In a digital age where data is currency and trust is under siege, the Kenya Private Sector Alliance (KEPSA), in collaboration with Safaricom PLC, convened a Forum on Data Privacy.
The exclusive event brought together key players from Kenya’s private sector, legal experts, and technology leaders to confront pressing issues surrounding data protection, cybersecurity, and ethical leadership in the digital economy.
Far from a standard compliance workshop, the forum sought to spark candid conversations around the facts, fictions, and responsibilities of data stewardship. Participants explored how leadership, ethics, and public awareness can foster a trusted data culture in Kenya—one that goes beyond legal mandates to embed data privacy into business strategy and societal values.
KEPSA Board Chairperson, Dr. Jas Bedi, set the tone by reflecting on Kenya’s increasingly complex digital landscape. Citing a 201.7 percent surge in cyber threat advisories to 2.5 billion in the 2024/2025 period, Dr. Bedi underscored the growing scale and sophistication of digital threats impacting individuals, businesses, and government institutions alike.
“Legal frameworks are just the beginning,” Dr. Bedi emphasized. “The private sector must go further—toward strategic foresight, practical implementation, and building digital trust. This is not just about mitigating risks; it’s about seizing the opportunity.”
He pointed to the dual promise and peril of data, urging leaders to reflect on how they are safeguarding their digital footprints. While acknowledging strides made under Kenya’s Data Protection Act, he cautioned that meaningful progress requires more than legislative compliance. Consumer trust, cross-border trade, and global competitiveness all hinge on the private sector’s ability to build resilient, ethical data practices.
Cybersecurity as a Strategic Priority
Safaricom CEO, Dr. Peter Ndegwa, echoed those concerns, stating that cybersecurity is no longer a technical issue—it is now a boardroom-level priority. “Cyber threats are constant. They don’t just target data or systems—they erode customer trust,” he said.
Dr. Ndegwa stressed that trust is built through transparency and accountability, and data privacy must be viewed as both a human right and a business imperative. He warned that emerging technologies such as artificial intelligence (AI) are heightening the stakes.
“AI is now being used to create fake voices, images, and deepfakes, making it harder than ever to separate truth from deception. If we don’t act decisively, the public will continue to suffer through fraud, misinformation, and exploitation,” he cautioned.
Lifting the Lid on Cyber Threats
Cybersecurity expert Dr. Bright Gameli provided a sobering look into the techniques hackers use to infiltrate systems and gather sensitive data. Demonstrating how publicly available tools can be weaponized, Dr. Gameli highlighted the ease with which personal and organizational information can be compromised through methods such as phishing, social engineering, and AI-driven impersonation.
He emphasized that proactive defense mechanisms, rather than reactive responses, are essential. “It’s not just about systems—it’s about trust. And trust is earned by being vigilant, prepared, and ahead of the curve,” he said.
Digital Identity and the Role of Mobile Infrastructure
Mr. Ben Roberts, Chair of KEPSA’s ICT Sector Board, turned attention to digital identity and the role of mobile infrastructure in shaping Kenya’s data ecosystem. He highlighted how, in the absence of a national address system, mobile phone numbers (MSISDNs) have evolved into de facto digital identifiers.
“From one-time passwords (OTP) to device identifiers like IMEI and IP addresses, our mobile infrastructure underpins both identity verification and surveillance capabilities,” he said.
He noted that SIM card registration has become a critical tool for enhancing national security and curbing misuse. However, he also pointed to the legal frameworks that govern these identifiers—including the Kenya Communications Act, the Data Protection Act, the Computer Misuse and Cybercrimes Act, and the Private Security Regulation Act—highlighting the complexities of ensuring compliance and protection simultaneously.
Building a Culture of Trust
Throughout the forum, one message was clear: the digital future must be built on more than just technology. It must be anchored in trust, accountability, and ethical leadership. From the rise of AI-powered threats to the vulnerabilities in national identity systems, the discussions emphasized the urgent need for collective action.
KEPSA reaffirmed its commitment to lead this charge, pledging to continue fostering collaboration between the private sector, government regulators, and technology innovators.
The organization aims to help shape a safer, more transparent, and more accountable digital environment for all Kenyans.
KEPSA
