The Office of the Data Protection Commissioner (ODPC) held a stakeholders' meeting on Monday, September 9, to discuss data compliance among regulated entities.
During the meeting held at Muthu Silver Springs Hotel, Nairobi, Data Commissioner Ms. Immaculate Kassait emphasized the need for governmental entities, private sector representatives, religious and civil society organizations, and international agencies to uphold data protection standards.
Kenya's first data commissioner pushed for compliance among stakeholders to help address any challenges with regard to data collected by entities.
Kassait noted that registration allows ODPC to identify and track entities processing personal data, assess their compliance with the law, and intervene when necessary to protect individuals' data rights.
Read More
"For this reason, we are placing strong emphasis on registration compliance as a critical component of data protection in Kenya. As regulators, membership bodies, and associations in your respective sectors, you play an instrumental role in ensuring that the entities you oversee adhere to the law. These entities are often the primary processors of personal data in Kenya, making you critical partners in our efforts to enforce compliance," Kassait remarked.
She added that the stakeholders' influence is crucial in ensuring that entities not only understand their legal obligations but also take the necessary steps to fulfill them.
"In today’s world, data is the new currency. We generate vast amounts of it daily, through mobile devices, social media, e-commerce, and even our interactions with public and private institutions. In Kenya, the digital revolution has brought with it immense benefits; driving economic growth, innovation, and improving service delivery. However, this has also introduced risks and challenges that must be addressed.
"But as we embrace this digital age, we are also seeing trends that raise concerns. Data breaches, identity theft, unauthorized sharing of personal data, and intrusive surveillance are becoming more prevalent, not just globally, but here at home. This is why the protection of personal data is not only a regulatory requirement but a moral imperative. By ensuring robust data protection, we safeguard not just individual privacy, but also foster trust in our systems and institutions," she stated.
At the same time, Ms. Kassait emphasized the importance of partnerships, noting that no single entity can tackle the challenges of data protection alone.
“No single entity can tackle the challenges of data protection alone. Whether we represent the government, the private sector, or civil society, we each have a role to play in this ecosystem. That is why partnerships like the ones we are celebrating today are essential. By ensuring compliance with data protection laws, we are upholding the dignity and privacy of every Kenyan," she explained.
Last year in November 2023, the ICT PS directed heads of public institutions to register their institution as data processors and controllers by 30th June 2024.