Tech Hive Advisory contributes to UN Right to Privacy Report 2022

On the 7th of October, 2021, the UN Human Rights Council adopted Resolution 48/4 on the right to privacy in the digital age. In line with this resolution, the Commissioner for Human Rights was to prepare a written report on the recent trends and challenges concerning the right to privacy and related human rights principles. Towards this, interested stakeholders were invited to provide inputs for preparing the report.

Tech Hive Advisory, focusing on the state of privacy rights in Nigeria, also provided inputs. Our contributions focused on the incidence of surveillance, digital identity systems, encryption and anonymity, and measures adopted to combat the Covid-19 pandemic.

We noted the increased spending on surveillance systems and the introduction of laws to enhance government surveillance powers. We recommended that surveillance should be restricted to the most severe of crimes, and the use of vague language should be avoided in surveillance laws.

There has been an increased push to link SIM registrations to national identification programs. Where SIMs were not linked as mandated by the government,  they have been disconnected, thus denying many users a means of communication. We recommended that the national identity database should have adequate privacy safeguards, and the mandatory SIM/national identification linkage should be legitimised by law.

Speaking on anonymity, there have been increased efforts by governments to restrict anonymity at a time when journalists, vulnerable groups, and many others need it to report human rights abuses and instances of state failure safely. We recommended that legislative proposals to restrict anonymity be put aside and that decryption be subject to judicial review.

In Nigeria, efforts at using digital technology to combat Covid-19 may have been compromised by inadequate security protocols and violating data minimization principles. We recommended that data should not be retained longer than necessary, and data protection by design should be embedded in the lifecycle of public health solutions.

The rest of our input and recommendations are accessible here, while inputs from other stakeholders are also available here.