The Nigeria Data Protection Commission (NDPC) and the Socio-Economic Rights and Accountability Project (SERAP) have criticised the Central Bank of Nigeria (CBN)’s directive to banks to scrutinise their customers’ social media presence.
The national commissioner of NDPC, Vincent Olatunji, branded the directive as illegal, adding that it violated the recently enacted Nigerian Data Protection Act (NDPA) signed by President Bola Tinubu.
Mr Olatunji, in a statement by NDPC’s spokesperson, Itunu Dosekun, expressed the commission’s disagreement with the CBN’s decision and confirmed that the commission was already engaging the apex bank on the issue.
“The whole idea of this law is to protect the rights, the interests of Nigerians who are data subjects,” stated Mr Olatunji.
“There is data minimisation, meaning you do not collect data beyond the purpose for which it was intended,” he said.
Similarly, SERAP described the directive as unlawful and a violation of Nigerians’ privacy rights.
In a statement released by its deputy director, Kolawole Oluwadare, SERAP called on the CBN’s acting governor, Folashodun Shonubi, to remove the social media directive from the regulations.
Mr Oluwadare stated that the mandatory requirement of social media handles or addresses of customers served no legitimate purpose and had the potential used to unjustifiably or arbitrarily curtail customers’ rights to freedom of expression and privacy.
The directive mandates banks to obtain comprehensive information about customers, including their social media handles, as part of their Know Your Customer (KYC) process.
The apex bank stated that the directive would enhance the fight against financial crimes, as contained in its Customer Due Diligence Regulations report 2023.
The directive was outlined in the Customer Due Diligence Regulations of 2023 and signed by Chibuzo Efobi, the Director of the Financial Policy and Regulations Department of the CBN.
(NAN)
