Technical research conducted on several Internet service providers in Kenya for the last ten months between June 2016 and March 2017 indicates the presence of a middle-box on the cellular network of one provider, Safaricom Limited. Middle-boxes assume dual-use character in that they can be used for legitimate functions (e.g., network optimisation) and can simultaneously be used for traffic manipulation, surveillance and aiding censorship.
In light of such dual uses, this report makes clear that service providers operating middle-boxes must communicate to the public in a transparent manner the justification for such activity. This is especially relevant as government bodies announce plans to monitor the Internet during Kenya’s current electoral processes.
This brief presents the methodology we use to detect middle-boxes, illustrates how that methodology was applied on Kenyan networks as well as our findings from the ten months investigations. Finally, we contextualization these findings within the Kenyan political and legal processes.