Expert: Your Huduma Number Data Is Not Safe With The Government

You have probably heard people talk about Huduma number data and it’s safety with the government, turns out the rumor is true. In a case filed to challenge the Huduma number project,  Anand Venkatanatayanan, an expert witness, told the High Court that there is no guarantee that Kenyans information, including personal emails, are safe under National Integrated Identity System (NIIMS).

The witness has faulted the Ksh6 billion archaic system used to capture and store data collected from millions of Kenyans, saying  the system is vulnerable and is an opening for hackers who will siphon millions of taxpayers money from the Government.

“It is axiomatic in computer security that nothing is truly secure and there are only costs and benefits of hoarding data. Centralized databases such as Aadhaar and NIIMS, however, hoard so much data that the cost benefit ratio tilts definitely in favor of attackers,” he told Justices Pauline Nyamweya, Weldon Korir and Mumbi Ngugi.

Anand who is an expert in cyber security and computer fraud forensic analysis and has work experience of 21 years, was testifying on behalf of the Nubian community who have challenged the security of Huduma number project data.

While giving examples, Anand mentions India Aadhaar which has had numerous leaks and has been subject to systemic failure numerous times. Aadhaar’s uses the same infrastructure behind Huduma number’s NIIMS. “NIIMS thus is an archaic design compared to modern day system architectures and can be thought of a horse-bungee drawn by a lame horse on the digital highway.  That it would fail and would fall behind is the foregone conclusion,” He told the judges.

Anand further pointed out the fact that both Kenyan and India’s systems were offered by OT Morpho, a company contracted to carry out 2017 Kenya’s election. He says Kenyans should expect a similar outcome to what India is experiencing. “It would hence result to the same outcome – and endevour would pose a massive risk to personal security and privacy of Kenyans without demonstrable benefits. Further, it would create national security risks to Kenya which would be impossible to mitigate,” he said

In particular, Anand refutes claims of the system eliminating duplication. According to him, there were cases of people who were given duplicate IDs after some time despite being in India Aadhaar. The government said NIIMS would capture unique features of each person which can not be replicated, The witness however claimed there was nothing in the logarithm used that would help eliminate resemblance between one person from another or a person forging documents.

Another witness told the court that Kenyans have a reason to fear NIIMS since ‘data is the new oil’ and the centralized information could be used for ‘modern day colonization’ by the countries Kenya sourced the technology from. “Everybody is being transformed into data and we do not have control over it. We depend on countries that are able and there is importation of technology and philosophy. That could also lead to centralization of power as a person who has that data has power over the others,” testified Grace Mutung’u an an IT expert and a lawyer.

The government insists Kenyans information is safe saying the system is encrypted and that everything is secure. The case continues today.