The government has assured Kenyans of the safety of their data saying that it has made tremendous steps towards safeguarding personal information with the recent gazettement of the Data Protection Regulations 2021.
ICT, Innovation and Youth Affairs CS Joe Mucheru said that other measures that the government has taken to ensure safety of data is the establishment of the office of the Data Commissioner and the launch of the first Data Protection Curriculum for the country at Kenya School of Government (KSG).
Mucheru said that the Kenya Digital Economy Blueprint, and consequently the draft Digital Economy Strategy, recognize that increased use of, and reliance on data requires robust Data Protection frameworks, if Kenya wishes to realize a strong and resilient digital economy.
“The increased collection of data has brought to the fore the need to protect the rights of individuals and balance two competing priorities, so as to ensure a transparent, ethical and lawful ecosystem when processing personal data,” said the CS.
Mucheru made these remarks in a speech read on his behalf by the Ministry of ICT Chief Administrative Secretary (CAS) Maureen Mbaka Friday, during the International Data Privacy day and the launch of the strategic plan for the office of the Data Commissioner and data protection curriculum held at the Kenya School of Government, Nairobi.
The CS said that the strategic plan was an embodiment of the commitment of the government in ensuring that the regulatory environment for personal data in Kenya is conducive and enabling in the digital era as envisioned in the Kenya Vision 2030 and Third Medium Term Plan 2018–2022.
“The Data Protection Act and the subsequent establishment of the Office of the Data Protection Commissioner have had a marked impact in positioning Kenya as a safe haven for personal data and as an ideal international trade partner, thereby presenting significant economic benefits,” he said.
Consequently, Mucheru said that the government has invested in ensuring that Kenya has infrastructure that will enable and promote government institutions and private sector to comply with data protection provisions.
One of these key investments include the Konza National Data Centre that has been hailed as a State- of- the- Art facility.
He added that the importance of ICTs has seen recognition in the Vision 2030 and the Big Four Agenda, which acknowledge ICTs to be critical in catapulting Kenya into a middle-income economy.
“Kenya together with the other African States are in the process of negotiating their positions with respect to the African Continental Free Trade Agreement (AfCFTA). A key opportunity of the adoption of the African Continental Free Trade Agreement is the bringing of over 1.2 billion people into a single digital market,” said Mucheru.
The CS highlighted that the AfCFTA will be a critical catalyst in catapulting an African-wide digital economy by facilitating intra-African trade. However, as outlined in the Agreement’s (AfCFTA) E-commerce protocol, a single digital market can only be achieved when states adopt a smart, transparent and accountable use of personal data.
He noted that the challenges that face Kenya’s Personal Data Protection ecosystem include addressing legal gaps in coverage, emerging technologies in processing of personal data, managing cross-border data transfers, balancing surveillance and data protection, strengthening enforcement, institutional capacities to comply, determining jurisdiction and managing the compliance burden.
The Data Commissioner, Immaculate Kassait noted that with the coming to force of the Data Protection Regulations, processing of personal data will be closely monitored and protected more than ever before.
Kassait said that her office has received and registered a total of 442 personal data complaints out of which 298 have been successfully investigated and resolved 100 per cent, adding that investigations are ongoing for the remaining 144 complaints.
“Our strategic plan has taken into consideration the approved organizational structure consisting of three technical departments and a staff establishment of 92 officers as well as the resource requirement and allocation in medium term budget, thus the total resource requirement of Sh3,612,000 is consistent with the available resources over the medium term budget framework,” she said.
The Data Commissioner said that as Kenyans, we must be honest and face the truth that personal data processing has been infiltrated by a few dishonest elements. Their actions have dented the reputation of data controllers and data processors, casting doubt on the integrity of the personal data processing saying that we must resist this trend and work towards enhancing trust and building transparency of data protection in Kenya.
Kassait said that her office in collaboration with Kenya School of Government has developed the data protection program curriculum and this will enable training to commence in the coming weeks, targeting both the public and private sector on personal data protection.
By Joseph Ng’ang’a