Policy Briefs

KICTANet policy briefs.

Name Description Downloads Download File Size
Name Description Downloads Download File Size
This report was created through the joint efforts of KICTANet and the International Center for Not-for-Profit Law (ICNL). On February 23, 2023, these two organizations co-hosted a consultative forum in Nairobi. The forum brought together representatives from various fields, including academia, civil society, government, media, and the legal fraternity. The purpose of the forum was to discuss the challenges, solutions, and opportunities related to digital access and public participation, with a particular focus on women. The discussions aimed to address the barriers that hinder women’s ability to participate in public life and decision-making processes through digital means. 228 downloads Download 2.9 MB
Mapping Kenya’s Cybersecurity Capacity-Building Need 2023
The “Mapping Kenya’s Cybersecurity Capacity-Building Needs” policy brief addresses the growing need for cybersecurity capacity-building in Kenya. The brief outlines Kenya’s cybersecurity capacity-building needs and identifies key recommendations to various stakeholders moving forward. 530 downloads Download 3.2 MB
KICTANet Accessibility of Kenya Government Websites to Persons with Disabilities- ScoreCard 2023

The purpose of conducting the assessment is to influence persons with disabilities' access to ICTs, their lived experiences, and their input towards ICT policy in Kenya. The information posted for public consumption should remain the same for all. This is to promote equity and equality in access to information and online services, supported by the constitutional provision of the right to access information as a basic human right (Constitution of Kenya 2010, Article 35).

216 downloads Download 1.3 MB
This policy brief looks at the relevant cyber diplomacy developments within the UN, focusing on the Open-Ended Working Group (OEWG) on developments in the field of information and telecommunications in the context of international security, which concluded its work in March 2021. It provides an introduction to the power dynamics that sets the stage and deciphers Kenya’s positioning within the field of nations. 550 downloads Download 854.4 KB
The Guidebook breaks down data protection principles under the Kenya Data Protection Act, 2019 and other irrelevant policies in simple and fun language. Each chapter has exercises to assess your understanding and a takeaway section with a chapter summary. The guidebook targets women, women human rights defenders, data protection practitioners and gender experts working at the intersection of gender and technology. The guidebook will offer a reference point for users, especially those without a legal background, to deepen their knowledge and understanding about data protection and the gendered impact of data protection on women and spur conversations about data protection aspects that often go overlooked. 1165 downloads Download 3.3 MB
Data Protection and Privacy. A Gender Perspective
Women’s online participation presents data protection issues such as lack of agency and control over data, consent in unequal power dynamic contexts, loss of privacy, discrimination, online gender-based violence targeting women and bias that is compounded when age, class and gender intersect. Kenya has been lauded for having a digitally connected and active citizenry, and indeed providing requisite infrastructure, and an enabling environment for digitization has been a policy priority advanced by the government through the ICT Ministry. However, digitization and wide scale online access is but one side of the coin. The other side is exposure to violations of privacy, bias and online violence, which could be suffered by anyone, but women are particularly vulnerable. Women and young girls are harmed differently than other citizens by these violations, an issue not properly addressed by existing policies and laws.
4774 downloads Download 1.9 MB
Kenya’s Data Protection Act came into effect in November 2019 but soon thereafter, in January 2020, the High Court, in the Nubian Rights Forum Case, declared that the legislation was, in the absence of regulations and institutions necessary for its implementation, still deficient in providing adequate safeguards for the protection of personal data.
At the heart of this pivotal litigation was the collection by the state of personal data for purposes of establishing an integrated identity system and issuing digital identity cards. The High Court excluded DNA and GPS information from the data that could be legitimately collected from citizens, saying it was too invasive to privacy and unnecessary for the intended purpose of civil registration and issuance of identity documents. In addition, the court directed the state to put in place adequate measures for safeguarding personal data legitimately collected to advance the policy objectives of the state.
1715 downloads Download 3 MB
In recent years, as more business, government and civil applications are accessed through the Internet and private networks, the issue of Cyber-security has become a major concern. Every year financial losses, as well as reputational and social embarrassment, are experienced as a result of antisocial and criminal activity in cyberspace. Therefore, it has become necessary for both corporates and governments to invest in securing infrastructure, networks, systems and users, as well as creating policies and laws to mitigate the risks posed by the use of technology.
996 downloads Download 1.9 MB

This brief assesses how the implementation of the Data Protection Act, 2019 will impact the upcoming 2022 Kenyan elections. The importance of this law is that, unlike previous elections, the 2022 election will be the first to be held with a comprehensive data protection law in place.

925 downloads Download 542.3 KB
This study maps the cybersecurity landscape in Kenya with a focus on the fi nancial sector, and advocates for a human- centric approach in cybersecurity. It also provides the Ken-yan country context in legislation, stakeholders, and the fi nancial sector noting the increased access, use and adop-tion of ICTs in the country, which were facilitating the digi-tal payments in the country, and whose value continued to grow as e-commerce became mainstream. 1642 downloads Download 678.1 KB

Authors: Grace Githaiga, Sigi Waigumo Mwanzia and Victor Kapiyo Date: July 2021. This report assesses the extent to which the public participated in three recent ICT policy and law-making processes. These include the National Information Communications and Technology (ICT) Policy, 2019, the Computer Misuse and Cybercrimes Act, 2018, and the Data Protection Act, 2019. While the principle of public participation is listed under Article 10 of the Constitution of Kenya, 2010 as one of the national values and principles of governance, the approach taken by state bodies in the ICT sector to facilitate public participation has been varied.

1647 downloads Download 618.1 KB
Policy Brief No.7, November 2020 By Walubengo John, Barrack Otieno Edited by: Mwendwa Kivuva and Victor Kapiyo. The objective of this study is to establish Kenya’s preparedness to deploy fifth-generation wireless networks (5G). The study reviews the historical progression of mobile networks through to the current 5G mobile technologies. It then highlights the technical properties and use-cases that 5G technologies have under the three categories, namely, the enhanced Mobile BroadBand (eMMB), the massive Machine Type Communications (mMTC), and the ultra-Reliable Low Latency Communications (uRLLC). The study then reviews the global 5G state of play and contrasts that with a situational analysis for Kenya. It finds that whereas the Kenyan legal, policy, and regulatory frameworks are quite advanced, there is no specific, national 5G Strategy in place. This disadvantages Kenya’s ability to attract 5G investments while hampering its ability to stake a claim within the new digital value chain commonly known as the Fourth Industrial Revolution (4IR). The study has established that the country is still not ready to effectively deploy and benefit from 5G technologies - particularly from a strategic, policy, and regulatory perspective. It proposes practical steps that need to be to address this and summarises them under the following:-
  • Set up a 5G Advisory Working Group
  • Publish Harmonized 5G Spectrum Roadmaps
  • Adopt Affordable 5G Auction Prices
  • Adopt a Shared 5G Spectrum and or Infrastructure
  • Enforce Common Wayleave Agreements
743 downloads Download 10 MB
By Mutindi Muema, Tevin Mwenda and Angela Minayo Edited by: Grace Githaiga Digital Identity is one of the current concerns in the Human Rights and ICT sectors in Kenya, given the Government’s Huduma Namba (Kiswahili term for Service Number) initiative and the planned adoption of the Huduma Namba across almost every sector. The Huduma Namba is the name given to Kenya’s digital identification program known as the National Integrated Information Management System (NIIMS)   Unfortunately, over Eighteen Million persons in Kenya do not have legal identification for various historical and systemic injustices, and the shift towards Huduma would result in their further exclusion from access to Government and private sector services. Moreover, Kenya is yet to put in place an appropriate policy, legal and multistakeholder framework to tackle privacy concerns, information security threats, discrimination and exclusion concerns, lack of legal IDs by persons from marginalized communities and regions, best interest of the child, as well as other emerging issues relating to digital IDs.   The goal of this policy brief is to provide a snapshot of the state of policy, legal and institutional framework for identity in Kenya, with a view to informing the future actions by state and non-state actors in the transition to digital IDs in Kenya.   The Policy brief calls for the establishment and implementation of effective policy, legal and institutional frameworks to secure the right to privacy, protection of personal data, inclusion, best interest of the child and fair and responsive administrative procedures. The aim is to address any issues related to registration, legal identity and the administration and use of digital IDs. 511 downloads Download 1.8 MB
Digital Identification Law in Kenya: The State of Play
Author: Prof. Sylvia Kang’ara Edited by: Grace Githaiga and Victor Kapiyo Published by: Kenya ICT Action Network (KICTANet) with support from Huawei. In 2018, Kenya launched a national digital identification system known as the National Integrated Identity System (NIIMS) and later as the Huduma Namba. It was initiated through Executive Order No. of 20181 and given legal effect through amendments to the Registration of Persons Act2. An Inter-Ministerial Coordination Committee on Huduma Namba was set up to steer the enrollment of the public among other functions. The process of enrollment began in early 2019. Subsequently, a lawsuit was filed challenging the constitutional validity of the legislation effecting NIIMS. After the preliminary hearing, the government was allowed to proceed with implementing NIIMS subject to limitations pending the hearing and final determination of the case. The judgement was delivered in January 2020 allowing Huduma Namba enrollment to continue subject to compliance by the government with the court’s directives.   This brief discusses the policy and legislative framework for Huduma Namba. It highlights the issues that have arisen since its launch and the challenges the government has faced implementing the system, particularly the apparent disconnect between the National ICT Policy of 2019 which outlines the government’s policies on digitization and integration of national population registers, on the one hand, and constitutional protections for privacy, data protection, security and inclusivity, on the other.   The key materials evaluated and analysed in this brief are government policy statements, relevant legislation and the documented evidence adduced in the Nubian Rights Forum Case by government officials, expert witnesses and citizen litigants. The review and analysis of these materials is done in order to identify the gaps in digital identification law in Kenya and to advise on how legal pitfalls may be avoided in future. The analysis also shows how the various pieces of legislation on digitization, registration of persons and data protection work together, the new obligations that arise as a result of new legislation and some of the administrative changes that new legislation will precipitate at the risk of legal liability for non-compliant entities. Given the fact of regional integration and globalization and the importance of digital identification in international governance questions, the brief also also discusses the international laws and policies influencing decision-makers in this area.   The brief makes a number of recommendations, chief among them being the need to take into account and ensure compliance with the directives of the High Court. The Court made it clear that digital identification could not take place in a regulatory vacuum that lacked basic privacy protections for citizens and that also lacked an implementation strategy that installed key duty bears in Huduma Namba implementation. The required legislation will need to be passed, gaps in policy filled and vacant administrative positions filed. 1114 downloads Download 7.5 MB

Author: Mwendwa Kivuva and Josephine Miliza
Editor: John Walubengo
Serial (No.4) (August 2020)

Community networks are telecommunication infrastructure built with and for the community to support economic and social activities. These networks are emerging as complementary access models that adopt a holistic approach in addressing the digital inclusion barriers such as digital skills, locally relevant content and applications. They also contribute to local economies, workforce development and fostering social connections. Although community networks have existed for over a decade, the number of these networks in Africa is still few compared to the unconnected population. Lack of awareness, high license, spectrum fees and equipment costs are some of the barriers to entry and growth for community networks.

This policy brief looks at the existing policy and regulatory frameworks including the national broadband policy, ICT policy, licensing framework of telecommunication operators, and frequency spectrum licensing in enabling community networks.

The policy brief also addresses the high spectrum fees which make the Internet inaccessible to poor communities. It recommends the creation of spectrum policies and regulation that specifically target affordable access for the underserved. This can be achieved by expansion of license-exempt frequencies, and adoption of dynamic spectrum licensing and spectrum sharing. It also recommends the streamlining of licensing procedures to make them accessible to communities.

The policy brief also calls for the creation of an enabling policy and regulatory environment for the growth of community networks. For example allowing community network providers to access the NOFBI national fibre optic backbone since the wealth generated by such access will be far greater for the economy than any revenue from network traffic charges. Policies for infrastructure sharing will enable upcoming community networks to have access to the infrastructure of established operators.

Community Network leadership and participants should also be sensitized about the existence of the USF and encouraged to apply to access the fund to build their networks. There is, therefore, a need to have a policy to support capacity building and innovation, especially for women and girls to enable them to have equity in internet access. Finally, there should be a structured dialogue between all stakeholders to find ways these recommendations can be implemented to make community networks ubiquitous.

654 downloads Download 1.8 MB

This study reviews the impact that Over The Top Services (OTTs) such as Skype, WhatsApp or YouTube have had on the traditional telecommunication services. It explores the question of whether OTTs should be regulated or not; and if so, in what way. With the rapid changes experienced in the telecommunications and internet space where new and old services have converged, the traditional Telco providers find themselves with reducing revenues in voice, sms and video segment where their new rivals, the OTT service providers, continue to enjoy increasing revenues.


This comes within the backdrop of developing countries (ATU 2016)1 resolution that argued that OTT service providers take advantage of the prevailing regulatory imbalance that allows them to offer services that are equivalent to regulated services - without necessarily being subjected to the stringent regulatory obligations. Some traditional Telco providers have been known to block, throttle or prioritize some of the OTT traffic as a reaction to reduce the ever-growing bandwidth burden placed on their networks by OTT providers. Such interventions are in breach of the principle of Network Neutrality - where all transmitted data is expected to be treated equally irrespective of its source, type or destination.


The regulatory landscape is further complicated by the fact that OTT providers are global players but with significant local impact. This impact goes beyond competition and includes aspects that touch on content, data protection, privacy and security issues of the local citizens. The study finds that whereas OTTs do provide direct competition to traditional telecom service providers, without being subjected to similar regulatory burdens, the problem may not be resolved by subjecting them to the traditional regulatory frameworks.


Regulating OTTs may require new and different approaches while retaining the basic principles of light regulation - where competitive market forces are given the first priority to resolve outstanding issues. Regulatory intervention is then exercised only where consumers have little or no choices (monopoly environments) or where choice exists but switching costs are too high.


Additionally, regulatory interventions for such new services are best served by multiple frameworks and principles including but not limited to promoting Competitive markets, Network –Neutrality, Cyber security, Data Privacy and Protection.

821 downloads Download 2.3 MB

Technology as a double-edged sword presents huge opportunities to correct the existing gender biases, but in the same breath has lifted and exacerbated offline biases. Concerns about technology-assisted gender-based violence have gained recognition over the last few years. As technology develops, so are the patterns and frequency of cyber harassment. Women and girls are the most targeted. These emerging online harassment threaten safe and secure spaces, reducing women’s ability to use the internet for empowerment or development. According to the Communications Authority, Internet subscriptions in Kenya stand at 39.6 million, among a population of 49 Million.


The popular social media and Internet messaging services are WhatsApp at 12M, Facebook at 7.8M, Youtube at 8M, Twitter at 1M, and Instagram at 1M. The blogging industry has also experienced a parallel growth in terms of the number of users and the diversity of content. Consequently, the number of women internet users and seasonal content creators has grown over time. However, the frequent online attacks and other new forms of cybercrimes have negatively affected women’s participation in these spaces. For example, a study by The Association of Media Women in Kenya (AMWIK) and Article 19 East Africa, indicates that attacks on women journalists often drive them out of the social networking spaces. These attacks may negatively affect their career growth and also affect their income. And yet women journalists depend on online platforms for distribution of their news content and interaction with their audience. This policy brief identifies the underlying issues of cyberbullying by looking at the existing policy provisions and examines a select number of cases involving female celebrities. In each case, discussion points and recommendations are highlighted.

882 downloads Download 7.1 MB
Trends of Online Violence against Women in Politics During the COVID19 pandemic in Kenya

This policy brief is a follow up to our documentation (March 2020 policy brief, Creating Safe Online Spaces for Women ) on cases of cyber harassment against women. In Kenya, online platforms have continued to provide options of perpetrating Violence Against Women in politics. This has discouraged women’s political participation and thus infringed on their political rights and processes. As such, policy outcomes are affected from the underrepresentation of women decision makers. With political tensions colliding with the covid 19 pandemic, a rise in cyberbullying among women politicians has been noted. Accordingly, KICTANet resolved to dedicate a special policy brief on women in politics. Specifically, the brief looks at how the online environment affects women’s political participation and highlights some of the policy provisions to deal with the issues.

The brief notes that the rise of online violence against women is as a result of increased usage of social media platforms during the stay-at-home period. Lockdown measures were introduced, limiting people’s movements, who then sought social media platforms for social and political interactions. The difference in online violence that women in politics experience compared to men, comes from societal norms that perceive men as leaders and women as subjects. Women are expected to play the prescribed societal gender roles such as taking care of their families. Violence against women, is couched in sexual morality where they are publicly judged on how they present themselves or appear online. However, women have also used the internet for innovative political engagements. Some have come up with long term hashtags and while others have online sessions where they engage with the electorate from time to time. These success stories are some of the developments that should motivate new women politicians to stay put in their online participation.

This brief calls for more capacity building initiatives in digital security for women politicians considering that not much ground has been covered in training politicians on digital safety. It further recommends that public institutions work jointly to ensure the implementation of 2/3rds gender rule as provided for in the constitution.

1791 downloads Download 887.8 KB

From the colonial to post-independence eras, Kenyan governing authorities have maintained an ambivalent stance concerning content policy. Infrastructural support for various forms of content has been enabled with varying success over the years, but the substance of content receives great scrutiny, is closely regulated, and in some instances has been outrightly banned. Different content-related policies and laws also reveal a dynamic society that is changing in its socio-cultural conventions, growing in its economic output, and uneasily subject to a conservative, sometimes heavy-handed politico-regulatory structure.



The terms ‘content’ and ‘content ‘policy’ are broad in possible interpretation. Aspects of content – such as cyber security and digital content - have been addressed in other reports such as those by Bloggers Association of Kenya (BAKE) (2018) and Global Partners Digital (2016). This document drew from those accounts as it established a working definition of the term ‘content policy’ and developed a guiding framework that enabled a wide understanding within a manageable scope. While acknowledging the multiple forms of policy making at institutional, individual, and government levels- the document focused on policy-making as undertaken by governing authorities. This document found that where the Constitution guarantees freedom of expression and of media, it allows us to assume that content – its creation, production, and dissemination – is fundamentally a human right.



Content is also big business, especially with the entry of digital media where there are multiple avenues of generating revenues relating to information. An Entertainment and Media Outlook Report (PwC, 2015) noted that in 2015, Kenya’s entertainment and media industry – source of various forms of content - had grown by 9.1% from the previous year to be worth US$2.2. billion and was projected to be worth US$3.3 billion in 2020 (PwC, 2015).



But on the political front, content can be a trouble-maker, in a nation that has transitioned from colonial rule to post-colonial single party rule to evolving multi-party democracy. Socially or politically controversial subjects have led to the banning of plays, television programs or films, as well as detentions and exiling of the content creators. The post-election violence that followed the 2007 election contributed to a sensitivity against hate speech that has been enshrined in the Constitution. Thus the regulation of content receives heightened attention in civil and policy discourse. Laws relating to film, media, access to information, for example have aspects relating to regulating various forms of expression.



There is a tension then about content policy that emerges at the intersection of the economic, political, and human rights points of view. On the whole, content policy in Kenya has achieved great gains in its establishment but receives mixed reviews in how it is implemented. Ngugi (2008) observed that in matters of freedom of expression, our society has experienced great change but little transformation. It is a view that may be extended to various facets of content policy addressed in this document. There are laws enacted in the past two decades that promote an independent press, individual and community rights to information, and copyright and regulatory protections among others. But the implementation of these laws is not always consistent and incidences of media censorship, as well as bureaucratic and other barriers to accessing information speak to some of the prevailing concerns.

1358 downloads Download 2.1 MB
Kenya's Cybersecurity framework. Time to up the Game. December 2019
Cybersecurity is one of the emerging concerns in the ICT sector in Kenya, given the increased adoption of ICT systems across almost every sector. Unfortunately, and even as there is an upward increase in the  adoption of ICTs, institutions have not prioritized cybersecurity as a risk. In addition, the country is yet to put in place an appropriate policy, legal and institutional and multistakeholder framework to tackle the emerging cybersecurity threats. This brief, calls for the establishment and implementation of an effective policy, legal and institutional framework to anticipate, detect, respond and combat cyber threats, and build resilience in the country. 1334 downloads Download 539.9 KB
Current outlook, challenges and policy options for the Fintech sector in Kenya 1223 downloads Download 9.4 MB
Which Intermediaries have your back? How Kenyan Intermediaries Protect Human Rights Online 2019
With greater internet penetration, Kenyans are increasingly using smartphones to access the internet. These gadgets ubiquitously track and generate personal data. They also facilitate numerous applications (apps) provided by third party developers. Some of the trends in app development include betting as well as mobile loan apps. These apps depend on analysis of personal data of the mobile user to offer their services. Such data is of interest to many other parties such as law enforcement, marketers and political actors. How then are users protected from their data being unjustly accessed by third parties? This study sought to assess the extent to which local intermediaries in Kenya promote digital rights with the overall objective of advocacy for improved human rights based intermediary policies. The research is part of a year-long project to initiate discourse and make policy recommendations for internet intermediaries to clarify their rights and responsibilities. The project also aims to create and develop awareness and dialogue about digital rights in relation to intermediaries, thus promote informed usage of intermediary products. A bigger picture goal of this research is to contribute to knowledge on how technology affects the Kenyan society. The study established that there are still challenges in how internet intermediaries handle the rights of consumers who utilize their services. This is exarberated by the increased of uptake of their services on one hand and absence of a clear legal and policy regime on the other. Without regulations detailing the rights of users and the duties of internet intermediaries, there is a likelihood that human rights of the users are possibly abused or violated. Lack of simple avenues for redress was also identified as a pitfall in achievement of digital rights through internet intermediaries. In addition, the study observes that internet intermediaries have adopted varying policies and practices largely to foster their business interests rather than protect the rights of users. Moreover, the level of awareness among users on their human rights online remains wanting. Neither the users, nor the companies appear to recognise the importance of awareness. This therefore calls for urgent action by governments and all relevant stakeholders to work towards addressing this issues. The research calls upon the internet intermediaries to revise their terms of use and privacy policies to make them digital rights based. In addition, be more open, produce annual transparency reports relating to how user data is handled, used and protected, and educate their users. Civil society actors are called upon to promote awareness for consumers on their digital rights, monitor the practices of intermediaries and highlight breaches whenever they occur. In addition, regulate the excesses and seal the gaps being exploited by intermediaries. In the same vein, academia is urged to conduct more research on best practices in respect to the various business models of intermediaries, including the extent to which companies practice the commitments in their policies. It is recommended that the government enacts robust legislation to secure the rights of users, and oversee the policies and practices of intermediaries. 331 downloads Download 1.5 MB
The role of Kenyan intermediaries in upholding privacy 2019
The study recommended the following for different players: Intermedieries should • Upgrade their privacy policies to uphold digital rights including freedom of expression, access to information and the right to privacy. • Produce annual transparency reports relating to how user data is handled. • Be open about how long they hold information, how they use it, and how they safeguard and protect it. • Educate their users on their rights. Civil Society should • Promote more awareness for consumers on privacy online and other digital rights. • Monitor the practices of intermediaries and highlight breaches whenever they occur. • Advocate for rights-based regulation of privacy • Enagage policy makers to have responsive policies for MSMEs Government should • Adopt robust legislation to secure the rights of users, oversee the policies and practices of intermediaries, regulate the excesses, and seal the gaps being exploited by intermediaries. • Implementing the highest standards of privacy where its organs or departments are intermediaries Academia should • Conduct research on best practices with respect to the various business models of intermediaries, including the extent to which companies actually practice the commitments in their policies. • Prepare future generations for the practice of privacy through education on issues such as privacy by design • Provide thought leadership in designing a rights-based information economy that best serves a middle income country like Kenya 369 downloads Download 413.2 KB
Africa Union a guide for Human Rights Defenders in the digital age 2018
297 downloads Download 184.9 KB
400 downloads Download 5.7 MB
402 downloads Download 2.2 MB
Promoting Policy Impact and Inclusive Cyber Policy Making in Kenya 2017
307 downloads Download 112 KB
443 downloads Download 245 KB
Internet Shutdowns Policy Brief 2017
407 downloads Download 612 KB
Don't hit the switch making the case against network disruptions in Africa 2017
392 downloads Download 392.6 KB
322 downloads Download 1.6 MB
KICTANet Strategic Evaluation - Strategic Positioning to Catalyze Growth 2007
338 downloads Download 651.3 KB


Translate »