Communications Authority defends IMEI registration, denies claims of transaction spying
By Lucy Mumbi |
"We aim to ensure that only the right products are in the country and that tax compliance is observed. KRA will not have access to personal data," the CA boss said.
The Communications Authority (CA) has clarified that the registration of mobile phone International Mobile Equipment Identity (IMEI) numbers will primarily focus on ensuring device authenticity and tax compliance, not monitoring user transactions.
Appearing before the National Assembly's Committee on Communication, Information, and Innovation, CA Director General David Mugonyi said the presidential directive to implement the IMEI registration system was not intended to allow the Kenya Revenue Authority (KRA) access to users' phone data, as had been speculated.
Keep reading
- Over 100 cyber attacks targeting key government infrastructure recorded in eight months
- High Court halts state plan to track mobile phones for tax compliance
- Kenya now turns to UN telecommunications agency to regulate Starlink
- High Court bars Communications Authority from interfering with TV content
“The system is not about monitoring transactions on our phones. We aim to ensure that only the right products are in the country and that tax compliance is observed. KRA will not have access to personal data," Mugonyi said.
The clarification comes as the Committee, led by Dagoretti South MP John Kiarie, had expressed concerns regarding privacy and data protection following the directive from CA.
Kiarie had questioned the potential implications of the system on citizens' privacy, pointing to existing laws and the risk of personal data being accessed under the guise of data protection.
“The issue isn’t with registering IMEIs, but what exactly are we allowing KRA to access on an individual’s phone?” Kiarie posed.
He raised concerns about the potential for citizens to avoid digital transactions for fear of increased surveillance.
"How can we reassure Kenyans that their data remains protected?” he asked.
Regulatory mechanisms
Tetu MP Geoffrey Wandeto also raised questions about the CA's enforcement capacity. He questioned the robust regulatory mechanisms that the Communications Authority has put in place to ensure that non-compliant devices are addressed, referencing the Worldcoin incident.
'What are your enforcement capabilities when it comes to communication devices being imported?” Wandeto asked.
In response, Mugonyi stated that the CA's role is to ensure devices entering the country meet tax obligations.
He noted that the new system will notify users when they activate an unregistered device without paying the applicable taxes. Mugonyi noted that such devices will be blacklisted, preventing them from connecting to local networks until the taxes are settled.
The Committee also raised concerns about the system’s impact on expatriates and visitors, arguing that people’s mobility should not be hindered.
“How will this affect expatriates or people visiting for short stays?” MP Wandeto asked.
The Director-General informed the MPs that tourists and diplomats would have a grace period, where their devices would be placed on a temporary “greylist” to allow usage without immediate tax obligations.
“This greylisting period will be formalised through public participation to ensure transparency,” he said.
Data-sharing agreements
Principal Secretary for Broadcasting, Edward Kisiangani, highlighted the possibility of international tax overlap, suggesting that data-sharing agreements with other countries might be necessary to avoid double taxation on imported devices.
“What if the phone already has tax implications from another country? We need to explore data-sharing partnerships,” he proposed.
The CA’s IMEI registration system, which will require importers and local manufacturers to register the IMEIs of all mobile devices brought into Kenya, is set to take effect from January 1, 2025.
The Authority announced that devices already registered on Kenyan networks before October 31, 2024, will be exempted from compliance checks, reassuring current users that they will not face disruptions.
“This system targets only new mobile devices connecting to local networks for the first time post-October 31. Devices registered before that will be considered tax-compliant,” Mugonyi said.
He reiterated that any non-compliant device will be greylisted, with a grace period for the owner to settle any outstanding taxes.
As the CA works to enhance device integrity and tax compliance, the Committee said it remains focused on ensuring that privacy concerns are addressed.
"We must strike a balance,” Kiarie said, emphasising that while tax compliance is essential, it should not come at the cost of citizens' privacy or public trust.
Reader comments
Follow Us and Stay Connected!
We'd love for you to join our community and stay updated with our latest stories and updates. Follow us on our social media channels and be part of the conversation!
Let's stay connected and keep the dialogue going!