FB pixel

Kenyan Telco urged to delete biometric data collected for SIM registration

Biometric data collection called unlawful by Access Now
Kenyan Telco urged to delete biometric data collected for SIM registration

Global human rights watchdog Access Now has called on a mobile telecommunications company in Kenya, Safaricom, to delete all face biometrics data collected from citizens between November 2021 and April 2022 within the framework of an ongoing SIM card registration process in the East African country.

In an open letter, the rights organization accused the telco of unlawfully collecting facial images of Kenyan citizens for the SIM registration exercise in violation of multiple laws in Kenya.

The laws, according to the watchdog, include the Kenya Information and Communications (Registration of SIM cards) Regulations 2015; the Data Protection Act 2019; the General Data Protection Regulations 2021, the Kenya Information and Communication (Consumer Protection) Regulation 2010, and the Consumer Protection Act.

Access Now argues that collecting biometrics for SIM registration is illegal as the Kenya Information and Communications (Registration of SIM cards) Regulations 2015 requires that telcos collect only the names, gender, date of birth, physical address, postal address, and copies of identification documents of their mobile service subscribers during registration.

A legal challenge was brought against Safaricom soon after its biometric registration process was launched.

The letter mentions that although Safaricom has updated its policy to eliminate biometric capture for the SIM card registration, the company however still requires other personal information not allowed by Kenyan laws.

“Safaricom demanding excessive personal information — including private biometric data — for people to use its services is nothing less than unconscionable,” says Jaimee Kokonya, Africa campaigner at Access Now. “As one of the nation’s leading internet providers, the company wields the power to control the communication of millions of people, and must put human rights above all. Safaricom should be setting the privacy gold standard, not dragging the industry through the mud.”

The organization wondered why telecoms service providers like Safaricom continue to insist on the collection of too much personal information including biometrics when the Kenya Communication Authority, which had early called for the collection of the same, later rectified its stand on biometrics collection after a wrong interpretation of the law.

“When we see private companies manipulate laws and regulations with unclear motives, governments must intervene,” says Bridget Andere, Africa policy analyst at Access Now. “Safaricom must be held responsible for its illegal acquisition of private information — information it now controls, and is ripe for exploitation and manipulation.”

Apart from the call to delete the biometric data already collected, Access Now has also called on Safaricom to notify subscribers of the deletion. Also, the telco has been urged to commission, and publish, independent transparency reporting on the Data Protection Impact Assessment carried out prior to the collection of facial biometrics in adherence to Section 31 (2) of the Data Protection Act, 2019; and to commit to better data processing practices that adhere to the data protection principles as set out in Section 25 of the Data Protection Act, 2019 and respect for the rights of data subjects.

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News


Biometrics developers dance with data privacy regulations continues

Biometrics controversy and investments are often found side by side, as seen in many of this week’s top stories on…


EU AI Act should revise its risk-based approach: Report

Another voice has joined the chorus criticizing the European Union’s Artificial Intelligence Act, this time arguing that important provisions of…


Swiss e-ID resists rushing trust infrastructure

Switzerland is debating on how to proceed with the technical implementation of its national digital identity as the 2026 deadline…


Former Jumio exec joins digital ID web 3.0 project

Move over Worldcoin, there’s a new kid on the block vying for the attention of the digital identity industry and…


DHS audit urges upgrade of biometric vetting for noncitizens and asylum seekers

A recent audit by the DHS Office of Inspector General (OIG) has called for the Department of Homeland Security (DHS)…


Researchers spotlight Russia’s opaque facial recognition surveillance system

In recent years, Russia has been attracting attention for its use of facial recognition surveillance to track down protestors, opposition…


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.


Featured Company