On Thursday around midday, blogger Cyprian Nyakundi was going about with his normal shopping at Uchumi Hyper and just when he got back into his car, he was blocked and surrounded by mysterious men who were to This direct as flying squad members of the dreaded Alpha One Group. He was briefly held at the parking lot by the three officers who had refused to identify themselves and posed themselves as thugs to further their agenda.
He was questioned on how he makes his money, his sponsors and they were especially concerned how in his young age he could afford to have an expensive car and living a healthy life without a formal job. The officers came armed with background information on his transactions, They questioned his shopping history which quickly tells they’ve been spying on his spending probably from his bank statements which obviously they got illegally from his bank.
The most surprising part is, from his house to the supermarket is less than 20 minutes, and the men managed to get at him under that short time. A simple analogy would point at a possibility that the officers pitched camp around his house and waited for him to step out then trailed his car to the supermarket. He was released after the men made calls to their boss. This was an intimidation mission; they only wanted to send him a message that he can’t hide from the system, They know where you stay, what you eat, where you shop and whom you associate with. How could all this be possible? Simple, They’ve been spying on his phone and his bank transactions, and this is done without any court warrant. This was a coordination of NIS, Safaricom who provided the Intel to the Flying Squad whose mission is largely targeted elimination.
A new report by Privacy International exposes how the government is illegally spying on Kenyans with utmost ease. The investigation focuses on the techniques, tools, and culture of Kenyan police and intelligence agencies’ communications surveillance practices. It focuses primarily on the use of monitoring for counterterrorism operations. It contrasts the fiction and reality of how communications content and data is intercepted and how communications data is fed into the cycle of arrests, torture, and disappearances.
Communications surveillance is being carried out by Kenyan state actors, essentially without oversight, outside of the procedures required by Kenyan laws. Intercepted communications content and data are used to facilitate gross human rights abuses, to spy on, profile, locate, track – and ultimately arrest, torture, kill or disappear suspects, as this report documents. The Kenyan constitution guarantees freedom from torture, cruel, inhuman and degrading treatment and the right to a fair trial as fundamental rights.
These abuses have marred Kenya’s counterterrorism operations and further eroded Kenyans’ already weak trust in the agencies responsible for protecting them. This investigation also explores the potential impact of unaccountable communications surveillance on the upcoming 2017 election cycle. The National Intelligence Service (NIS) regularly shares information with police agencies, some of whom have been engaged in gross human rights abuses, according to multiple independent media, civil society, and Kenya National Commission on Human Rights (KNHCR) investigations. The NIS appears to have direct access to communication networks across Kenya.
This direct access means that the network operator itself has little to no knowledge of the interception of communications occurring on its network, and therefore no real ability to check these powers or report the potentially abusive use of communications surveillance powers. The role of the Communications Authority in facilitating direct access in Kenya requires more scrutiny. All responses to Privacy International’s requests for comment are included in the text. Particularly in an election year, there is a pressing need to begin to reform the practice of communications surveillance, preventing a future threat of greater abuse.
Telecommunications operators end up handing over their customers’ data because they largely feel that they cannot decline agencies’ requests, in part due to the vagueness of the law and accompany telecommunication industry regulations. Several telecommunications operators spoke of the threat, either direct or implicit that their licenses would be revoked if they failed to comply.
One internet service provider recalled the difference between his experiences with the police and with the NIS: “A [police] agency comes to me, and they give me the Occurrence Book (OB) number of the case they are investigating…. The NIS has unfettered access to data.” The NIS simply contacted this operator for the data it required. “They will say ‘give us [data for] whenever X calls Y over this period’, for example…In instances involving terrorism, no warrants are produced. We have to comply, or there is the threat that our licenses [will] be revoked.” A Communications Authority of Kenya (CA) officer confirmed his account: “they’ll get their license revoked [if they do not comply]… If I were them, I’d comply too”.
The NIS is also passively connected to Kenya’s telecommunications backbone. NIS agents analyze and listen to live calls at NIS offices both regionally and in Nairobi, as described by two NIS sources and confirmed by a CA officer. Sources described how NIS-owned BTSes directly access Kenya’s telecommunications backbone. Sources confirmed their presence in operationally significant areas, such as Mandera on the border with Somalia and Mombasa, on Kenya’s coast. Mobile phone numbers of interest will be ‘flagged’ such that they notify the NIS system when they are engaged in a call. “Once we get a red light on this particular person,” stated one NIS agent, “we try checking the contents of his conversation. If it’s trash, we just discard it. If it’s something of interest, we make a move and follow it up.” This enables agents to selectively listen in to and record conversations described two NIS officers. Analysis centers in Nairobi include one office in the Westlands neighborhood, proximate to Safaricom, as well as at the NIS headquarters off Thika road. Targets are reportedly unaware of the operation, according to several former NIS officers.
The major telecommunications providers have at least one law enforcement liaison, a police officer of the Directorate of Criminal Investigations (CID) on secondment. This analysis focuses on Safaricom, by far Kenya’s most popular mobile service provider with over 60% of the market share. At Safaricom, around ten CID officers sit on one floor of the Safaricom central bloc. They provide information to all police branches. Safaricom also has civilian investigators who sit within the Ethics and Compliance Department45 of Safaricom. These investigators’ primary responsibilities are to follow up fraud and misuse allegations on behalf of Safaricom and to assist their law enforcement colleagues in cases in which criminal action may have occurred.
Through an interface, Safaricom officers can query a database that collects information from Safaricom’s call data records, SIM registration, mobile money, and subscriber registration databases. Law enforcement liaison officers are separately able to input requests into a query queue; the interface will render data according to the priority/time it was submitted, according to police investigators and Safaricom staff. Standard call data records list the phone numbers of the initiating and receiving devices, the location of the base transceiver station (BTS), the type of communication (whether a call or SMS), and the duration of the call. Safaricom stated to PI that “only authorized Safaricom staff to have access to systems and tools that can access confidential customer information and this access is controlled and monitored.”
The NIS currently have devices that allow an agent of the small NIS technical unit to geolocate a target through his/her mobile phone. The system appears to consist of a handheld device, roughly the size of a large mobile phone that communicates through an interface operated by analysts at NIS’ headquarters off Thika road, according to one NIS officer and an expert. This NIS interface is linked to a database which contains live BTS location data and call data records.
Several sources also described that the NIS have a device contained in a vehicle which appears to function like an IMSI catcher.53 An IMSI catcher is phone monitoring equipment that is able to intercept communications “off-the-air” of surrounding devices actively. An IMSI Catcher performs interception by presenting itself as a base station amongst the mobile network: the station that your phone connects to when it wants to place a call or send a message. The IMSI Catcher mimics a base station by entering the network as the most powerful base station available, meaning that all mobile phones operating within the same area connect to the IMSI Catcher’s base station. Once connected to the IMSI Catcher’s base station, the Catcher has the mobile phone provide its IMSI and IMEI data. Once these details have been gathered it becomes possible to monitor the operation of the phone: the voice calls taking place, the messages being sent and the location of the Phone.
Read the full report below;track_capture_final