ANALYSIS OF THE FACILITATIVE RATIONALE IN DATA SUBJECT RIGHTS IN KENYA
Abstract
Data protection law (DPL) has dual objectives: the protection of individuals and the free flow of personal data. These objectives can be conceptualised into the dualistic ‘protective/facilitative’ rationales. Relevant legal discourse is dominated by the protective rationale. This article employs doctrinal and comparative legal analysis to examine data subject rights in Kenya with a view to determining the extent to which they are permissive in nature and hence more facilitative of data flows than protective of individuals compared to the DPL of the European Union (EU). The analysis reveals that while the data subject rights in Kenya are generally consistent with the ones obtaining in the EU, some differences exist highlighting the permissive nature of Kenya’s DPL. The study recommends an interpretation based on the often-overlooked permissive theory and, therefore, the facilitative objective of DPL in order to enable and nurture innovation within the digital economy while safeguarding data subjects.
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Josphat Idambira Ayamunda
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish in The Eastern Africa Law Review retain the copyright to their work and grant the University of Dar es Salaam a non-exclusive license to publish, reproduce, and distribute the article.
This article is published under the Creative Commons Attribution 4.0 International (CC BY 4.0) License, which permits unrestricted use, distribution, adaptation, and reproduction in any medium, provided the original work is properly cited.
