The Central Bank of Nigeria’s new instruction to banks to gather the social media handles of their clients as part of expanded Customer Due Diligence standards is illegal, according to the Nigerian Data Protection Commission.
According to Nairametrics, the commission claimed that it has begun discussions with the apex bank on the matter because there are fundamental requirements that must be fulfilled in order to gather people’s data.
This was disclosed by the National Commissioner of NDPC, Dr. Vincent Olatunji, according to a statement released by the commission’s Head of Media, Mr. Itunu Dosekun, on Thursday in Abuja.
Olatunji emphasized that the indiscriminate collection of people’s data by Data Controller Organisations was not taken seriously prior to the introduction of the Nigerian Data Protection Act on June 12.
He clarified the required actions that every Data Controller must take before collecting data from data subjects and added that any organization that didn’t follow them was breaking the law, resulting in a data breach and a fine.
“There are provisions in the law to go against any data controller, be it private or governmental office, NGOs, or hotels, because we are pro-citizens,” the head of NDPC said.
“We have already communicated with the CBN to inform them that their actions were unlawful since they violated several fundamental standards for the collection of people’s data.”
He did, however, point out that customers should be properly informed if the collecting of social media handles occurred in the public interest, which may involve monitoring some transactions.
Remember how the CBN on June 25, 2023, instructed deposit money banks to gather and validate social media handles as part of their know-your-customer procedures?
The CBN stated that financial institutions must identify all of their clients, whether they are regular customers or just drop-ins.
The goal of this requirement, which is to improve the precision and depth of customer identification, is to apply to both individuals and legal entities.
The Nigeria Data Protection Bill, 2023 was passed into law with the approval of President Bola Tinubu earlier.
A few months ago, former President Muhammadu Buhari introduced the Nigeria Data Protection Bill, which aims to provide a legal framework for the protection of personal data and the practice of data protection in Nigeria.
