Digital sovereignty for sale, 34 KES a share

CybAfriqué is a space for news and analysis on cyber, data, and information security on the African continent.

HIGHLIGHTS

Digital sovereignty for sale, 34 KES a share

Telcos are expensive to build and maintain, but if you do build a successful one, they can be incredibly valuable. And if a country that has taken on heavy debt, some of it used to build a state-owned telco, it can seem logical to sell off that asset to stay afloat.

Cue Kenya. 

In December 2025, the government struck a deal to sell 15% of its 35% stake to South Africa’s Vodacom, a long-term partner and stakeholder. It is a decision the government has had to make as it struggles to repay loans that already account for roughly half of government revenue.

Except you can not sell a telco the way you would sell a sugar factory. All the talk about information being power means something here. Telcos are a critical industry requiring local ownership, and even more so now, as conversations about digital sovereignty become key. It has become increasingly difficult for Kenya to sell its ownership of Safaricom for much-needed cash without inviting a firestorm of "national security" critiques.

Antagonising parties, such as the popular and often outspoken Member of Parliament Peter Salasya, have vowed to oppose the sale. Salasya warned that handing majority control to a foreign entity is a "monumental mistake" that threatens Kenya’s economic independence. He isn't alone; the Institute of Certified Public Accountants of Kenya (ICPAK) and the Kenya National Chamber of Commerce and Industry (KNCCI) have also voiced concerns before parliamentary committees.

Some of the antagonists cite purely financial reasons. The deal, priced at 34 KES a share, represents a roughly 23.6% premium on the volume-weighted average price reported in December 2025. However, critics argue this still undersells Safaricom, which has reached historical highs of up to 45.25 KES in 2021

Many of the reasons, though, revolve around the question of tech sovereignty. If the deal goes through, it will bring Vodacom’s effective ownership to 55%.

In the world of corporate governance, 51% is the magic number where "partnership" starts veering into dictatorship. If Vodacom earns this right, it’s not hard to see how it might carry out activities that violate digital sovereignty under the guise of synergy. Offhand, it might want to consolidate infrastructure with Vodacom’s regional hubs, offshore data storage and processing, and reprioritise strategic focus from public-focused goals to much more profitable pursuits. 

These are simply business decisions and do not require political malice. In fact, in the aftermath of the announcement, Vodafone (Vodacom’s parent) noted that the acquisition provides an opportunity to "gain controlling ownership" and fully consolidate Safaricom, whatever that might mean. 

The Kenyan executive government, led by Treasury Cabinet Secretary John Mbadi, has tried to reassure the public that the "Kenyan-ness" of Safaricom is safe. Their plan to retain sovereignty rests on a few binding conditions that mandate the CEO and chairman to remain Kenyan citizens, that the government retain two board seats with vetoes, and that data remains within Kenyan borders as directed by new data regulations. But, history has a fair number of "local leadership" mandates being outmanoeuvred. If a majority shareholder controls the budget, the "local CEO" is often just a local face for a foreign strategy. 

BTW, somebody check on AirtelTigo and Telecel?  

Uganda shuts down the internet days after, checks again, it promised not to shut down the internet

In early January 2026, amid growing speculation about an impending internet shutdown ahead of national elections, government officials denied any such plans. On January 5, the Permanent Secretary of the Ministry of ICT, Dr Aminah Zawedde, dismissed the reports as "false and unfounded."

Eight days later, the internet was shut down.

On January 13, just 48 hours before polls opened, the Uganda Communications Commission (UCC) ordered a nationwide restriction on internet access. Network monitors confirmed near-total disruption across the country.

In the weeks leading up to the election, the government had already restricted the importation of Starlink kits, requiring a written "clearance letter" from the Chief of Defence Forces, General Muhoozi Kainerugaba, which had partly fueled speculation that the government planned to restrict the internet. By placing satellite internet under military oversight, the state effectively closed the only remaining "escape hatch" for citizens looking to stay online during a terrestrial blackout.

Al Ameen, our data intern, writes that if you are a country about to do something unethical, you either lie that you’re not going to do something and end up doing it, or you’re already doing it but deny it.

President Yoweri Museveni has repeatedly used internet restrictions as a political tool. During the 2021 elections, the government imposed a near-total blackout that lasted over 100 hours (five days) and resulted in a permanent ban on Facebook that remains in place to this day. Besides those, the country has restricted the internet repeatedly during sensitive political moments in 2016 and 2021, according to the #KeepItOn coalition, making it one of the top offenders on the Global Internet Shutdown index.

Nigeria and Guinea get caught in North Korean IT worker scam operations

Half of infosec is about hackers breaking into systems, often as clicky clacky hooded threat actors. This is why North Korean IT worker scams seem so interesting. Outside of Western countries, a new UN report posits that North Korean IT worker scams are fast appearing in other parts of the world, including in Nigeria, Guinea, and Tanzania. The 140-page report details North Korea’s (DPRK) extensive cyber-focused efforts to fund its nuclear and ballistic program.

North Korea's IT scams evolved from purely disruptive attacks like the 2014 Sony Pictures hack and the 2017 WannaCry ransomware into a global financial fraud machine. Today, they target global cryptocurrency exchanges and individuals through fake job offers, turning the "remote work" revolution into a primary source of national revenue.

Thousands of North Korean nationals use stolen or fabricated Western identities to secure remote IT jobs at hundreds of companies worldwide. In the past, Amazon detected a North Korean infiltrator using latency clues. By measuring the time it took for data to travel, they found a "latency gap" of 110 milliseconds, considered a physical impossibility for a worker supposedly located in the U.S., but perfectly consistent with someone routing their traffic through a proxy from half a world away.

According to the UN report, more than 40 countries have been impacted by these crypto heists, which surpassed $2 billion last year, or by these clandestine IT worker activities. While China and Russia lead the pack in providing the geopolitical cover, Africa has become a crucial node for the "feet on the ground.” North Korean facilitators often live in African countries, managing the logistics for these workers and laundering the funds through local businesses. The stolen funds follow a specific path. Stolen crypto is moved through decentralised mixers, then Chinese traders convert it into fiat currency.

At least 19 Chinese banks have been identified as vehicles for laundering these stolen funds. These traders convert the crypto into hard cash while North Korean facilitators living in countries like Nigeria and Guinea manage the movement of these funds back toward the regime.

FEATURE

• How disinformation became a weapon of war in Sudan. 

• Data sovereignty: Don't just tick the box, think outside it

HEADLINE

• Egypt: Important data protection update

• U.S., Mauritania discuss cybersecurity partnerships and capacity building

• Libya's internet provider LTT targeted by DDoS attacks

• DR Congo moves to sanction telecom operators over service quality failures

• Angola marks technology advancements with cybersecurity academy plans

• South African national credit regulator hacked

• Eskom insiders exploited the prepaid electricity system

• Minister Kairuki's privacy directive demands urgent public attention

• Somalia advances digital governance with approval of public data protection regulation

• Nigeria Is epicenter for Chinese cyber scams

• Ghana Immigration Service arrests foreign nationals for counterfeiting and cyber fraud

• Court dismisses N1b copyright infringement suit against MTN

• Meeting between the National Communications Office (ONC) and online media professionals: finally, a legal framework for digital media in Niger

• Europol arrests 10 Nigerians in black axe’ crackdown over €5.93 million fraud

• Tether partners with UNODC after INTERPOL’s $260M bust in Africa

ACROSS THE WORLD

• Beijing tells Chinese firms to stop using US and Israeli cybersecurity software, sources say

• China cracks down on ships using Starlink

• Crypto crime reaches record $154 billion in 2025

OPPORTUNITIES

• IT/Systems Engineer at Meedan

• Communications Specialist at IFEX

• The 2026 Southern Africa-Netherlands Cyber Security School (SANCS) is open for registrations

• Advancing inclusive AI for African languages

Until next week!