Digital market experts have advised the government to make some changes to the proposed The Data Protection Bill, 2018, or risk harming the economy.
The major concern is the move to criminalise sending of Kenyans’ sensitive personal data outside the country, as it will hamper economic growth that has been propelled by cross-border data flows.
“Nearly every sector collects, processes, and analyzes data. If companies aren’t transferring it across borders to export and reach a new consumer base, they’re likely using data infrastructure such as cloud computing—which at its core relies on data not being relegated to a country’s borders,” says Sabina Frizell, a global public policy manager at Visa, Inc., focused on technology policy in emerging markets, in a blog.
SMEs are likely to be hardest hit if the Bill, now in its draft form, is passed. Cross-border data sharing enables them to plug into global value chains and reach customers across the globe. Also, they are able to leverage cloud infrastructure to better secure data by outsourcing it to security experts, instead of investing scarce resources in managing their own, local data centers.
“The restrictions in Kenya’s new bill will undercut these benefits,” added Ms Frizell.
The Data Bill tries to address the scenarios under which transfers outside the country will be allowed. Due to the complexity of the requirements, startups and SMEs are likely to be locked out.
“And even if large companies have the staff to comply, the overly narrow and at times unclear exceptions will not provide for the truly open data flows that their business operations require,” said Ms Frizell.