Data privacy has become increasingly important in this era. Usually, individuals (Data Subjects) provide their data to businesses (Data Controllers) to access information; and with the growth of internet use in Africa, a continent of 1 billion people. This ubiquity has been fueled by rapidly expanding mobile broadband networks and ever more affordable phones through which data is increasingly harnessed. More than half of Africa’s 54 countries have no data protection or privacy laws. And, of the 14 countries that do, nine have no regulators to enforce them, the group says.
The major law regulating data privacy in Nigeria is the Nigeria Data Protection Regulation 2019; while in in South Africa; The Protection of Personal Information Act 4 of 2013 (“POPI”) was signed by President Zuma on 19 November 2013. As stated in the preamble, the purpose of POPI was, in line with international standards, to regulate “the processing of personal information by public and private bodies in a manner that gives effect to the right to privacy subject to justifiable limitations that are aimed at protecting other rights and important interests; However, it is important to mention that most Data Controllers are unaware that they are subject to grave liability from failure to adhere to these regulations or by data subjects avoiding its website which could cost it financial loss due to its ability to protect the privacy of data subjects or hedge itself from the breach.
- Nigerian Law Requires It
- in the case of a Data Controller dealing with more than 10,000 Data Subjects, payment of the fine of 2% of Annual Gross Revenue of the preceding year or payment of the sum of 10 million Naira, whichever is greater;
- in the case of a Data Controller dealing with less than 10,000 Data Subjects, payment of the fine of 1% of the Annual Gross Revenue of the preceding year or payment of the sum of 2 million Naira, whichever is greater.
As a Data Subject uses your service or scrolls your website, he or she will want to know:
- why you collect his/her data;
- what kinds of data you collect from him/her;
- whether you will disclose the data to law enforcement agents if there will be a case; and
- how he/she can unsubscribe from your emails.
- It Increases the Prospect of a Business
The content of a Data Collector’s website is sophisticated, and it is one targeted to clients that are usually buoyant, enlightened, and not nationals of Nigeria.
The implication of this is that where you have clients who cannot guarantee that their privacy and details will be protected, they will immediately not browse through your website; and it is certain that they will never sign up for your website. The implication? You lose serious prospects as clients. With the rise in identity theft and corporate data breaches, at a government and corporate level, consumers are extremely interested in protecting their personal information. Savvy customers want to know that you are safeguarding their information and how you will be using it.
Similarly, by staying on the safe side and providing users with what would make them feel secure and protected, you automatically increase your assets. Research has shown that if you are honest and upfront with visitors, many more of them will do what you want them to do
- Build Trust
Being transparent towards your users is possibly the most important moral reason. Providing your clients and customers with a clear picture of why and how you process their personal data makes your clients feel secure.
Last, but not least, those who actually do thoroughly read that key legal document will feel safer, more comfortable, will use your website or mobile app longer and are much likely to refer friends or recommend your product. Therefore, do give your users a peace of mind!
- It is recommended that you avoid copying and pasting privacy policies of other Data Controllers, you may copy blind, it is advisable you give it to someone with qualities in reviewing these policies in line with country specific laws.
The author, Adedoyin Fadare, is a Legal practitioner who specialises in IT, Data privacy and intellectual property Law in Nigeria. He is also the Chief Publisher at The People’s Accolade Law Magazine (www.thepalmagazine.com)