Kenya: Data Protection Act including data protection regulation entered into force

On 25 November 2019, Data Protection Act, 2019 entered into force. The Act establishes a framework for protecting personal data by defining the rights of individuals regarding their personal information. It outlines the responsibilities of data controllers and processors, mandating that personal data must be processed lawfully, fairly, and transparently. The Act including that data subjects have rights such as access to their data, the ability to object to processing, and the right to request corrections or deletions. It also requires data handlers to implement measures to safeguard data integrity and confidentiality.