Tag Archives: UCC

Sim Card Verification exposes the joke that UCC has become

Posted on April 12, 2017 | 2 comments

Only Dr. Stella Nyanzi in my view has the right vocabulary to effectively describe the Uganda Communications Commission (UCC) and its haphazard handling of issues.

Five years ago, the commission huffed and puffed about the need to register sim cards citing security as one of the key reasons it was being done.

mkts01px

Eng. Mutabazi being assisted during the launch of the registration exercise. Photo Credit – Daily Monitor, 2012

The Executive Director, Eng Godfrey Mutabazi is on record having said that, “In countries where SIM card registration has been taken seriously, a drop in crime especially cybercrime has been registered. We want to emulate this and see to it that such unlawful acts are done away with.”

 

Many of us supported the move and even used various fora to enlighten the general public about the importance of registration. The deadline set for 2013 passed and before we knew it another threat was issued to the telecoms companies to ensure that the process is completed in 2015. Interestingly, we were led to believe that the issue had been sorted once and for all.

To my shock, earlier this year, information from the Police begun pointing fingers at the use of unregistered simcards by criminal gangs. The UCC kept mum. Is it because the victims were largely lay men? It wasn’t until the investigations into the assassination of the Assistant Inspector General of Police, Mr. Felix Kaweesi (RIP) that the UCC was jolted out of its slumber.

With the kind of resources this institution commands, it is foolhardy for one to believe that they have a genuine reason for such a lapse in judgement. I strongly believe this is a sign of gross incompetence in the institution that is failing to offer the much needed direction for the ICT industry, preferring to concentrate on shutting down internet during election time as well as shopping for pornography tracking equipment. It seems like UCC is narrowing its attention to matters that involve procurement (this was actually intimated to me by a Member of Parliament) as they offer quick gains to the individuals involved there-in as well as satisfying the politburo’s demands. These two areas of engagement I presume form the basis for any contract renewal that the head of the institution is definitely interested in.

By failing to do the obvious, the Eng Mutabazi led outfit has slowed down the pace set by Mr. Patrick Masambu the former Executive Director of UCC who is currently the Director General of the International Telecommunications Satellite Organisation (ITSO). Despite the massive hurdles he went through to set up this institution, Mr Masambu defied all odds to leave a healthy and globally acclaimed institution in place.

The latest gaffe has been the press release by UCC that orders Telecommunication service providers to verify all SIM card subscriber details within seven (7) days starting 12th April 2017. The communique advises the public to visit the nearest authorised telecoms service centres as well as utilising the *197#.

I can only shake my head in disbelief because whoever came up with this decision at UCC is out of touch with reality. Do they think that they are managing a home? Do they realistically expect even 50% of the Ugandans to get sorted within one week? Which world are these !#%&^396$#@ living in? (Dr. Nyanzi the queen of metaphors please come to my rescue here)

Now to Eng Mutabazi and your team, do you really believe that:

  • All Ugandans are within 7 days reach of a recognised Telecoms Service Centre?

  • All Ugandans will have got the information to pursue this activity within 7 days?

  • All Ugandans will have the money and time to make it to the various centres within 7 days?

  • All Ugandans have National IDs?

  • All Ugandans are utilising their cell numbers within the boundaries of this country?

  • All Ugandans have time to repeatedly go to Telecoms service centres in a bid to repeat activities they had already engaged in?

Take the example of this guy

kaabong

Meanwhile, like you can see, he at least might be able to afford the entire exercise financially. What happens to the many that cant afford it and also reside where he is currently working? [Pointing my index finger onto my bald head saying “COMMON SENSE IS NOT COMMON”]

Meanwhile of the seven (7) days given, four of them are taken up by the Easter Holidays. For a country that is over 70% Christian, why do you think they will leave their celebrations to attend to an exercise that was caused by your incompetence?

When will you get out of this gambling nature that seems to have become a part of your operational manual? I do believe that UCC as an institution has some very brilliant minds, a number of whom are known to me personally but the way the institution is operating as a whole, makes any outsider think it is a bunch of jokers. This should be a wakeup call to the appointing authority, at this rate, the efforts to attain Middle Income status are likely to be sabotaged by an inefficient Communication and Technology Sector whose regulatory agency seems to be operating in a reactive rather than proactive manner.

This seven day deadline is simply a poorly thought through decision that only serves to lay bare the incompetence of the institution we are meant to look upto for guidance. Could it be time for a total purge?

Let me go pick my orange tree seedlings and plant before the rains cease. I think I have had enough of this circus.

James Wire is a Small Business and Technology Consultant based in Kampala, Uganda

Follow @wirejames on Twitter.

Email lunghabo [at] gmail [dot] com

Other Articles of Interest:

2 Comments

Posted in Technology

Tagged , , , , , , , ,

The disregard for Data Privacy in Uganda

Posted on April 6, 2017 | 1 comment

In the late 90s, as a Systems Administrator for Starcom, one of the pioneer Internet Service Providers in Uganda, I had the privilege of managing the Email server and in the process got to know which email accounts were used by StateHouse as well as the Kabaka of Buganda. Out of pure professional ethics, not even once did I snoop to find out what kind of communication they were undertaking. As the overall administrator of the server, I had unlimited privileges that I could have chosen to abuse at will or in exchange for a few pieces of silver. That was then.

Close to eight years ago, I got to learn about this couple. They were so much in love with one another until the entry of the other girl turned things around. Rita couldn’t stomach it any longer and quit the relationship. Meanwhile, her boyfriend had other ideas. After failing to convince her to reverse her decision, he turned to stalking her. Philip had friends who worked for the Telecom company that his ex girlfriend was subscribed to. With their help, he tracked down her phone interactions in a manner that eventually proved disastrous to her new relationship. To-date, these scenarios are still common with telecom employees willfully playing the role of Judas. I have been told that for as little as UGX 50,000/= one can get phone records for any person of interest without needing a Police or Court order.

When it comes to the banks, someone I will call Mark has had banking records involving his credit cards and other transactions given to his wife without his approval. How she accesses the information is still a mystery to him. The bank in question is a leading international bank whose professionalism you would ordinarily not put to question. He is now scared because if his wife can easily get such information, then what happens in the event that someone who has ill motives makes a move for the same?

The case of Bank connivance in the death of an Eritrean Businessman in Uganda is very telling. The Inspector General of Police came out decrying the presence of a Mafia Network in the banking system. Airtel was recently too accused of abetting number plate theft. These are matters not to be taken lightly.

There has been a fresh demand by the Uganda Communications Commission to ensure that sim card registration is adhered to. In a recent press release, the to-do list had among others a requirement that, database reconciliation/verification to be done by operators in liaison with NIRA (National Identification and Registration Authority). This has caused a lot of concern. The depth of information that NIRA has about individuals is so much and if shared carelessly with other providers whose lackluster approach to confidentiality is well known, the threat on individuals is likely to be made worse. Whereas thugs have always had only phone records to contend with, now they are likely to have residential information, next of kin thereby making it easier for them to plan kidnaps for ransom.

I have a bone to pick with UCC for the haphazard manner in which some interventions are undertaken. After huffing and puffing about sim registration and fines to Telcos that do not comply, many of us were under the impression that this matter had been settled as far back as 2015. It is a shame (a very big one) to realise that it had to take the death of a high profile individual for the same institution to bring this matter to a close. I cant shake my head enough to show my disappointment. However, that is a story for another day.

Now that private data is being aggregated with the potential for sharing it with providers in future, what should be done to ensure that we minimise its abuse?

  • Enact a Data Protection law

This is a law that prohibits the disclosure or misuse of information held on private individuals. The cases cited in this article can easily be pursued legally once the appropriate laws are in place. The Data Protection and Privacy Bill 2014 already has the desired provisions. These include;

Section 27 Unlawful obtaining and disclosure of personal data

(1) A person shall not knowingly or recklessly –

(a) obtain or disclose personal data of the information held or processed by a data controller; or

(b) procure the disclosure to another person of the information contained in personal data.

(2) A person who contravenes this section commits an offence and is liable on conviction to a fine not exceeding one hundred and twenty currency points  or imprisonment not exceeding five years or both.

Section 28 Sale of personal data

(1) A person shall not sell or offer for sale personal data of any person.

(2) A person who contravenes subsection (1) commits an offence and is liable on conviction to a fine not exceeding one hundred and twenty currency points or imprisonment not exceeding five years or both.

NB: Please note that One Currency Point is equivalent to UGX 20,000/=

  • Limit the amount of information shared with third parties

UCC should ensure that going forward, NIRA does not share all users’ information with the Telcos or any other third parties. This can be made possible through the use of software interfaces which limit the kind of access one can have to the National ID database. This is something within the means of NIRA to achieve in a short a time as one week.

Other than that, I look forward to the day when employees as well as companies whose staff are involved in illegal use of private consumer data are made accountable for their ill deeds. Many are suffering out there silently having been victims of this unprofessional conduct. Others have had to pay for it with their lives. We cannot afford to wait any longer.

James Wire is a Small Business and Technology Consultant based in Kampala, Uganda

Follow @wirejames on Twitter.

Email lunghabo [at] gmail [dot] com

Other articles of interest:

1 Comment

Posted in Technology

Tagged , , , , , , ,