Mulla Pride, Faircash mobile lending apps fined for threatening consumers
Mulla Pride Ltd, a Digital Credit Provider (DCP) which operates KeCredit and Faircash mobile lending apps, has been fined Sh2.975.000 by the Office of the Data Protection Commission (ODPC), respectively.
Through a statement, ODPC said, they were found to have used names and contact information of complainants which were obtained from third parties, and subsequently used to send threatening messages and phone calls.
It added that data protection is the responsibility of every data controller and processor and it must be the company’s top priority whenever they collect, process, or store personal information.
“This penalty will ensure that Digital lenders and financial institutions notify data subjects when collecting and processing their data, and the intention of processing the said data. It will further ensure that the data controllers are limited to strictly dealing with data subjects who have consented to the collection and processing of their data,” ODPC said in a statement.
Meanwhile, Naivas Supermarket and digital credit lender WhitePath are awaiting their fate after a compliance audit was conducted on them over data breach reports.
“The findings will be shared with the Data Controllers for their swift action,” ODPC said.
According to the Office of the Data Commissioner, WhitePath Company Limited has previously been fined Sh5 million as a penalty for non-compliance, adding that numerous complaints from the public were received regarding the company’s conduct.
Other different entities have been urged to comply with the Data Protection Act by implementing data protection principles to ensure that the identity of citizens is safeguarded.
“Failure to comply with the Act will result in instituting enforcement procedures.”
ODPC also seeks to embarking on conducting 40 compliance audits on various data controllers and in various sectors this year.
According to section 72 of the Data Protection Act of 2019, a data controller who, without lawful excuse, discloses personal data processed by the data processor without the prior authorisation of the data controller commits an offence.
In March 2022, the Central Bank of Kenya banned digital credit providers, its officers, or agents in the course of debt collection from using obscene or profane language with the customer or the customer’s contacts to shame them.