Intrigues behind surveillance in Kenya detail how the National Intelligence Service (NIS) infiltrates private communication through formal and informal systems to keep the country secure and thwart any possible attacks before they take place.
According to insiders who spoke with Privacy International, NIS was reported to have the ability to intercept both communication content and acquire call data records without warrants while gathering crucial information.
Police in Kenya ought to be granted warrants by the court while pursuing cases according to Cap 75 of the Criminal Procedure Court. The cap, however, specifies incidents that necessitate police to apprehend individuals or search premises without warrants.
An Anti-Terror Police Unit (ATPU) officer told Privacy International that NIS operates without warrants for the sake of investigations. He added that they sometimes coerce telecommunication companies to offer them access to data, which is then painted as legal before a court.
“Telecom operators end up handing over their customer's data because they largely feel that they cannot decline agencies’ requests, in part due to the vagueness in the law and accompanying telecommunication industry regulations.
“Several telecoms spoke of the threat, either direct or implicit, that their licenses would be revoked if they failed to comply,” the Privacy International report reads.
Operators are required, according to the Telecommunications Services Regulations (2014) of the Kenya Information and Communications Act (KICA, 1998), to provide the Communication Authority of Kenya with data disclosure.
CA, prior to offering this information to police, is also required to be compelled by the court. However, some CA officials argue that in their line of duty, they were pressured by NIS to offer information.
“We have to comply or there is the threat that our licenses will be revoked,” one official stated in an interview.
The NIS was quoted as having direct access to Kenya’s telecommunications networks, which allows them to intercept both communications data and content.
Direct access was described as situations where state agencies have a direct connection to telecommunications networks allowing them to obtain digital communications content and data (mobile and/or internet), without prior notice or judicial authorisation and without the involvement of the telecoms or internet service provider.
Activists, however, argue that direct access poses both legal and technical challenges as it has a defined link to arbitrary and abusive practices that impact freedom of expression and privacy.
Infiltration of Telecoms
Insiders further alleged that NIS officers are posted to some telecoms with the latter’s knowledge. However, telecoms questioned on the same refuted such reports.
NIS was, nonetheless, reported to be posting agents to telecoms in undercover operations only.
“If it’s national security, whatever, we will breach protocol. … if it’s urgent, you just make a call. ‘Talk to my boss’…So my boss talks to the charge of security there, and we are given the data, the contact immediately….in a matter of minutes,” an undercover agent narrated.
The presence of these spies raised concern with telecoms employees who claimed that the trend made bosses heighten screening before one is employed and also raised suspicion levels within firms.
“We know they are here because they are always seconded from somewhere else, but then suddenly they’ll disappear. And then you hear your colleagues saying ‘didn’t you know, that guy was NIS?’ They keep very much to themselves. You’ll even find your boss sometimes alluding that you are an NIS agent,” an official then at CA was quoted in an interview with Privacy International.
It was further alleged that NIS agents listen to live calls at NIS offices both regionally and in Nairobi. An NIS source claimed that the agency has direct access to Kenya’s telecommunications system.
NIS officers pursuing crucial cases were said to access the system while following crucial cases, like a threat to national security. Phone calls for those being tracked are flagged and communication channels analysed.
The Office of the President and NIS representatives declined to respond to the reports.
