Introduction:
Like any new invention designed to aid human endeavors, Artificial intelligence (AI) is greatly revolutionizing our world. Its impact is already being felt across various industries, processes, and procedures of mankind. Expectedly, across many sectors, AI is being received with mixed feelings. Many worry about data collection and the rights of persons and businesses. Hence, the interaction of a series of extant laws (including Privacy Laws and Intellectual Property Laws) is affecting or being affected by AI across the world. AI is the part of computer science that focuses on programs that can perform tasks that human beings perform.
Six persons in every ten persons in the world are subjects of data collection, and 74% of data subjects across the world are concerned with the treatment of data. AI relies on big data (including personal data) to perform its task . Hence, there is a higher probability that AI and its operators may breach privacy laws. Privacy laws are made to protect the private and personal lives and information of individuals and institutions. They govern and regulate the collection, retention, use, sharing, and dealing with personal information to avoid abuse and unauthorized access. AI plays critical (invasive) roles in the entire chain of collection, use, storage, access, security, and transfer of personal data, as no person has envisaged. Hence, “LC& N Solicitors” believe that there is an obvious need to closely monitor and regulate the role of AI in dealing with the private and personal lives and information of individuals and institutions.
AI & the Nigerian Privacy Laws:
In Nigeria, privacy is a constitutional matter; it is among the fundamental human rights enshrined in the Constitution of the Federal Republic of Nigeria. In 2019, in line with international best practices and the Constitution of Nigeria, the Nigerian government approved “the Nigeria Data Protection Regulation” (NDPR), setting a legal framework for the use and procedures for the management of electronic data. The National Information Technology Development Agency (NITDA) initiated the NDPR pursuant to the National Information Technology Development Agency Act 2007, which authorizes NITDA to develop regulations for electronic governance and monitoring of the use of electronic data interchange and other forms of electronic communication transactions for the public and private sectors. The NDPR protects the right of natural persons to data privacy. NITDA, in 2020, issued the “Guidelines for the Management of Personal Data by Public Institutions in Nigeria” to govern the roles and responsibilities of public officers and public institutions in the processing and management of personal data. The NDPR promotes the rights of data subjects over their personal data and mandates institutions to obtain the consent of data subjects ahead of data collection, use, storage, access, security, and transfer of personal data. Furthermore, NDPR promotes the right of data subjects to access their personal data, rectify inaccuracies, and also the right to erase personal data.
The Nigerian case law is not left out with an avalanche of judgments on the right to privacy being upheld by the courts. “The meaning of the term "privacy of Citizens" is not directly obvious on its face” . The Constitution of Nigeria recognizes the right of privacy of human beings that are Nigerian but does not seem to extend privacy to Non-Nigerians and artificial/corporate beings like; businesses, institutions, and groups. Specifically, the Constitution of Nigeria limits the right of privacy to human beings that are citizens of Nigeria. It also limits the scope of privacy to “… their homes, correspondence, telephone conversations and telegraphic communications” of Nigerian Citizens. Well, the above is the restrictive interpretation of the Constitution, which the Supreme Court of Nigeria has rejected and rather embraced the liberal approach. The apex court in the case of Medical and Dental Practitioners Disciplinary Tribunal vs. Okonkwo went on to interpret the right to privacy to include; “… a right to protect one's thought, conscience or religious belief and practice from coercive and unjustified intrusion; and, one's body from unauthorised invasion.”
In another attempt to interpret the right to privacy, the Court of Appeal concluded that “… privacy to my mind can be said to mean the right to be free from public attention or the right not to have others intrude into one's private space uninvited or without one's approval. It means to be able to stay away or apart from others without observation or intrusion. It also includes the protection of personal information from others. This right to privacy is not limited to his home but extends to anything that is private and personal to him, including communication and personal data." Clearly, the interpretation of the term “right to privacy” under the Constitution of Nigeria by the Nigerian Courts have further expanded the egg shell that AI and its operators must be cautious of. Simply put, all AI interactions and activities that may violate freedom from “… public attention or the right not to have others intrude into one's private space uninvited …”. It includes the interaction of AI that may affect “ … homes, correspondence, telephone conversations and telegraphic communications” of natural beings (human beings) as well as the bodies of human beings.
The Constitution of Nigeria seems not to have specifically mentioned “personal data” . Well, the courts have filled the gap with their non-restrictive interpretation of the right to privacy to include; the protection of the personal data of citizens of Nigeria. In line with the Constitution of Nigeria, legislations and subsidiary legislations that advance the right of privacy have also limited the right to natural persons that are citizens of Nigeria and also followed the courts to recognize the protection of personal data as a right to privacy.
AI Challenges and the Role of Nigerian Lawyers:
With the spike in the Internet of Things (IoT), AI owners, users, and operators in Nigeria or with data subjects in Nigeria will be expected to respect the fundamental human rights of persons in Nigeria, including the right to privacy. Common privacy issues for AI include; Data Persistency, Data Repurposing, Data Spillover, Data Consent, Data Termination, the Ability to refuse data collection, Description of the AI process, and the nature of Data Collected. Clearly, Nigeria is actively protecting the personal data of natural Nigerians through its Constitution, the National Information Technology Development Agency Act 2007, the Nigeria Data Protection Regulation, and rich case law. However, AI technologies pose unique privacy issues that also violate a community of other rights. For example, AI could create biases and discriminate against persons in violation of the right to freedom from discrimination.
At LC&N Solicitors (www.lcandn.com), we are strategically positioned with the requisite skill, experience, and network to support AI owners, operators, smart businesses, and organizations. We provide guidance on regulatory compliance, develop internal policies for AI systems to comply with Nigerian laws, conduct Privacy Impact Assessment (PIA) for AI systems, and implement Privacy by Design (PbD) principles. We provide legal guidance on collecting, using, storing, accessing, security, and transferring personal data. And provide legal services on disputes involving AI systems. We play a critical role in ensuring that AI respects privacy rights and benefits our communities.
Conclusion:
Nigeria is among the few countries with a dedicated legal framework for protecting the right to privacy. The laws provide adequate protection for the personal data of data subjects that are Nigerian citizens. They regulate the collection, use, storage, access, security, and transfer of personal data. Since AI requires big data, there are perpetual moral and legal obligations on AI systems to operate in full compliance with Nigerian laws, including the laws protecting the rights of privacy. Expectedly, Nigerian lawyers play a critical role in advising and guiding AI systems on regulatory compliance. Our law firm, LC&N Solicitors (www.lcandn.com), provides regulatory compliance, develop internal policies for AI systems, conducts Privacy Impact Assessment (PIA) for AI systems, and implements Privacy by Design (PbD) principles to protect privacy rights and promote AI systems.
#lawfirmstrategy#lawfirmmarketing#lawfirmmanagement#lawfirmgrowth#lawfirmleadership#legaltech#legalindustry#legal#legalmanager#legalknowledge#legalmarketing#legaleducation#legaladvice#legalcommunity#legalmatters#legalcounsel#legaldocuments#legalconsulting#legalai#legalcloud#lawtech#lawyers#lawpractice#lawupdates#laws#lawnews#lawenforcement
Follow LexTalk World for more news and updates from International Legal Industry
Comentários