Safaricom denies sharing customer data with police
Safaricom has strongly denied allegations that it aids suspected law enforcement officers-led abductions by sharing customer information with Kenyan police.
In a statement released Thursday evening, the telco reaffirmed its commitment to customer data privacy, stating that customer data is only provided when lawfully mandated by a court of law.
"We respect our customers' privacy and adhere strictly by the country’s data protection laws. As such we do not share any customer data unless explicitly required of us via a court order," read the statement in part.
Safaricom's statement follows recent accusations alleging that the telco gave the police free access to sensitive customer information, including Call Data Records (CDRs), which they used to trace down individuals accused of committing crimes, infringing on their privacy rights.
The reports surfaced on October 29, following a piece published by a local newspaper, the Daily Nation.
Safaricom points out that CDRs do not provide real-time location or movement information about clients.
"That for information purposes a customer’s CDR does not show any live location and movements of customers but is generated after a call is terminated and for text messages once they are sent or received and this is for purposes of billing only" it said.
Safaricom also cited its recent ISO 27701 Privacy Information Management System certification from the British Standards Institute as proof of its compliance with data privacy regulations and policies.
It said: "This is the highest certification an organisation can attain in management of privacy information systems, as a data controller or processor, a testament to our commitment to preserve our customer privacy and provide a worry-free experience on our network."
The telco also stated that it had implemented measures to prevent third parties from accessing user data.