Nairobi: The Communications Authority of Kenya (CA) has urged the public to dismiss any media claims suggesting that the Authority has instructed its licensees to gather biometric data during the registration of new mobile SIM cards.
According to Kenya News Agency, the CA issued a press statement clarifying that concerns and media commentary regarding biometric data collection under the revised SIM card regulations are baseless. The Authority emphasized, “For the avoidance of doubt, CA has not issued any directives for the collection of biometric data by our licensees,” further noting that the New SIM Card Regulations do not include provisions for collecting such data.
The Authority explained that the regulations, published in May 2025, were designed to protect citizens from SIM card-related fraud and other criminal activities, such as identity theft and scams. The rules aim to strengthen the integrity of telecommunications services, ensure each registered line is associated with an individual, improve trust in Kenya’s digital space, and support secure access to digital services like mobile money and e-commerce.
The Authority defined biometric data as information derived from specific technical processing of physical, physiological, or behavioral characteristics, but clarified that not all such information will be collected during SIM card registration. The CA highlighted that the New SIM Card Regulations enforce strict security and confidentiality requirements on operators, mandating compliance with the Kenya Information and Communications Act, 1998, and the Data Protection Act, 2019.
Operators are prohibited from sharing subscriber data without consent or a legal order, with CA and the Office of the Data Protection Commissioner ensuring strict oversight through regular audits and penalties for data misuse. The revised regulations allow operators to suspend SIM cards for false information or non-compliance with registration requirements, while also mandating clear, fair, and transparent consumer dealings.
The CA acknowledged consumer frustrations over spam messages, unsolicited subscriptions, and unauthorized phone number usage. “These concerns are a priority for the Authority, and the improved SIM card registration processes are part of the larger strategy to safeguard consumer interests and welfare across all networks,” stated the CA.
The Authority reiterated its commitment to supporting innovation in data privacy and digital trust, assuring that privacy-enhancing features will be rolled out in partnership with industry stakeholders. “We undertake to rollout privacy-enhancing features consistent with the law in partnership with industry stakeholders,” the Authority stated, adding its dedication to Kenya’s digital transformation and the protection of consumer rights in the ICT sector.
