Data Protection

Data Commissioner ruling on the right to access personal data: An in-depth examination of your rights over collected data

The right of access to personal data has been a subject of discussion globally with the General Data Protection Regulation (GDPR) devoting an entire article to outlining this concept. It is nonetheless crucial to define personal data as follows:         The GDPR

Learn More
Worldcoin craze in Kenya: Beyond the free money to financial security and data privacy concerns

Worldcoin is an iris biometric cryptocurrency project. Worldcoin was founded with the mission of creating a globally-inclusive identity and financial network, owned by the majority of humanity. Worldcoin consists of a privacy-preserving digital identity network (World ID) built on proof of personhood and, where laws

Learn More
Cybersecurity in Kenya: Addressing the weak link on the road to cyber hygiene

The Kenya Bureau of Standards (KEBS) recently fell victim to a ransomware attack orchestrated by the Rhysida ransomware group. As a consequence, 739 GB of KEBS’ data was exposed and made public. The data includes sensitive information such as employee records, financial data, and product

Learn More
Evolution of Ransomware Attacks: An African Focus

Disclaimer: These are just random thoughts in my head which I wanted to share from a personal point of view. Do enjoy.   Out there in the wild, we have seen APT28 exploiting vulnerable Cisco routers and installing backdoors for further attacks. Right here in

Learn More
The fly in the ointment of Threads hype is data privacy and competition concerns

Meta’s recent launch of the Threads app has captured substantial attention, stemming not only from its rapid user adoption but also from the growing concerns over potential data privacy and competition issues it may raise. Threads gained over 100 million users within a week of

Learn More
The Rise of Cyber Attacks: How to Protect Yourself from Cyber Threats

As technology assumes an increasingly significant role in our personal lives, ensuring our security in cyberspace becomes crucial: as such we must safeguard ourselves against cyber attacks. Cyberattacks refer to malicious attempts by individuals or groups to disrupt, damage, or gain unauthorized access to computer

Learn More
Data breach alert: Protecting your sensitive information from cybercriminals

A data breach is any security incident in which unauthorized parties gain access to sensitive data or confidential information, including personal data (ID numbers, bank account numbers, healthcare data) or corporate data (customer data records, intellectual property, financial information). How data breaches occur The following

Learn More
Corporates, influencers and copyright: Navigating the tide and entrenching a culture of compliance Precedent-setting decision?

If the recent pronunciation by a court in a copyright suit by Hip Hop artiste Hubert Nakitare, alias Nonini, against Japanese company Syinix Electronics Ltd and influencer Brian Mutinda, does not ring alarm bells for corporates and corporate influencers, concerning intellectual property, then what will?

Learn More
Cause of delay to broaden revenue base via minimum tax

Section 12D of the Income Tax Act was introduced via the Finance Act of 2020 which sought to impose a minimum tax of 1% on gross turnover. The tax rate was introduced to ensure that everyone, regardless of whether they make a profit or loss,

Learn More
What you need to know about embedding Privacy by Design to protect personal data

Privacy by design is a framework for personal data protection that aims to embed privacy considerations into the design and development of systems, products, and services. The approach advocates for the integration of personal data protection measures into the entire lifecycle of a product or

Learn More
Kenya’s National Cybersecurity Strategy: Securing Kenya’s cyberspace

Kenya developed its first cybersecurity strategy in 2014. Significantly, the 2014 strategy culminated in the development of the 2022 National Cybersecurity Strategy. The latter gives guidance for a coordinated approach in the execution of cybersecurity operations in Kenya. The strategy combines good governance with a

Learn More
Special feature:EY Kenya Data Protection & Privacy Survey, 2022: The path to compliance with data protection and privacy

EY Kenya Data Protection & Privacy Survey, 2022, was launched mid this year with a goal to firstly gauge how far along organisations are in their compliance journeys. Secondly, to identify the difficulties that companies are having in their pursuit of compliance. Thirdly, identify the

Learn More
The future of Digital Credit Providers under new regulations to protect consumers

Kenya has been a home for many digital lending apps, which are popular for their unsecured and instant loans disbursed through mobile phones. Unlike banks and Saccos where one is required to have a guarantor, these digital credit providers (DCPs) do not make it a

Learn More