Recent reports against Safaricom which is largely managed by Peter Ndegwa, raised by the Kenya Human Rights Commission (KHRC) and Muslims for Human Rights (MUHURI), have cast a spotlight on the telecom giant’s relationship with Kenyan security forces, prompting serious concerns over data privacy and potential violations of human rights.
These allegations center on claims that Safaricom has been sharing sensitive customer data with security agencies, facilitating unlawful practices such as extrajudicial killings, enforced disappearances, and illegal renditions.
Reports indicate that Safaricom may have provided access to critical Call Data Records (CDRs) and location data without proper oversight, potentially breaching Kenyan privacy laws.
In several cases, it is alleged that when court orders were issued to release CDRs for investigations into state crimes, the data was handed directly to police officers, rather than being provided to independent investigators.
This raises a critical conflict of interest, as it would allow security forces implicated in the crimes to potentially manipulate evidence or conceal their involvement.
The issue escalates with Safaricom’s reported collaboration with Neural Technologies, a UK-based company.
The firm is said to have developed software for Safaricom that enabled predictive profiling and real-time tracking of individuals.
While Safaricom has claimed that the technology was intended solely for fraud management, investigative reports suggest it may have been misused for unauthorized surveillance of individuals, raising further red flags about the potential misuse of personal data for purposes beyond those initially stated.
Safaricom has vehemently denied these allegations, asserting its compliance with Kenyan laws and its strict adherence to court orders in responding to data-sharing requests.
The company has pointed to its ISO 27701 certification as evidence of its commitment to data privacy and security.
However, critics argue that this certification does not fully address the procedural concerns raised by the allegations, including the lack of transparency and the apparent lack of accountability in handling sensitive customer information.
Additionally, inconsistencies in data submitted to courts have been highlighted, with claims that some CDRs involved in cases related to extrajudicial killings have been either tampered with or found to be incomplete.
This only deepens the concerns about Safaricom’s role in protecting customer data and adhering to legal requirements when handling such sensitive information.
These developments occur amidst rising concerns about data privacy in Kenya, particularly as Safaricom continues to hold a dominant position in the telecommunications sector.
As the country’s largest telecom provider, the company’s actions have far-reaching implications for the privacy and rights of millions of Kenyans.
The allegations against Safaricom underscore the need for robust regulations and oversight mechanisms to protect individuals’ privacy and prevent potential abuse by both corporate entities and government agencies.
Human rights organizations are now calling for independent investigations into Safaricom’s data-sharing practices and for greater regulatory scrutiny of telecom companies.
They argue that without independent oversight, there is a significant risk that personal data could be misused for surveillance or even repressive actions, jeopardizing the freedoms and rights of Kenyan citizens.
It is clear that the case could serve as a watershed moment for how Kenya addresses the balance between national security and the protection of individual privacy in the digital age.
Leave feedback about this