All eyes are now on the High Court as it prepares to deliver a landmark ruling in a case accusing Safaricom PLC of exposing millions of Kenyans’ personal data. With over 11.5 million subscribers allegedly affected, the outcome could redefine data privacy and corporate accountability in the country.
Highlights:
- High Court to deliver judgment on May 13, 2026
- Petition claims over 11.5 million Safaricom users were affected
- Allegations point to insider involvement in data access and sale
- Safaricom dismisses claims as baseless and legally flawed
- Case raises major questions on data protection and corporate liability
Main Story:
A Case That Could Shape Data Privacy in Kenya
The High Court is set to issue its decision in a high-profile petition accusing Safaricom of failing to protect sensitive customer data. The case, filed by a group of subscribers, claims the telecom giant allowed widespread misuse of personal information over several years.
Claims of a Coordinated Data Scheme
According to the petitioners, the alleged breach occurred between 2018 and 2019 and involved insiders within the company. They argue that certain employees accessed confidential subscriber data and shared it with external parties, including betting firms, for profit.
Court filings suggest that internal communications reveal more than routine data handling, pointing instead to deliberate and unchecked access to private information.
Petitioners Push for Accountability
Through their legal team, the group insists that Safaricom failed in its responsibility as a data controller. They argue that the company did not put in place adequate safeguards to protect user data, allowing employees to exploit the system.
Led by Austin Taabu and others, the petitioners describe the breach as widespread and systemic. They claim it violated constitutional rights, including privacy, dignity, and consumer protection, and are seeking strong legal remedies.
Safaricom Fights Back
Safaricom has firmly denied the allegations, urging the court to throw out the case. The company argues that the matter is already being handled in other legal proceedings, including civil and criminal cases, and warns against duplicating lawsuits.
It maintains that the petition lacks solid evidence, noting that the claim of a massive dataset affecting millions has not been proven in court. According to Safaricom, the petitioners failed to demonstrate that their own data was compromised.
Disputed Evidence and Legal Arguments
A key piece of evidence presented by the petitioners, an affidavit by Benedict Kabugi, has been challenged by Safaricom. The company argues that the affidavit was improperly introduced and questions the credibility of the witness, who is reportedly facing criminal charges linked to the same issue.
Safaricom also insists it should not be held responsible for the alleged actions of rogue employees, stating that any wrongdoing was carried out independently for personal benefit and outside official duties.
Awaiting a Landmark Decision
With submissions now closed, the court’s ruling is expected to provide clarity on corporate responsibility in handling user data and the extent to which companies can be held accountable for internal breaches.
Read Also:
- Business as Usual in Nairobi Amid Planned Fuel Price Demonstrations
- Fresh Twist in NYS Probe as Official Breaks Silence on Hotel Links
- Countries Behind the Most Billionaire Graduates Revealed
