You can access the ORS Handbook here
Kenya has “increasingly sought to remove online content”, both through requests and increased regulation, that it deems “immoral” or “defamatory”. Following terrorist attacks on civilian targets in recent years, the country has heightened its efforts around counterterrorism as well as online content regulation. Many of Kenya’s legislations have been criticised by civil society for their “broadness”, “vagueness”, and potential “detrimental implications for freedom of expression”. A proposed social media bill, if enacted, could largely impact social media companies and their users in Kenya, such as through strict regulations on user content.
Regulatory framework:
- Kenya Information and Communications Act, (KICA), October 1998, the primary legislation governing the telecommunications sector in Kenya. It has received numerous amendments since it first came into effect.
- The proposed Kenya Information and Communication (Amendment) Bill, 2019, also known as the “Social Media Bill”, which would introduce stringent regulations on the use of social media in Kenya.
- The Computer Misuse and Cybercrimes Act, 2018, which establishes various offenses, including cyber terrorism, false publication of data, cyber harassment, identity theft and impersonation, and computer fraud.
- National Cohesion and Integration Act, 2008, which penalises hate speech and holds any media enterprise liable for publishing any utterance which amounts to hate speech.
- Prevention of Terrorism Act (PTA), 2012, Kenya’s legal framework to combat terrorism.
- Establishes terrorism related offenses and provides for special investigative powers, as well as special powers of arrest and detention of suspects.
- Security Laws Amendment Act, 2014, amended the PTA to strengthen the country’s counter-terrorism efforts, and includes provisions on radicalisation and publishing offensive material.
Relevant national bodies:
- The Communications Authority (CA) is the regulatory authority for the communications sector in Kenya, established in 1999 by the Kenya Information and Communications Act. The CA is responsible for facilitating the development of the information and communications sectors, including broadcasting, cybersecurity, multimedia, telecommunications, electronic commerce, postal and courier services.
- The National Cohesion and Integration Commission (NCIC) is a statutory body that works to reduce interethnic conflict. It worked with the CA on the Guidelines to combat online abuse.
Key takeaways for tech companies:
- The Prevention of Terrorism Act and Security Laws Amendment Act enable national security bodies to intercept communications “for the purposes of detecting, deterring, and disrupting terrorism”. They also include provisions on radicalisation as well as on the “publication of offending material”.
- Guidelines implemented by the CA are set up to curb online abuse:
- Prohibits political messages of specific violations;
- Requires administrators of social media pages to moderate and control the content and discussions generated on their platform;
- Gives mobile service providers the authorisation to block the transmission of political messages that, under their discretion, do not adhere to the CA’s guidelines.
- The National Cohesion and Integration Act penalising hate speech can be invoked to remove or block online content, and has also been implemented in proactive action by service providers and other state agencies, such as the National Cohesion and Integration Commission (NCIC), in monitoring hate speech.
- The proposed Social Media Bill seeks to amend the KICA by introducing stringent regulations on the use of social media in Kenya, such as on the regulation of bloggers and social media platforms, and to introduce obligations for social media users.
- The regulations include new requirements for the operators of social media platforms accessible in Kenya to obtain licenses and establish a physical office in the country. It further aims to place regulations on the content published by social media users.
- It was tabled in parliament in Oct 2019, but the Bill has not progressed at the time of writing. Tech companies should keep an eye out for any developments on the Bill.
Prevention of Terrorism Act and Security Laws Amendment Act
In October 2012, the Prevention of Terrorism Act (PTA) was enacted to provide a “comprehensive and effective legal framework to combat terrorism” in Kenya. The Act allows authorities to limit constitutional freedoms during investigations into terrorism, such as the right to privacy. According to a Freedom House policy brief, the PTA only provides a “vague definition of terrorism, greatly expands, police powers, and allows the state to create lists of suspected terrorists and terrorist organizations without due process” and the “pervasive powers granted by the law have been to take abusive actions against organizations in contravention of constitutional requirements”.
Some provisions of the PTA have since been amended by the Security Laws (Amendment) Act (2014) to strengthen the country’s counter-terrorism efforts. This was proposed following a wave of terrorist attacks which heightened public pressure to curb those attacks. The law’s progression was thus fast-tracked and enacted within ten days of its initial proposal. It amends 21 different laws, including the Penal Code, Criminal Procedure Code, Evidence Act, Prevention of Terrorism Act, and the National Police Service Act.
This Act enabled national security bodies to intercept communications “for the purposes of detecting, deterring, and disrupting terrorism”, via an interception order from the High Court. It also introduces, among others, a new provision on radicalisation to the PTA. In doing so, it criminalises the adoption or promotion of “an extreme belief system for the purpose of facilitating ideologically based violence to advance political, religious or social change.” A person convicted of this offense is subject to up to 30 years in prison. This provision has been criticised by rights groups, such as Human Rights Watch (HRW), who say that “the unclear language could be interpreted to prosecute political and human rights activists”.
The amendment further implements a provision on the “publication of offending material”. Under this section of the bill, anyone who “publishes or utters a statement that is likely to be understood as directly or indirectly encouraging or inducing another person to commit or prepare to commit an act of terrorism,” is punishable by up to 14 years in prison. There have been concerns that this overly broad provision could be interpreted to apply to social media or any other public forum.
In December of 2014, the Coalition for Reforms and Democracy filed a suit in the High Court challenging the constitutionality of the law. The Kenya National Commission on Human Rights and other groups joined in the suit, challenging the law on the grounds that its provisions violated rights enshrined in the Constitution and that its passage violated parliamentary procedure, such as not involving the Senate. The Court dismissed the petition for the immediate suspension of the law.
Hate speech and Internet Intermediary Liability
Hate speech is penalised under the National Cohesion and Integration Act, which was enacted in response to widespread ethnic violence after the 2007 general elections. Under this Act, individuals found guilty of spreading hate speech can either face a fine of up to 1 million shillings ($9,600) or imprisonment of up to three years, or both.
Under the same National Cohesion and Integration Act (2008), another provision, s.62, holds any media enterprise liable for publishing any utterance which amounts to hate speech. A media enterprise can be fined up to 1 million shillings ($9,600) for publishing hate speech, which is broadly defined in the legislation. This provision can be invoked to remove or block online content and has also been implemented in proactive action by service providers and other state agencies in monitoring hate speech. Thus, Internet intermediaries in Kenya can be held accountable for illegal content, such as copyright infringements and hate speech. However, they are not required to actively monitor traffic passing through their networks unless they are made aware of illegal content.
Online content regulation
Prior to the 2017 election, the CA implemented new guidelines, to curb online abuse. This was a joint effort with the National Cohesion and Integration Commission (NCIC). The guidelines prohibit political messages that “contain offensive, abusive, insulting, misleading, confusing, obscene, or profane language”.
These guidelines have been criticised for being very broadly worded, and due to their possible use to limit legitimate online expression. The guidelines additionally require administrators of social media pages to “moderate and control the content and discussions generated on their platform”, for bulk political messages to require prior approval from the NCIC, and give mobile service providers the authorisation to block the transmission of political messages, via SMS and social media platforms, that, under their discretion, do not adhere to the guidelines.
The Kenya Information and Communication (Amendment) Bill, also known as the “Social Media Bill” was introduced in parliament in October 2019. The Bill seeks to amend the KICA by introducing stringent regulations on the use of social media in Kenya, such as on the regulation of bloggers and social media platforms, and to introduce social media user obligations.
The Bill proposes to require bloggers to obtain licenses from the CA. It has been criticised that the definition of blogging is wide and ambiguous, as it includes collecting, writing, editing and presenting of news or news articles on social media platforms. The bill defines social media platforms as including “online publishing and discussion, media sharing, blogging, social networking, document and data sharing repositories, social media applications, social bookmarking and widgets”. There is concern that the definition is thus broad enough to include ordinary users of social media platforms such as YouTube, Facebook and Twitter.
It also proposes to require the operator of a social media platform which is accessible in Kenya to obtain a social media license as well as establish a physical office in the country. Here again, the Bill has been criticised for its broad definition, this time of a social media platform, which could include any online medium that allows for social networking and media sharing. It further aims to place a number of obligations on social media users, such as for them to ensure that their content is, among other things, accurate and unbiased, “does not degrade or intimidate a recipient of the content”, and “is not prejudicial against a person or group of people based on their race, gender, ethnicity, nationality, religion, political affiliation, language, ability or appearance”. If enacted in its current form, the Bill could have far reaching implications on the use of social media in Kenya. However, at the time of writing, the bill has not progressed.
Computer Misuse and Cybercrimes Act
In May of 2018, the Computer Misuse and Cybercrimes Act was introduced, establishing various offenses including, among others, false publication of data, cyber harassment, cyber terrorism, identity theft and impersonation, and computer fraud.
According to the Act, anyone who “knowingly publishes information that is false in print, broadcast, data or over a computer system, that is calculated or results in panic, chaos, or violence among citizens of the Republic, or which is likely to discredit the reputation of a person” can be subject to a fine of up to 5 million shillings ($48,000) and up to 10 years of imprisonment. The Act also requires service providers to assist in the investigation of offenses, such as by collecting and providing data to investigation officers. It also prescribes penalties for not complying with the provisions it sets in place, such as high fines and imprisonment.
Prior to the commencement of the Act, the Bloggers Association of Kenya (BAKE), with support from the rights group Article 19, filed a petition — on the basis that the law was unconstitutional and infringes on and threatens freedom of expression and the right to privacy, property and a fair hearing — that led a court to temporarily suspend 26 sections of the Computer Misuse and Cybercrimes Act before it came into effect in May 2018. However, in February of this year, the High Court dismissed the petition and lifted the suspension of the 26 sections, which set high fines and prison sentences for a variety of online activities, including publishing false information and cyber harassment. All of the provisions of the Act are therefore in full force and effect.
Recently, misinformation about the COVID-19 pandemic was widespread in the country. In response, the government threatened fines and imprisonment of up to two years, as charged under the Computer Misuse and Cybercrimes Act 2018, for people who spread false COVID-19 information online.
Resources:
Africa Times (2020) Kenya warns of up to $50K fines for spreading fake COVID19 news,
DLA Piper (2019) Telecommunications Laws of the World: Kenya.
Freedom House (2020), Freedom on the Net 2020: Kenya.
Freedom House (2018), Online Survey: Kenya’s Antiterrorism Strategy Should Prioritize Human Rights, Rule of Law.
Hanibal Goitom (2014), Kenya: Security Laws (Amendment) Bill Enacted, Library of Congress.
Human Rights Watch (2014), Kenya: Security Bill Tramples Basic Rights.
Indokhomi Dominic, Syekei John (2020), THE COMPUTER MISUSE AND CYBERCRIMES ACT, Bowmans.
Kakah Maureen (2020), Court dismisses bloggers' cybercrime law case, Nation.
Munyua Alice, Githaiga Grace, Kapiyo Victor Intermediary Liability in Kenya, Association for Progressive Communications (APC).
Mwathe Daniel, Syekei Jon, (2019) HIGHLIGHTS ON PROPOSED LAW INTRODUCING STRICT REGULATION OF SOCIAL MEDIA, Bowmans.
The New Humanitarian (2012), Analysis: Taming hate speech in Kenya
UNODC, Kenya Training Manual on Human Rights and Criminal Justice Responses to Terrorism.
- News (253)
- Counterterrorism (55)
- Analysis (52)
- Terrorism (39)
- Online Regulation (38)
- Violent Extremist (36)
- Tech Responses (35)
- Press Release (34)
- Regulation (33)
- Europe (31)
- Government Regulation (27)
- Academia (25)
- GIFCT (22)
- Reports (22)
- UK (22)
- US (20)
- USA (19)
- Guides (17)
- Law (16)
- UN (15)
- MENA (13)
- Asia (11)
- ISIS (11)
- Workshop (11)
- Presentation (10)
- Fintech (6)
- Far-right (5)
- Threat Intelligence (5)
- Webinar (5)
- Propaganda (3)
- Region (3)
- Submissions (3)
- Generative AI (2)
- Op-ed (1)
- Tech Against Terrorism Network (1)