This document has been developed to provide a review of the regulatory framework for data protection in Kenya. The report takes a broad view of what constitutes the regulatory framework, going beyond the Data Protection Act, 2019 (DAPA) to include the European General Data Protection Regulation (GDPR) and the California Consumer Protection Act (CCPA).
Most of Kenya’s Fintech solutions are built on the premise of alternative data sources and information sharing to inform decisions, business models, and monetisation models. With the Data Protection Act now in place and draft regulations published, innovators in Kenya now need to think more deeply about innovation that is balanced with compliance with the law.
In May 2017, a special focus in The Economist likened data to the fuel of the future, noting that “data are to this century what oil was to the last one: a driver of growth and change” predicting that the largest conglomerates of the future will be data-driven firms like Google, Tencent, Amazon, and so on, in much the same way the previous century’s oil and manufacturing conglomerates defined the industrial revolution.
This segmentation study identifies Kenyans whose financial needs are not adequately met by the solutions available in the financial market, as well as the untapped opportunities they offer to financial service providers. The study was conducted by FSD Kenya and the Consultative Group to Assist the Poor (CGAP), using data from FinAccess 2019.