Sharp Daily
No Result
View All Result
Thursday, June 5, 2025
  • Home
  • News
    • Politics
  • Business
    • Banking
  • Investments
  • Technology
  • Startups
  • Real Estate
  • Features
  • Appointments
  • About Us
    • Meet The Team
Sharp Daily
  • Home
  • News
    • Politics
  • Business
    • Banking
  • Investments
  • Technology
  • Startups
  • Real Estate
  • Features
  • Appointments
  • About Us
    • Meet The Team
No Result
View All Result
Sharp Daily
No Result
View All Result
Home Business

Unsolicited emails cost SBM Bank KES 450,000 in privacy case

Brian Murimi by Brian Murimi
September 15, 2024
in Business
Reading Time: 2 mins read

SBM Bank Kenya has been ordered to pay KES 450,000 in compensation to a complainant for violating data privacy rights, following a ruling by the Office of the Data Protection Commissioner (ODPC). The bank was found to have unlawfully processed the personal data of Kevin Kiprotich Romo, sending unsolicited emails for over a year despite repeated requests to stop.

The ODPC issued its determination after an extensive investigation into a complaint filed by Romo, who claimed to have received 327 emails from SBM Bank Kenya between May 2023 and March 2024. These emails included password alerts, account notifications, and promotional offers, despite Romo having no relationship with the bank.

The complainant argued that the emails were a violation of his privacy rights under Article 31 of the Constitution of Kenya and the Data Protection Act, 2019. Romo reported the matter to the bank multiple times, requesting that his email be removed from its mailing lists. However, his requests were ignored, leading him to lodge a formal complaint with the ODPC in March 2024.

In its defense, SBM Bank Kenya stated that the emails were sent inadvertently due to an error during a customer onboarding process. According to the bank, a customer with a similar name to the complainant mistakenly provided Romo’s email address when opening an account in April 2023. “The customer admitted to providing the wrong email address, which led to the inadvertent use of the complainant’s email,” the bank explained in its response to the ODPC.

RELATEDPOSTS

Bhartesh Shah takes helm as SBM Bank Kenya’s new CEO

May 9, 2024

SBM Bank launches three month cashback for cardholders

February 2, 2024

However, the ODPC found that SBM Bank’s explanation did not absolve it of responsibility. The regulator’s investigation revealed that the bank had not verified the accuracy of the email address provided by the customer. “The bank did not capture their customer’s email address correctly at the time of onboarding, and therefore, the allegation that it is the customer who provided the complainant’s email is false,” the ODPC stated in its determination.

The ODPC noted that SBM Bank Kenya failed to take reasonable steps to restrict the processing of Romo’s personal data, even after he disputed the accuracy of the data. The bank continued to send unsolicited emails to Romo for over a year, only stopping after the ODPC intervened.

Under the Data Protection Act, 2019, data controllers and processors, such as banks, are required to ensure that personal data is processed lawfully, accurately, and in a manner that protects the rights of data subjects. The Act gives data subjects the right to object to the processing of their personal data and mandates data handlers to comply with such requests within 14 days.

“The bank’s failure to act within the stipulated period constituted a breach of its obligations under the Act,” the ODPC ruled. The regulator further highlighted that the data controller did not demonstrate any legitimate interest in continuing to process Romo’s data, as required under Section 36 of the Act, which allows data processing only when there is a compelling legitimate interest that overrides the rights of the data subject.

Previous Post

Adani airport deal still a proposal, government says after JKIA disruptions

Next Post

Here’s what we’ve achieved: Government’s two-page report on recent ‘successes’

Brian Murimi

Brian Murimi

Brian Murimi is a journalist with major interests in covering tech, corporates, startups and business news. When he's not writing, you can find him gaming, watching football or sipping a nice cup of tea. Send tips via bireri@thesharpdaily.com

Related Posts

Business

Kenya’s coffee sector revitalization

May 19, 2025
Business

How digital tools are transforming youth agribusiness in Kenya

May 19, 2025
Business

Privatization of sugar millers sparks debate

May 15, 2025
Business

Safaricom forecasts earnings boost as Ethiopian losses shrink

May 14, 2025
Business

Kenya’s new digital tax: Impact on businesses and consumers

May 6, 2025
Business

Safaricom to deactivate unverified M-Pesa pay bills

May 2, 2025

LATEST STORIES

How Kenyan banks can modernize without marginalizing

June 4, 2025

Human rights concerns over activists’ treatment in Tanzania

June 4, 2025

Decoding stock-based compensation

June 4, 2025

Comparative advantage is the secret to real economic take off

June 4, 2025

Understanding inflation and its impact on everyday life

June 4, 2025

Economic reforms are costly

June 3, 2025

Cytonn Income Drawdown Fund (CIDDF)

June 3, 2025

Navigating the money market and fixed income funds landscape

June 3, 2025
  • About Us
  • Meet The Team
  • Careers
  • Privacy Policy
  • Terms and Conditions
Email us: editor@thesharpdaily.com

Sharp Daily © 2024

No Result
View All Result
  • Home
  • News
    • Politics
  • Business
    • Banking
  • Investments
  • Technology
  • Startups
  • Real Estate
  • Features
  • Appointments
  • About Us
    • Meet The Team

Sharp Daily © 2024