In the wake of this digital era, East Africa has embraced data protection laws, and we clearly see a shift from paper to actual application in practice. This week we shall look at the decision of Kenya’s Office of the Data Protection Commissioner (ODPC) in Julian Rowa (suing on behalf of a minor) V The Nairobi Academy, Complaint No. 1597 of 2025. The ODPC in this matter, found that the Nairobi Academy, the respondent, unlawfully disclosed and caused the publication of a minor’s personal data, the information was the name and examination results. This information was obtained without the consent of the parents or any other lawful basis. The disclosure occurred through a newspaper publication under an advertising feature. Nairobi Academy was held liable for violating the right to privacy under the Data Protection Act, 2019 (Kenya) and ordered compensation of KES 637,500 to the complainant for both material and non-material damage and this includes distress.
Although this determination arises from Kenya, its implications are highly relevant to Uganda’s data protection regime.
The Trajectory of Data Privacy and Protection in East Africa: Lessons for UgandaFebruary 13, 2026
Niche Ankole BreedMarch 2, 2026
Image Rights in the Age of Social Media and AI: Lessons from the Grok Deepfake Controversy and Implications for UgandaFebruary 13, 2026
Law, Moral Order, and Human Nature Towards a Jurisprudence Fit for Uganda and the Modern WorldFebruary 6, 2026
