For sometime now, Kenya has continued to enjoy pole position as far as innovation and application of ICT’s is concerned. We have been hailed as an example of how, if applied correctly, ICT’s can be a catalyst for development. Kenya found itself here not by chance, but thanks to the forward-thinking leadership that put in place progressive policies, guidelines and regulations to spur the growth of ICT’s.
At around the turn of the century, Kenya formulated progressive policies, laws, regulations and guidelines that guided the growth and direction of the then nascent ICT sector. This was through the Kenya Communication Act (Cap 411A) of 1998 which underwent subsequent amendments thus: Kenya Communications (Amendment) Act of 2009, and the Kenya Information and Communications (Amendment) Act , 2013. These laws were informed by government policy towards ICT. To simplify the relationship between all these documents, Policy documents influence or result in laws (acts of parliament) which in turn result in sector guidelines and regulations (handled by the regulator). This therefore means that if we get the policy wrong on the onset, then all subsequent action plans and sector laws will be off target or with undesired outcomes.
With the rapid changing ICT sector, the task of a country keeping itself current to these changes can be daunting. I would say we did very well at the onset despite several challenges that arose. One of the most common example of where policy/laws/regulations lagged behind and failed the citizens was in the area of data protection which led to a lot of mobile phone fraud (ala Kamiti/’mtoto ameumwa na nyoka‘ SMSs) which has led to rampant identify theft and mobile money fraud. Another area that is facing challenges due to poor or delayed policy, laws and guidelines is on the infrastructure front on matters to do with protection of ICT infrastructure from accidental damage, vandalism and sabotage. Cybersecurity too is becoming a big problem especially now that many offline business transactions are going online and social media.
The above examples show that it is very risky for any country to have lagging policies/laws/regulations on matters ICT. It becomes very difficult to reverse any established ICT related vice using laws once technology gives laws a wide leading gap. To correct this often involves not just new laws, but adoption of newer technologies, whose cost is often passed on to the end users. In summary, lagging laws end up eroding any financial or technical margins we have. This is already happening on the e-commerce space where the lack of proper national physical addressing system, delayed data protection and cyber security laws led to the loss of trust in online transactions and higher operating costs by the vendors due to a poor national addressing system.
There is a saying that often, innovation leads regulation. This is true, the question however is by what margin or gap should regulation lag behind the innovation curve? Due to accelerating pace of technology advancement, this lag needs to be smaller and smaller. This is however not happening in Kenya. The Kenya Information and Communication policy guidelines were recently gazetted after nearly 4 years of review and deliberations. This is too long. The period of time it took to make these amendments is very long in the ICT universe and a lot has changed, making some of the documents content obsolete or near obsolete. Several examples below.
When the gazetting took place, many media pieces focused on the policy proposing that ICT companies can only be considered as Kenyan or local if the shareholding includes 30% local ownership. There is hue and cry over this as many seem to misinterpret the law to say that foreign owned ICT companies will not be allowed to operate in Kenya without 30% local ownership. This is far from the truth. What this says is that the government will give preference to Kenyan ICT companies when awarding govt tenders and then goes ahead to define what a local company is. This therefore means a foreign company can still operate in Kenya and still get government ICT tenders but can drastically increase it’s chances of being awarded the tenders if they meet the 30% local ownership. This is different from saying that only locally owned companies can operate in the Kenya ICT space.
The focus of the policy’s critics should however been on the fact that its taking very long to enact or gazette policies and laws on matters ICT in the country leading to a lag that is costing us our competitive advantage as a country. We stand to lose the gains made so far if we are not nimble enough to change with the times by ensuring that our legal, institutional and regulatory framework development curve closely follows the innovation curve.
As a country, we also can claim leadership in the region and Africa on our institutional framework setup. We have an extremely vibrant for forward-looking ICT regulator and bodies that are tasked with directing and spur uptake and use of ICT in our socioeconomic activities. We must however take care to avoid the pitfalls that seem to befall these institutions that are sometimes come across as being more interested in revenue generation than carrying out their mandate.The focus on levies by both parastatal/national and county governments for wayleaves means that governments will tend to take the approach which maximizes their revenues as opposed to an approach that is geared towards successful rollout of ICT services. A few months ago, the ICT Authority issued a notice that would have made all fiber plant operators to pay a levy to them in addition to seeking approval for cable laying on top of the already existing levies by local governments and roads authorities where these cables pass. I say this because great initiatives such as the National Broadband Strategy (2018-2023) might not yield much if the implementation of this strategy will be met with hurdles in the name of county levies such as the case when Turkana county government demanded KES 93 million in levies from Geonet Technologies for laying fiber in the county. See story here.
Considering the National ICT policy document has been in the works since 2016, the gazetting of the same close to 4 years later is a mistake we could only afford to make once. In the next few years, if we remain rigid in the quick implementation of these very good policies, laws and strategy documents, we risk losing our leadership in matters ICT in the continent. The rapid adoption of existing and emerging technologies that require trust to shift from offline to the online space for them to succeed (e.g e-commerce) means that legal and regulatory tools and frameworks need to be properly established. A good example is the hue and cry from citizens during the very noble Huduma number registration process. The process failed because of lack of trust that was caused by lack of requisite legislation on data protection being in place due to the nature of data that this registration process was collecting. The rise in cybercrime and mobile money fraud too is as a result of failure to be quick in enacting laws and regulations around online transaction authentication and trust management. For example, there is a disconnect in Identify verification for mobile money transfer as the form of identification is offline while the transaction takes place online, this makes authentication of transacting parties a subjective matter left to the vendor/agent serving you and not tied to a fool proof and objective approach such as online digital ID verification.
AI: A spanner in the works
The nearly four-year delay in the adoption of the new policy coincided with a period of rapid development and maturity of Machine Learning, Cloud hyper-scale computing and data analytics. These three have led to the increasing adoption of Narrow AI systems in many areas of life. The application of AI to algorithms that impact peoples very lives and health. The use and application of ICT’s such as AI now cuts across moral and philosophical areas, opening a Pandora’s box on how this can actually be regulated with the existing policy framework. Forward looking regulators and governments are now re-looking at the ICT regulatory space with AI lens. This is where we should be as a country as far as our national ICT policy is concerned. There is a drive in South Africa by industry leaders to have the local regulator be reconstituted into a more forward looking body that will help the citizens enjoy digital dividends.
Other than AI, the advent of e and m-commerce apps and online shopping brings in new regulatory challenges too. For example what can the regulator do to ensure high levels of trust by the public of online service rating systems and that they are not abused or gamed? Is the 5 star rating on your Uber driver’s profile genuine? are the number of followers for that Instagram shop and it’s reviews genuine? The ICT policy or resultant laws and guidelines in the current market conditions should already be addressing that.
It is my hope that the pending legal, institutional and regulatory framework and tools at our disposal will be implemented with the desired timelines. These include the National ICT Infrastructure Masterplan- NIIM (2019-2029) which is a very key document for the future of ICT services roll-out in this country.Follow @tommakau