On 16 November 2020, Ms Immaculate Kassait took her oath of office as Kenya's first Data Protection Commissioner as appointed by the Chief Registrar of the Judiciary.
Commissioner Kassait, MBS, was formerly a Director at the Independent Electoral and Boundaries Commission in charge of Voter Education, Partnerships and Communications. Under the Data Protection Act of Kenya (the Act), her appointment will be for a single term of six years and she will not be eligible for reappointment.
What is the role of the Data Commissioner?
Primarily, the Data Commissioner's most immediate task will be to implement the provisions of the recently enacted Act. Given that she is the first to hold that office, her 'to-do' list will be unenviably lengthy. Crucially, she must oversee the establishment of the Office of the Data Commissioner, including the appointment of its various officers.
Once established, the Office of the Data Commissioner will have various functions, including:
- Overseeing the implementation of and being responsible for the enforcement of the Act;
- Establishing and maintaining a register of data controllers and data processors;
- Exercising oversight on data processing operations;
- Promoting self-regulation among data controllers and data processors;
- Receiving and investigating complaints by any person as regards any infringement of the rights under the Act;
- Promoting awareness of the Act among members of the public; and,
- Promoting international cooperation in matters relating to data protection and ensuring Kenya's continued compliance with international data protection conventions.
The appointment of Commissioner Kassait is very much welcomed and shows Kenya's determined commitment in ensuring that the collection, processing and use of personal data in Kenya is properly regulated.
Originally Published by Bowmans, November 2020
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.