Data Protection Law is a response to an ongoing trend in the innovation ecosystem globally. It will be right to differentiate their privacy from their Protection.

Privacy

Privacy is you preventing and controlling access to your personal information. In some case, you have a diagnosis of medical condition you share with friends and family, but you choose who you give it to.

Protection

You determine who you hand your personal information to, because in such case you want to exchange value for services. You want to exchange value on a platform. This Protection Law that we have improves the intrinsic and economic value of data in Nigeria. We never used to place much emphasis on the consequences of misappropriation , mismanagement of data. Now this Law apart from increasing the value intrinsically of data in the Nigeria, has now empowered us to make demands as to how our data is processed, stored and determine when you need the processor to stop.

In the context of Data Protection Law, data could be defined as a purpose driven asset whose intrinsic value could add value, convey fact, and be exploited.

The explotative nature of data is what can be narrowed down to personal information. According to a privacy survey by CISCO, 46% cannot guarantee the protection of their data because they cannot explain how their data is being used by companies. According to anstudy by the University of Maryland, a computer connected to the Internet is attacked generally every 39 seconds. Personal data hence is the most vulnerable point of exploitation. The law is not particularly concerned about operational or transcational data but very concerned about personal information like name, email, and phone number. These are the points of exploitation which has been raising concern and that’s what is being protected.

Is the data Protection Law in tune with the current reality of AI

Data is an evolving asset which started from data recognition at the advebt of computing, then moved to data innovation, when we started building platforms like Yahoo!, and from there we went to the big data era where these platforms have generated huge volume of data thereby making Protection become a concern.

The future cannot be expected to be defined with this law, but it will evolve. This informs the leverage given to the commission to evolve based on reality.

As an advocate of AI, the explanability of the system makes it benign but the main concern is its potential to evolve to the AGI- Artificial General Intelligence where it begins to do things it was not initially designed to do. However, when that comes the law, regulations and framweok will evolve expectedly alongside the data engineering process.

On Banks getting social media handles as part of KYC

Facebook issue about data protection have led to a settlement of $780 million in 2023 for persons in the U.S.. Such is the value placed on personal data. There was a research conducted by IBM in the Pornomount Institute putting the cost of data breech to $4.35 million. The strategic thing to do by players would be to drive more value and to prevent exploitation. Eventhough the news about CBN wanting banks to include social media handles as KYC has not been verified, if they decide, the question would be, for what purpose? If CBN can clearly itemise this purpose of this data collection we ask, does it add value because access to it is already relatively easy. What are the peculiarities of threat to financial integrity in Nigeria. The possibility of this kind of collection logically should be approached without sentiments. An evaluation of the risk versus the reward, threats versus the opportunities will help in the decision making.

Contributor:

Stephen Oniya
Profession: Entrepreneurs- CEO