It looks like the Kenyan government is finally taking a stand on matters concerning our personal data. Social media companies including Twitter, Facebook and Google will soon come under government scrutiny on how they handle Kenyan’s personal data.
Data Privacy: Kenya Takes A Stand
Taking into account what happened to Facebook in 2018 this stand should favour most Kenyans. (When personal information of up to 87 million users was improperly shared with political consultancy Cambridge Analytica.)
The nominee for the position of Data Protection Commissioner, Immaculate Kassait today said
“The multinational technology companies will be held liable for the use of data belonging to Kenyans. This is whether they operate locally or outside the country. Even if they are internationally based companies they have a responsibility to adhere to the laws of Kenya.”
According to the Business Daily, the Data Protection Act 2019 gives the commissioner sweeping powers on the investigation of data breaches. These include powers of entry and search and issuing administrative fines.
Kenyan Data Law
The Kenyan data protection law demands that a data controller or a technology firm notify the commissioner where personal records have been accessed or acquired by unauthorised persons. It also notes that offences under the Act attract a fine of up to KES 5 million and or imprisonment for a term not exceeding to 10 years or both.
“You can ask Google how much information they hold about you, where they store and whether it is it accurate,” she said.
“If convicted of an offence and you are cleared, you have a right to ask Google to correct that information. You may also ask for that the information is forgotten, erased or updated. The multinational technology firms must give you data in a manner that is readable. This is what the new law says.”