- Kenya to Host the 2027 Global Privacy Assembly
SEOUL, SOUTH KOREA, September 18 – The Office of the Data Protection Commissioner (ODPC) of Kenya is proud to announce that Nairobi has been officially selected to host the 2027 Global Privacy Assembly (GPA) Annual Meeting. The decision was made during the 47th Global Privacy Assembly held in Seoul, South Korea.
This achievement marks a significant milestone for Kenya and Africa, cementing the country’s position as a leader in data protection and digital governance within the continent and the Global South.
The ODPC’s successful bid highlights Kenya’s commitment to fostering international cooperation and dialogue on global data privacy issues.
Hosting the 2027 GPA Annual Meeting will bring together data protection and privacy authorities from around the world, providing a unique platform for sharing best practices, discussing emerging challenges, and shaping the future of data privacy.
This event will not only showcase Kenya’s progress in developing a robust data protection framework but also offer an opportunity to highlight the unique perspectives and challenges faced by countries in the Global South.
“We are honored and excited to welcome the global privacy community to Nairobi in 2027,” said the Data Commissioner. “This is a testament to the hard work and dedication of the ODPC and our partners.
Hosting the GPA is a great responsibility and an incredible opportunity to contribute to the global conversation on data protection and promote a digital economy that is built on trust and respect for privacy.”
The ODPC looks forward to a successful and impactful assembly in 2027, fostering a collaborative environment that will benefit the global community and reinforce Kenya’s role as a key player in the digital age.
The GPA is the premier global forum for data protection and privacy authorities. It provides a platform for its members to collaborate on international data protection challenges and to develop solutions for effective privacy and data protection regulation.
- Kenya’s Data Protection Authority - ODPC Recognized with Prestigious Global Awards
SEOUL, SOUTH KOREA, September 18 – The Office of the Data Protection Commissioner (ODPC) during the 47th Global Privacy Assembly received four prestigious awards during Global Privacy and Data Protection 2025 Awards held in Seoul, South Korea.
This international recognition celebrates the ODPC’s outstanding contributions and leadership in the field of data privacy and protection.
The awards received are as follows:
● Excellence in Leadership and Solidarity: In the pursuit of excellence and in recognition of its exceptional beneficence and dedication in showcasing leadership and solidarity in bringing honor to the assembly.
● Commitment to Digital Education and Public Awareness: For its commitment to
excellence by making a significant impact in efforts to help instill a culture of sharing
experience and tools in digital education and in raising public awareness essential to changing social and cultural norms.
● Exemplary Role in Dispute Resolution and Enforcement: In honor of its exceptional
contributions and exemplary commitment in playing its vital role in dispute resolutions in breaches and enforcement for non-compliance of the law in data privacy and protection achieving a significant milestone leaving a remarkable impression in the assembly.
● Pioneering Innovative Solutions: In recognition of its valuable contributions in pioneering innovative solutions to a remarkable progress and pivotal advancement in the world of data privacy and protection through the ODPC Chat Bot.
ODPC attributes this remarkable achievement to the collaborative efforts of its key partners and stakeholders.
“This recognition is a testament to the hard work and dedication of our team and the invaluable support from our partners,” said the Data Commissioner. “We extend our deepest gratitude to the Ministry of Information, Communications and the Digital Economy, the National Assembly Committee on Communication, Information and Innovation, and our development partners, including GIZ, for their unwavering support.
Their collaboration has been instrumental in our progress and has enabled us to achieve this significant milestone.”
ODPC remains committed to upholding the highest standards of data protection and privacy. These awards serve as motivation to continue developing innovative solutions, fostering public awareness, and strengthening enforcement mechanisms to safeguard the data privacy rights of all citizens.
- Kenya Hosts Uganda Personal Data Protection Office for Benchmarking Visit
NAIROBI, Kenya July 15 – In a continued effort to foster regional collaboration and promote robust data protection frameworks, the Office of the Data Protection Commissioner (ODPC) welcomed a delegation from the Personal Data Protection Office – Uganda (PDPO-UG) for a benchmarking session.
The Ugandan team was led by Mr. Baker Birikujja, the Acting National Director of the PDPO during the visit which is part of a strategic knowledge-sharing initiative aimed at deepening mutual understanding of data protection practices across the region.
Speaking at the session, Data Commissioner Immaculate Kassait, MBS emphasized the value of collaborative learning in ensuring consistent standards and fostering trust across jurisdictions.
“This engagement underscores the importance of regional partnerships in navigating the dynamic and evolving landscape of data privacy and regulation. As data-driven technologies become increasingly integral to governance, commerce, and daily life, effective data protection is more critical than ever,” she said.
During the session, both offices exchanged insights on implementation strategies for data protection laws, regulatory frameworks, compliance mechanisms, public awareness initiatives, and stakeholder engagement and handling cross-border data challenges
This visit not only strengthens bilateral ties between Kenya and Uganda in the area of data governance but also lays the groundwork for continued cooperation among East African regulators.
As part of the benchmarking session, the PDPO-UG also visited eCitizen and ICTA offices to see how inter-agency collaborations has enhance service delivery in Kenya.
- Kenya’s Data Commissioner Advocates for Trusted Digital ID Systems at ID4Africa Forum
ADDIS ABABA, Ethiopia, May 23 – Data Commissioner Immaculate Kassait, MBS, addressed participants at the ID4Africa Forum, speaking under the theme “Digital Identity at Scale: Prioritizing Use, Accelerating Impact.” The forum brought together global and regional leaders to explore the future of digital identification systems in Africa.
She addressed several key issues, including the need for interoperability of secure and trusted ID systems, which will enhance security, convenience, inclusivity, efficiency, and digital trust.
She further called for the efficient use of digital IDs in emergencies without risking data misuse by adopting data protection principles such as data minimization, purpose limitation, and reliance on appropriate lawful bases during processing.
Additionally, she attended a roundtable of African Data Protection Authorities on Identity Systems, hosted by the World Privacy Forum on the sidelines of the ID4Africa conference.
She joined key DPIA actors, including Identity Authorities and Data Protection Authorities, where she had the opportunity to share ODPC challenges, successes, and benchmark with other DPAs on best practices.
During the session, participants exchanged case studies and insights to flag key risk areas in identity systems, such as data misuse, lack of consent mechanisms, and weak interoperability safeguards. The session also featured a forward-looking discussion on policy changes and innovative solutions tailored to the unique data governance contexts of participating countries.
Her contribution reinforced Kenya’s position as a regional leader in responsible digital transformation, and ODPC’s commitment to protecting rights in the evolving digital identity space.
- Kenya Strengthens International Data Protection Partnerships through Twinning and Benchmarking Initiatives
BRUSSELS, Belgium, April 7 – As part of its commitment to align Kenya’s data protection framework with international standards, the Office of the Data Protection Commissioner (ODPC) undertook international data protection partnerships through twinning and benchmarking initiatives
First, under the Twinning Project with the Belgian Data Protection Authority and facilitated by the GIZ Digital Transformation Center Kenya, an ODPC delegation visited Europe on March 27 where they held high-level exchanges with key data protection institutions.
Some of these institutions included the Belgian DPA, Maastricht University, the Belgian Parliament, the European Data Protection Supervisor (EDPS), the European Data Protection Board (EDPB), and the European Commission.
The discussions centered on emerging issues such as cross-border data transfers, AI governance, enforcement cooperation, and digital innovation.
Following this visit, the ODPC hosted a three-day knowledge exchange and benchmarking program with the Belgian Data Protection Authority.
Supported by the European Union and the German government through DTC-GIZ Kenya, this initiative enabled both parties to benchmark regulatory practices, enforcement strategies, and operational procedures in relation to the EU’s General Data Protection Regulation (GDPR).
Deputy Data Commissioner Oscar Otieno who led the ODPC team during the program underscored the success of the collaboration, stating, “Our engagement with the Belgian DPA has provided invaluable insights into mature data protection systems. This collaboration is not only about capacity building but also about fostering cross-border cooperation in an increasingly digital world.”
Through these two complementary initiatives, ODPC is not only advancing its own data governance practices but also reinforcing Kenya’s position as a regional leader in digital governance and privacy protection.
- Kenya’s Data Protection Authority- ODPC Recognized as the Leading Public Sector Entity in Emerging Technology Utilization for Digital Transformation
MOMBASA, Kenya February 28 – The Office of the Data Protection Commissioner (ODPC) was recognized as the Leading Public Sector Entity in Emerging Technology Utilization for Digital Transformation at the Digital Transformation Public Sector Forum and Awards 2025.
The initiative was organized by GreyDale Africa in collaboration with the Ministry of Information Technology & the Digital Economy.
The Office received this accolade for its implementation of the Artificial Intelligence (AI) chatbot, LindaData, which aims to provide accessible and real-time assistance to individuals and organizations seeking information on data protection regulations, best practices, and compliance guidelines.
ODPC’s chatbot was developed with support from Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH and it demonstrates the effective use of AI to raise awareness about data protection, fostering compliance in an efficient and cost-effective manner.
It is designed to offer personalized responses to inquiries related to data privacy, data breaches, consent requirements, and other relevant topics. By harnessing the power of artificial intelligence, the chatbot serves as a valuable resource for enhancing understanding of data protection principles and empowering stakeholders to safeguard their personal and organizational data.
Under the theme “Driving Efficiency Through Cross-Government Digital Collaboration,” the event brought together leaders from various government sectors, technology specialists, and innovators involved in digital transformation across multiple industries, including health, education, ICT, communication, energy, transport, financial services, and e-commerce. Key topics included digital transformation, emerging technologies, and cybersecurity.
The ODPC recognizes the growing importance of data security and privacy within the public sector to ensure that government bodies adhere to stringent data protection standards.
This involves implementing robust policies to safeguard personal information against unauthorized access and breaches. By focusing on these initiatives, we aim to create a secure environment where citizens’ personal information is protected while allowing agencies to function seamlessly and effectively.
