Business Regulations, Law & Practice | |
Business Regulations, Law & Practice | |
4227 VIEWS | |
![]() |
Tuesday, 26 February
2019 01:19PM / By Oserogho & Associates
Introduction
Reliance on internet electronic communication continues to increase.
With its numerous benefits also come risks that legislation needs to address,
and stay ahead of wherever possible. This is particularly as Data Harvesting
and Processing, especially Big Data in the social media sphere, are now very
lucrative legitimate and illegitimate businesses.
The European Union (“EU”) General Data Protection Regulations (“GDPR”)
is arguably now the world’s most up-to-date legislation on Data
Confidentiality, Privacy and Protection for EU Resident Data Users or Subjects.
A good example of the far reaching effect of the GDPR are the data breaches
fines imposed on Google by France; and the on-going data breaches
investigations by the EU on Facebook and some android companies.
Organisations who have access to, and or process EU Residents (and
non-EU residents) electronic data must therefore pay more attention to the new,
salient and special provisions of the GDPR, some of which provisions are
highlighted in this newsletter; most of which material are sourced from the
400+ pages ….
Key
EU Data Protection Provisions
A key, fundamental objective of the EU GDPR is not only the protection
and safeguard of EU Resident Data Users rights to privacy but also their rights
to the confidentiality of their personal data. Both of these rights are now
fundamental human rights under EU Law.
Automated and non-automated processed electronic data are also now
protected under the GDPR. With only statutory exceptions allowed, underlining
the GDPR is the unequivocal consent of the Data User or Data Subject on how his
or her personal data is collected, processed, protected and disseminated.
The Data User is also granted the unfettered right to freely withdraw
his or her consent as to the use of his or her personal data provided the GDPR
principles on the lawfulness, fairness and transparency of how the data is
managed are adhered to.
Personal Data Breaches, whether accidental or otherwise, must be
addressed by the Controllers, Processors and Data Protection Officers in a
timely and appropriate manner by the latter parties notifying the completely
Independent Statutory Data Supervisory Authority of any material Data Breach
within Seventy-Two (72) hours of such a data breach.
The Data User is also required to be immediately notified if the data
breach is likely to cause high privacy and confidentiality risks to such a Data
User or Users. In more severe cases, a public communication of the data breach
and the measures to ratify such breach is/are required.
Remedies,
Reliefs, Compensation and Fines
Some of the initial remedies that Data Subjects or Users have when their
Data Rights are infringed include lodging with the Data Controllers and
Processors a Complaint, seeking either or all of the following reliefs:- Data
Rectification, Data Erasure, Portability of the User’s Data, etc. These
remedial assistances are to be provided without any charge, costs or fee to the
Data Subject or User.
Where resort to the Data Controller or Processor does not ratify the
data breach, the Data Subject has the further right to resort to the
Supervisory Independent Data Regulatory Authority in his or her EU country
before a further resort to judicial remedies for material and non-material
damages are explored. From the Supervisory Data Regulatory Authority are additional
remedies of full and effective compensation for the data breach or breaches.
The Supervisory Data Regulatory Authority has, in addition to the
corrective powers enumerated above, the additional power to impose
administrative fines for any GDPR infringement up to €20,000,000 (Twenty
Million Euros). Where the infringement is by an undertaking venture, the higher
of the latter sum of 4% of the undertaking venture’s total worldwide annual
turnover will be imposed for the data infringement.
Data Protection and National Security
To balance individual data rights with national security and public
safety, i.e. Police and Criminal Justice administration as examples, the
processing of generic and other criminal administration data by public justice
authorities is permitted subject to the data protection regulations in the GDPR
and the Budapest Convention on Cybercrimes. Underlining this exception is the
principle that there must be substantial public interest to be protected, which
interest is provided for by Law.
Among other countries, Bi-lateral Personal Data Protection Agreements
also exist between the EU and the United States law enforcement agencies.
Conclusion
Consequences of Data
Breaches, especially to individuals, could be severe; from Identity Theft to
Fraud and other Financial Losses; infringement of an individual’s rights to
privacy and confidentiality which could lead to Defamation; Copyright
Infringement; Child Pornography; unlawful hacking and surveillance; etc.
Enhancing Rudimentary Public Enlightenment on the importance of Data Protection is therefore an essential modern day requirement when using the internet.
Tech
Regulation Updates
1.
EU and Global Securities Regulators Welcome Agreement on Data
... – Feb 15, 2019
2.
How The General Data Protection Regulation Will Affect Your
Business... – Mar 22, 2018
3.
How SMEs can prepare for the General Data Protection Regulation
4. FSA:
Japan And France Sign Cooperation Frameworks Regarding Innovation In The
Financial Sector
5.
Britain
To Initiate ‘Digital Services Tax’ On Tech Giants From April 2020; Expects
$512m Yearly
6.
SEC
Sets Up Special Committee On Fintech For Capital Markets
7.
FintechNGR
Kicks-off Fintech Knowledge Series For Regulators
8. DFSA
Joins Peers In Discussion On A Global Financial Innovation Network
9.
New
Regulation Has Significantly Changed E-money Landscape In Indonesia
10. New
Rules For Credit Fintech Companies In Brazil
11. CBN
Issues Circular on Compliance with Cybercrime Act 2015
12. CBN
Issues Exposure Draft of the Risk-Based Cyber-Security for DMBs and PSPs
13. EBA
Publishes Opinion On Implementation Of The RTS On Customer Authentication And
CSC
14. Fintech
Association Partners SEC On RoadMap For The Nigerian Capital Market
15. The Nigerian Trading Online Report 2018 To Include Section on Regulatory Technology
Disclaimer:
This is a free educational material. It does not serve as a
source of solicitation, advertisement or the offering of legal services or
advice of any kind. No Client/Attorney relationship is therefore
created. Readers are strongly advised to always seek from qualified Legal
Practitioners, competent legal counseling to their specific factual situation.
Intellectual Property Protected!
This material is protected by International Intellectual Property Laws
and Regulations. This material can therefore only be reproduced or
re-distributed for non-profit educational purposes under the strict condition
that our Authorship of this material is explicitly acknowledged, and our above
Disclaimer Notice is prominently displayed. [ contactus@oseroghoassociates.com
]
Previous Post - Developments in the
Market
1.
The
FRCN Nigerian Code of Corporate Governance 2018
2.
Reps
Pass Companies and Allied Matters Act Re-enactment Bill
3.
New
Transfer Pricing Regulations, Guidelines and Circular - Legal Alert
4.
Copyright
Collective Societies'' Regulations Revisited - Legal Alert
6.
Sales
Tax versus VAT: Supremacy - Case Law Review
7.
Fire
Safety Compliances and Regulations
8. Admissibility
Of Evidence As It Relates To Electronic Devises, Social Media And Forensic
Science
9.
New
Requirements For Registration Of Charges (Form CAC8) Takes Effect April 3, 2018
10. FIRS
issues Public notice on Implementation of the Revised 2018 Transfer Pricing
Regulations Oct 22, 2018
11. Senate
Passes Resolution Mandating CBN To Suspend Bank ATM Charges
12. NASSBER
Bills – A Status Update On Market Related Legislation
13. Stakeholders
explore the Role of IST in Nigerian Capital Market Dispute Resolution
14. Regulatory
Conversations – A Public-Private Dialogue Holds On Sept 18, 2018
15. Buhari
Signs Law Separating NFIU from EFCC
16. Unconstitutional,
Null And Void - Legal Opinion On Preservation Of Suspicious Assets Order
17. The
Draft Nigerian Code of Corporate Governance 2018 For Your Input
18. 2018
Nigerian Code of Corporate Governance: Sectorial Codes to Serve as Guidelines -
FRC
19. Landmark
FHC Judgment On The Information Rights of Investors In The Nigerian Capital
Market
20. Executive
Summary of Changes to CAMA
21. Senate
Passes New CAMA Bill into Law; Lists Seven Benefits
22. Finance
and Accounting Outsourcing
23. Judgment
Delivered Against Plaintiff In First Nigerian Case on ATM Dispense Error
24. Communique
of the 58th Annual General Conference of the NBA
25. IFRS
Reporting – Matters Arising On Derivatives
26. Corporate
Governance As A Strategy For Investment Drive – August 2018
27. Nigerian
Patient’s Bill of Rights: 5 Things to Note
28. IFRS 15 Implementation Efforts of 2018 Interim Reporters in the Oil and Gas Industry
Related
Legal Alerts
1.
Implementation
of Code of Corporate Governance Will Minimize Wastage, Corruption – Osinbajo
2.
FBNQuest
Proposed Transfer of FBNQuest Trustees Limited to FBN Holdings Plc
3.
Income
Tax Country-by-Country Reporting Regulations, 2018 - Legal Alert
4.
UUBO
Hosts Groundbreaking Thought Leadership Forum on ICE, December 6, 2018, in
Lagos
5.
The
Finance Function Of The Future: Using IFRS 17 To Build A Competitive Advantage
6.
IFRS
16 to Fuel Use of JVs to Avoid Lease Capitalisation
7.
How
Government And Its Agencies Can Be More Efficiently Run – The BOI Example
8. New
Transfer Pricing Regulations, Guidelines and Circular - Legal Alert
9.
#NES24:
Executive and Legislature must Work Together For Nigeria’s Progress-Saraki
10. Senate
Passes Resolution Mandating CBN To Suspend Bank ATM Charges
11. ADR
- Alternate Dispute Resolution Multi-Door Court House – Legal Alert
12. Stakeholders
explore the Role of IST in Nigerian Capital Market Dispute Resolution
13. The
Finance Function Of The Future: Using IFRS 17 To Build A Competitive Advantage
14. IFRS
16 to Fuel Use of JVs to Avoid Lease Capitalisation
15. How
Government And Its Agencies Can Be More Efficiently Run – The BOI Example
16. Court
Approves Website Seizure and Anton Piller Order Against Online Copyright Piracy
Platform
17. Hotels
and Restaurants Consumption (Fiscalisation) Regulations
18. Court
Grants Injunction Restraining Lagos State From Enforcing New Consumption Tax
Law
20. Police
Powers of Arrest and Civil Contracts
21. Stakeholders
harp on robust PPP, at 2017 BusinessDay Education Summit
24. Stamp
Duties on Bank Deposits and Transfers: Are There Unresolved Issues?
25. IFRS
9 Standard Implementation: Building Organisational Capacity for Implementation
Success
26. Bank
Charges: Role, Responsibilities and Rights
27. Bank
Charges & Recent Regulatory Guidelines
28. Legal
Update On The Implementation Of The Stamp Duties Act And The Rights Of Bank
Customers
29. How
Recent Environmental, Waste and Effluent Law & Regulations Affect You
30. Indonesia
Issues New Regulation Regarding PLCs' Shareholding Reporting Obligations
31. Contracts
- Time Is Of The Essence
32. Nigeria's
new Immigration Regulations 2017
33. The
Law, The Environment And Permissible Noise Levels
34. Advancing
the Role and Effectiveness of Audit Committees
35. House
Passes Federal Competition Commission Bill
36. Registering
a Business in Nigeria: Preliminary Considerations
37. PEBEC
approves 60-day action plan on Doing Business in Nigeria
38. Annual
Minimum Corporate Compliances
39. You've
Registered Your Trademark, What Now? Tips on Maintaining Trademark Protection
40. Why
FGs Ban of Vehicle Imports Through Land Borders Makes Sense
41. While
Nigeria Dithers, 3 in 4 African Countries Improve Business Environment
42. The Un-Enforceability of the Nigerian FRC’s Code of Corporate Governance