Susan Mute and company Advocates

12/04/2026

Legal problems require quality legal solutions.

At Susan Mute & Co. Advocates, we approach every matter with precision, strategy, and professionalism—offering support in commercial law, family law, conveyancing, legal advisory, and compliance.

03/04/2026

13/03/2026

The proposed Artificial Intelligence Bill, 2026 marks an important milestone in Kenya’s journey toward responsible technology governance.

One of the most notable features of the Bill is the proposal to establish the Office of the Artificial Intelligence Commissioner, a body expected to oversee the development, deployment, and regulation of AI systems within the country.

This is a progressive step toward creating a structured regulatory framework for artificial intelligence. As AI continues to influence sectors such as finance, healthcare, employment, and public administration, there is an increasing need for oversight that ensures these technologies are used responsibly and ethically.

The establishment of an AI Commissioner signals Kenya’s recognition that innovation must be accompanied by accountability, transparency, and protection of fundamental rights.

If implemented effectively, this framework could position Kenya as a regional leader in AI governance while ensuring that technological advancement remains aligned with constitutional values and public interest.

The conversation on AI regulation is only beginning, but this move demonstrates that Kenya is taking deliberate steps toward shaping the future of technology responsibly.

07/02/2026

AI is no longer the future of business — it’s the present.
From improving efficiency and decision-making to managing risk and enhancing customer experience, Artificial Intelligence is transforming how businesses operate. The key is not just adoption, but responsible use—balancing innovation with compliance, data protection, and governance.
Businesses that embrace AI intentionally will stay ahead in an increasingly digital economy.

24/12/2025

We wish our clients and our potential clients a merry Christmas and a happy New year .
We have grown because of you . Ours is to appreciate you for trusting us .

13/12/2025

There is a growing narrative that treats deepfakes purely as a technology issue, often discussed in the context of innovation or gender‑based violence in abstract terms. I hold a different view.

At its core, the malicious use of deepfakes squarely fits within cyber bullying and cyber stalking, both of which are already recognised offences under the Computer Misuse and Cybercrimes Act, 2018. When artificially generated images or videos are used to harass, humiliate, threaten, or monitor a person without consent, the harm is not theoretical — it is deliberate, targeted, and unlawful.

Deepfakes weaponise technology to invade privacy, damage reputation, and psychologically intimidate victims. Whether the target is a woman, a man, or a child, the conduct mirrors classic cyber stalking: persistent digital harassment designed to instil fear, exert control, or degrade a person’s dignity. The fact that the content is “artificially generated” does not dilute the harm; in many cases, it amplifies it.

Responsible use of technology does not and cannot extend to the creation or circulation of fabricated content intended to degrade human dignity. Article 28 of the Constitution of Kenya protects the inherent dignity of every person, and this right does not evaporate in digital spaces. Technology must remain a tool for progress, not a shield behind which abuse is normalised or excused.

Framing deepfakes only as a technological evolution risks obscuring accountability. The law is clear: digital conduct that harasses, threatens, or humiliates others attracts criminal liability. Innovation cannot outpace responsibility, and freedom of expression does not include the freedom to digitally violate another person.

Ultimately, the conversation should shift from how advanced the technology is to how responsibly it is used. Where technology is employed to harm, the law must respond firmly and without ambiguity

13/12/2025

Data Privacy in Employment: Courts Are Drawing Clear Boundaries

In Kenya Union of Journalists v Kenya Broadcasting Corporation [2025] KEHC 17216 (KLR), the High Court reaffirmed that employees do not surrender their right to privacy at the workplace.

The case arose from the employer’s introduction of a biometric facial-recognition attendance system, which involved the collection and processing of employees’ sensitive personal data. The system was implemented without informed consent, without adequate employee consultation, and without conducting a Data Protection Impact Assessment (DPIA) as required under the Data Protection Act, 2019.

The Court found that:

Biometric data qualifies as sensitive personal data and attracts a higher threshold of protection.

An employment relationship does not automatically justify unrestricted data processing.

Processing employee data without a lawful basis or valid consent violates Article 31 of the Constitution and the Data Protection Act.

Employers must demonstrate lawfulness, necessity, proportionality, and transparency in any data-processing activity.

As a remedy, the Court ordered the employer to cease further processing and delete the unlawfully collected biometric data until full compliance with data protection requirements was achieved.

The takeaway for employers and HR practitioners is clear:
Operational efficiency cannot override statutory and constitutional privacy rights. Whether it is biometric systems, surveillance tools, health data, or performance monitoring technologies, employee data must be processed lawfully, fairly, and with accountability.

This judgment is a timely reminder that data protection compliance is no longer optional even in employment settings.

13/12/2025

“What if I don’t want my employer to record me on a Zoom meeting?”

Employees often ask: Can my employer legally record a Zoom meeting without my consent? A recent enforcement decision in Kenya provides a definitive answer.

In Liquid Telecommunications Kenya Ltd – Data Privacy Breach [2025] ODPC 14/2025, the Office of the Data Protection Commissioner (ODPC) found that the company recorded a Zoom meeting with a former employee without consent and retained the recording despite a deletion request.

The company argued a “legitimate interest” in keeping the recording for potential disputes. The ODPC held that:

Consent is mandatory before processing personal data.

Retaining recordings without lawful justification violates the Data Protection Act, 2019.

Employees have the right to request deletion, which must be honored promptly.

The ODPC awarded Ksh 700,000 in compensation, sending a clear message: privacy rights cannot be overridden for operational convenience.

✅ Takeaway:
Whether it’s Zoom, Teams, or other digital platforms, employee privacy is a legal obligation, not a courtesy. Organizations must comply with consent requirements, retention rules, and deletion rights.

21/09/2025

Consent & Photography at Corporate Functions: Why It Matters

Corporate events are a wonderful way to celebrate milestones, network, and showcase your brand. Naturally, photographs are taken to capture these moments. However, in today’s regulatory environment, taking and publishing photos of attendees without their consent is an invasion of data privacy.

Photos Are Personal Data

Under Kenya’s Data Protection Act, 2019, a photograph that identifies an individual is classified as personal data. Organizations therefore become data controllers when collecting and using such photos. This places a legal obligation to handle the data responsibly and lawfully.

Legal Implications of Ignoring Consent

Failing to obtain proper consent before using someone’s image can expose a company to:

Regulatory penalties: The Data Commissioner may impose fines and sanctions for unlawful processing of personal data.

Civil liability: Individuals may sue for breach of privacy, misuse of personal data, or reputational damage.

Reputational harm: Using images without consent undermines trust and can negatively affect how clients, partners, and the public perceive your brand.

✅ Why Consent is Crucial

Consent is not just a box-ticking exercise. It must be:
Freely given – no pressure or assumptions.
Informed – the individual knows how and why the photo will be used.
Specific – whether for internal newsletters, marketing campaigns, or social media.
Revocable – individuals should retain the right to withdraw consent at any time.

💼 What Organizations Should Do

At corporate functions, businesses should:

1. Inform attendees in advance if photography will take place.
2. Provide consent forms or clear disclaimers.
3. Respect the wishes of those who do not want to be photographed.
4. Store and use the photos only for the agreed purposes.

21/09/2025

Understanding a debt settlement agreement .

In business and personal life, debts sometimes become difficult to repay as originally agreed. Instead of prolonged disputes, litigation, or strained relationships, parties may choose a Debt Settlement Agreement—a legally binding arrangement that restructures how a debt will be paid.

Key Features of a Debt Settlement Agreement

1. Acknowledgment of Debt – The debtor confirms the existence and amount of the debt.

2. Payment Terms – This may include lump sum payments, instalments, or even a reduced settlement agreed upon by both parties.

3. Timelines – Clear deadlines are set to avoid future disagreements.

4. Default Clauses – Provisions are included on what happens if payment is not made as agreed (e.g., enforcement mechanisms, penalties, or return to full debt).

5. Finality – Once the agreement is honoured, the matter is considered settled, protecting both parties from future claims.

Why it Matters

For creditors: It provides certainty, avoids costly litigation, and increases the chances of recovering at least part (if not all) of the debt.

For debtors: It offers breathing space, preserves relationships, and avoids the risk of judgment or insolvency proceedings.

Example Scenario
A business owes a supplier Kshs. 2 million but is unable to pay in full immediately. Through a debt settlement agreement, both parties agree on a payment plan: Kshs. 1.2 million upfront and the balance in three instalments within six months. This provides relief to the business while giving the supplier structured assurance of recovery.

Points of Caution

Creditors should be careful not to waive too much of the debt without clear guarantees of payment.

Debtors must ensure the settlement terms are realistic; defaulting can revive the original debt and expose them to even stricter enforcement.

21/09/2025

Imagine this:
A senior sales executive resigns from a company and, within weeks, joins a competitor. They start approaching the same clients they once managed, using the strategies and contacts they gained in their former role.

This is exactly the type of situation a non-compete clause seeks to address.

✅ Purpose: To protect legitimate business interests such as trade secrets, confidential information, client relationships, and investments in employee training.
✅ Limitations: Courts will only uphold non-compete clauses that are reasonable—for example, limited in time, geography, and scope of activities. A clause that is too broad or restrictive is likely to be declared unenforceable.
✅ Balance: The law protects businesses from unfair competition but also safeguards an individual’s right to work and earn a living.

📌 Why it matters:

Employers should ensure non-compete clauses are clear, specific, and legally sound.

Employees and professionals should review such clauses carefully before signing, as they may significantly affect future career opportunities.

At Susan Mute & Company Advocates, we provide guidance on drafting, reviewing, and interpreting non-compete clauses—ensuring they are both enforceable and fair.

📩 For professional consultation, reach us at [email protected].

Gmail is email that’s intuitive, efficient, and useful. 15 GB of storage, less spam, and mobile access.