Defining a Digital Right to Access

Man denied access to information on computer Credit:

A guest post by Jaaziyah Satar

The implementation of the right to access information has been a topic of conversation as early as the 18th century. Sweden became the first country in Europe to do so (implement right to access).  Anders Chydenius’ believed that democracy and workers’ rights were crucial to the economic growth of a state and urged that freedom of press and information is a vital right that should be accessible to all citizens; the English parliament also recognized the need and importance of abolishing political censorship in the 17th century. Eventually India, being the first non-European country, followed suit in the 20th century by incorporating the right to information into their own laws (known as the Right To Information Act).

Continue reading

Public Participation and Data Protection

Last year, CIPIT hosted a series of public participation fora over three months in response to a request for comment on a proposed Data Protection Bill originating from the Senate (the “Senate Bill”) and a similar policy that was formulated by the ICT Ministry (the “Ministry Bill”). The CIPIT events preceded a public participation event with a variety of stakeholders, held at the Louis Leakey Auditorium before the Privacy and Data Protection Taskforce on 5 October 2018.

The CIPIT events generated a great deal of discussion and informative content from the participants who consisted of stakeholders involved in the processing of data. The information collated during these events represented the varying positions and views held by participants and was synthesized into a cohesive set of documents that were presented during a meeting with the task force on 26 September 2018.

The legislative process is now at a crucial juncture, the Data Protection Bill is in the committee phase in the National Assembly. On Tuesday 16 July 2019, the Parliamentary Departmental Committee on Communication, Information and Innovation accepted Memoranda from the public on the 2019 Data Protection Bill.

Continue reading

The 2019 Data Protection Bill: A step in the right direction?

By Grace Bomu*

CIPIT welcomes the publication of the Data Protection Bill by Kenya’s National Assembly. The center has been involved in policy development for the digital economy in Kenya and Africa at large. In 2014, CIPIT gave input to the African Union Convention on Cybersecurity and Personal Data Protection, emphasizing on the need to protect and promote the right to privacy. Since then, there has been massive development in the data economy in both the public and private sector. CIPIT has previously recommended a comprehensive data protection framework for Kenya.

The Centre has reviewed the proposed law and submitted comments to the Clerk of the National Assembly. From our interaction with micro, small and medium enterprises (MSMEs) in the digital space, we have observed that these entities work in extremely different circumstances from traditional enterprises. Some of them are one-person operations that outsource services such as accounting on a need basis. It would be difficult for them to comply with the registration requirements, compared to larger entities that have dedicated compliance departments. We, therefore, propose that as the Bill requires registration of data processors and controllers, the data protection framework be tiered, and that consideration be given to the type of data being handled by data processors and controllers.

Continue reading

What Does a Data Protection Law Mean for the B2C Relationship? Exploring a possible Life-Cyle.

Data protection is definitely in vogue in Africa. This may be a response to the economic potential of having robust data protection safeguards, and the fear of being left behind by other states that have implemented such laws.

The intricacies involved in establishing a functioning data protection regime, mandate Kenya’s legislators to comprehend the full gamut of parties involved in the data life-cycle, and accruing rights and duties.

What is the data life-cycle? A report by the Centre for International Private Enterprise (CIPE) defines it as the four stages data goes through, from initial collection to disposal. These stages are data collection and processing, storage, transfer, and disposal.

Why is it important? Regulation should adequately modulate the actions of various persons in the data cycle and the processes involved.

Continue reading

From Fiction to Reality: A Take on AI

Guest Post by Tevin Gitonga

Artificial Intelligence (AI) is the effort to create computers capable of intelligent behavior. It can be classified into two types of AI  “narrow AI”-computer systems that are better than humans in some specific, well-defined field, and “general AI,” systems that can surpass human capabilities in many domains. AI relies on large amounts of data to learn, create patterns that it uses to  perform the actions it is tasked to do. The world is currently experiencing its fourth industrial revolution popularly referred to as Digital Transformation and AI is earmarked as being at the heart of this new era.

Continue reading

The Impact of Technology on Our Society’s Health

Guest post by Patrick Bailey

Governments have done a modest job at ensuring modern technology is applied to making the physical world a safer place. Laws which account for physical safety evolve relatively quickly and pressure companies to apply the latest safety standards to structures, transportation technologies and the like.

Newer technologies such as wearable tech monitor our blood pressure and heart rate, which helps detect early warning signs of a medical emergency. However, the possibility to sell patient health information gathered from wearable tech remains a grave concern amongst citizens. Do governments have the responsibility to address these invasions of privacy? Many citizens would agree they do.

Continue reading

Fakes and Pirates Online: Is it an Unregulated Space in Kenya?

Kenya continues to witness a steady exponential growth of internet access. The Communications Authority of Kenya (CA), in its Third Quarter Sector Statistics Report for the Financial Year 2017/2018 notes that, “(Kenya’s) total data/Internet subscriptions grew (from the last review) by 8.2 percent, to record 36.1 million subscriptions (up) from 33.3 million recorded during the second quarter of the same financial year.”[1]The report further highlights the total internet subscriptions as standing at 36.1 million subscriptions as at March 2018, growing from the previous 25.7 million in March 2017. The CA attributes the growth in internet subscription to the proliferation of smart phones used to access video on demand, games, music, news and social media sites; which content is protected by copyright.[2]

Continue reading

IP Assets in the Digital Environment: Three Kenyan Cases


This brief considers three instances in which social media has proved an important arena for the creation and dissemination of the value embedded in intellectual property. The first two are decided cases whereas the last is a reported market event. The brief concludes with an overview of the relevance of these cases to the discussion on intellectual property and social media.

Continue reading

Materiality: A possible hindrance to enforcing misleading representations in social media advertising in Kenya.


Influencers endorsing brands and advertisement is the new normal. In their practice, influencers are able to build direct relationships with their key consumers and create a brand loyalty. Thus brands targeting specific consumers, their needs and wants, opt to use them. In advertising, influencers are preferred based on their trust within a niche community, retention of a loyal following and knowledge or experience about what they are advertising.[1]

On 11th March, 2019 notable influencers were endorsing Always products sold in Kenya on #feelthecomfortalways advertisement on Instagram. Influencers were tagged in the advertisement in order to promote the product and to achieve a bigger and specific target audience. On social media, particularly Twitter, consumer complaints on the quality of the Always product have been raised and recorded on #myalwaysexperience, which began in early February 2019.

In light of this on-going case, this article examines misleading representations in influencer led advertisement on social media. A misleading representation occurs when a shared practice or representation misleads through the information it contains, or its deceptive presentation, and causes or is likely to cause the ordinary consumer to take a different decision.[2]  Thus, what statements made by influencers would be termed as misleading representations on social media? How are misleading representations enforced? Materiality in enforcing consumer complaints on misleading representations made by influencers on social media?

Misleading Representations on Social Media

In advertising influencers make often statements, referred to as testimonials, from previous and/or current customers about their experience with a product or service.[3] The testimonials used, such as opinions, value judgments, and subjective assessments on a product, have to be truthful. The consumers should not be misled on any aspect of a product or service which is capable of being objectively assessed in light of generally accepted standards.[4] For instance, a person falsely presents that goods and services have qualities, uses, and benefits they do not have.[5]

Generally, if proven that the Always products in #feelthecomfortalways do not have the said benefits and qualities, and the representations caused an ordinary consumer to make a different decision, the influencers could be liable for misleading representations. In the Competition Act, a person charged with misleading representation can either be fined ten million shillings or five years imprisonment or both.[6]

Materiality in Enforcing Representations on Social Media

In addition to the determining whether the representation is misleading and the effect of the representation on an ordinary consumer, in James Kuria v Attorney General & 3 others eKLR, Mativo J, imposed a materiality standard. Materiality is defined as being of consequence or importance, or pertinent or essential to the matter. The effect of materiality is setting a different test for a misleading representation. The old test was an ordinary consumer. The new test that of an average consumer who is reasonably well informed and reasonably observant and circumspect.

In so doing, in the Always Kenya case, the influencers in #feelthecomfortalways advertisement are merely tagged. The average consumer who is well informed and reasonably observant will know the influencers are making representations on behalf of Always Kenya. Thus the influencers who are tagged would potentially not be liable for misleading statements.

Additionally, the Competition Authority[7] and Inspectors under the Department of Weights and Measures[8] mandated with receiving and investigating misleading representations will be forced to consider materiality.


We have a Court decision imposing the materiality and average consumer test and a standard in the Consumer Protection Act and the Competition Act on misleading representations. The result of this a possible duplicity of standards on misleading representations. Inevitably enforcement mechanisms will prove to be difficult task.  

[1] accessed on 6th February, 2019.

[2] Consumer Protection Guidelines, 2014.

[3] Consumer Protection Guidelines, 2014.

[4] Code of Advertising Practice and Direct Marketing, 2003.

[5] Section 55, The Competition Act, No 12 of 2010, see also Section 12, Consumer Protection Act No. 46 of 2012.

[6] Section 70, Competition Act, No 12 of 2010.

[7] The Competition Act, No 12 of 2010.

[8] Section 21, Trade Descriptions Act CAP 505.


by Chebet Koros

A tech invention may be protected through a patent, trade secret or know-how. In most cases, this innovation is first kept a secret to gain an advantage over others prior to registration and communication to the public. Amazon’s one-click sale and Google’s algorithm have been built on the companies’ confidential information. These companies’ commercial confidential information has subsequently birthed patent, industrial and trademark rights. The essential component in a successful business is that which acts as a magnetic force pulling in clients from competitors. The company’s unique process, design, business model, database, strategy among others are key components on which a business maintains its competitive advantage. Several companies, outside the tech space, like Coca-Cola and KFC are known to take extreme measures towards protecting their secret recipes resulting in their economic success.

Continue reading