The World Bank has suggested changes to the Kenyan Data Protection Act of 2019, advising the Kenyan government against the localisation of data.
The global lender has asked Kenya to revoke a law that forces companies to store sensitive personal data on servers located within the country. The World Bank says the law is limiting cross-border trade in digital services.
It’s asking Kenya to upgrade its current Data Protection Act and adopt compatible and interoperable standards. It also adviced the scrapping of data localisation requirement for the Kenya’s Health Information System Policy.
The World Bank’s report proposes a flexible and standardised data sharing system for Eastern Africa, including countries outside the East African Community (EAC). The goal is to create a unified data market in the region by facilitating the integration of data processing and storage requirements.
These suggestions from the global lender, however, are questionable in a time when other regions across the world are clamouring for localised data centres to protect the interest of their citizens. Should we be asking Kenya to review laws that many other regions, including the EU, are now enacting?