The Kenyan data regulator is investigating undisclosed number of digital lenders for sharing borrowers’ confidential data in pursuit of defaulters.
The Data Protection Commissioner Immaculate Kassait has revealed the investigations following complaints over digital lenders who have breached the confidentiality of personal information.
The firms are accused of resorting to “debt shaming” tactics to recover loans.
The Kenyan data regulator is investigating undisclosed number of digital lenders for sharing borrowers’ confidential data in pursuit of defaulters.
The Data Protection Commissioner Immaculate Kassait has revealed the investigations following complaints over digital lenders who have breached the confidentiality of personal information.
The firms are accused of resorting to “debt shaming” tactics to recover loans.
This includes use of debt collection agents pursuing borrowers either by informing their friends and family using contact information scraped from their phones or by threatening to tell their employers.
The Data Protection Act bars sharing of data with third parties without consent and gives individuals the right to be told when their data is being shared and for what purposes.
“The Office received complaints from data subjects regarding digital money lending applications. Towards this end, my office has commenced investigations on a total of 67 such complaints in line with the office mandate,” Ms Kassait said without divulging additional information.
The Business Daily could not immediately establish from the data regulator the identity of the digital lenders under invetigations.
Scores of unregulated microlenders have invested in Kenya’s credit market in response to the growth in demand for quick loans, where borrowers can get loans in minutes via their mobile phones.
Borrowers share personal information, including their professions and monthly earnings, when registering with digital lenders.
But besides the pursuit of unpaid loans, digital lenders share personal information with data analysing firms and for marketing.
The Central Bank of Kenya (CBK) has previously raised concerns about the abuse of the personal data of borrowers and called on lawmakers to fast-track legislation to provide for the regulation of digital lenders.
Lobbies that had petitioned Parliament during the review of the Bill also said that loan applications are private affairs that should be treated as confidential information.
Digital lenders have saddled borrowers with high-interest rates, which rise up to 520 percent when annualised, leading to mounting defaults and an ever-ballooning number of defaulters.
The Data Protection Act further compels firms to disclose to individuals and customers the reasons for collecting their data and ensure that the confidential information is safe from infringement by unauthorised parties.
Offences under the Data Protection Act attract a fine of up to Sh5 million and or imprisonment for a term not exceeding to 10 years or both.
“Infringement of provisions of the Kenya Data Protection Act (DPA) will attract a penalty of not more than Sh5 million or, in the case of an undertaking, not more than 1 percent of its annual turnover of the preceding financial year, whichever is lower,” the Act says.
“Individuals will be liable to a fine not exceeding three million shillings or to an imprisonment term not exceeding ten years, or to both.”
Scores of unregulated microlenders have invested in Kenya’s credit market in response to the growth in demand for quick loans, where borrowers can get loans in minutes via their mobile phones.