the “what” and “why”
TRANSCRIPT
Folashade Alli & Associates 28th Jan. 2020
THE “WHAT”
AND “WHY”
OF DATA
PROTECTION
We are entering an era where almost every kind of data is being digitized. Companies can simply capture information,
store, copy or transmit it. People are knowingly and unknowingly providing businesses, companies, and organizations
with information about themselves more than ever before. Facebook which helps people connect and share their
lives, is worth a reported $33.7 billion largely because about 400 million people have shared with it the details of their
personal lives. At such a time as this, it is expedient that companies, businesses and organizations (data controllers)
that handle personal data know the potential risks they face. People giving out their personal information (data
subjects) also need to be aware of their right to privacy, to know the purpose for which information is being requested
from them, their right to consent to the processing of their data, as well as to object and restrict the processing of
such data.
What is Data Protection?
Simply put, data protection is safeguarding the privacy of individuals by securing their personal data. Section 37 of
the Constitution of the Federal Republic of Nigeria 1999 (as amended) guarantees the right to privacy as a
fundamental human right. This involves protecting correspondences, telephone conversations, bio data and other
personal information. Data protection seeks to safeguard important information from unauthorized use or loss.
Why Protect Data?
The importance of data protection includes, amongst other things, safeguarding the rights of natural persons to data
privacy, preventing manipulation of personal data and fostering the safe conduct of transactions involving exchange
of personal data. The Nigerian Data Protection Regulations (NDPR) also seeks to enhance the competitiveness of
Nigerian companies in international trade through safeguards that are compliant with global best practices.
DATA PRIVACY
DAY
2020
As an organization or company that handles personal data of people, failing to employ data protection policies may leave such a company or organization hanging by a thread, at risk of falling into a multi-million-dollar lawsuit.
Data privacy in Nigeria: The Nigerian Data Protection Regulations 2019 (NDPR)
On 25 January 2019, the National Information Technology Development Agency (NITDA) issued the NDPR
pursuant to its powers under the NITDA Act. The Regulations introduced a new data protection framework with
novel compliance requirements for organizations that deal with the data of individuals. The NDPR requires Data
Controllers to develop adequate security systems to protect data within their custody. In line with this requirement,
Data Controllers are required to maintain and publish a data protection policy that is in conformity with the NDPR
and continually train and build the capacity of staff members on data protection and privacy procedures.
To Data Controllers:
Any company, business or organization handling personal data of individuals should develop security measures to
protect data; such measures include but are not limited to setting up firewalls to protect systems from hackers, safe
storage of data with limited access to only authorized individuals, developing organizational policies for handling
personal data (and other sensitive or confidential data), protection of emailing systems and continuous capacity
building for staff.
As an organization or company that handles personal data of people, failing to employ data protection policies may
leave such a company or organization hanging by a thread, at risk of falling into a multi-million-dollar lawsuit. For
instance, the French Data Protection Authority reportedly slammed "Google" with a fine of £44million, for allegedly
breaching the General Data Protection Regulation's (GDPR) rules on transparency by failing to give Data Subjects
adequate information on the use of their personal data.
In conclusion, it is expedient for companies, business names and organizations to employ data protection measures
to avoid the risk of litigation that may arise from data insecurity.
CONTACT:
Ololade Ajibose Deborah Tatama
Associate Partner Associate
[email protected] [email protected]
+234 805 6655 719 +234 703 1260 104
Folashade Alli and Associates @FAA_law faa_law_nigeria @folashadealliandassociates
faa-law.com