Nigeria: Data Protection And Data Privacy In Nigeria: An Analysis Of The Legal And Regulatory Landscape

Abstract

From the days of the abacus, science and technology has continuously revolutionized every facet of human endeavour from health to commerce and communication. The evidence of this perpetual revolution in the different aspects of human endeavour is most obvious in an analysis of the digital age that is the 21^st century. The internet with its interconnectivity has enhanced various arguably routine but necessary activities such as communication and has also birthed new ideas such as e-commerce. Data according to the Cambridge Advanced Learner Dictionary is "information, especially facts or numbers, collected to be examined and considered and used to help decision-making or information in an electronic form that can be stored and used by a computer." It is both the foundation and the cornerstone of the functionality of the internet and the digital age. The use and significance of data cannot be overestimated. It has brought about new revelations regarding human behaviour, patterns of consumption and challenged discussions on foundational principles of human civilisation. Some of these discussions border on the principles of right to privacy, security, and intellectual property rights. This paper seeks to analyse the importance of data, the meaning of data and the prevailing regulations for its use in Nigeria. It also seeks to proffer recommendations on data usage by also analysing and drawing on operation models in other regimes such as the European Union

1. Introduction

Data, whilst revolutionizing various aspects of everyday life has also raised challenging legal questions. For example, when will a breach of privacy in the digital realm occur? Can copyrights be infringed through unlawful use of data? In the past decade, instances such as the Cambridge Analytica scandal, where over 87 million individuals had data illegally mined on some of the world's largest social media outlets, has showcased to the world the need for greater regulation and security of data¹. Regulators, consumers, and governments woke up to the realization of not only the importance of data but also the need to regulate its use and access. Although prior to the scandal, the world had recognized the need for data security, the nature of the scandal, highlighted the impact of big data mining. As such, there is a pressing need to ensure adequate data protection by holding individuals, corporations, and other various entities accountable for how they access data and what they do with the data. Likewise, scholars have emphasised the threats of inadequate data protection practices to citizens' privacy, fundamental rights as well as the rule of law².

In recent years, there have been several privacy laws and data protection regulations introduced to address data issues. A significant benchmark is the European Union's General Data Protection Regulation (GDPR), which has served as a guide for many other countries' data protection regulations. These regulations and guidelines not only define the roles of parties but also impose obligations for the adequate protection of data.

2. Data Mining and Processing

Why is Data Important?

The questions often asked are, what is Data? and why is it important? In answering these questions, the definition of the word data will serve as a good premise. Data is defined as "a collection of facts (numbers, words, measurements, observations, etc.) that has been translated into a form that computer can process³". As stated earlier, the importance of data to everyday existence cannot be overemphasised. It permeates through almost every facet of human existence and as such has become indispensable. From understanding consumerism metrics, using google maps, social media platforms, etc., the way data is collated and utilised shapes everyday interactions and engagements on a much broader scale than often expected.

The Big Data Effect

The digital era has undoubtedly created an outstanding amount of information with an anticipated increase with the emergence of 5G technology. Big data, defined as "high volume and/ or high variety information assets that demand cost-effective, innovative forms of information processing that enable enhanced insight, decision making and process automation⁴," has proven to be immensely valuable to many individuals, companies, and large organisations. As such, it has become an important tool for understanding a wide range of demographics, customer preferences and behavioural patterns. Many companies have leveraged these insights to improve on existing product lines, obtain relevant statistics and transform or pivot to new business models that serve the needs of people better.

3. Potential risks associated with the "Data Age".

Risk of Fraud

Fraud as defined by the Black's Law Dictionary is "An act of intentional deception or dishonesty perpetrated by one or more individuals, generally for financial gain." This definition has been analysed by Sunder Gee and surmised to bring forth key elements that would constitute fraud:⁵

1. The statement must be false and material.
2. The individual must know that the statement is untrue.
3. The intent to deceive the victim.
4. The victim relied on the statement.
5. The victim is injured financially or otherwise.

Fraud has long existed in Society; one of the earliest recorded fraud was in 300BC when a shipping merchant, Hegestratos, committed fraud on the insurers of a ship containing valuable commodities⁶. The concept of fraud has diversified and taken various forms over the years especially regarding fraud existing because of the internet and the digital age. Therefore, balancing the threat of fraud alongside the positives of ease and convenience has proven to be a difficult task, the main challenge being that it is difficult for a business to operate efficiently if there are too many restrictions or controls to prevent fraud⁷. In ensuring that there is access to data by parties duly intended to gain access, there has been increased use of security apparatus such as passwords, facial recognition, CVV and SMS-based authentications.

To view the full article, please click here.

Footnotes

1. Cecilia Kang and Sheera Frenkel, Facebook says Analytica Harvested Data of Up to 87 million Users (The New York Times, April 4, 2018) (https://www.nytimes.com/2018/04/04/technology/mark-zucker berg-testify-congress.html) accessed June 8, 2021.

2. Hildebrandt, M. and Gutwirth, S. (2008), Profiling the European Citizen. 1st ed. Dordrecht: Springer Science Business Media B.V

3. Importio, what is data, and why is it important? (https://www.import.io/post/what-is-data-and-why-is-it- important/)accessed June 2, 2021.

4. Linly Ku, The impact of Big Data in Business (Plug and Play Tech Centre, November, 2, 2018). (https://www.plugandplaytechcenter.com/resources/impact-big-data-business/) accessed 8 June 2021.

5. Sunder Gee, Fraud and Fraud Detection: A data Analytics Approach at http://library.wbi.ac.id/repository/ 124.pdf

6. Daniel Kornitzer, the evolution of fraud: From 300BC to the digital age at https://technologymagazine.com/digital-transformation/evolution-fraud-300bc-digital-age accessed on June 2, 2021.

7. Sunder Gee, Fraud and Fraud Detection: A data Analytics Approach at http://library.wbi.ac.id/repository/124.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.