View profile

Beware your telecommunications provider

Would it be an overreaction to say that one should be very careful how they connect with their teleco
September 5 · Issue #65 · View online
iAfrikan Daily Brief
Would it be an overreaction to say that one should be very careful how they connect with their telecommunications services provider? - Tefo Mohapi

The story about South Africa’s indiscriminate mass surveillance has been gaining an audience and more people are starting to ask questions. Before I return to it, there is another telecommunications company on the continent that is about to possibly experience a severe headache real soon.
Earlier in 2018, Benedict Kabugi, a Safaricom customer, laid charges against Safaricom for leaking his personal data along with the data of other 11,5 million other customers. Specifically, on 20 May 2019 Kabugi reports that he was approached by someone in possession of a database containing the personal details of 11,5 million Safaricom customers which also contained their sports betting transactions history.
On the same day, Kabugi went to a police station to lay charge against Safaricom.
Kenya's Safaricom is facing a lawsuit filed by a customer for leaking 11,5 million details of customers. An even bigger headache is that the company is allegedly about to be sued in Europe, based on GDPR laws, for leaking the same data.
Since then, the case and hype around it seemed to have slowed down. However, this week, some information has come to light that, Charles Kimani, an ex-Safaricom employee, has implicated the company by saying that it allegedly sells customers’ data without the customers knowledge or consent.
Charles Kimani and others were arrested by Kenya's police for being in possession of the database, that case is ongoing separately from the data leak case.
In his handwritten statement to Kenya’s Police (starting from page 18 onwards), Kimani makes some allegations that Safaricom sells customers data to various service providers. This, the selling of Safaricom customer data, especially to betting companies and microlenders, has always been a suspicion by many Kenyans.
Many have wondered how it was possible for microlenders and betting companies would not only have their mobile numbers, but also their names so they could send them personalized marketing messages.
From page 18 onwards of his statement to Kenya's Police, Charles Kimani (ex-Safaricom employee) alleges that the telecommunications company sells customer data to other service providers.
The invasion of privacy issue is obvious if these allegations against Safaricom are true. For me though, the bigger question is what else is Safaricom, or other telecommunications companies doing that we are not aware of. I believe this is a valid question considering the amount of data, communications, and transactions that go through telcos every single day.
Also, in light of what we’ve come to learn about South Africa’s bulk interception of communications, it’s also worth asking if telcos are in any way co-operating with states and giving them backdoors into their networks.
On Monday, I asked this and other questions (related to tapping of undersea cables by South Africa’s State Security Agency) to a pan-African telecommunications company and the answer the gave iAfrikan several days later didn’t leave me with any comfort:
SEACOM cannot comment on the questions you have shared.”
Social media is intentionally addictive
MTN confirms closure of stores in Nigeria
Massive e-waste dump in Ghana can be harnessed for good
Innovative technology a boost for entrepreneurship in Africa
Did you enjoy this issue?
If you don't want these updates anymore, please unsubscribe here
If you were forwarded this newsletter and you like it, you can subscribe here
Powered by Revue