Will EU GDPR Rules on Data Privacy Affect Nigerian Businesses, Remittances? - Sundiata Tech


Home Top Ad

Post Top Ad

Wednesday, May 9, 2018

Will EU GDPR Rules on Data Privacy Affect Nigerian Businesses, Remittances?

From May 25, Nigerian companies whose operations are exposed to data from anywhere within the European Union will need to comply with the landmark EU General Data Protection Regulation (GDPR).

Last week, LegitNG, an online legal content and referral service provider released a ‘Quick Guide to the GDPR for Nigerian Companies’ which it says provides clarity and guide to beginning the journey towards compliance.

There are a number of Nigerian companies whose services are accessible online by anyone in any part of the world, including the EU. Nigeria also receives significant Diaspora remittances from citizens within the EU region. Companies in that category therefore that choose not to comply could be subject to fines of up to €20 million and blacklisting for business within Europe.

LegitNG explains that Nigerian companies that use techniques such as web analytics, tracking, cookie identifiers, radio frequency identification tags, and geo-location tracking to collect personal data of EU data subjects will likely be subject to the GDPR.

“GDPR awareness in Europe has reached a frenzied pitch and companies will be looking to not only protect data within their control but ensure that they do not share important data with partners who have no structure for data protection. The fact that Nigeria still has no enforceable data protection law till date places Nigerian companies as risky partners for the purpose of data sharing with EU entities,” LegitNG noted.

The GDPR which replaces the EU Data Protection Directive (Directive 95/46/EC) was approved by the EU Parliament on 14 April, 2016, was designed to harmonise data privacy laws across Europe, to protect and empower EU citizens’ data privacy and to reshape the way organisations across the region approach data privacy.

The GDPR defines personal data as any information that alone or in combination with other information has or is likely to identify a living person, or data subject, including an individual’s phone number; home and email address; job title; online identifier; employment history; education and training; and financial and payment details.

The provisions are consistent across all 28 EU member states, which mean that companies have just one standard to meet within the EU.

According to an analyst on Quartz Africa, the question to strengthen online privacy rights comes at a time when African governments and activists are battling over issues ranging from information censorship, surveillance, data retention, interception, and internet shutdowns. The current uproar over digital privacy has also been amplified following recent revelations that data mining company Cambridge Analytica harvested millions of Facebook profiles and worked to fix elections in Kenya and Nigeria.

Nigerian businesses covered by the GDPR are required to designate, in writing, a representative in one of the EU member states.

“We believe that one of the most immediate risks for Nigerian companies, especially business-to-business companies, providing services to EU data subjects is that from May 25, 2018, part of the requirements for entering contracts is the requirement to be GDPR compliant,” the LegitNG Guide noted. BD.

No comments:

Post a Comment

Post Bottom Ad