Kenya’s IT Sector: AI, Data Privacy, and Cybersecurity in 2025
The IT sector in Kenya is expected to continue its rapid growth trajectory in 2025 with developments in artificial intelligence (AI), data privacy, and cybersecurity leading the way. The Ministry of Information, Communications, and the Digital Economy (MICDE) is implementing strategic initiatives, regulatory frameworks, and legal reforms to balance technological innovation with robust security measures.
Strategic Regulation for AI
A strategic approach to AI regulation is essential, focusing on an evidence-based, adaptable policy that responds to the fast pace of technological change. In 2024, the Kenya Bureau of Standards (KEBS) published the AI Code of Practice for public consultation, covering AI application guidelines and risk management. The MICDE’s AI strategy aims to foster AI growth through public-private collaboration and local research and development, expected to be implemented soon. The National AI Policy should be introduced by mid to late 2025, incorporating aspects of global legislation.
Key Case Impacting AI Regulation
A notable case in 2025 involves the US Department of Justice filing a landmark antitrust lawsuit against RealPage, alleging its AI software facilitates rent price-fixing among landlords. This case could set a precedent for AI regulation in competitive markets.
Evolving Data Protection Landscape
The Data Protection Act 2019 (DPA) interpretation continues to evolve, providing insights into the EU-Kenya adequacy decision. The current trend favors the data subject and the assertion of digital rights, leading to an increase in appeals against the Office of the Data Protection Commissioner’s (ODPC) determinations.
Cybersecurity Regulations on the Horizon
The cyber threat landscape necessitates a streamlined regulatory framework, especially in sectors like financial services and telecommunications. Collaboration between private sector players and regulators will be vital in addressing these challenges, leading to enhanced visibility of the National Computer and Cybercrimes Coordination Committee (NC4).
Fintech and Digital Asset Regulation
Kenya’s regulatory approach to fintech remains fragmented. However, the Central Bank of Kenya’s National Payment Strategy aims to improve the regulatory landscape for digital assets, fostering innovation while ensuring security.
Navigating IP and Technology Disputes
As the tech landscape continues to evolve, clearer alternative dispute resolution mechanisms are necessary to address disputes arising from emerging technologies like AI and fintech. Kenyans are aligning with global trends to foster a compliant and innovative IT environment.
By John Syekei, Ariana Issaias, Daniel Mwathe, and David Opijah, Partners, Bowmans Kenya
