Does Data Protection Really Matter?

Does Data Protection Really Matter?

If you had to choose between joining a queue only once in your life to enable your access to every kind of service you require, and joining a queue every single time you needed a new service, there is little doubt that the first option would be the preferred. In the days of automated processing of personal data, , the first option is not far fetched. Indeed it is one of the propositions being offered by the National Identity Management Commission (NIMC) in Nigeria where people no longer have to provide personal data at every data collection point but using one card, your National insurance, tax, immigration, voter registration, banking solutions can be processed.

The proposition sounds ideal and very efficient. In truth, the NIMC is not the first to embark on a scheme like this. Telecommunication companies, service providers on the Internet continue to use personal data to strategically offer services to their customers whilst increasing their market opportunities. So personal data collection that is strategically used to maximise service satisfaction sounds like a win-win for all. Not until personal data protection comes into play.

In the same way that personal data can be used favourably, so also can personal data be misused and abused. With automation, the scale for potential (mis)use is on an exponentially larger scale. As we enjoy the benefits of mass data collection that alerts us when we log in to our systems from unfamiliar locations and devices, there must also be a call for legislative backing that prescribes and to some extent limits how personal data can be used. For example, nobody wants to be a victim of fraudulent scams or to be victimised as a result of uninhibited access to health care records; but in reality, data collection that is unregulated enables all forms of abuse and it would help to have a legal framework that deters such actions and respects people’s constitutional right to privacy. In your opinion, does personal data protection really matter? Why so?

Post contributed by Seember Nyager

Advertisements

9 thoughts on “Does Data Protection Really Matter?

  1. Talking about the dangers of mass collection of bio-metric data. The current drive by CBN and banks to collect and use bio-metric data for identification of account holders has its merits and perhaps many dangers. The probability of misuse of this data in the absence of relevant data protection laws is not only high, but the risks are even higher that infractions may go largely undetected and unpunished. It appears to me that the CBN had a responsibility to at least issue a detailed guideline on management of such data which will include the manner of access and use by bank staff, and perhaps issues of bank responsibility for misuse. Speaking to different banks staff including those customer care personnel collecting the data. They are not aware that CBN has issued any such guidelines. The number of reported fraud in our banking sector,and the level of insider involvement in these activities leads one to believe that insider abuse of this data could ordinarily be rampant. In the absence of relevant laws and a guideline establishing a protocol for collection and use by banks, the CBN may have put all of us at greater risk than they appear to be admitting. Seember is this issue really as alarming as it appears?

    Like

    1. Thanks for your comment. The issue is extremely alarming and the fact that we don’t realise it makes it even more so. The Bank verification number (BVN) scheme currently being undertaken has great advantages but it would be unwise to wish away the threats and risks that mass data collection such as this could spring up. And as we move on with automation, there is also the increasing risk of identity theft and manipulation of systems. A way to deter this and minimise the risks involved would be to have a data protection legislation that deters abuse of personal data that has been collected and also provides remedies and punitive measures where such data protection has been breached. In other countries, they continue to expand their privacy laws to respond to some of the threats that arise from mass data collection. In addition, the issue of data protection is kept on the front burner because there is the realization and understanding that since data is the major output of computerized systems, we would only be getting more of it. And so the reasonable thing to do is to ensure that data protection is given adequate legal backing.

      Like

  2. Yes it is it as alarming as it seems given the potential for abuse. A scary scenario for me is government’s access to the information collected. Given the clime we live in in Nigeria, it is of utmost importance that more should be done in protecting private data collected by both public and private institutions. How much access are we giving the government into our private lives? To what extent can the information given be used to persecute or spy on a citizen. It goes beyond fraudulent activities into outright infringement of fundamental rights. So at any point in time the government has access to every information that I have put out or have access to using the NIMC card, even my medical records. It also means my private information could be sold to the highest bidder for whatever purpose.
    I think all efforts should be geared towards ensuring that laws are passed to stipulate what constitutes data infringement and lays down procedures for remedies.

    Like

  3. In theory, I am of the opinion that Data Protection really matters; as it would aim at providing a balance between an individual’s right to privacy and the rights of access to his personal data. In essence, data protection would ensure that the personal data of an individual is not processed without their Knowledge, and that if such rights are violated, there are sanctions readily available to be placed on defaulters.
    However, in reality, all that comes to mind is a few boggling questions; Even if a legislation on data protection is passed into Law, how effective would its application be? What extent would an individual whose rights have been infringed have to go to attain justice? Also, what support would actually be given to an individual whose rights have been stolen from them under the guise of keeping up with the times and trends of the ever evolving ‘global’ society.
    Simply put; would data protection only really matter in theory or in reality?

    Like

  4. Thanks Keturah, your concerns are legitimate and in addition to a Data Protection legislation, I think we also require mechanisms to make sure that data protection works in reality

    Like

  5. The people have to be educated about the importance of personal data and it’s protection. Our lawmakers too seem not to be aware so there is at the moment a lack of political will to make laws guiding and regulating the use and processing of personal data. For the dangers of misuse/abuse of personal data I urge you all to watch the movies: Identity Theft and Disconnect.

    According to Omer Tene & Jules Polonetsky:
    “We live in an age of “big data.” Data has become the raw material of production, a new source of immense economic and social value. Advances in data mining  and  analytics  and  the  massive  increase  in  computing  power  and  data storage capacity have expanded, by orders of magnitude, the scope of information available to businesses, government, and individuals. In addition, the increasing  number  of  people,  devices,  and  sensors  that  are  now  connected  by digital networks has revolutionized the ability to generate, communicate, share, and access data. Data create enormous value for the global economy, driving innovation, productivity, efficiency, and growth.  At the same time, the “data deluge” presents privacy concerns that could stir a regulatory backlash, dampening the data economy and stifling innovation.”

    It is therefore clear from the above that data, especially personal data(any data or information in connection with a specific individual, which can be used, separately or in combination with other data, to identify an individual) has acquired an immense value in the age we are living(the digital age) and serious steps ought to be taken to protect the personal data of citizens but Nigeria seems to be lagging behind as the best we have at the moment is the guidelines on personal data issued by National Information Technology Development Agency(NITDA) which is good gut not enough(what we need is a law) and there is also a draft bill on Personal Information and Data Protection which is pending before the federal lawmakers. See more here- Nigeria and Data Protection:

    http://cyberlawmusings.blogspot.co.uk/2014/01/nigeria-and-data-protection.html?m=1

    You’ll Shudder When You See What Google Knows About Your Web Searches | The Mac Security Blog

    http://www.intego.com/mac-security-blog/google-search-archive/

    Like

  6. Hello Timothy,

    I agree that we are certainly lagging behind and the NITDA guidelines would not suffice because we need more than just “Draft guidelines” to address the issues around Data protection. I also agree that we all need to step up awareness around data protection and make it an issue of National interest and priority.

    Like

  7. Personal data protection is very important especially in a country like Nigeria with all the corruption, yahoo yahoo boys, internet fraud and scams. You cannot leave yourself open to abuse. This is my concern when the government insists on data collection through the National ID Scheme, bank verification and all the other forms. It is important to find out how the government intends to protect our privacy, after all you are the one giving out your information albeit in accordance with a government directive. Accordingly, a fundamental question to be asked is whether the law makers themselves understand the need for data protection and are they willing to push the regulatory framework for data protection? Most importantly how effective will this be or will it be business as usual, mediocrity and ineffectiveness?

    Like

  8. Data protection law has become an undebatable neccessity in a country like ours.
    Rigths to private data be owned mostly by individuals and partly by government. Necessary checks be put in place to avoid abuse by both

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s