Kenyan Financial Firm Fined for Mishandling DataKenyan Financial Firm Fined for Mishandling Data

The Kenyan Data Protection Commissioner has issued monetary penalties to multiple organizations over the mishandling of personal data.

Mulla Pride, a digital credit provider that operates the money lending apps KeCredit and Faircash, must pay 2,975,000 Kenyan shilling ($20,114) in fines for collecting names and contact information from a third party, without the user's consent. The Office of the Data Protection Commissioner announced the penalty in a notice on social media.

Kenyan regulators also issued a penalty of 1,850,000 kenyan shilling ($12,508) to restaurant Casa Vera Lounge for posting customer images without consent on social media and fined Roma School 4,550,000 Kenyan shilling ($30,764) for publishing pictures of children without parental consent.

The Data Protection Commissioner said the penalties were issued in contravention of sections 62 and 63 of the Data Protection Act 2019, and regulation 20 and 21 of the Data Protection (Compliants Handling Procedure and Enforcement) Regulation 2021.

In the meantime, a compliance audit was also issued to digital credit provider WhitePath for sending unsolicited text messages, and to Naivas Supermarkets following its recent data breach.

The regulators have issued penalties in the past for data handling complaints and for spam calls.