Kenya just took a big step towards its tech development. On November 8th Kenyan president, Uhuru Kenyatta approved a data protection law that complies with European Union legal standards. This will finally allow Kenya to embrace its full potential when it comes to tech innovations and startups and to attract more investments in its information technology center.
This new law will set out guidelines on how personally identifiable data acquired by firms and government entities can be used, stored or shared. As the minister of information, technology, and communication, Joe Mucheru said Kenya has joined the global community in terms of data protection standards by adopting the new regulations.
The new law outlines restrictions on data handling and sharing by the government and corporations. Any infringements of the new law will be investigated by an independent office with violators facing two-year prison sentences or fines of up to $29,000.
The legislation comes amid increased calls for African governments to pay more attention to the protection of data “to prevent governments and corporations from overstepping their boundaries by articulating the rights and freedoms of people in digital spaces.” The need is even more urgent given the rapid and ongoing adoption of mobile technology and digital apps. There’s also a concern in some quarters that Silicon Valley’s giants including Facebook, WhatsApp, and Google are able to freely collect consumer data in African countries without any limits.
It’s a call that’s resonated particularly in Kenya and across East Africa especially as digital lending apps in the region have come under scrutiny for predatory tactics which involve determining creditworthiness by accessing smartphone data including SMS, call logs, bank balance messages, and bill payment receipts.
HOW HAS KENYA DEALT WITH DATA PRIVACY
Just last year, Data Privacy watchdog Privacy International published a report saying that Kenyan security agencies would routinely work with mobile service providers to carry out surveillance on users outside the confines of the law. Further continuing to say that Kenya’s spy agency-The National Intelligence Service had direct access to telecommunications networks and could even bypass mobile service providers to access user’s data. In most cases, in the past, the telecommunication operator would end up handing over the information because of the vagueness in the law and telecommunication industry regulations.
But with the new law in place this dynamic could change, bringing companies and citizens more control over their data and ensuring that no rights are being violated and companies don’t abuse their powers.