The Communications Authority (CA) proposes new regulations for internet cafes in Kenya.
Currently, these establishments are licensed under the category of Public Communication Access Centers (PCACs), but the CA argues that this existing framework is insufficient to address the growing number and complexity of internet cafes.
To enhance oversight and security, the CA proposes to introduce a new “Internet Cafe” license category.
This will involve:
- Reclassifying: Redefining internet cafes as a distinct license category separate from PCACs.
- Enhanced Licensing: Implementing a “Class License” for internet cafes, which will outline specific requirements and obligations for operators.
Proposed Regulations for Internet Cafes
- Record Keeping: Mandatory maintenance of detailed records, including:
- User activity logs: Time of access, websites visited, applications used.
- Browsing history: Websites accessed by each user.
- Application usage data: Applications used by each user.
- User Authentication: Implementation of robust user authentication and access control software, such as:
- Two-factor authentication: Enhancing login security.
- Session time limits: Setting time restrictions for user sessions.
- Suspicious activity alerts: Triggering alerts for unusual or potentially harmful activity.
- CCTV Surveillance: Installation of high-definition CCTV systems for security and investigative purposes, adhering to data privacy regulations.
- User Identification: Implementation of secure user identification procedures, such as:
- Verified ID card checks: Confirming user identity through official identification documents.
- Digital identity verification: Utilizing secure digital identity solutions.
The CA has initiated a public consultation period to gather feedback on these proposed regulations. Stakeholders and the public are invited to review the proposals and submit their comments until January 23, 2025, at 5 PM EAT. The Public Consultation Document is available on the official CA website.