Sector Transgressions in Kenya: MNO Support in the Public Health Response

In 2021, the Global Data Justice project partnered with Data4Change and a team of researchers to explore sector transgressions during the COVID-19 pandemic in East Africa. This online series includes excerpts from case studies of Ethiopia, Kenya and Uganda, as well as a synthesis report. Extended country analyses will appear in a forthcoming edited volume alongside other international contributions.

Data4Change is a UK-based non-profit working to hold power to account with data. The East Africa project was supported with funding from Omidyar Network.


Kenya is often referred to as an African information and communications technology (ICT) hub. This is partly due to the high uptake of particularly mobile technologies, coupled with innovations such as mobile money. There are also vibrant offline and online communities of people developing and using ICTs. It is therefore not surprising that technology was seen as a tool that could be used to fight the COVID-19 pandemic. Together with the health and security sectors, technology has been among the most prominent areas of pandemic responses, and as such, this could be termed as the pandemic phase of Kenya’s technology development journey.

The use of technology during the pandemic marks a departure from the previous course of development in various ways. Unlike before, when the adoption of technology occurred after procedures such as policymaking to underpin technology use, public participation and procurement, the laws and policies that undergird technology use were passed very quickly. These included executive orders restricting movement of people, amendment of business laws to give legal basis for electronic transactions as well as practical directions for e-filing and procedures in the Judiciary.

Waivers were also given for pandemic-related technology uses. For example, within ten days of the pandemic declaration, Google got a presidential approval to roll out its Loon services, to mitigate work-from-home measures. The approval process bypassed usual application for a licence either under the communications or aviation law. At the same time, it raises questions about its basis as there is no provision on presidential approval under the two laws.

Another example is the Public Health (Prevention, Control and Suppression of COVID-19) Rules, 2020 that give a basis for contact tracing, testing, isolation, and quarantine of suspected COVID-19 patients, which were made by the Executive and not Parliament. One of the responses to such executive action has been through constitutionalism. There has been litigation contesting COVID-19 laws and policies were implemented without reference to other institutions. Digital rights advocacy has also called for implementation of the Data Protection Act (2019) particularly with regard to COVID-19 related data sharing.

While constitutional litigation and advocacy is a powerful tool for confronting present problems, it is often not sufficient to address anticipated problems particularly in the digital space. In the case of COVID-19 data sharing, for example, advocacy has called for adherence to privacy. However, privacy is not the sole concern with digital technologies as is evident from the many contestations involving Kenya’s digital ID programme, a key pillar of digitalisation. People are also concerned about discrimination, particularly where digital identities are made a prerequisite for accessing government and private services such as enrolment in schools, health insurance and mobile phone SIM card registration. Even prior to the pandemic, the decoloniality movement had raised concerns about the extraction of the continent through digital technology without corresponding benefit to the public. This is from perspectives such as social and economic justice, data justice, and feminism. These reflections can be furthered using the sector transgressions framework.

Sector transgression refers to the use of computational infrastructure, political capital and insights gained from working in one sphere to enter into another sphere, where a company may lack domain experience and ethical understanding to operate without potential harm to the public. In data justice studies, the framework considers how actors such as global technology companies are using their vast power to gain entry or buttress themselves in other sectors such as health. While these companies already have data that can be analysed for various uses, their transition into other domains ignores other complexities in that new domain. But with the power they have, they are able to promote themselves as experts, and in the process marginalise domain experts. Sector transgressions also create a risk of new dependencies as the companies accumulate decision-making power.

The concept of sector transgressions is useful in analysing what we term as the pandemic phase of technology development in Kenya for various reasons. It helps us to locate historical developments that made the technology sector a perfect fit for pandemic response. Rather than viewing the use of technology in pandemic response as a coincidence, a sector transgressions lens allows us to investigate how various actors have influenced the uptake of technology during the pandemic. This online essay, which forms part of an extended analysis of sector transgressions during the pandemic in Kenya, explores technology development during the public health crisis and specifically how Mobile Network Operators (MNOs) leveraged their infrastructure as part of the pandemic response.

Tech and COVID-19 in Kenya

The COVID-19 pandemic found Kenya in a health crisis. Health is among the devolved functions with a significant part of it being under subnational governments. Since the devolution of health from 2013, health personnel have been at loggerheads with both national and county governments over their pay and benefits as well as allocation of funds to hospitals and other health services. By the time the pandemic was declared, there was already a shortage of doctors and health workers and hospital equipment in most hospitals. It was therefore important to prevent the disease to avoid overstretching the meagre resources, and security forces were called upon to enforce curfew and social distancing rules. Alongside security personnel, telecommunication companies also responded by supporting government efforts as well as through their own social support. These responses would typically be announced after high-level meetings between business leaders or industry associations and government officials.

MNO surveillance

One of the first pandemic responses from the technology sector was from mobile network operators (MNOs), which assisted the government in contact tracing by triangulating mobile network connectivity data of infected persons to quickly find their contacts. It is not clear whether the idea to use mobile phone data for contact tracing was suggested by government or offered by business. While the method was reportedly later replaced with a more integrated system, questions on how the partnership worked remain. It is not clear whether health officials were granted access to MNO facilities or whether MNOs undertook the contact tracing and then shared relevant information with government. Information in the public domain indicates that the national intelligence service (NIS) were allocated Ksh. 1.5 billion, in an emergency budget so as to boost their case and contact-tracing operations. They used mobile phone numbers to track adherence to quarantine and trace those who had escaped from isolation.

The securitisation of health, which was aided by MNOs, had ripple effects on ongoing health programmes such as maternal health and HIV/AIDs. Patients desisted from visiting hospitals for their clinics for fear of contracting the disease and therefore being put under quarantine or breaking curfew times as they waited to be served at the health centres.

Security collaborations between government and MNOs are not new. Kenya has a CCTV camera project in the major cities that is run by Safaricom in collaboration with Huawei. In 2019, President Uhuru Kenyatta reported that under the Integrated Public Safety Communication and Surveillance System (IPSCSS), almost 2,000 CCTV surveillance cameras in Nairobi and Mombasa were providing real-time 24-hour security monitoring. In June 2020, the government paid Safaricom Ksh.1.5 billion (USD13.85 million) to maintain the IPSCSS, indicating a continuation of the security contract.

With increased public pressure to relax pandemic measures, a case could be made for use of remote measures such as street surveillance systems for more effective enforcement of social distancing rules. In April 2021, for example, security bosses reportedly ordered a strict enforcement of curfew rules in Nairobi, after they observed that there were people on the roads and streets after curfew hours. This led them to the conclusion that people were not respecting curfew times and they ordered the barricading of major roads to prevent movement, and also to teach rule breakers a lesson. Blocking of roads prevented people with legitimate reasons to be out on curfew hours from travelling. These included doctors, sick people as well as private security personnel, many of whom were stuck for hours. It could very well be that the ‘non-observance of curfew rules’ was a conclusion reached from observing the street cameras, as the cameras would show movement during curfew hours. However, the cameras alone may not be able to give nuanced information such as the reasons why people were still out after curfew hours. They may not also be able to separate those with legitimate reasons for being out during the curfew from curfew rule breakers. And even in the case of rule breakers, it was apparent that for a highly populated city like Nairobi where people work in the city but live on the outskirts, it was not practical for everyone to get out of the city and into their homes before 8pm. This was due to, among other reasons, a pandemic social distancing rule that required public service vehicles to carry at only 60% of their capacity.

This case of the IPSCSS demonstrates the multiple layers of actors in sector transgressions in African countries. These include development partners’ influence and finance development priorities, as well as local and international companies aligning their business to these priorities. Technology companies such as mobile network operators were poised to provide support to the government during the pandemic as it implemented measures such as contact tracing and social distancing. While these sector transgressions are still ongoing, hindsight from previous transitions such as mobile money provide lessons on their irreversibility. This therefore calls for a broader analysis of the impact of sector transgressions to enable policy makers to intervene for longer-term effects.

About the project

Places and populations that were previously digitally invisible are now part of a ‘data revolution’ that is being hailed as a transformative tool for human and economic development. Yet this unprecedented expansion of the power to digitally monitor, sort, and intervene is not well connected to the idea of social justice, nor is there a clear concept of how broader access to the benefits of data technologies can be achieved without amplifying misrepresentation, discrimination, and power asymmetries.

We therefore need a new framework for data justice integrating data privacy, non-discrimination, and non-use of data technologies into the same framework as positive freedoms such as representation and access to data. This project will research the lived experience of data technologies in high- and low-income countries worldwide, seeking to understand people’s basic needs with regard to these technologies. We will also seek the perspectives of civil society organisations, technology companies, and policymakers.