Safaricom in Court Battle Over Employee Privacy After Admitting Use of Staff Data in Internal Investigations
By News Desk
Telecommunications giant Safaricom PLC has admitted before the Employment and Labour Relations Court that it accessed, processed and reviewed personal data and transaction information belonging to former employees during internal investigations into alleged misconduct, conflict of interest and suspicious financial dealings.
The admission emerged in a replying affidavit filed in court as the company seeks to defend itself against claims of privacy violations brought by former staff members.
According to the affidavit sworn by Odhiambo Ooko, Safaricom’s Chapter Lead for Employee and Labour Relations, the company used the employees’ personal and transaction data as part of investigations touching on alleged abuse of office, improper engagement with vendors, unexplained financial transfers and compliance-related concerns involving contractors and agencies associated with the firm.
Safaricom told the court that the information was processed for legitimate purposes including internal investigations, disciplinary proceedings, fraud prevention, legal compliance, preservation of evidence and protection of the company’s interests.
However, the former employees argue that the telco exceeded its lawful mandate and violated their constitutional right to privacy by accessing and handling sensitive personal information without proper safeguards or consent.
The dispute has now placed Safaricom at the centre of a growing legal debate on the limits of employer access to employee data during internal investigations, especially where financial transactions and personal information are involved.
In its defence, Safaricom maintains that the data was only accessed by authorised personnel, relevant departments and professional advisers handling investigations, litigation and regulatory compliance matters. The company further argues that the right to privacy is not absolute and cannot be invoked to block lawful investigations or cooperation with investigative agencies.
Safaricom also denied publicly disclosing or disseminating the petitioners’ private information, saying the former employees failed to specify what exact data was unlawfully shared, who received it, when it was disclosed or the damage allegedly suffered.
The company is now seeking to have interim court orders issued against it discharged, varied or clarified, arguing that broad privacy restrictions could hinder its ability to conduct internal governance processes, defend itself in court and comply with regulatory obligations.
The case is expected to set a significant precedent on data privacy, workplace surveillance and the extent to which employers in Kenya can process employee information during disciplinary and compliance investigations.
