United Bank of Africa (UBA) PLC in Nigeria has been ordered to pay its customer N 8,000,000 for gross violation of her right to data privacy in a matter funded by Paradigm Initiative (PIN) through its digital rights reporting platform Ripoti.
The bank was found liable for unilaterally opening a domiciliary account for Miss Folashade Molehin without her consent, breaching her right to data privacy.
Lagos Judicial Division Judge, Justice A O Faji said the bank failed to comply with the requirements of the tier one domiciliary account which to all intents and purposes, is a limited account which for its continued operation requires Know Your Customer (KYC) compliance, and which has not been done.
“Indeed, the customer does not want to continue operating the account and has asked for it to be closed but the bank is still holding onto it. These facts show an unfortunate and unexplainable insistence by this bank to prolong the applicant’s agony and to continue to ride roughshod on the applicant’s rights even in the face of a decision by the applicant to close the account…I cannot imagine what the bank hopes to gain from this,” the Judge observed.
The customer, through lawyer Festus Ogun, sought to establish whether the bank’s decision to unilaterally open a domiciliary account for her without her consent breached her right to data privacy.
She had sought a court declaration that the bank’s unilateral opening of the domiciliary account without her consent or prior knowledge is a gross violation of her right to data privacy as enshrined in Section 37 of the 1999 Constitution of the Federal Republic of Nigeria and a gross breach of the Nigeria Data Protection Regulation, 2019.
She told the court she submitted her bank details to her employer for purposes of payment of her monthly salary. Her employer transferred her salary to her Savings Account and she waited in vain for the bank to confirm that $300 had been lodged in her savings account. She later received a text message from UBA Bank informing her a domiciliary account had been created for her without her consent and the said amount deposited into the account. She visited the bank’s Ojodu branch and was informed the account had indeed been opened in her name, and the amount deposited in the said new account.
On its part, the bank had urged the court to strike out the case for lack of jurisdiction. The court ruled otherwise, maintaining it has jurisdiction over Folashade’s claim.
The court further noted that there was no reason as to why the bank had to act so fast as if there was urgency in the transaction yet the customer was not out of reach, and could have been reached even by phone, since the bank notified her of the credit by text message after the account had been opened. “The same medium could have been utilised with probably the same result,” Justice Faji added.
The bank did not respond to the customer’s letter requesting for closure of the account.
The judge said the customer’s letter could have been responded to with all the explanation the bank stated on the processes filed in court for the customer to see good faith on part of the bank, but that was not done, and after sometime, the customer had no choice than to withdraw the money in the account since the bank neither closed the account or explained how it was created and why it was not closed even after the customer’s instructions to do so.
The suggestion that the account was created in good faith, the Judge added, could have been shown and justified by a response to Folashade even if the bank is not to respond to such letters.
The bank had contended that there was no processing of the customer’s data in opening the account, but the Judge, while referring to the expression processing in the Nigeria Data Protection Regulation (NDPR) clause 1.3 (xxi) ruled that the data was clearly adapted to create the tier-one domiciliary account for the customer.
While commenting on the judgement, the lawyer Ogun said: “I sincerely believe that this landmark judgement is not just victory over arbitrary abuse of Miss Folashade Molehin’s data privacy rights. It is equally a clear testament that the Nigerian courts are now willing to enrich the scope of our data privacy jurisprudence.”
In discussing the case strategy Paradigm Initiative Programmes Officer for Anglophone West Africa, Khadijah El-Usman said, “We liaised from the inception of the matter till the judgement with F.O.Legal to ensure that Folashade’s interests were always at the forefront.” She further noted that “Paradigm Initiative remains dedicated to ensuring digital rights are respected all over the continent and that is why we will not relent in taking up issues of rights violations through our Ripoti platform in a bid to provide a wide array of support to those who need it. We are also pleased to join efforts to create legal precedent around digital issues.”
