Participants during a roundtable meeting held on December 8, 2022, on gender and data protection focusing on the role of the ODPC in safeguarding women's data protection and privacy

KICTANet hosts a Roundtable Meeting on Gender and Data: The Role of ODPC in Women’s Data Protection

By Neema Mujesia

KICTANet, with support from GIZ has been implementing a project to strengthen women’s online safety and data protection. As part of the project, KICTANet hosted a roundtable discussion on December 8, 2022, on the role of the Office of the Data Protection Commissioner in protecting women’s data protection in Kenya.

Kenya’s Data Protection Act 2019 and Article 31 of the Constitution of Kenya, 2010 form the pillars of the country’s data protection and privacy regime. The discussants in this workshop discussed Kenya’s data protection regime, remedies for data breaches, and gaps in Kenya’s data protection and privacy framework that have a negative impact on women’s data protection. Recommendations from this workshop go hand in hand with KICTANet’s policy brief on data.

Perspectives from the ODPC on its role in safeguarding Women’s Data

Rahab Juma, legal compliance officer at the ODPC started off her presentation by noting that as at 30th September 2022, the commission had received 1,030 data protection complaints; 555 of these cases, including 299 were cases challenging Digital Lenders representing 54 percent of all admitted cases.

Rahab described the commission’s role pointing out the importance of understanding its several directorates, which consist of the directorates for data protection compliance, research, policy, and enforcement; corporate services; and complaints, investigations, and enforcement.

In light of this, it is important for everyone to be aware that the Data Protection (Complaints Handling and Enforcement Procedures) Regulations, 2021, went into effect in February 2022 and give data subjects the ability to make complaints and report data breaches to the Data Commissioner.

Tasks of the ODPC office

  1. Governing the handling of personal data
  2. Ensuring that the principles outlined in Section 25 of the Act are followed while processing the personal data subjects.
  3. Ensuring the safeguarding of people’s privacy

All complaints the office gets regarding data breaches must now be documented. If a data processor fails to comply with the rules, the ODPC fines them on the number of days of non-compliance.

Rahab observed that there haven’t been many complaints made public about gender-related data. Closing the reporting gap requires raising awareness of women’s data privacy.

Therefore, it is essential to intensify the work of data protection groups’ efforts, work with authorities, and ensure that there is a Gender Desk available in every police station to address the gender-sensitive challenges on the reporting mechanisms.

Rahab affirmed ODPC’s dedication to safeguarding personal information and upholding compliance in the case of a legal infraction. “The office is looking into numerous complaints, including this one,” she said. “In order to reassure the public, we promise to fully examine and address every issue.” She urged participants to keep reporting their comments to or online

Data Protection From A Gender Perspective

How does gender impact data protection? This is an idea that occasionally enters our minds. As a result, guidelines for living must be more general. Designed to address fresh difficulties influencing everything from social situations to the larger spheres of life.

Mercy King’ori, one of the researchers on the policy brief, presented the findings and recommendations.

Data protection challenges for women as presented by Mercy include:

  1. The gender-biased nature of the origin of the concept of privacy.
  2. Societal expectations of how women should behave as a key ingredient for privacy violations against women – a transposition of outmoded expectations to the online space: modesty, subordination, and seclusion.
  3. Privacy as a means of guaranteeing values that have been largely elusive for women: dignity, autonomy, and equality.

Mercy also highlighted the following barriers that acts as a barrier for women in taking advantage of the provisions of the Data Protection Act, 2019 :

  1. The exemption of household and personal activities under the law- Lindqvist case
  2. Limitations on employing the complaints provisions.
  3. Requirement of harm in the consideration of data protection breaches
  4. Low awareness of the DPA beyond formal business settings

There is a need for laws that protect all, particularly women, in the digital space, as well as embrace community solidarity because they provide spaces for conflict resolution and serve as the foundation for policy formulation.


Neema Mujesia is a Media Science graduate from Moi University. @neemamasitsa.



David Indeje information

Related Posts

Submit a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.