‘Serving tea’ or breaking the law?

The next time someone dares to ‘expose’ you or a friend on social media, do not plead or reason with them not to ‘serve tea’

In Summary

• The right to privacy has always been balanced against the right to free speech

Amazon CEO Jeff Bezos and wife MacKenzie Bezos
Amazon CEO Jeff Bezos and wife MacKenzie Bezos

Recently, an allegation was levelled against Saudi Crown Prince Mohammed bin Salman, claiming that a phone he owned was used to steal large amounts of billionaire Jeff Bezos' private phone data via WhatsApp.

The report claims that in May 2018, an encrypted WhatsApp video message with malicious code was sent from a phone tied to the Prince to Bezos’ iPhone-X. The video, which had hidden malware, was able to give the Saudis access to Bezos's phone, which was used to gain private information. The business advisory firm FTI Consulting, which conducted the investigation, claims that shortly after the video was sent, abnormally large amounts of data were illegally transferred from the phone for several months.

The billionaire and the prince have had a love-hate relationship for the most part, with claims being made by the Bezos-owned newspaper, The Washington Post, that the Prince was behind the killing of Jamal Khashoggi, a Post reporter. The Post published claims linking the Prince to the murder. A few months after these allegations, Bezos and his wife announced they would be divorcing, largely in part (allegedly) due to leaked texts from Bezos' phone, which exposed his extramarital affair with TV anchor Lauren Sanchez.

It was after the leaked texts that the billionaire smelt a rat and hired FTI Consulting to investigate the alleged hacking. The investigation concluded with a report claiming the Prince’s phone had been used to hack the phone of the billionaire. The report was later handed to authorities for further investigation.


Cellphone communication falls within the penumbra of personal data. When making a phone call, or sending a text, there is a presumption that the communication is private and only between the individual on one end of the line and the one on the receiving end. In most jurisdictions, the right to privacy is a constitutional right, and leaking or sharing of such communication between individuals without their consent would be violating their constitutional rights. In the very least, it would be infringing on their data privacy. If the communication contains private information that a reasonable person would expect to keep private, there is a potential claim for invasion of privacy.

The right to privacy has always been balanced against the right to free speech. Some legal commentators have even argued that free speech should always trump the right to privacy. Claims that it is vital for a society to possess the ability to pass on information about other people so as to establish a good or bad reputation about them are not new as much as they are misgiven.


Despite the numerous leaked phone messages and screenshots that have ruined too many reputations in Kenya, there are actual laws against such privacy infringement in Kenya. However, many public figures and individuals would rather play a Shaggy and cry out “it wasn’t me” than seek legal redress.

Article 31 of the Kenyan constitution provides for the right to privacy by stating that everyone is entitled to privacy, which includes the right not to have their person, home or property searched, their possessions seized, information relating to their family or private affairs unnecessarily required or revealed, or the privacy of their communications infringed.

Additionally, the recently passed Data Protection Act, which is in line with the General Data Protection Regulation (GDPR), places restrictions on the use, collection and sharing of an individual’s personal data, and in so doing, it attempts to revert power and control of personal data back to an individual. 

Other ‘anti-surveillance’ laws that attempt to provide protection for personal data and privacy include The Kenya Information and Communications Act (2009), which penalises the unlawful interception of communications by service providers, and the Kenya Information and Communications (Consumer Protection) Regulations (2010), which restricts acts such as wiretapping and data monitoring. It is, however, important to note that rights under such acts have been dangerously limited by acts such as the National Intelligence Service (NIS) Act (2012), The Prevention of Terrorism Act (2012), and The Security Laws (Amendment) Act (2014), which give the government wide powers to limit privacy laws in the pursuit of security.


Social media has created a crop of individuals who are famous for airing the private data of public personalities with the hopes of getting quick attention in the form of likes and followers. The belief is that all this is legal and okay. On the contrary, it is illegal.

The next time someone dares to ‘expose’ you or a friend on social media, do not plead or reason with them not to ‘serve tea’. Instead, contact a lawyer, and have them serve the individual with a ‘cease and desist’ letter. Then sit back and enjoy some actual tea.