Telecommunications giant Safaricom has clarified that it only shares customer data with law enforcement agencies when explicitly required by a court order.
The company’s statement comes in response to a recent Daily Nation report alleging that telecom companies in Kenya give unrestricted access to sensitive customer information, such as Call Data Records (CDRs), to security agencies, which use the data to track suspects, potentially infringing on citizens’ privacy rights.
On Thursday, Safaricom emphasized its commitment to protecting customer privacy and adhering to Kenya’s data protection laws.
“We do not share any customer data unless explicitly required of us via a court order,” Safaricom stated.
Safaricom also explained that CDRs do not provide real-time location or movement data about users.
The company noted that such records are generated only after a call ends or when a text message is sent or received, serving billing purposes only.
“For information purposes, a customer’s Call Data Record (CDR) does not show any live location or movements of customers. It is generated after a call is terminated or a text message is sent or received, strictly for billing purposes,” Safaricom said.
To safeguard sensitive customer information, Safaricom highlighted its Fraud Management System (FMS), implemented over a decade ago in partnership with Neural Technologies.
The system is designed to detect and prevent fraud without allowing any unauthorized third-party access to data.
“In July 2012, Safaricom partnered with Neural Technologies to implement a Fraud Management System (FMS) across all our business lines, including our mobile money system,” the statement read. “Neural Technologies operates globally in over 30 countries, helping telecoms and utilities detect and prevent fraud.”
Additionally, Safaricom pointed to its recent certification from the British Standards Institute (BIS), which awarded the company the ISO 27701 Privacy Information Management System (PIMS) certification.
This top-tier certification underscores Safaricom’s compliance with data privacy regulations and best practices.
“This is the highest certification an organization can achieve in managing privacy information systems as a data controller or processor,” Safaricom noted. “It is a testament to our commitment to preserving customer privacy and ensuring a worry-free experience on our network.”
The company assured its customers of continued transparency and integrity in data handling.
“We would like to reassure our customers that we have always been transparent and honest in how we engage with our stakeholders, and we will continue to do so to maintain the trust that we have built over the years,” Safaricom concluded.
Email your news TIPS to Editor@Kahawatungu.com — this is our only official communication channel
