SoylentNews is people
SoylentNews
The head of Kenya's Communications Authority, Francis Wangusi, announced a new set of regulations on Tuesday aimed at combatting cybercrime in the country. The new rules would require all users of devices with wireless networking capability to register their devices with the Kenya Network Information Centre (KENIC)—much in the same way that some US states require registration of assault rifles and sex offenders.
Yesterday, in a speech before the annual general meeting of the Association of Regulators of Information and Communications for Eastern and Southern Africa (ARICEA), Wangusi said, "We will license KENIC to register device owners using their national identity cards and telephone numbers. The identity of a device will be known when it connects to Wi-Fi." He also said that the Communications Authority would set up a forensics laboratory within three months to "proactively monitor impending cybersecurity attacks, detect reactive cybercrime, and link up with the judiciary in the fight," according to a report from Kenya's Daily Nation.
The registry will enable Kenyan authorities to "be able to trace people using national identity cards that were registered and their phone numbers keyed in during registration" if the devices are associated with criminal activity on the Internet, Wangusi said. The regulation would apply to anyone connecting to a public Wi-Fi network. KENIC would maintain the database of devices; anyone connecting to a public network at a hotel, café, or other business would be required to register before accessing it. If businesses providing Wi-Fi fail to comply with the regulation, they could have their Internet services cut off.
Original Submission
(Score: 1) by meustrus on Thursday July 02 2015, @09:06PM
It sounds like this would mainly apply to public Wi-Fi. Mainly because licensing users for their own personally owned hardware doesn't make sense. So if we're talking about public Wi-Fi, this does make sense in the case of liability. If a crime is committed on Wi-Fi, is the business hosting the internet liable for the crime? Such a scheme would effectively eliminate public Wi-Fi, so no. Is the business responsible then for maintaining enough information to help law enforcement identify the real culprit? Because if not, there is no accountability. So this is a totally reasonable proposal so far; let's understand the reasoning behind it before we attack it for its technical failings.flaws
The fact is that internet activity does not necessarily leave the kind of identifiable evidence that physical activity does. Just about the only thing it always leaves is a MAC address, which I would see as a fingerprint. So is it reasonable to require all users of public internet in a country to effectively register their fingerprints to do so? Probably not. And the fact remains that criminals are usually pretty dumb. They will log into Facebook or Twitter or their email account in the same session as loading up some hacking script they bought off a crappy web site. Anybody smarter than that, however, is probably thinking about using a proxy or spoofing their MAC address. The law cannot keep up with whatever schemes the smart criminals will use to stay hidden.
So what can be done to really solve this problem? Because without real solutions, simply telling the politicians that their solutions won't work just isn't going to cut it.
If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?