In Kenya, Communications Surveillance Is A Matter of Life and Death

News & Analysis
In Kenya, Communications Surveillance Is A Matter of Life and Death

On a hot day in Nairobi, our researcher is speaking to an officer of Kenya’s National Intelligence Service (NIS). The afternoon is wearing on and the conversation has turned to the presidential elections, taking place in August this year. He has just finished describing the NIS’ highly secret surveillance powers and the disturbing ways in which these powers are deployed.

“It is what you might call ‘acceptable deaths,’” he states about the misuse of communications surveillance powers. “People will accept it, or it will have a waiver to a certain extent”. The NIS is the sacred cow of Kenya’s increasingly securitised state. It is the main agency conducting signals intelligence in Kenya. Heavily funded and almost entirely opaque, even to senior officers in other agencies, virtually nothing is written about how the NIS operates. “We can infringe into your rights because of saving the lives of a hundred Kenyans...Not that we like doing it,” states another NIS officer. Since 2011, Kenya has suffered a marked increase in terrorism incidents on its soil, but in parallel there has been an ‘epidemic’ of disappearances attributed to the security services. There are very real threats, but also very real abuses in the effort to minimise those threats.

Today, Privacy International publishes a new investigation – 'Track, Capture, Kill: Inside Communications Surveillance and Counterterrorism in Kenya'. It shines a light on the techniques, tools and culture of Kenyan police and intelligence agencies' surveillance capabilities, and how these capabilities facilitate abuses in Kenya’s counterterrorism operations. The report specifically details the routine unregulated intelligence sharing between government agencies and the central role of the NIS. The report is based on testimony from dozens of current and former law enforcement, military and intelligence personnel, collected by Privacy International in 2016. A fuller methodology, as well as agency and company responses to requests for comment, are included in the report.

The report provides an unprecedented picture of surveillance in Kenya. Communications surveillance is being carried out by Kenyan state actors, essentially without oversight, outside of the procedures required by Kenyan law. Intelligence gained by intercepting phone communications, primarily by the NIS, is regularly shared with police units to carry out counter-terrorism operations, particularly the GSU-Recce company and Anti-Terrorism Police Unit (ATPU). These police units have well-documented records of abuses, including torture and extrajudicial killings. Information acquired from communications surveillance is central to the counterterrorism cycle - from surveilling, profiling, locating, tracking and arresting targets to abuse, torture, abduction and extrajudicial killing.

Telecommunications operators regularly hand over customer data to both intelligence and law enforcement agencies, despite constitutional and other privacy protections. Sources who spoke with PI feel that they cannot decline agencies’ requests. Furthermore, the NIS appears to have direct access to communication networks across Kenya. Direct access means an actor has backdoor access to the phone communications that flow through service providers, and can access it without the network’s knowledge or consent. Indeed in this case, it is unlikely that the network operators had knowledge of state agencies’ practices. NIS officers use various techniques to access both call content and call data records, including using mobile interception devices, which are detailed in the report.

The past few months have seen claims and counter-claims of fraud and intimidation in the run-up to the elections. Will these surveillance powers worsen this dynamic and if so, to what extent?

In these times of uncertainty and insecurity in Kenya, the practice of communications surveillance must be reformed to uphold the rule of law, and instill public confidence that the government respects the constitution and fundamental human rights.

Send comments and tips to: research@privacyinternational.org