Huduma Namba ‘prone to hacking’, says expert

What you need to know:

  • In April, the three judges gave the State a go-ahead to launch the fresh digital registration of all Kenyans but barred it from collecting DNA, forceful listing and locking out the unregistered from accessing government services.

  • The judges said that even though it is in the public interest to have such a system, it is safe to have a platform that does not infringe on the rights of anyone.

A witness Tuesday told court that the digital platform Huduma Namba “is prone to hacking”.

The system is aimed at digitising and centralising details of vital life events of citizens and foreigners.

Appearing before Justices Weldon Korir, Pauline Nyamweya and Mumbi Ngugi, information technology expert Anand Venkatanatayanan said there was nothing new in the technology.

“Kenya is historically known and hackers know the loopholes developers leave. What I see is in other systems, the technology is exactly what we have seen before,” said Mr Venkatanatayanan.

The cyber security and computer fraud forensic analysis expert who has worked in his profession for the last 21 years, was testifying in a case in which the Kenya Human Rights Commission (KHRC), the Nubian Rights Forum and the Kenya National Commission on Human Rights (KNHCR) challenged the launch of National Integrted Identity Management System (NIIMs).

He had been asked to differentiate between the NIIMS structure and that of India's similar system which is known as Aadhaar, during cross examination.

On Monday, when he appeared before the same judges on the first day of the hearing of the legal tussle, he disclosed that Kenyans have no guarantee that their information, including personal emails are secure in NIIMs

He explained that the government had spent a whooping Sh6 billion on an archaic system to capture as well as store data which was collected during the Huduma Namba exercise.

He also indicated that the infrastructure behind Huduma Namba system is bound to fail protection and that the country had taken the opposite direction from other countries which are embracing decentralisation of information.

He argued that hackers would benefit more to have illegally acquired information on Kenyans from the NIIMs system.

In April, the three judges gave the State a go-ahead to launch the fresh digital registration of all Kenyans but barred it from collecting DNA, forceful listing and locking out the unregistered from accessing government services.

The judges said that even though it is in the public interest to have such a system, it is safe to have a platform that does not infringe on the rights of anyone.