The Nigeria Data Protection Commission (NDPC) has said the Central Bank of Nigeria (CBN)s directives to commercial banks to collect their customers social media handles is illegal.
The National Commissioner of NDPC, Dr. Vincent Olatunji, who stated this in a statement issued by the Head of Media, Itunu Dosekun, in Abuja yesterday, said it was currently engaging with the CBN on the issue.
Recall that the CBN on June 26, directed banks to obtain the social media handles of customers as part of enhanced Customer Due Diligence (CDD) regulations.
However, Olatunji said that before the establishment of the Nigerian Data Protection Act (NDPA), on June 12, indiscriminate collection of citizens data by Data Controller Organisations was not taken seriously.
He explained that there were prerequisite steps any Data Controller must take prior to the collection of data from data subjects. There are provisions in the law to go against any data controller be it private or government office, NGOs, hotels, because we are pro-citizens.
The whole idea of this law is to protect the rights, the interests of Nigerians who are data subjects.
He also said that any organisation that defaulted was going against the law and causing a data breach, adding that it would attract a fine.
According to him, asking for social media handles is not necessary. He, however, said that if the collection of the social media handles happened under public interest, which could include monitoring some transactions, there should be proper awareness among the customers.
Olatunji added that they would be inquiring why the CDD regulation came up and how best to resolve that in line with global best practices.
