Kenya’s Statistics Bill 2026 is currently in public participation, and the deadline is today, May 20.
The Bill responds to major developments since 2006, including the promulgation of the Constitution, the devolution of government, the enactment of the Data Protection Act 2019, and the rapid evolution of data-collection technologies.
The core proposal in it is to dissolve Kenya National Bureau of Statistics (KNBS) and replace it with a new Kenya Statistics Authority with wider powers, an upgrade that is long overdue.
A statistics law written in 2006 was never designed to handle mobile data, satellite imagery, or biometric scans. At the center of this Bill is an effort to move beyond traditional census and survey methods into wider use of administrative records, biometric information, big data, and citizen-generated data.
The Bill also requires every county government to establish a county statistics office, which addresses a long-standing gap in devolved data collection.
In addition, the Bill gives legal force to the United Nations Fundamental Principles of Official Statistics, embedding professional independence into Kenyan law and limiting political interference in the production and release of official figures.
The Statistician-General would independently control methods and publication schedules, rather than waiting on political cues. A National Statistics Fund would finance census operations and infrastructure, ending the cycle of underfunded surveys.
The data protections in the Bill are also notably strong on paper. Information collected for statistical purposes can not be used for enforcement, investigations, or regulatory action, and statistical data will remain confidential by default.
Biometric data, specifically, must be anonymized as soon as practicable.
Where it gets complicated is the fine print. The Bill gives the new Authority power to require people to provide information, and assumes any such request is valid unless it is challenged and proven otherwise.
This shifts the burden to the person receiving the request. It also allows fines of up to KES 5 million for failing to comply, which increases the pressure to comply even when a request may be questionable.
The biometric rules are the most significant. Clause 28 allows the collection of fingerprints, facial images, iris scans, and other identifiers that may be added later.
READ: Court Ruling Orders Worldcoin to Delete All Kenyan Biometric Records
That final part is important because it means new types of biometric data could be introduced without going back to Parliament.
The Bill also restricts sharing biometric data for enforcement, but allows exceptions when a court order is involved, which could expand how the data is used over time.
Finally, the Bill includes a supremacy clause. If it conflicts with other laws on data collection or sharing, it takes priority. This could reduce the strength of the Data Protection Act 2019 where both laws overlap.
Data regulation worldwide is moving in the same direction: clearer legal reasons for collecting data, stronger privacy protections, and stricter limits on how data can be used. Kenya’s Statistics Bill follows this trend.
Like the EU’s GDPR, South Africa’s POPIA, and Rwanda’s data protection law, it focuses on collecting only necessary data, using it for stated purposes, and giving people ways to challenge misuse.
Where Kenya’s Bill falls short is in oversight, since other systems build independent supervision into the law from the start instead of leaving it to later regulations.
Overall, the Bill is a positive step, but some parts need tightening. Broad requirements for forced data disclosure, wide biometric definitions, and a clause that can override other rules should all be more clearly limited before it becomes law.
