Written By Lisa Murimi
Today, Safaricom has issued a statement addressing public concerns around data privacy, reaffirming its commitment to strict data protection practices.
The statement, released on October 31, 2024, came in response to mounting questions regarding the privacy of customer data amid recent incidents involving protestors of the Finance Bill 2024.
A recent article in The Standard discusses a lawsuit against Safaricom, a Kenyan telecommunications company, for allegedly violating the data privacy of 11.5 million customers.
The lawsuit was filed by Benedict Kabugi, a Safaricom subscriber who was contacted by someone with access to the consumers’ data.
The data included the consumers’ full names, phone numbers, gender, age, identity numbers, passport numbers, and the amount they gambled on betting platforms.
The lawsuit is worth over $1 trillion and is the first of its kind against a mobile service provider in Kenya.
Safaricom clarified that it strictly complies with Kenya’s data protection laws, explicitly stating that it does not share customer data with government agencies unless ordered by a court.
This announcement aligns with Safaricom’s recent achievements in data protection standards, including its certification of the ISO 27701 by the British Standards Institute (BSI) in Privacy Information Management, which sets it apart in safeguarding sensitive customer information.
The company also pointed to its adherence to the Payment Card Industry Data Security Standard (PCI DSS), further underscoring its dedication to high standards in data privacy across its GSM and M-PESA platforms.
In light of the ongoing recent online conversations, Safaricom emphasized its respect for customer privacy and reiterated its policy of non-disclosure without legal mandates, aiming to reassure customers about the integrity of its privacy practices.
