Safaricom has responded to allegations suggesting that it aids police officers in abducting Kenyans by sharing customer location data.
In a formal statement, the telecommunications giant addressed concerns regarding data privacy and its interactions with security agencies.
“Safaricom notes various conversations regarding data privacy and sharing of customer information with security agencies and other third parties and wishes to make the following statement,” the company said.
They emphasized their commitment to customer privacy and strict adherence to Kenya’s data protection laws, asserting, “we do not share any customer data unless explicitly required of us via a court order.”
The statement clarified the nature of Call Data Records (CDRs), stating that these do not provide live location tracking.
“A customer’s Call Data Record does not show any live location and movements of customers but are generated after a call is terminated… for purposes of billing only.”
Safaricom also highlighted its investment in security measures, noting that in July 2012, it implemented a Fraud Management System (FMS) with the help of Neural Technologies.
This system is designed to prevent and detect fraud without allowing third-party access.
The company recently achieved an ISO 27701 Privacy Information Management System (PIMS) certificate from the British Standards Institute, affirming its compliance with data privacy laws.
“This is the highest certification an organization can attain in management of privacy information systems, as a data controller or processor,” Safaricom stated, reinforcing its dedication to customer privacy.
In conclusion, Safaricom reassured customers of its transparency: “We have always been transparent and honest in how we engage with our stakeholders, and we will continue to do so in order to maintain the trust that we have built over the years.”
