FB pixel

Kenyan Telco urged to delete biometric data collected for SIM registration

Biometric data collection called unlawful by Access Now
Kenyan Telco urged to delete biometric data collected for SIM registration
 

Global human rights watchdog Access Now has called on a mobile telecommunications company in Kenya, Safaricom, to delete all face biometrics data collected from citizens between November 2021 and April 2022 within the framework of an ongoing SIM card registration process in the East African country.

In an open letter, the rights organization accused the telco of unlawfully collecting facial images of Kenyan citizens for the SIM registration exercise in violation of multiple laws in Kenya.

The laws, according to the watchdog, include the Kenya Information and Communications (Registration of SIM cards) Regulations 2015; the Data Protection Act 2019; the General Data Protection Regulations 2021, the Kenya Information and Communication (Consumer Protection) Regulation 2010, and the Consumer Protection Act.

Access Now argues that collecting biometrics for SIM registration is illegal as the Kenya Information and Communications (Registration of SIM cards) Regulations 2015 requires that telcos collect only the names, gender, date of birth, physical address, postal address, and copies of identification documents of their mobile service subscribers during registration.

A legal challenge was brought against Safaricom soon after its biometric registration process was launched.

The letter mentions that although Safaricom has updated its policy to eliminate biometric capture for the SIM card registration, the company however still requires other personal information not allowed by Kenyan laws.

“Safaricom demanding excessive personal information — including private biometric data — for people to use its services is nothing less than unconscionable,” says Jaimee Kokonya, Africa campaigner at Access Now. “As one of the nation’s leading internet providers, the company wields the power to control the communication of millions of people, and must put human rights above all. Safaricom should be setting the privacy gold standard, not dragging the industry through the mud.”

The organization wondered why telecoms service providers like Safaricom continue to insist on the collection of too much personal information including biometrics when the Kenya Communication Authority, which had early called for the collection of the same, later rectified its stand on biometrics collection after a wrong interpretation of the law.

“When we see private companies manipulate laws and regulations with unclear motives, governments must intervene,” says Bridget Andere, Africa policy analyst at Access Now. “Safaricom must be held responsible for its illegal acquisition of private information — information it now controls, and is ripe for exploitation and manipulation.”

Apart from the call to delete the biometric data already collected, Access Now has also called on Safaricom to notify subscribers of the deletion. Also, the telco has been urged to commission, and publish, independent transparency reporting on the Data Protection Impact Assessment carried out prior to the collection of facial biometrics in adherence to Section 31 (2) of the Data Protection Act, 2019; and to commit to better data processing practices that adhere to the data protection principles as set out in Section 25 of the Data Protection Act, 2019 and respect for the rights of data subjects.

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

One Login 18 steps short of complying with UK national cybersecurity framework

Gov.uk One Login is struggling to satisfy the cybersecurity expectations the Government Digital Service says it is underpinned by, a…

 

CBP seeks biometric photo capture technology for border vehicle inspection

U.S. Customs and Border Protection (CBP) has issued a Request for Information (RFI) on commercial solutions for capturing high-quality facial…

 

Rights concerns trigger facial recognition reviews in Paraguay, Balkans and Hungary

Facial recognition is being used more around the world but with this increased usage comes concerns over issues such as…

 

Beruku showcases security document features for Ukraine border guard

Experts from Beruku Identity made a presentation to officers of Ukraine’s State Border Guard Service, to outline security features embedded…

 

Persona reaches $2 billion valuation with new investment round

Persona has announced a $200 million Series D funding round, bringing the company’s valuation to $2 billion. A release from…

 

Sri Lanka to call tenders for MOSIP implementation

Tenders for implementation of MOSIP (Modular Open-Source Identity Platform), an open-source software system that will be used to create and…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Market Analysis

DIGITAL ID for ALL NEWS

Featured Company

ID for ALL FEATURE REPORTS

BIOMETRICS WHITE PAPERS

BIOMETRICS EVENTS

EXPLAINING BIOMETRICS