Data Protection

Professional ethics and data privacy: Social media use for healthcare professionals in the wake of Dr Mbiti controversy

The intersection of social media and professional ethics has become increasingly complex, especially in fields as sensitive as healthcare. The recent controversy surrounding Dr Dennis Mbiti, known as ‘Mbiti Mwondi MD,’ highlights the importance of understanding the ethical implications of sharing patient information on public

Learn More
Business landscape 2024: Key measures for corporate compliance in the new year amidst evolving challenges

Since a majority of the world’s economic activity is conducted through corporations, their impact on society is significant. As such, potential corporate misconduct poses a significant threat to social welfare. History has shown that imprudent and irresponsible corporate behaviour and action have a far-reaching impact

Learn More
AU Data Governance Policy Framework unveils strategies for intra-continental collaboration and innovation

On July 28, 2022, the African Union (AU) released its Data Policy Framework. The Framework aims to provide a multi-year blueprint outlining how the AU will accomplish its goals for Africa’s digital economy. It also sets forth the AU’s vision, scope, and priorities for Africa’s

Learn More
Data protection and privacy: A guide to avoid event privacy pitfalls

In the advent of the new adage that ‘data is the new gold’, entities are increasingly relying on data to drive their business decisions and as the basis for profit optimization. However, the collection, handling and storage of data must align with international standards on

Learn More
Upholding human rights obligations by businesses for best practices, with a digital rights perspective

In 2008, the “Guiding Principles on Business and Human Rights: Implementing the United Nations ‘Protect, Respect and Remedy’ Framework” were crafted under the leadership of Prof John Ruggie, then serving as a Special Representative of the Secretary-General. After three years, the United Nations Human Rights

Learn More
Charlatans taking advantage of data security challenges to masquerade as professionals

In the current era, technological advancements have yielded innovative solutions and numerous challenges. Some of these challenges are data protection infiltration, misinformation and disinformation and cybersecurity breaches. There have been instances where non-professionals access information with the intent to impersonate and steal their identity for

Learn More
Your questions on the digital ID answered

What is Digital ID?   Digital ID, short for Digital Identity, is a unique representation of an individual, organisation, or device in digital form—a virtual representation of your physical ID. It typically includes information such as personal attributes, credentials, and authentication methods.   Digital IDs

Learn More
World Coin verdict: Virtual platforms belonging to cryptocurrency firm to be disabled and comprehensive regulatory structure established

Background After the World Coin craze a few months ago, the National Assembly established an Ad hoc committee on August 15, 2023, to inquire into its activities and operations in the country. The committee investigated several issues that they dubbed Terms of Reference of the

Learn More
Data protection and event photography: How to avoid pitfalls

There is an ongoing buzz on privacy violations related to personal data, particularly regarding photographs of data subjects taken at events. According to the General Data Protection Regulation, photographs of individuals taken at events are classified as personal data. The Data Protection Act, 2019 defines

Learn More
Data Commissioner ruling on the right to access personal data: An in-depth examination of your rights over collected data

The right of access to personal data has been a subject of discussion globally with the General Data Protection Regulation (GDPR) devoting an entire article to outlining this concept. It is nonetheless crucial to define personal data as follows:         The GDPR

Learn More
Worldcoin craze in Kenya: Beyond the free money to financial security and data privacy concerns

Worldcoin is an iris biometric cryptocurrency project. Worldcoin was founded with the mission of creating a globally-inclusive identity and financial network, owned by the majority of humanity. Worldcoin consists of a privacy-preserving digital identity network (World ID) built on proof of personhood and, where laws

Learn More
Cybersecurity in Kenya: Addressing the weak link on the road to cyber hygiene

The Kenya Bureau of Standards (KEBS) recently fell victim to a ransomware attack orchestrated by the Rhysida ransomware group. As a consequence, 739 GB of KEBS’ data was exposed and made public. The data includes sensitive information such as employee records, financial data, and product

Learn More
Evolution of Ransomware Attacks: An African Focus

Disclaimer: These are just random thoughts in my head which I wanted to share from a personal point of view. Do enjoy.   Out there in the wild, we have seen APT28 exploiting vulnerable Cisco routers and installing backdoors for further attacks. Right here in

Learn More
The fly in the ointment of Threads hype is data privacy and competition concerns

Meta’s recent launch of the Threads app has captured substantial attention, stemming not only from its rapid user adoption but also from the growing concerns over potential data privacy and competition issues it may raise. Threads gained over 100 million users within a week of

Learn More
The Rise of Cyber Attacks: How to Protect Yourself from Cyber Threats

As technology assumes an increasingly significant role in our personal lives, ensuring our security in cyberspace becomes crucial: as such we must safeguard ourselves against cyber attacks. Cyberattacks refer to malicious attempts by individuals or groups to disrupt, damage, or gain unauthorized access to computer

Learn More
Data breach alert: Protecting your sensitive information from cybercriminals

A data breach is any security incident in which unauthorized parties gain access to sensitive data or confidential information, including personal data (ID numbers, bank account numbers, healthcare data) or corporate data (customer data records, intellectual property, financial information). How data breaches occur The following

Learn More
Corporates, influencers and copyright: Navigating the tide and entrenching a culture of compliance Precedent-setting decision?

If the recent pronunciation by a court in a copyright suit by Hip Hop artiste Hubert Nakitare, alias Nonini, against Japanese company Syinix Electronics Ltd and influencer Brian Mutinda, does not ring alarm bells for corporates and corporate influencers, concerning intellectual property, then what will?

Learn More
Cause of delay to broaden revenue base via minimum tax

Section 12D of the Income Tax Act was introduced via the Finance Act of 2020 which sought to impose a minimum tax of 1% on gross turnover. The tax rate was introduced to ensure that everyone, regardless of whether they make a profit or loss,

Learn More
What you need to know about embedding Privacy by Design to protect personal data

Privacy by design is a framework for personal data protection that aims to embed privacy considerations into the design and development of systems, products, and services. The approach advocates for the integration of personal data protection measures into the entire lifecycle of a product or

Learn More
Kenya’s National Cybersecurity Strategy: Securing Kenya’s cyberspace

Kenya developed its first cybersecurity strategy in 2014. Significantly, the 2014 strategy culminated in the development of the 2022 National Cybersecurity Strategy. The latter gives guidance for a coordinated approach in the execution of cybersecurity operations in Kenya. The strategy combines good governance with a

Learn More
Special feature:EY Kenya Data Protection & Privacy Survey, 2022: The path to compliance with data protection and privacy

EY Kenya Data Protection & Privacy Survey, 2022, was launched mid this year with a goal to firstly gauge how far along organisations are in their compliance journeys. Secondly, to identify the difficulties that companies are having in their pursuit of compliance. Thirdly, identify the

Learn More
The future of Digital Credit Providers under new regulations to protect consumers

Kenya has been a home for many digital lending apps, which are popular for their unsecured and instant loans disbursed through mobile phones. Unlike banks and Saccos where one is required to have a guarantor, these digital credit providers (DCPs) do not make it a

Learn More