Data protection and privacy in Kenya is enshrined in the Constitution, under Article 31 and the Data Protection Act, 2019.
Under the Act, the Office of Data Commissioner is mandated to regulate the processing of personal data; ensuring that the processing of personal data of a data subject is guided by the principles set out in section 25 of the Act; protecting the privacy of individuals; establishing the legal and institutional mechanism to protect personal data; providing data subjects with rights and remedies to protect their personal data from processing that is not in accordance with the Act.
Personal data could include your name, health status, birth certificate number, phone number, ID number and details, your location, bank details and biometric data.
Your data could be highly exposed when you are making purchases online, accessing restricted buildings/areas, signing up for online servises, submitting personal data, using social media and digital apps.
During such times, although the law protects you against data misuse, you need to be extra careful not to expose your personal data to unwanted parties.
For instance, during online shopping, if your bank details are exposed to fraudsters, you could end up having your bank account swept clean. Although the law guarantees data protection, a personal initiative to protect one’s data is crucial to avoid paying catch up once your data is exposed.
You can protect your data by using security solutions, encryption, and other technologies, following policies and processes and managing your privacy settings.
Also, avoid exposing or sharing your data with untrusted apps and persons or clicking untrusted links, which in most cases promise goodies but end up phishing your data at the end of the day.
According to a recent study by the National Crime Research Centre, the most common ICT crimes include computer fraud, identity theft and impersonation, and interception of electronic messages or money transfers. These crimes have significant consequences, leading to financial loss, psychological distress, reputational damage, and even loss of life in extreme cases.
Why protect your data?
Losing your data to unwanted parties could see you lose your money through fraud or identity theft. In 2023, the average cost of a data breach was $4.45 million (Ksh578 million).
“Applying strong data protection measures and safeguards not only protects individuals’ or customers’ personal data, but also your organisation’s data. Therefore avoiding considerable problems, which may damage your reputation or your organisations’ confidential information,” the European Data Protection Board says.
Also, data breach can damage your reputation and lead to a loss of customer trust. Sometimes it could lead to legal consequences for businesses and individuals.
The European Data Protection Board says “Mismanagement of personal data can quickly damage the public reputation of an organisation and can quickly undermine the trust individuals may have, which often takes years to build.”
Also, exposure of some data such as your location and places of residence could lead o attacks to you or your loved ones, either by robbers or persons who would wish to harm you.
Dealing with the aftermath of a personal data breach, such as a hacker attack, can be costly and time-consuming, so why not advocate for prevention rather than cure?
Read: List Of Computer Misuse Offenses That Could Land You In Trouble With Govt
Leave a comment