By Jackline Akello
The recently enacted Data Protection Act, 2019 has brought about the need to enlighten stakeholders about its implication on personal data. The lawyers Hub training on Data Protection and the General Data Protection Regulation (GDPR) conducted on 22nd January, 2020, focused on expounding provisions of the Act with an intention of incentivizing lawyers on ways to comply. The training also highlighted provisions of the GDPR, from which the Data Protection Act has been heavily borrowed.
The speakers were Dr. Isaac Rutenberg, Director for the Centre for Intellectual Property and Information Technology Law (CIPIT), who explained the Data Protection principles and the GDPR; Grace Bomu, Research Fellow at CIPIT, who took participants through the Kenyan Data Protection Act and; Rosemary Koech, Legal and Regulatory Officer at Oxygene Communications Ltd, who demonstrated measures that can be adopted by lawyers to ensure compliance with the Act.
Dr. Isaac Rutenberg commenced by highlighting the principles of data protection , established to guide data controllers and data processors in the processing of personal data, and compared them with the principles laid out in the GDPR, where it was evident that the principles laid out in the two statutes are similar. He subsequently elaborated the difference between personal data and sensitive personal data and gave a clear cut distinction between the two using illustrations, and emphasizing on the need for lawyers to appreciate the difference when handling personal data, to ensure effective compliance with the Act.Continue reading