CA orders telecom operators to adopt licensed digital certification services or face penalties
In a notice issued Tuesday, the Communications Authority of Kenya said the directive seeks to enhance cybersecurity and protect sensitive data within the country’s ICT infrastructure.
Operators in Kenya’s telecommunications sector have been ordered to use licensed digital certification services for all critical information systems or face regulatory penalties.
In a notice issued Tuesday, the Communications Authority of Kenya (CA) said the directive seeks to enhance cybersecurity and protect sensitive data within the country’s ICT infrastructure.
More To Read
- High Court nullifies Communications Authority's broadcast ban on June 25 demos
- Is it safe to keep your laptop plugged in all the time?
- Kenya calls for united African front against rising cyberthreats as regional forum opens in Nairobi
- X introduces transparency tool to curb bots and impersonation
- Technology of freedom, risk of violence: Digital divide facing women in post-war Tigray
- The hidden risks of sharing children’s lives online
The announcement follows a determination by the National Computer and Cybercrimes Coordination Committee (NC4) on August 1, 2024.
“All systems that are designated as Critical Information Infrastructure (CII) as stipulated in Gazette Notice No. 1043, must adopt and only use digital certificates, digital certification and Public Key Infrastructure (PKI) services from Electronic Certification Service Providers (E-CSPs) who have been both licensed and accredited by the Communications Authority of Kenya,” read the notice.
Ensure compliance
The CA further warned that, beginning January 14, 2026, it will inspect all relevant licensees to ensure compliance. Failure to comply, the regulator said, will amount to a breach of regulations and may attract penalties under existing laws and frameworks.
The Authority also noted that a list of licensed and accredited E-CSPs is available on the Telecommunications Services Licensee Register on its website at www.ca.go.ke.
For inquiries, stakeholders were advised to contact the Director of the Cybersecurity Department via email at [email protected]
or by phone at +254 703 042 724.
“The Authority will take regulatory action against any non-compliant entity to safeguard the integrity and security of critical information systems in Kenya,” the notice added.
Top Stories Today
