Editor's Pick
Home Our latest stories Editors Pick “Urgent data protection for Nigerians”

“Urgent data protection for Nigerians”

August 19th, 2016

Timi OlajunguA proposal to gather biometric data from vehicle owners raises urgent questions about national responsibility for security of private information, writes Timi Olagunju, 30, a Commonwealth Correspondent from Lagos in Nigeria.

The other evening, sitting cross-legged in my office and relaxing after finishing a client’s job, I stumbled on a brilliant article by Victor Ewealor on Techpoint titled “The Nigerian Government is building a database of vehicle owners; it is not looking promising”and I found myself asking a few question which I would share with you.

Firstly, why would the Nigerian Government consider it an urgent need for the Nigerian police to have the “biometric” data of vehicle owners? The same Nigerian police whose problems include bribery and corruption?

Well, maybe this is a means to increase government revenue through tracking down vehicle owners, I thought. But how does this meet the local security need based on facts and figures peculiar to Nigeria? Why contract this task of getting the ‘biometric’ data of vehicle owners in Nigeria to a foreign company, leaving out indigenous companies with the same capacities and a deeper understanding of the local context of use – where is the lip service towards local content development?

In an age that has seen intense data surveillance by the USA’s National Security Agency, could unregulated outsourcing of biometric data collection to a US company spell doom for Nigeria’s territorial integrity, or compromise our security as a people? Could this increase the competitiveness of US car manufacturers, including US car parts manufacturers, compared to Nigerian local manufacturers? And most importantly, why allow the biometric data of Nigerians be collected by a foreign private firm, with no specific and comprehensive data privacy laws to protect Nigerians?

The term ‘biometrics‘ refers to an individual’s fingerprints, facial structure, the iris or a person’s voice. Biometric data is not like any kind of data – it is one of the most important, because it captures everything biological by which a person can be uniquely identified anywhere in the world.

Proponents of the Nigerian vehicle owners’ biometric data collection argue that this will help the Nigerian Police Force and reduce vehicle theft and general insecurity in Nigeria. It is usually difficult to explain how it will reduce insecurity, and most importantly, why it must be done by a foreign private firm. On this, rather than comment my reserve’, I would reserve my comments, because my question to the Nigerian government would be based largely on legal and legislative considerations.

The contract agreement with ‘HID Global’, a US company, will compute Nigeria’s entire vehicle ownership system into a smart phone-accessible database for the Nigerian police. Why would the Nigerian Government authorise the handover of biometric data of millions of citizens to a “foreign private firm”, without first engineering a very detailed and structured legal framework of rules, policies, and importantly laws, that address issues of data protection and privacy?

Remember how oil rights were given to Shell in the early 1900s at the expense of Nigeria’s interest? The same problem of poor regulatory framework haunted the power sector, until the Electricity Power Sector Reform Act 2005 and the Nigerian Electricity Regulatory Commission (NERC) surfaced. In the words of the immediate past NERC Chairman, Dr. Sam Amadi ‘… failure in the electricity industry in Nigeria is, at heart, a failure of law. Law is the principal instrument of social development”.

The same applies to the information technology space.

An urgent question for the National Assembly is: how would a country like Nigeria not have data protection and privacy laws, in an age where information and communication technology and human rights are quick to clash?

In brokering the deal with HID Global, was there thorough data and privacy due diligence? Did those involved get technical expertise to review the privacy policy of HID and its host country, and see where it conflicts with Nigeria’s interest?

Data and privacy protection laws exist to strike a balance between the rights of individuals to privacy and the ability of organisations to use data for the purposes of their business or national interest. Many countries have taken proactive measures to protect the fundamental human rights of their citizens. Zimbabwe has a comprehensive Access to Information and Protection of Privacy Act, Singapore has a Personal Data Protection Act, UK has a Data Protection Act 1998 coupled with other laws within the UK and the European Union protecting data and privacy, and Ireland has its Data Protection (Amendment) Act 2003.

With no explicit and elaborate Nigerian data and privacy laws, the implication is that Nigeria is left to the mercy of the available data and privacy laws in the United States; the headquarter of HID Global, with legislation which could be changed when certain sectors and circumstances require to favour US interest.

It is trite knowledge that the 1999 Constitution of Nigeria guarantees the right to privacy of Nigerian citizens. Therefore, I strongly advocate that this fundamental human right be given a more explicit and elaborate expression and zeal of implementation by the National Assembly and the office of the President. There should be independent and co-existing legislation, with great consideration for the provisions of The Freedom of Information Act, on data and privacy issues; which should include: Data Protection Legislation; Computer Misuse Legislation; Information Security Legislation; and Lawful Interception Legislation.

Reach me on Twitter @timithelaw

Photo by NEC Corporation of America with Creative Commons license.

Photo credit: Solutions for Society Biometrics – Creative Commons via photopin (license)
…………………………………………………………………………………………………………………

About me: I am a Development Practitioner and a Cyberspace Lawyer. I run SME GrowthHub, providing legal and business support to Individuals, Startups, and Innovators in Nigeria, Ghana, Kenya, and South Africa. I am co-Founder of Nigerian Youths in Motion (NYM) and Groundswell (www.groundswell-edtech.com), the first financial educational technology company in the West, East, and North African Sub-region. I am a recipient of the President Obama Award for young African leaders.

…………………………………………………………………………………………………………………

Opinions expressed in this article are those of the author and do not necessarily represent the views of the Commonwealth Youth Programme. Articles are published in a spirit of dialogue, respect and understanding. If you disagree, why not submit a response?
To learn more about becoming a Commonwealth Correspondent please visit: http://www.yourcommonwealth.org/submit-articles/

…………………………………………………………………………………………………………………

 

Share

About the author

Related articles

Editor's PickEntrepreneurship & EmploymentHealth, Safety & WellbeingPoverty and Food Security
Democracy & ParticipationEditor's PickGender Equality & LGBTIHistoryPeace and Justice
View all

Submit your content

Submit a video
Submit an article

Timi OlajunguA proposal to gather biometric data from vehicle owners raises urgent questions about national responsibility for security of private information, writes Timi Olagunju, 30, a Commonwealth Correspondent from Lagos in Nigeria.

The other evening, sitting cross-legged in my office and relaxing after finishing a client’s job, I stumbled on a brilliant article by Victor Ewealor on Techpoint titled “The Nigerian Government is building a database of vehicle owners; it is not looking promising”and I found myself asking a few question which I would share with you.

Firstly, why would the Nigerian Government consider it an urgent need for the Nigerian police to have the “biometric” data of vehicle owners? The same Nigerian police whose problems include bribery and corruption?

Well, maybe this is a means to increase government revenue through tracking down vehicle owners, I thought. But how does this meet the local security need based on facts and figures peculiar to Nigeria? Why contract this task of getting the ‘biometric’ data of vehicle owners in Nigeria to a foreign company, leaving out indigenous companies with the same capacities and a deeper understanding of the local context of use – where is the lip service towards local content development?

In an age that has seen intense data surveillance by the USA’s National Security Agency, could unregulated outsourcing of biometric data collection to a US company spell doom for Nigeria’s territorial integrity, or compromise our security as a people? Could this increase the competitiveness of US car manufacturers, including US car parts manufacturers, compared to Nigerian local manufacturers? And most importantly, why allow the biometric data of Nigerians be collected by a foreign private firm, with no specific and comprehensive data privacy laws to protect Nigerians?

The term ‘biometrics‘ refers to an individual’s fingerprints, facial structure, the iris or a person’s voice. Biometric data is not like any kind of data – it is one of the most important, because it captures everything biological by which a person can be uniquely identified anywhere in the world.

Proponents of the Nigerian vehicle owners’ biometric data collection argue that this will help the Nigerian Police Force and reduce vehicle theft and general insecurity in Nigeria. It is usually difficult to explain how it will reduce insecurity, and most importantly, why it must be done by a foreign private firm. On this, rather than comment my reserve’, I would reserve my comments, because my question to the Nigerian government would be based largely on legal and legislative considerations.

The contract agreement with ‘HID Global’, a US company, will compute Nigeria’s entire vehicle ownership system into a smart phone-accessible database for the Nigerian police. Why would the Nigerian Government authorise the handover of biometric data of millions of citizens to a “foreign private firm”, without first engineering a very detailed and structured legal framework of rules, policies, and importantly laws, that address issues of data protection and privacy?

Remember how oil rights were given to Shell in the early 1900s at the expense of Nigeria’s interest? The same problem of poor regulatory framework haunted the power sector, until the Electricity Power Sector Reform Act 2005 and the Nigerian Electricity Regulatory Commission (NERC) surfaced. In the words of the immediate past NERC Chairman, Dr. Sam Amadi ‘… failure in the electricity industry in Nigeria is, at heart, a failure of law. Law is the principal instrument of social development”.

The same applies to the information technology space.

An urgent question for the National Assembly is: how would a country like Nigeria not have data protection and privacy laws, in an age where information and communication technology and human rights are quick to clash?

In brokering the deal with HID Global, was there thorough data and privacy due diligence? Did those involved get technical expertise to review the privacy policy of HID and its host country, and see where it conflicts with Nigeria’s interest?

Data and privacy protection laws exist to strike a balance between the rights of individuals to privacy and the ability of organisations to use data for the purposes of their business or national interest. Many countries have taken proactive measures to protect the fundamental human rights of their citizens. Zimbabwe has a comprehensive Access to Information and Protection of Privacy Act, Singapore has a Personal Data Protection Act, UK has a Data Protection Act 1998 coupled with other laws within the UK and the European Union protecting data and privacy, and Ireland has its Data Protection (Amendment) Act 2003.

With no explicit and elaborate Nigerian data and privacy laws, the implication is that Nigeria is left to the mercy of the available data and privacy laws in the United States; the headquarter of HID Global, with legislation which could be changed when certain sectors and circumstances require to favour US interest.

It is trite knowledge that the 1999 Constitution of Nigeria guarantees the right to privacy of Nigerian citizens. Therefore, I strongly advocate that this fundamental human right be given a more explicit and elaborate expression and zeal of implementation by the National Assembly and the office of the President. There should be independent and co-existing legislation, with great consideration for the provisions of The Freedom of Information Act, on data and privacy issues; which should include: Data Protection Legislation; Computer Misuse Legislation; Information Security Legislation; and Lawful Interception Legislation.

Reach me on Twitter @timithelaw

Photo by NEC Corporation of America with Creative Commons license.

Photo credit: Solutions for Society Biometrics – Creative Commons via photopin (license)
…………………………………………………………………………………………………………………

About me: I am a Development Practitioner and a Cyberspace Lawyer. I run SME GrowthHub, providing legal and business support to Individuals, Startups, and Innovators in Nigeria, Ghana, Kenya, and South Africa. I am co-Founder of Nigerian Youths in Motion (NYM) and Groundswell (www.groundswell-edtech.com), the first financial educational technology company in the West, East, and North African Sub-region. I am a recipient of the President Obama Award for young African leaders.

…………………………………………………………………………………………………………………

Opinions expressed in this article are those of the author and do not necessarily represent the views of the Commonwealth Youth Programme. Articles are published in a spirit of dialogue, respect and understanding. If you disagree, why not submit a response?
To learn more about becoming a Commonwealth Correspondent please visit: http://www.yourcommonwealth.org/submit-articles/

…………………………………………………………………………………………………………………