Skip to main content

Data Protection Act: Lessons from Kenya

N

Nyakundi Report

Newsroom 1 min read

This archive report was first published on 26 December 2019.

Published on December 26, 2019, Kenya's data protection legislation is a critical pillar for harnessing emerging opportunities in the digital economy while protecting citizens' rights.

The country's experience offers valuable lessons for other nations seeking to establish their own data protection regimes.

Kenya's data protection journey began with the establishment of a taskforce in early 2018, which was tasked with restarting and escalating the process of enacting a data protection law.

The taskforce consisted of 12 members with diverse skill-sets, including policy, legal, regulatory, and technical backgrounds in data privacy and security.

Effective record-keeping was crucial to ensure continuity from one meeting to the next, given that taskforce members were technically part-time consultants.

The taskforce's mandate was guided by a gazette notice that provided the terms of reference, including deliverables and timelines.

After nine months of meetings, workshops, expert reviews, and consultations, the taskforce produced a draft policy and Bill for public consultations.

Public participation was encouraged through online consultations, with key stakeholders and contributors invited for in-depth engagement with the taskforce.

Eventually, the refined draft policy and Bill were submitted to the respective minister or cabinet secretary for Cabinet approval and transmission to Parliament.

Be the first to react

Support

Support this reporting

M-Pesa support recorded against this story.

Send support →

Stay close

Get the briefing

Major updates by email. No spam.

Get email brief →

Share

Save share card

Download a clean portrait card for sharing.

Save image →