I&M Bank House, 5th Floor, 2nd Ngong Avenue, Upper Hill, Nairobi, Kenya

Kenya’s Cybercrime Regulations

INTRODUCTION 
In a bid to provide a more comprehensive and coordinated approach to cybersecurity, the Kenyan National Assembly recently approved the Computer Misuse and Cybercrime (Critical Information Infrastructure and Cybercrime Management)
Regulations, 2024 as read together with the Computer Misuse and Cybercrimes Act (2018). The main objective of the Regulations is to refine Kenya’s ability to defend itself against cyberattacks by establishing a framework for protecting critical infrastructure.
 

ADVANTAGES OF THE REGULATIONS ON KENYA’S CYBERSPACE 

  • The Regulations outline measures to protect critical infrastructure, including risk management, incident reporting guidelines, information sharing, and cybersecurity awareness and training, to strengthen the country’s defence against cyberattacks. 
  • The National Computer and Cybercrimes Co-ordination Committee is also established by the Regulations in order to promote a more coordinated approach to cybersecurity. The Committee ‘s goal is to streamline information sharing, improve collaboration across sectors and ensure a unified front against cyber-attacks.
  • The Regulations also aim to deter potential attackers by outlining chargeable offences that are directed towards critical infrastructure. This could discourage criminal activity and lessen Kenya’s appeal as a target.

CONCERNS THAT ARISE FROM THESE REGULATIONS  

  • Even though the Regulations are read in conjunction with the Data Protection Act, 2019 there are still some concerns about privacy as the government has been granted extensive powers to monitor internet activities, which could result in extensive surveillance. 
  • The Regulations are also restrictive and might pose a threat to the growth of the technology industry. For innovation to not be stifled, it is critical to strike a balance between security and promoting a thriving digital economy. 

CONCLUSION
The success of these regulations will depend on finding a middle ground between cybersecurity and safeguarding people’s freedoms. There is need for careful implementation of these regulations to ensure that Kenya has a safe and secure digital future.