The largest Kenyan mobile network operator, Safaricom, is facing some serious difficulties lately. At a time when the company is already under fire by the Kenya Revenue Authority (KRA) that claims more than $84 million in a gambling tax dispute, the company has to confront another major issue. Now, Safari is facing a lawsuit for customer privacy violation, after being accused of breaching the privacy of 11.5 million of its customers.
According to media reports, the leading Kenyan mobile network operator has allegedly been leading data of its gambling-involved customers. The lawsuit was submitted by Benedict Kabugi in Kenya’s High Court last week. As revealed by the petitioner personally, the leaked data was specific to Safaricom gambling customers who had used their mobile numbers with the operator to place bets with a number of Kenya-registered online betting platforms.
Safaricom is accused of breaching the right to privacy of the petitioner, as well as of 11.5 million customers who had been involved in online gambling activities by using their mobile numbers. Allegedly, the data leaked included various personal details identifying the company’s customers, such as their full names, ID and/or passport numbers, phone numbers, age, gender, and total amounts placed as bets with gambling operators.
Lawsuit Seeks Compensation of Almost $100,000 for Each of the Affected Gambling Customers
Mr. Kabugi shared that he can prove the data was stolen. He further revealed that on May 18th he was reached by someone who claimed he had possession of the Kenyan mobile network operator’s data for 11.5 million customers and provided him with some evidence.
The evidence included data featuring specific and personal details listed above.
According to Mr. Kabugi’s claims, he contacted the police first but it took them too much time to respond, so he addressed Safaricom.
On June 6th, Mr. Kabugi was arrested for reasons which still remain unclear. He was then made to prepare a statement regarding data issues, which was most likely done to have him prove or disprove any involvement in the data theft. Based on the information provided, however, two employees of employees were arrested and charged with trying to extract an amount of about $3 million out of the company in return to the data.
Now, the lawsuit of the petitioner seeks from Safaricom to pay compensations of $97,930 to each of the involved 11.5 million gambling customers whose data was illegally exposed. According to experts, it is not very likely that the court would force the company to pay the full amount sought in the lawsuit, but it could still order some kind of compensation for the affected customers.
The Kenyan mobile network operator claims that the data leak was the doing of two employees who have already been given the sack. Probably the largest surprise was the decision of Safaricom to sue the complainant for him getting in contact with employees of the company to get sensitive data.