5 Ways the Data Protection Act Impacts Procurement

One of the key aspects of data protection compliance is procurement or third party vendor compliance. The Data Protection Act provides that where a data controller desires to use the services of a data processor, then he must first ascertain that the data processor has put in place sufficient safeguards for data protection.

FAQs: Personal Data Breaches

One of the most challenging areas in data privacy compliance is on data breach management. The Data Protection Act, 2019 places an obligation on data controllers to notify the Data Commissioner and data subjects of some types of data breaches. Further, a notification must be done within 72 hours of becoming aware of the data breach. Data Processors must also report data breaches albeit to the data controller. What is a personal data breach and in what circumstances should an organisation make a notification? We tackle some frequently asked questions on this area of data privacy..

The Role of the Board in Data Protection Compliance

Data Protection compliance is a buzz word right now. What is it? Who is responsible? What is the cost of non-compliance? If you are in a leadership position in a company that handles personal data, you may be wondering about these and other related questions. More so, as a board member, you may share similar concerns or you may be wondering what the board’s role should be in compliance.

FAQs on the role of the Data Protection Officer

Mutie Advocates FAQs Data Protection Officer

If you are pursuing privacy compliance, you may need to consider appointing a Data Protection Officer (“DPO”). Although the Act provides for the designation of a DPO in certain instances, it may be worthwhile for all organisations to consider designating one. Who is a Data Protection Officer and what are the benefits of appointing one? We consider common questions associated with the role of the Data Protection Officer.

Digital Lending and Data Privacy in Kenya

Mutie Advocates Digital Lending Data Privacy

Prior to 2020, digital lending witnessed an unprecedented rise and growth in Kenya. According to a 2019 FSD report, the boom was fuelled by widespread use of mobile phones, high demand for credit and a lax regulatory environment. Digital lenders fall into two main categories: mobile banking loans(i.e. loans by licensed banks such as M-Shwari) and digital loans (i.e. loans granted by unregulated firms like Tala and Branch). The regulatory environment made it very easy for unregulated providers to enter the market. By 2020, Kenya had over 120 digital lending platforms.

FAQs: Data Privacy for Online Marketers

Mutie Advocates FAQs Privacy for Online Marketers

Post Summary:

  • On 13 April 2021, the Kenya Data Commissioner published draft regulations in support of the Data Protection Act. As discussed in our last article, the Regulations have paved way for public consultations and operationalisation of the Act.
  • We consider some of the issues that online marketers will face in implementation of the Act.

Legal Alert: Data Commissioner Publishes Draft Data Protection Regulations

Mutie Advocates Legal Alert Data Commissioner Publishes Draft Data Protection Regulations

On 7th April 2021, the Task Force on Development of Data Protection General Regulations tabled draft data protection regulations before the Cabinet Secretary, Ministry of ICT, Innovation and Youth Affairs, Joe Mucheru. In addition, the Data Protection Commissioner published the draft Regulations on its website, paving the way for public consultation.