This is coming as Nigeria prepares to join the world in marking 2017 data privacy day on January 28.
National President of CSEAN, Mr. Remi Afon, told ITRealms that CSEAN is using the occasion of commemorating world data privacy day to remind law makers in the country to as matter of urgency enact a data protection law that will control how personal information is being used by government, organisations and businesses in order to guide against misuse of data and ensure adequate security is in place to protect personal data.
“The law if implemented will among other things guarantees that personal information are not kept longer than necessary and not transferred outside Nigeria without adequate protection,” he said.
Afon noted that every January 28, has been designated as Data Protection Day globally, stressing that it is a day set aside to raise awareness and promote privacy and data protection best practices.
According to him, CSEAN will be observing the day by highlighting some of the data protection issues commonly faced as a nation and how individuals could protect their personal data through social media, symposium and press releases.
Nigeria, he said, boasts of a population of over 180 million people, pointing out that the value of this figure in economic terms is huge, hence the government through its agencies as well as different organisations collect, process and store the personal data of citizens on regular basis.
“This is not unusual as many governments all over the world do the same for many reasons such as administration, surveillance and public policy. However without a secure central database where such information is stored combined with a strong legal framework that ensures that such data is protected, there is potential for abuse,” he said.
CSEAN lamented that Nigeria neither have a central database nor data protection framework in place which has resulted in different government agencies and private organisations such as Independent National Electoral Commission (INEC), National Identity Management Commission (NIMC), Commercial Banks, and Telecommunications Industries collecting massive personal data.
“These personal data include biometric data, financial information and Personally Identifiable Information (PII). Medical records are also being processed on a daily basis by hospitals and private clinics with mere reliance on professional code of ethics,” he decried.
Afon further said that nowadays where governments and organizations face a heightened threat landscape with data breaches constantly on the rise and cyber criminals on the loose, nothing less than an up to date, single and comprehensive enactment of data protection law could adequately match this threat.
Such laws, he said, have been enacted in other parts of the world, for example South Africa recently enacted the Protection of personal Information Act 2013 after the mould of the Data Protection Act 1998 of the United Kingdom.
“A common feature of such laws are provisions which ensure that an individual’s personal data is not only collected lawfully but also used lawfully, kept securely and not circulated without due process and consent of the individual,” he said.
Lack of a similar enactment in Nigeria, CSEAN President lamented, gives a room for abuse, insisting that there is urgent need for a data protection law in Nigeria to strike a balance between the rights of individuals to privacy and the ability of organisations to use data for the purposes of which they were collected and nothing more.
“This will set basic rules of registration for users of data and rights of access to that data for the individuals to which it is related,” he said.