In a latest legal twist, the Communications Authority of Kenya (CA) is pushing for the dismissal of a class-action lawsuit that targets both the regulator and Safaricom. The lawsuit revolves around SIM card registration, which has allowed Safaricom to gather sensitive bank details from mobile phone users. CA’s argument? Prematurity.
The case, brought forward by senior counsels Wilfred Nderitu and Charles Kanjama last year, seeks the removal of Clause 3.2.1 in the data privacy statement. This clause, buried in the fine print of last year’s SIM card re-registration process, grants Safaricom the authority to “collect and store information, including credit or debit card details, bank account numbers, Swift codes, or other banking information.”
CA, Safaricom, and the class-action suit are now locked in a legal tug-of-war, with the regulator insisting that such disputes should fall under its purview. Moving directly to the High Court, they argue, was a premature move.
The heart of the matter lies in the 2010 Kenya Information and Communications (Dispute Resolution) Regulations. According to CA, this legislation grants the regulator the authority to mediate conflicts between consumers and licensees, such as Safaricom. Therefore, they assert that the class-action suit should be dismissed, with the plaintiffs bearing the costs.
The clause in question resides within a hefty 58-page document that accompanied last year’s SIM card registration updates. Nderitu and Kanjama argue that Safaricom’s dominant position in the Kenyan mobile market effectively coerced subscribers into accepting this clause. They contend that users had no real choice but to agree to these terms if they wished to continue enjoying Safaricom’s products and services.
Nderitu, in an affidavit submitted to the court, remarked on the stringent data collection methods and the lack of data security assurance. These practices, he suggests, stem from the belief that Safaricom’s clients have no alternative but to opt-in.
In a legal battle that could have significant implications for data privacy in Kenya, the clash between regulators, corporations, and consumers continues. As the case unfolds, it remains to be seen whether the courts will decide in favor of the subscribers’ right to data privacy or Safaricom’s argument for business as usual. Only time will tell how this complex legal conundrum will ultimately be resolved.