The Authority acknowledged widespread consumer frustration over spam messages, unsolicited subscriptions, unauthorised use of phone numbers and rogue premium-rate services.“These concerns remain a top priority for the CA. The enhanced SIM card registration framework forms part of a broader strategy to protect consumer interests and welfare across all networks,” it said
By The Weekly Vision Reporter
The Communications Authority of Kenya (CA) has denied issuing any directive requiring telecommunications companies to collect biometric data during the registration of new mobile lines, describing concerns raised by Kenyans and sections of the media as unfounded. In a statement, the CA clarified that the recently gazetted SIM card registration regulations contain no provision mandating the collection of biometric data from subscribers.
The regulations merely define “biometric data” as personal data resulting from specific technical processing relating to physical, physiological or behavioural characteristics, such as blood typing, DNA analysis, fingerprints, earlobe geometry, retinal scans or voice recognition.“This definition does not imply that all or any of this information will be collected from subscribers during SIM card registration. The Authority has not directed licensees to collect such data,” the statement emphasised.
The CA further noted that the new regulations impose stringent security and confidentiality obligations on telecommunications operators. All subscriber data must be handled, processed and protected in full compliance with the Kenya Information and Communications Act, 1998, and the Data Protection Act, 2019.“Operators are strictly prohibited from sharing subscriber data without the subscriber’s consent or a lawful order.
The CA and the Office of the Data Protection Commissioner (ODPC) will maintain rigorous oversight, including regular audits, and impose severe penalties for any abuse or misuse of customer data,” the statement added. The regulations do, however, permit operators to suspend SIM cards where subscribers provide false information or repeatedly fail to meet registration requirements. Disconnection may not occur without prior notice, and operators are required to establish clear, fair and transparent procedures in all dealings with consumers.
The Authority acknowledged widespread consumer frustration over spam messages, unsolicited subscriptions, unauthorised use of phone numbers and rogue premium-rate services.“These concerns remain a top priority for the CA. The enhanced SIM card registration framework forms part of a broader strategy to protect consumer interests and welfare across all networks,” it said.
Looking ahead, the CA highlighted the growing importance of privacy-enhancing features, such as number masking on mobile money and e-commerce platforms, in building digital trust.“The Authority reaffirms its commitment to supporting innovations that safeguard privacy and will continue rolling out privacy-enhancing measures in full compliance with the law and in close collaboration with industry stakeholders,” the statement concluded.
