- Court stops Safaricom from sharing personal data of former employees
- The case raises claims of privacy breaches during internal investigations
- Petitioners cite constitutional rights and Data Protection Act protections
- Company ordered to respond within 14 days ahead of the May hearing
- Ruling could shape how employers handle staff digital data in Kenya
The Employment and Labour Relations Court has stepped in to halt Safaricom PLC from further handling or sharing personal information tied to a group of former employees. The order comes as a case filed against the company continues to be heard. The matter touches on serious claims involving privacy and data protection. The court issued interim directions meant to preserve the situation as it is. This remains in place until the case is fully determined.
In its ruling dated April 27, 2026, the court directed Safaricom to immediately stop any further sharing of the affected individuals’ data. The order specifically covers sensitive details such as digital identity information and M-Pesa transaction records. The judge said the status quo must be maintained pending the hearing. The case will return to court for mention on May 11, 2026. All parties have been directed to be present.
The dispute stems from allegations made by the former employees against the telecom company. They claim their personal data was accessed and used without proper authority. The accusations also point to a senior human resources official. According to the petition, the information was allegedly exposed during internal investigations and disciplinary procedures. The workers argue that this went beyond what the law allows.
They are now seeking protection under Kenya’s constitutional privacy provisions. Article 31 of the Constitution guarantees the right to privacy for all citizens. The Data Protection Act, 2019, also outlines strict rules on how personal information should be collected and used. The petitioners say those protections were not respected in their case. They believe their rights were violated during the process.
The court has given Safaricom 14 days to file its formal response. This will allow the company to present its side of the story before the matter proceeds further. Both sides are expected back in court for a hearing scheduled next month. The case will then be examined in detail based on evidence and legal arguments. The interim orders will remain active until then.
Legal experts note that employers are allowed to conduct internal audits and compliance checks. However, such actions must follow clear legal boundaries. Personal data must be handled transparently and lawfully. It must also be used only for valid and specific reasons. Any misuse can attract legal consequences.
The outcome of this case is being closely watched due to its wider implications. It could influence how companies in Kenya handle employee data in future. This is especially important in sectors where large amounts of digital information are processed daily. Telecommunications firms are among those most affected due to the nature of their services.
If the court finds against the company, it may set a strong precedent on employee privacy rights. It could also lead to stricter enforcement of data protection laws. For now, all eyes remain on the May hearing. The decision is expected to clarify how far employers can go when reviewing staff data.
