How responsible are you with your customers' data?

Data ethics is the responsible and conscientious handling and sharing of client data. FILE PHOTO | NMG

Brand reputation is the overall perception that the public have over a particular business. It can be negative or positive depending on a number of factors. Businesses that are sensitive to consumer rights tend to have higher brand reputation than their counterparts.

One of the emerging consumer protection issues today is data privacy and protection. It is a subject that is encapsulated in many laws in Kenya. For one, data privacy is a constitutional right. The Constitution under Article 31 gives the right to privacy. This means that every other law and business organisational policies must align with the constitutional provision.

Consumers have the right to have their data privacy upheld. Data privacy is now a statutory right under the Data Protection Act. The legal provisions on data privacy and protection mean then that businesses have an obligation to ensure their organisational and operational practices adhere to the data privacy laws.

According to the law, any person who controls, handles or processes any other person’s data is required to take out data controller and data processor certificates. Most businesses would be classified as either data controllers or data processors as they deal with client data on a daily basis. For example, when clients pay through mobile money, you get access to their phone numbers.

It is, therefore, important for businesses to be data-compliant to enhance data privacy and consumer welfare. Data ethics is the responsible and conscientious handling and sharing of client data.

The Data Protection Act provides a few pointers as to how businesses can become more data compliant and also the threshold for data ethics. Your customers have certain data rights as data subjects and a good business will ensure they are upheld.

There are several reasons why your business should uphold data ethics, the first being that it upholds consumer welfare and improves your brand reputation. Upholding data ethics and even getting the data compliance certification will differentiate your business from your competitors.

Some clients will prefer to work with a data-compliant business. This is especially so with clients from the European Union (EU) region where there is a very stringent data protection regulation.

In the EU, it is mandatory for all data controllers and processors to be data compliant and this extends further to data handlers who are not found within the EU region but are providing services to EU citizens.

Secondly, data compliance will help you maintain a competitive edge.

Thirdly, compliance minimises the risk of consumer actions. Just recently, a school was fined a lot of money when a parent complained of a data breach. A data breach can expose you to bad brand reputation and legal actions. It is therefore better to uphold data ethics to minimise legal risk. A single data breach incident can undermine a business’s reputation and lead to mass exits by customers.

As businesses increasingly digitise, there is also an increased risk to data breach due to hacking and other cyber-attacks. Due to the risks associated with increased digitisation, data ethics is now a consumer need. For some, it may be an important determinant as to whether to engage with a certain business or not.

To get data compliant you can consult with a data privacy lawyer as well as a data privacy expert.

Ms Mputhia is the founder of C Mputhia Advocates | [email protected]

PAYE Tax Calculator

Note: The results are not exact but very close to the actual.