School fined Sh4.5m for using minors' pictures without parental consent

Roma School an institution based in Uthiru, Nairobi, allegedly posted the minors' photos

In Summary
  • According to the commissioner, this is the first and highest penalty an education facility has been accorded.
  • They noted the institutions will learn a lesson from the punishment of not using minors' data without parents' consent.
by LUCY MUMBI
News
26 September 2023 - 15:33
Students at Roma School Uthiru being taught.
Students at Roma School Uthiru being taught.
Image: ROMA SCHOOL UTHIRU/FACEBOOK

The Office of the Data Protection Commissioner has fined an educational institution for failing to comply with the Data Protection Act.

In a statement released on Tuesday, Roma School an institution based in Uthiru, Nairobi, allegedly posted minors' photos without parental consent.

This resulted in the institution being slapped with a Sh4.5 million penalty for breaching the act.

“Roma School, an Educational Institution based in Uthiru has been fined Sh4,550,000 for posting minors' pictures without parental consent,” reads the statement.

According to the commissioner, this is the first and highest penalty an education facility has been accorded.

They noted the institutions will learn a lesson from the punishment of not using minors' data without parents' consent.

“This sends a message to schools and other facilities handling minors' data to obtain consent from parents/guardians before processing minors' data,” reads the statement.

Speaking to the school's director, he said he hasn’t received any complaint about the release of the minors’ images.

“I received the letter from the data protection office but I don’t understand what is happening because I have not received any complaint from anyone regarding the matter,” he said.

He added that he would be visiting the office of the data protection commissioner to follow up on the matter.

"I will have to go to their offices," he said.

According to the office of the data commissioner, the penalty notices have been issued pursuant to Sections 62 and 63 of the Data Protection Act, 2019 (Act) and Regulations 20 and 21 of the Data Protection (Complaints Handling Procedure and Enforcement) Regulations, 2021.

Data Commissioner Immaculate Kassait urged entities to comply with the Data Protection Act by implementing data protection principles and safeguards.

She also called upon data controllers and Data Processors to ensure that the processing of personal data is in accordance with the provision of the Act.

“Failure to comply with the Act will result in instituting enforcement procedures,” Kassait said.

Also Read;

Failure to honour MPs summons to attract Sh2m fine

The proposed law is sponsored by Vihiga Senator Godfrey Osotsi
News
7 months ago

Case challenging my appointment lacks basis - Poisons Board chair

Mboya moved to court seeking to quash the appointment of Githinji.
News
7 months ago

Naivas risks Sh5 million fine in data breach probe

The reported data breach at Naivas resulted in the exfiltration of 611GB of personal data.
Business
7 months ago
Post a comment
WATCH: The latest videos from the Star
by LUCY MUMBI
News
26 September 2023 - 15:33

Most Popular

  1. Kakamega steps up floods mitigation measures as three die

    28m ago News

  2. Thousands protest against Israel's Eurovision entry

    36m ago World

  3. Harness AI to transform land sector, says CS Wahome

    40m ago News

  4. US airman shot and killed by police in Florida

    41m ago World

  5. UN says 80,000 have fled Rafah as strikes intensify

    49m ago World

Latest Videos

  2. We're monitoring conditions ahead of schools reopening - PS Omollo

  3. Man crushed to death by excavator in tragic Gatundu accident