Nigerian Law Forum
With the migration of business from the traditional ‘brick and mortar’ store to online platforms or online market as a result of technological growth and advancement, business operations now have a wide online presence where transactions are made by consumers filling various information to finalize their transactions. The nature of online transactions is very different from when businesses only had physical outlets where business transactions were made, and the transactions ended with customers paying cash in exchange for goods.
Data has been described as the oil of the digital era.1 Data “means characters, symbols and binary on which operations are performed by a computer, which may be stored or transmitted in the form of electronic signals, stored in any format or any device”.2 Data are pieces of information gathered from various sources or observations.
Personal Data means information such as name, address, photo, email address, bank details, posts on social networking websites, medical information, cultural or social identity, etc. belonging to an individual.
The General Data Protection Regulation (GDPR) is a European Union (EU) law that came into effect in 2018 with an aim to regulate how companies obtain and process the personal information of EU citizens as well as protect customer’s data by giving individuals more control over how their data are collected, used and protected online. While the GDPR is made for EU citizens, it extends to any website or online service provider outside the EU but with an EU reach.
The Children's Online Privacy Protection Act (COPPA) 1988 is another data protection law in the United States which protects the privacy of children under 13 years of age, where their personal information will be taken. This includes businesses in the United States or businesses outside the United States but with a US reach. The website or online service provider must display a notice of what information it collects from the children and how the information is used. In addition, parental consent of the child or children must be obtained as the parent can refuse the use of the personal information collected after review.
1 Economist (2017, May 6). Data Is Giving Rise to a New Economy. The Economist.
2 Analysis of the Privacy Policies of Nigerian Online Shops
3 Section 2.5 of the Nigeria Data Protection Regulation 2019
4 Art 2.5 Nigeria Data Protection Regulation 2019
5 Section 1.3 of the Nigerian Data Protection Regulation 2019
Preye Ezonfade , LLB