By Olumide Babalola
Like most tech-savvy Nigerian lawyers, I was fascinated by the broadminded Practice Direction on e-affidavit released by the Federal High Court on the 7th day of June 2024. Apart from the understanding that the document is itself inconclusive as it is dependent on the implementation of a task force to be set up by the Chief Judge, the direction interestingly declares in its explanatory note that: “The aim of these Practice Directions is to ensure data protection in a user-friendly automated system of deposing to e-affidavits” (Emphasis mine)
As laudable as the foregoing clarification seems, its legal and regulatory implications should not be lost on the Honourable Chief Judge, My Lord Justice J.T. Tsoho – whose place in history is assured for attempting to ease the administration of civil justice by revolutionising the sometimes burdensome and cumbersome oath-taking process.
Order II, rule 1(a) of the Practice Direction proposes compliance with global best practices while Order III rule 3 indicates that applications shall be made on the court’s website. My immediate reaction was to visit the court’s website – https://www.fhc.gov.ng – Alas!, there is neither a privacy policy nor any (conspicuous) direction to that effect. A privacy policy is a document that clearly and succinctly explains the privacy practices of every organisation that processes personal data.
The Federal High Court’s ambitious proposition towards data protection ought to commence with transparency within the context of their obligation as a controller defined under section 65 of the Nigeria Data Protection Act, 2023 (NDPA). For clarity, section 24 (1)(a) mandates a controller to “ensure that personal data is processed in a … transparent manner”
Order III rule 1(a) references ‘transparency’ but this duty, within the context of data protection, is fulfilled by proactive information displayed in a privacy policy on the website. Section 27(3) of the NDPA mandates the publication of such policy thus: “The information referred to in subsection (1) shall be contained in a privacy policy and expressed in clear, concise, transparent, intelligible, and easily accessible format, taking into consideration the class of data subjects targeted by the data processing.”
In two previous identical articles, I have advocated a more inclusive and intentional information privacy culture in the Nigerian judiciary (see ‘Who Will Bell This Cat? When Judicial Actors Treat Information Privacy with Levity: Justice Ajumogobia’s Reinstatement as a Case in Point’ and ‘Who Will Bell the Cat? Developing an Inclusive Information Privacy Culture for the Nigerian Judiciary (2023) 14(1) The Gravitas Review of Business & Property Law, 81.
Conclusion
At the risk of repetition, to achieve the proposed privacy objectives of the Practice Direction and compliance with the Nigeria Data Protection Act 2023, the Federal High Court, as a custodian of the law, ought to lead by:
a. Publishing a privacy policy on their website
b. Designate a Data Protection Officer
c. Train the registry staff on data protection
d. Conduct periodic audits, etc
