse or personalize, respect privacy, do
>> not spam, do not market your wares or qualifications.
>>
> _______________________________________________
> kictanet mailing list
> [email protected]
> lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: www.facebook.com/KICTANet/
>
> Unsubscribe or change your options at
> lists.kictanet.or.ke/mailman/options/kictanet/fmwangangi1%40gmail.com
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people’s times and bandwidth,
> share knowledge, don’t flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
_______________________________________________
kictanet mailing list