The Office of the Data Protection Commissioner (ODPC) has fined a primary school Sh4.5 million for posting a minor’s pictures without parental consent.
Roma School was hit with this penalty in a move the ODPC says is aimed at sending a resounding message to institutions entrusted with minors’ personal data.
Get exclusive access to the groundbreaking story of Ms. Faith Odhiambo’s historic presidency at LSK in our Latest Edition of Nairobi Law Monthly MagazineDownload Latest Edition Now For Ksh 150!
The commission says this underlines the vital importance of obtaining parental or guardian consent prior to the processing of such sensitive information.
In a statement, the Office of the Data Protection Commissioner (ODPC) says that the landmark move aimed at upholding data privacy rights and reinforcing compliance with the Data Protection Act.
The Office of the Data Protection Commissioner (ODPC) has issued three entities with substantial Penalty Notices totalling Sh9,375,000.
On the list is Mulla Pride Ltd, a Digital Credit Provider (DCP) operating KeCredit and Faircash mobile lending Apps. They have been penalized with Sh2,975,000 for using complainants’ names and contact details, obtained from third parties, to send threatening messages and make phone calls.
The ODPC says the penalty emphasizes the need for digital lenders and financial institutions to notify data subjects of their data collection and processing intentions, strictly dealing with those who consent.
Casa Vera Lounge, restaurant located allong Ngong Road, was fined Sh1,850,000 for posting a patron’s image on social media without their consent. The ODPC warned that this should serve as a reminder for lounges and clubs to obtain customer consent before posting their images online.
Data Commissioner Immaculate Kassait urged all entities to comply with the Data Protection Act, emphasizing the importance of implementing data protection principles and safeguards. Failure to comply will lead to enforcement procedures.
The ODPC also conducted a compliance audit on WhitePath, a digital credit provider, and an inspection on Naivas Supermarkets regarding a recent Data Breach.
The Office plans to conduct forty (40) Compliance Audits on various Data Controllers and Processors across sectors in this Financial Year.