Dear Listers, The J*owie Irungu and Jackie Maribe case concluded Friday.* Jowie was found guilty as charged in the murder of Monica Kimani, while Maribe was acquitted. The most interesting thing from the case, as revealed by Justice Grace Nzioka, is that the deceased's ID was stolen at Maribe's apartment security point, where private security guards are likely to have retained ID copies or scanned information. This stolen ID was then used to access Monica's apartment building, highlighting the potential consequences of such practices. Cherie Oyier - Program Officer for Women Digital Rights, KICTANet, says it raised issues on: - *Lack of data minimization and storage limitation* - *Inadequate training of security personnel on data protection:* - *Absence of data protection policies in private security companies* The judgement came after our Webinar *on Privacy Perspectives: Surveillance of AirBnBs and Operationalization of Section 48 of the Private Security Regulation Act.* Our guests, Dr Laibuta Mugambi, Cherie Oyier and Grace Mutung'u, shared their perspectives: - *The legality of the directive:* Dr Laibuta argued that the directive requiring surveillance of AirBnBs by private security companies is illegal because it was issued without the necessary regulations and violates the Data Protection Act. - *Need for regulations:* All three speakers agreed that regulations are needed under Section 48 of the Private Security Regulation Act to provide a legal framework for data collection and processing by private security companies. - *Data protection concerns:* Cherie Oyier and Grace highlighted several data protection concerns, including a lack of data minimization and storage limitation practices, Inadequate training of security personnel on data protection, Absence of data protection policies in many private security companies, Lack of oversight of the industry by the Office of the Data Protection Commissioner. *Recommendations: * - Dr. Laibuta proposes several actions, including the stoppage of illegal directives by the regulator. - Development of regulations under Section 48 in collaboration with relevant stakeholders. - Assessment and audit of private security companies' compliance with data protection laws. - Data inventory, retention schedule, and privacy notices. - Appointment of Data Protection Officers by private security companies. - Clear contractual agreements between security companies and property owners. - Establishment of data breach and incident management processes. - Registration of private security companies with the Office of the Data Protection Commissioner. - Cherie Oyier emphasized the need for training on data protection for security personnel and collaboration between the public and private sectors to address these issues. - Grace suggested a broader conversation about the purpose of data collection, the potential for techno-solutionism, and the need for alignment between the Data Protection Act and other relevant laws. Overall, there was consensus among the speakers that the current situation regarding data collection by private security companies in Kenya is problematic from a legal and data protection perspective. They called for urgent action to address these concerns through regulations, enforcement, and improved industry practices. *Stay informed on critical issues shaping Kenya's digital landscape!* 1. *Kenyan Security Measures Eroding Civic Space?* This multi-part research project was conducted by ARTICLE 19 Eastern Africa, Kenya ICT Action Network (KICTANet), The Centre for Human Rights and Policy Studies (CHRIPS), and HAKI Africa, revealing widespread harm inflicted on human rights and fundamental freedoms. This research comes at a crucial time for Kenya, as the country grapples with balancing security concerns with upholding human rights and democratic values. The reports <https://www.kictanet.or.ke/kenyan-security-measures-eroding-civic-space-new-research-finds/> focused on “The Impact of the Prevention of Violence Extremism (PVE), Counter-Terrorism, and National Security Measures on Civic Space in Kenya.” 2. *KICTANet Champions Strategic ICT Investments in Kenya's 2024/25 Budget:* We participated in the Institute of Economic Affairs’ Open Pre-Budget Hearing on January 30, 2024, to advocate for strategic ICT sector investments in Kenya’s budget for the fiscal year 2024–25. Read our full budget proposal for detailed insights. <https://www.kictanet.or.ke/mdocs-posts/memorandum-on-the-budget-priorities-fy-2024-25-for-ict-sector/> 3. *Kenya's Digital ID Stalled: Learning from Past Mistakes or Repeating Them? *In this article <https://www.kictanet.or.ke/kenyas-digital-id-stalled-learning-from-past-mistakes-or-repeating-them/>, Mr John Walubengo raises concerns about stalling Kenya's national digital ID program. He says learning from past mistakes and ensuring transparent, inclusive, and rights-respecting implementation will be key going forward. Enjoy the weekend! -- *Kind Regards,* *David Indeje* *KICTANet Communications *_____________________________________ +254 (0) 711 385 945 | +254 (0) 734 024 856 KICTANet portals KICTANet.or.ke <https://kictanet.or.ke/> | Twitter <https://twitter.com/kictanet> | LinkedIn <https://www.linkedin.com/company/18428106/admin/> | Facebook <https://www.facebook.com/KICTANet/>