The Data Protection Commissioner is seeking to rein in companies that are breaching the privacy of their users’ personal data as the office tightens the noose on misuse of such information.
The Office of the Data Protection Commissioner (ODPC) wants to procure a forensic analysis tool that will smoke out firms such as banks, betting firms, digital lenders and online retail shops that misuse information obtained from their customers.
“The ODPC is looking for a data audit and analysis solution that helps the commission to analyse data, conduct investigations, perform an audit of data and derive insights via sorting, data access rights, shareable dashboard and more,” said ODPC.
“The solution should be able to extract and analyse large volumes of data in diverse formats and to pinpoint anomalies that may signal non-compliance, personal data privacy breaches, fraud, weak controls, or other areas of concern,” it said.
This comes at a time experts have called for tighter regulation of the collection of private data.
They raised concern over the heightened risk of illegal access to these pools of personal data gleaned by individuals, companies and even government agencies and often used for blackmail, identity theft, intimidation, targeted advertising and extortion.
ICT law expert John Walubengo, who is a lecturer at the Multimedia University, said caps should be put over the extent of data that can be collected by both public and private entities and how the same is used.
“The issue is not to stop the data collection, but to have parameters within which those sensitive personal data sets can be collected, stored, accessed, shared and others. Don’t over collect information about people, without justification,” said Mr Walubengo at a data privacy forum held by the Nation.
The ODPC has stepped up the war on online private and private data breaches in recent months even as the digital economy booms exposing vast quantities of sensitive user data to misuse.
The Data Commissioner last month slapped Oppo Kenya with a Sh5 million fine over privacy infringement after using the photo of an unnamed complainant on its Instagram page without consent.
The Data Commissioner in October last year carried out an audit on 40 digital lenders, including Branch and Tala, over misuse of customers’ data, following complaints from the public.
The ODPC then said it had received 299 complaints from members of the public against the 40, over how their data was handled.