Cross-border data transfers

According to the Data Protection Act of 2019, a data controller or data processor may transfer personal data to another country only where proof has been given to the Data Commissioner that the data will be transferred securely to a place with equal or stronger data protection laws compared to Kenya. However, there are also certain situations where data can be transferred without notifying the Data Commissioner, such as when the transfer is for legitimate interest, public interest or has the consent of the data subject.

In this episode, John Walubengo and Simon Verschaeve explore what a cross-border data transfer is, the legal requirements when it comes to cross-border data transfers, and some lessons learned from Europe’s experience.

This podcast was produced by KICTANET and GIZ/DTC Kenya, in collaboration with Nairobi Legal Hackers, as part of the AU-EU D4D Hub project.

Moderator:

• Lemmy Kamau, Advocate of the High Court of Kenya and Data Protection and Privacy Specialist

Speakers:

• John Walubengo, Lecturer and Data Protection expert
• Simon Verschaeve, Data Protection Lawyer at DLA Piper

You must enable cookies to listen to the podcast directly on D4D Access. Alternatively, the Data Protectors Podcast is also available on these platforms:

• Spotify
• Google Podcasts
• Soundcloud
• Afripods