At just 24, Martha Waria is already carving out a unique path at the intersection of law and technology. A lawyer at Capital Law Group based in Nairobi, Martha is part of a growing generation of legal professionals who recognize the critical importance of data protection in today’s digital-first world. Her recent completion of Moringa School’s Data Protection Officer (DPO) course has sharpened her expertise and given her a fresh perspective on how law can adapt to and guide innovation. Here is our conversation with Martha.
How did you learn about Moringa, and what motivated you to take the DPO course?
I first discovered Moringa School and its Data Protection Officer (DPO) course on LinkedIn, where several alumni shared glowing reviews about how practical and impactful the program was. Their experiences really stood out. They spoke about gaining hands-on skills and a much deeper understanding of data privacy, which immediately piqued my interest. I headed to the Moringa website to explore the course further, and the more I read, the more I felt it was exactly what I had been looking for.
As a lawyer, I’ve always been fascinated by how the law keeps pace with technology. With the rise of data-driven systems and Kenya’s active enforcement of the Data Protection Act, I saw a real opportunity, not just to upskill, but to become part of a movement that’s shaping how organizations handle personal data. While my legal background had given me a strong footing in compliance and risk assessment, I wanted to go beyond theory. The DPO course felt like a timely opportunity to align my skills with industry demands and contribute meaningfully to responsible data governance in Kenya.
Were you considering other schools? What made Moringa your top choice?
Yes, I did explore other programs. Moringa stood out for several reasons. What set it apart for me was its deep focus on Kenya’s Data Protection Framework. This is something I didn’t find in other programs, which mostly centered on global standards like GDPR. I was specifically looking for a course that could blend legal theory with hands-on, practical application, and Moringa delivered exactly that through expert-led sessions and real-world case studies.
The localized approach was a major deciding factor for me. Understanding the nuances of Kenyan data protection laws was essential to my goals, and Moringa’s curriculum didn’t just acknowledge this; it prioritized it. On top of that, Moringa has a strong reputation for equipping professionals with market-ready skills, which gave me the confidence that I was making the right choice.
How would you describe your overall learning experience?
My learning experience at Moringa was truly exceptional. One of the things I appreciated most was the flexibility of the live online classes, they allowed me to learn at my own pace while still participating in meaningful, real-time discussions with both the instructor and my peers. These sessions weren’t just about covering the basics; they sparked deeper conversations around data protection that really enriched my understanding of the subject.
Our instructor, Amit Gadhia, brought a wealth of experience and had a unique ability to break down complex data protection concepts into clear, practical insights. Rather than memorizing legal definitions, we explored how these principles play out in real-world scenarios across industries like healthcare, finance, and emerging tech, which made everything feel much more relevant and applicable.
What was the most memorable or meaningful part of the course for you?
One of the most memorable moments for me was during the module on lawful bases for processing personal data. We examined how many organizations mistakenly rely on terms and conditions or privacy notices as valid forms of consent. Through practical exercises and real-world case studies, our instructor clarified that while these documents promote transparency, they don’t meet the legal standard for consent under data protection laws.
A specific example that stuck with me involved a tech company that had hidden its data-sharing practices deep within its Terms & Conditions, assuming that was sufficient. That discussion completely shifted my perspective. I came to understand that consent must be active, informed, and freely given, and not something buried in legal jargon.
This lesson didn’t just reshape how I view consent; it changed how I approach compliance altogether. I now see it not as a tick-the-box” task or obligation, but as a strategic, trust-building practice that adds real value to organizations.
How has completing the DPO course influenced your career so far, and what specific skills have you gained?
The impact has been immediate and transformative. The DPO course deepened my understanding of data protection well beyond what’s typically taught in traditional legal education, especially within the Kenyan context. Since completing the course, I’ve become much more confident in engaging with topics that once felt daunting, such as client data handling, privacy clauses in contracts, and regulatory compliance. I now contribute meaningfully to these discussions within my organization and apply the knowledge in practical ways.
One of the most valuable skills I gained was learning how to conduct Data Protection Impact Assessments (DPIAs) effectively. This is a critical tool for identifying and mitigating privacy risks in data-driven projects. I also learned how to manage data breaches systematically, from incident response to regulatory reporting, and most importantly, how to implement safeguards that help prevent breaches from happening in the first place.
Beyond technical skills, the course gave me the confidence to tackle complex issues like consent, data subject rights, and cross-border data transfers. It strengthened my ability to interpret regulatory obligations through a tech-compliance lens, a skill that’s becoming increasingly vital. Ultimately, the DPO course provided me with a forward-thinking and practical approach that perfectly complements my legal training and has made me more effective and versatile in my role.
What advice would you give to someone considering the DPO course or looking to break into data protection?
First, recognize that data protection is no longer optional – it is a critical business and legal imperative. With the rise of artificial intelligence, cross-border data flows, and more stringent data protection frameworks, there is an increasing need for professionals who can navigate compliance while enabling innovation. Personal data is becoming more vulnerable than ever, making the role of data protection professionals more crucial than ever before. Second, seek a course that balances theory with practical application like the one Moringa offers. Data protection isn’t just about knowing the law; it’s about implementing it. Look for programs that cover real-world scenarios from drafting privacy notices, conducting DPIAs and managing breach responses, so you are prepared to add value.
What are some of your interests or hobbies outside of work?
Outside of work, I’m passionate about painting and pottery. Both give me a creative outlet and a chance to slow down. Painting helps me unwind and experiment with different styles, whether it’s abstract pieces or calming landscapes. It’s my way of expressing ideas visually and taking a break from the structure of legal work.
Pottery is a more recent interest, but one I’ve grown to love. There’s something incredibly rewarding about shaping clay into something tangible, whether it’s a functional piece or purely decorative. Seeing a finished piece come to life from scratch brings me a real sense of accomplishment.
Can others reach out to you for mentorship or guidance?
Absolutely. I’d be happy to connect with anyone interested in data protection. Feel free to reach out to me via LinkedIn.
Any final thoughts or words of encouragement for future students?
Whether you are looking to specialize in data protection or simply wish to understand your digital rights, this knowledge is incredibly valuable. Personal data is constantly being collected, and knowing how to protect yourself and others is very important. Data protection is not just about rules and regulations; it’s about respecting people. It is seeing beyond the data to the actual person it represents.
Inspired by Martha’s journey? Explore Moringa’s Data Protection Officer Course and future-proof your career in one of today’s most essential and fast-growing fields.
