Technology and Human Rights

Human rights are more critical than ever in the digital age. They let people express themselves online, share opinions, create, use, and access technology safely and justly. Technology can be used as an avenue to exercise freedom of expression, hold governments accountable, and expose wrongdoing. However, technology can also pose a systemic threat to human rights by reproducing structural discrimination against marginalised groups in policing, migration, social welfare, and access to health care. 

The Data Protection Act (DPA), 2019, establishes the legal framework for data protection in Kenya and upholds the right to privacy as outlined in the Kenyan Constitution. The Act gives effect to Article 31(c) and (d) of the Constitution of Kenya that contains the right to privacy which is a fundamental human right.  

The Data Protection (General) Regulations, 2021, provide further details on the application of the DPA, outlining procedures for enforcing data subject rights and elaborating on the duties of data controllers and processors. 

The Office of the Data Protection Commissioner (ODPC) is the government body responsible for enforcing the DPA and overseeing data protection compliance in Kenya


Convention 108 of the Council of Europe for the Protection of Individuals with regard to Automatic Processing of Personal Data is the first legally binding international instrument specifically designed to protect individuals’ rights regarding the processing of their personal data. It establishes a general framework for data protection, including principles such as lawfulness, fairness, and transparency, and sets out the rights of individuals and the obligations of data controllers. The convention has been ratified by 56 countries, including most European countries, as well as several African and Latin American countries.  

Article 17 of the International Covenant on Civil and Political Rights (ICCPR) recognises the right to privacy. This right protects individuals from arbitrary or unlawful interference with their privacy, family, home, or correspondence. The ICCPR has been ratified by 173 countries, making it one of the world’s most widely ratified human rights treaties. 

Article 16 of the Convention on the Rights of the Child (CRC) recognises children’s right to privacy. This right protects children from the collection, use, or disclosure of their personal information without their consent or the consent of their parents or legal guardians. The CRC has been ratified by 196 countries, making it the world’s most widely ratified human rights treaty. 


  • When making payment 
  • When accessing services from both the government and private institutions such as hospitals and schools. 
  • When accessing buildings. 
  • Signing up for both online and offline services or accounts. 
  • Using social media. 
  • Online shopping. 
  • When using digital apps.