Balancing Privacy And Identification: Global Standards And Nigeria’s Social Media Handle Collection Mandate By CBN

Posted on June 27, 2023

BY Dr. NATHANIEL ATANSUYI 


Introduction

The recent mandate by the Central Bank of Nigeria (CBN) requiring financial institutions to collect customers’ social media handles has sparked a debate surrounding the principles of data
protection and privacy.

While the CBN argues that this measure will aid in identification purposes,
concerns have been raised by the National Commissioner for the Nigeria Data Protection Commission, Dr. Vincent Olatunji, regarding the principle of data minimization.

This article aims to explore the global standard for collecting personal information, assess the justification for
financial institutions gathering social media handles, and analyze whether it aligns with the best practices of data protection.

Data Minimization: A Pillar of Privacy Protection
Data minimization, an essential principle of privacy protection, promotes limiting the collection, use, transfer, and retention of personal information to what is reasonably necessary.

It advocates for the reduction of unnecessary data processing, thereby mitigating potential risks associated with data breaches and unauthorized access.

Various global data protection regulations, such as the European Union’s General Data Protection Regulation (GDPR), emphasize the significance of data minimization in safeguarding individuals’ privacy rights.

The Rationale Behind Collecting Social Media Handles

The CBN’s decision to mandate financial institutions to collect customers’ social media handles can be viewed from two perspectives. Proponents argue that gathering social media handles can
enhance customer identification, prevent fraud, and enable enhanced due diligence for antimoney laundering measures.

Social media platforms have become an integral part of individuals’ lives, and the information shared on these platforms can provide supplementary insights into an individual’s background, behavior, and connections.

While Dr. Olatunji raises concerns over the necessity and proportionality of collecting social media handles. He is of the opinion that financial institutions should adhere to the principle of data minimization, collecting only the information required for essential banking transactions.

Excessive collection of personal data, such as social media handles, can lead to potential misuse, unauthorized profiling, and data breaches, infringing on individuals’ right to privacy.

Benchmarking with Global Standards

To evaluate whether the collection of social media handles by financial institutions aligns with the best global standards, it is crucial to examine established privacy regulations and guidelines.

The GDPR, recognized as one of the most comprehensive privacy frameworks, prioritizes data minimization and encourages organizations to collect only the necessary personal information.

The principle of data minimization within the GDPR ensures that data controllers limit the collection of personal data to what is strictly required for specified purposes.

Similarly, privacy frameworks in other jurisdictions, such as the California Consumer Privacy Act (CCPA) in the United States and the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada, emphasize the importance of data minimization.

These regulations require organizations to collect personal data sparingly, focusing on the specific purpose of the collection and ensuring that it is proportionate and necessary.

Evaluating the Nigerian Context

In the Nigerian context, it is essential to strike a balance between customer identification and privacy protection. Financial institutions play a crucial role in ensuring the security and integrity of their customer’s personal information.

While the intent behind collecting social media handles may be well-meaning, it is vital to assess whether alternative means of identification can achieve the same objectives without compromising privacy.

Recommendations for Financial Institutions:

1. Conduct a Privacy Impact Assessment

Financial institutions should perform comprehensive assessments to evaluate the necessity, proportionality, and risks associated with collecting social media handles.

This assessment should also consider alternative identification methods and the potential privacy implications.

2. Implement Data Minimization Strategies

Financial institutions should adopt data minimization practices, adhering to the principles of collecting only the minimum necessary personal information required for legitimate banking transactions.

This approach ensures compliance with global standards and mitigates privacy risks.

3. Obtain Informed Consent

Prior to collecting social media handles or any personal information, financial institutions should obtain explicit and informed consent from their customers.

This consent should be transparent, specific, and revocable, allowing individuals to understand and control the use of their data.

4. Strengthen Data Security Measures

Financial institutions must prioritize robust data security measures to protect the personal information they collect. This includes implementing encryption protocols, regular security audits, and training employees on data protection best practices.

By ensuring data security, financial institutions can build trust with their customers and mitigate the risks associated with unauthorized access or data breaches.

5. Collaborate with Regulatory Authorities

Financial institutions should actively engage with regulatory authorities, such as the Nigeria Data Protection Commission, to align their practices with evolving privacy standards.

Regular communication and collaboration with regulatory bodies can help ensure compliance with privacy regulations and enable the implementation of effective data protection measures.

Conclusion

The collection of personal information, including social media handles, by financial institutions should be evaluated against the principles of data minimization and global privacy standards.

While the CBN’s intention to enhance customer identification is valid, it is crucial to strike a balance between identification needs and privacy protection.

Financial institutions should adopt data minimization practices, obtain informed consent, strengthen data security measures, and collaborate with regulatory authorities to ensure compliance and maintain customer trust.

By adhering to the best global standards, financial institutions can navigate the evolving landscape of data protection while safeguarding individuals’ privacy rights.

 

Dr. Nathaniel Atansuyi, FIIM, MNCS, MCPN (C.itp), Cybersecurity Analyst of Safe Mode Data Technologies [SMDT] Limited, #Cybersecurity #CybersecurityNuggets #Data Governance (Privacy & Protection) #Cloud Computing #Professional Services. Contact: info@smdt.com.ng; nathansuyi@gmail.com.

Categorised as : Banking | Finance, Opinion
No Comments »

Related posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest News

Fearless Energy Drink Powers Africa Knockout 11
The 11th edition of the Africa Knock Out (AKO) martial arts championship delivered an... Continue
Spinall, Neptune, YK Mule To Headline Africa’s Most Sought-After DJ Set: Roadblock Dec. 19
Roadblock, the fastest-rising rave movement in Africa and the defining force of Detty December... Continue
Dangote Cement Tops Nigeria’s Tax Compliance Chart For Second Consecutive Year As FIRS Honors Company Again
For the second year consecutively, leading Africa Cement manufacturer, Dangote Cement Plc has been... Continue
Nigeria’s Music Heavyweights Take Centre Stage As New Report Values Industry at ₦901bn
Nigeria’s biggest music stars are more than just hitmakers; they’re powering a multi-billion-naira industry... Continue
Over 80 Employees Donate Blood In One-Day As Coronation Registrars Partners Lagos State For Successful Blood Drive Initiative
Coronation Registrars Limited, a subsidiary of Coronation Group, in partnership with the Lagos State... Continue
Kidnapped Schoolgirls: President Tinubu Sends VP Shettima To Kebbi, Condoles The Military Over The Death Of Soldiers
President Bola Tinubu has asked Vice President Kashim Shettima to visit Kebbi State on... Continue
Savannah Energy Wins Great Place To Work Award
Savannah Energy PLC, the British independent energy company focused around the delivery of Projects that... Continue
£15,000 Fraud: Man Bags 50-Year Jail Term In Lagos
Justice Ismail Ijelu of the Lagos State High Court sitting in Ikeja, on Tuesday,... Continue
Ebunoluwa Seth, 13, Wins 15th UBA Foundation Essay Competition
History was made in Lagos on Tuesday, as 13-year-old Ebunoluwa Seth Oluwatimilehin of Igando... Continue
President Tinubu To Attend G20 Leaders’ Summit In South Africa & AU-EU Summit In Angola 
President Bola Tinubu will depart Abuja on Wednesday for a two-nation visit to Johannesburg,... Continue

UBA

Access Bank

Twitter

Sponsored