Kenya investigates 1000 entities for data privacy violations
Immaculate Kassait, Kenya's data protection commissioner, is investigating over 1,000 entities for privacy violations.
Kassait announced a major probe into the various entities, which include digital lenders, hospitals, telecoms companies, and educational institutions, for alleged violations of privacy laws.
According to the Fintech Association of Kenya, these companies might face significant penalties of up to $37,000 (KES5 million) or one percent of their yearly revenue, depending on the severity of the breach.
According to the association, the investigation focuses on widespread issues, such as digital lending platforms' exploitation of creditor data and illegal use of photos.
“Recent penalties, such as the fines levied against Mulla Pride Ltd and Roma School for their violations, underline the seriousness with which the Data Protection Act of 2019 is being enforced. This act underscores the importance of obtaining consent before using personal information, especially in commercial activities,” said the association.
Meanwhile, Kassait participated in a panel discussion on consumers and artificial intelligence (AI) organised by Citizen TV last night ahead of World Consumer Rights Day (15 March).
During the discussion, she said: “When it comes to AI, some of the concerns that a consumer would have are that AI, many times, uses personal information to train.
“Many times the consumer will not have been informed that their information will be used for repurposing. It is important to let the consumer understand that their information will be used and what will be the purpose of the information.”
She added: “We are in an era where we do not know what the future holds. In Africa, we are lagging behind in terms of AI models. The thing around AI and privacy is a call to order, if you want to use my information, please can you ask me and inform me what it is for and can you allow me to consent? That is called manners.”