A year after halting Kenya's Huduma Namba, the country's controversial biometric ID scheme, the High Court of Kenya declared that its rollout was illegal and asked the government to conduct a privacy impact assessment. MediaNama has reviewed a copy of the judgement. In Thursday's judgement by Judge Ngaah Jairus of the Kenyan High Court, it said that the digital ID programme was ultra vires to Section 31 of Kenya's Data Protection Act, which mandates that where a 'processing operation is likely to result in high risk to the rights and freedoms of a data subject, the data controller or processor must carry out a Data Protection Impact Assessment'. The respondents, in my humble opinion, have not appreciated the import and the extent of the application of the Data Protection Act, with respect to collection and processing of data collected under the…
