Insolvent corporate debtors often possess a considerable amount of personal data, such as customer lists and user data. The insolvency and liquidation of biobanks and private hospitals even pose greater challenges in relation to the sensitive personal data in their holding. In liquidation, should the sensitive personal data in their holding be sold alongside other assets to satisfy the corporate debtor’s debts? This question (or its kind) is yet to receive any judicial interpretation in Nigeria. Similarly, insolvency practitioners (e.g. administrators and liquidators) are typically appointed to manage and distribute an insolvent corporate debtor’s assets to its stakeholders. An administrator’s use of personal data to trade may qualify him as a data controller under the Nigerian Data Protection Act 2023 (NDPA). Likewise, where personal data are necessary for trading under administration, the cost of processing information requests from data subjects may impede the success of the administration. Although NDPA indicates that a data subject will bear the cost of processing if the underlying cost is “unreasonable”, neither case law nor subsidiary legislations have clarified the quantum of cost as well as the circumstances that could meet the “unreasonable” threshold. The article finds that NDPA intersects with other business laws in Nigeria, and their intersections breed a considerable amount of uncertainty that is likely to impede commerce: the article proposes urgent reforms on these pertinent issues.
References
[1]
Abdulrauf, L. A., & Fombad, C. M. (2016). Personal Data Protection in Nigeria: Reflections on Opportunities, Options and Challenges to Legal Reforms. Liverpool Law Review, 38, 105-134. https://doi.org/10.1007/s10991-016-9189-8
[2]
Ambrose, M. L., & Ausloos, J. (2013). The Right to Be Forgotten across the Pond. Journal of Information Policy, 3, 1-23. https://doi.org/10.5325/jinfopoli.3.2013.0001
[3]
American Bankruptcy Institute (2020). Annual Business and Non-Business Filings by Year, 1980-2020. https://abi-org.s3.amazonaws.com/Newsroom/Bankruptcy_Statistics/Total-Business-Consumer1980-Present.pdf
[4]
Ayres, I., & Schwartz, A. (2014). The No-Reading Problem in Consumer Contract Law. Stanford Law Review, 66, 545-609.
[5]
Ben-Ishai, S., & Lubben, S. (2012). Involuntary Creditors and Corporate Bankruptcy. UBC Law Review, 45, 253-282.
[6]
Bennett, C. J. (1992). Regulating Privacy: Data Protection and Public Policy in Europe and the United States. Cornell University Press. https://doi.org/10.7591/9781501722134
[7]
Bennett, C. J. (2008). The Privacy Advocates: Resisting the Spread of Surveillance. The MIT Press. https://doi.org/10.7551/mitpress/7855.001.0001
[8]
Blume, P. (2013). Controller and Processor: Is There a Risk of Confusion? International Data Privacy Law, 3, 140-145. https://doi.org/10.1093/idpl/ipt002
[9]
Bruynseels, K., & van den Hoven, J. (2015). How to Do Things with Personal Big Biodata. In B. Roessler, & D. Mokrosinska (Eds.), Social Dimensions of Privacy: Interdisciplinary Perspectives (pp. 122-140). Cambridge University Press. https://doi.org/10.1017/cbo9781107280557.008
[10]
Bygrave, L. A. (2014a). Data Privacy Law. Oxford University Press. https://doi.org/10.1093/acprof:oso/9780199675555.001.0001
[11]
Bygrave, L. A. (2014b). Data Privacy Law and the Internet: Policy Challenges. In N. Witzleb, D. Lindsay, M. Paterson, & S. Rodrick (Eds.), Emerging Challenges in Privacy Law: Comparative Perspectives (pp. 259-289). Cambridge University Press.
[12]
Carnegy‐Arbuthnott, H. (2023). Privacy, Publicity, and the Right to Be Forgotten. Journal of Political Philosophy, 31, 494-516. https://doi.org/10.1111/jopp.12308
[13]
Charlesworth, A. (2000). Clash of the Data Titans? US and EU Data Privacy Regulation. European Public Law, 6, 253-274. https://doi.org/10.54648/265901
[14]
Choi, H., Park, J., & Jung, Y. (2018). The Role of Privacy Fatigue in Online Privacy Behavior. Computers in Human Behavior, 81, 42-51. https://doi.org/10.1016/j.chb.2017.12.001
[15]
Clarke, I., Sandberg, O., Wiley, B., & Hong, T. W. (2001). Freenet: A Distributed Anonymous Information Storage and Retrieval System. In H. Federrath (Ed.), Designing Privacy Enhancing Technologies (pp. 46-66). Springer. https://doi.org/10.1007/3-540-44702-4_4
[16]
Collins, F. S. (2010). The Language of Life: DNA and the Revolution in Personalized Medicine. HarperCollins.
[17]
Collins, H. (2003). Objectivity and Committed Contextualism in Interpretation. In S. Worthington (Ed.), Commercial Law and Commercial Practice (pp. 189-209). Hart Publishing.
[18]
Colonna, L. (2022). Addressing the Responsibility Gap in Data Protection by Design: Towards a More Future-Oriented, Relational, and Distributed Approach. Tilburg Law Review, 27, 1-21. https://doi.org/10.5334/tilr.274
[19]
Craig, P., & Búrca, G. (2011). EU Law (5th ed.). Oxford University Press.
[20]
Davis, K. E., & Pargendler, M. (2022). Contract Law and Inequality. Iowa Law Review, 107, 1485-1541.
[21]
Dutton, W. H., & Meadow, R. G. (1987). A Tolerance for Surveillance: American Public Opinion Concerning Privacy and Civil Liberties. In K. Levitan (Ed.) Government Infostructures (pp. 147-170). Greenwood Press.
[22]
Esangbedo, G. (2020). Secured Transactions in Moveable Assets Act, Company Charges and Funding Micro, Small and Medium Enterprises under Nigerian Law. Journal of African Law, 64, 81-105. https://doi.org/10.1017/s0021855319000354
[23]
Essen, E. (2000). Conflicting Rationes Decidendi: The Dilemma of the Lower Court in Nigeria. African Journal of International and Comparative Law, 12, 23-30.
[24]
Federal Trade Commission (2000, July 21). FTC Announces Settlement with Bankrupt Website, toysmart.com, Regarding Alleged Privacy Policy Violations. https://www.ftc.gov/news-events/news/press-releases/2000/07/ftc-announces-settlement-bankrupt-website-toysmartcom-regarding-alleged-privacy-policy-violations
[25]
Financial Crisis Inquiry Commission (2011, February 25). The Financial Crisis Inquiry Report. https://www.govinfo.gov/content/pkg/GPO-FCIC/pdf/GPO-FCIC.pdf
Goldsmith, J., & Wu, T. (2006). Who Controls the Internet? Illusions of a Borderless World (p. 176). Oxford University Press.
[28]
Iheme, W. C., & Mba, S. U. (2021). A Doctrinal Assessment of the Insolvency Frameworks of African Countries in Coping with the Pandemic-Triggered Economic Crisis. Stellenbosch Law Review, 2021, 306-329. https://doi.org/10.47348/slr/2021/i2a7
[29]
International Monetary Fund (2020, April 14). The Great Lockdown: Worst Economic Downturn since the Great Depression. https://www.imf.org/en/Blogs/Articles/2020/04/14/blog-weo-the-great-lockdown-worst-economic-downturn-since-the-great-depression
[30]
Investors Compensation Scheme Ltd. v West Bromwich Building Society [1998] 1 WLR 896.
[31]
Iwobi, A. U. (2017). Stumbling Uncertainly into the Digital Age: Nigeria’s Futile Attempts to Devise a Credible Data Protection Regime. Transnational Law and Contemporary Problems, 26, 14-61.
[32]
Katz v United States (1967). 389 US 347.
[33]
Kennedy, P. I. (2004). Military Adventurism in Nigeria Politics. Mentors Communications Limited.
[34]
Kuner, C. (2013). Transborder Data Flow Regulation and Data Privacy Law. Oxford University Press.
[35]
Litman, J. (2000). Information Privacy/Information Property. Stanford Law Review, 52, 1283-1313. https://doi.org/10.2307/1229515
[36]
Liu, N. Y. (2011). Bio-Privacy: Privacy Regulations and the Challenge of Biometrics. Routledge.
[37]
McCunn, J. (2019). The Contra Proferentem Rule: Contract Law’s Great Survivor. Oxford Journal of Legal Studies, 39, 483-506. https://doi.org/10.1093/ojls/gqz002
[38]
Moore, C. R. (2016). Obligations in the Shade: The Application of Fiduciary Directors’ Duties to Shadow Directors. Legal Studies, 36, 326-353. https://doi.org/10.1111/lest.12110
[39]
Nelson, C. (2005). What Is Textualism? Virginia Law Review, 91, 347-418.
[40]
Newman, A. L. (2008). Protectors of Privacy: Regulating Personal Data in the Global Econ-omy. Cornell University Press. https://doi.org/10.7591/9781501729218
[41]
Ngo, M.V. (2002). Getting the Question Right on Floating Liens and Securitized Assets. Yale Journal on Regulation, 19, 85-169.
[42]
Nwobike, J. A. (2013). Jurisdiction and the Contractual Freedom of Parties—Do Expropriatory Contracts Really Expropriate? In S. A. M. Ekwenze, I. Chibuzor, A. O. Okeke, & N. Okeke, (Eds.), Demand for Justice: Essays in Honour of Hon (pp. 33-52). Snap Press Ltd.
[43]
Nwobike, J. A. (2023). The Incompatibilities of the Secured Transactions Law Reform in Nigeria with Access to Credit: What Did the Lawmakers Get Wrong? Beijing Law Review, 14, 87-110. https://doi.org/10.4236/blr.2023.141005
[44]
Omotubora, A., & Basu, S. (2020). Next Generation Privacy. Information & Communications Technology Law, 29, 151-173. https://doi.org/10.1080/13600834.2020.1732055
[45]
Onyeaka, H., Anumudu, C. K., Al-Sharify, Z. T., Egele-Godswill, E., & Mbaegbu, P. (2021). COVID-19 Pandemic: A Review of the Global Lockdown and Its Far-Reaching Effects. Science Progress, 104, 1-18. https://doi.org/10.1177/00368504211019854
[46]
Orji, U. J. (2017). Regionalizing Data Protection Law: A Discourse on the Status and Implementation of the ECOWAS Data Protection Act. International Data Privacy Law, 7, 179-189. https://doi.org/10.1093/idpl/ipx013
[47]
Payne, J. (2018). The Role of the Court in Debt Restructuring. The Cambridge Law Journal, 77, 124-150. https://doi.org/10.1017/s0008197318000016
[48]
Piciocchi, C., Ducato, R., Martinelli, L., Perra, S., Tomasi, M., Zuddas, C. et al. (2018). Legal Issues in Governing Genetic Biobanks: The Italian Framework as a Case Study for the Implications for Citizen’s Health through Public-Private Initiatives. Journal of Community Genetics, 9, 177-190. https://doi.org/10.1007/s12687-017-0328-2
[49]
Pissott, L. J. (1992). The Amortization of Customer-Based Intangibles: The “Separate & Distinct from Goodwill” Requirement and H.R. 3035’s Proposal for Change. The Tax Lawyer, 45, 1031-1043.
[50]
Pollman, E. (2021). Corporate Personhood and Limited Sovereignty. Vanderbilt Law Re-view, 75, 1727-1753.
[51]
Posner, E. A. (1998). The Parol Evidence Rule, the Plain Meaning Rule, and the Principles of Contractual Interpretation. University of Pennsylvania Law Review, 146, 533-577. https://doi.org/10.2307/3312625
[52]
Reidenberg, J. R. (2001). E-Commerce and Transatlantic Privacy. Houston Law Review, 38, 717-749.
[53]
Ripken, S. K. (2019). Corporate Personhood. Cambridge University Press. https://doi.org/10.1017/9781108241366
[54]
Schwartz, P. M. (2004). Property, Privacy, and Personal Data. Harvard Law Review, 117, 2056-2128. https://doi.org/10.2307/4093335
[55]
Schwartz, P. M. (2013). The EU-U.S. Privacy Collision: A Turn to Institutions and Procedures. Harvard Law Review, 126, 1966-2009.
[56]
Schwartz, P. M. (2019). Global Data Privacy: The EU Way. New York University Law Re-view, 94, 771-818.
[57]
Schwartz, P. M., & Peifer, K.-N. (2017). Transatlantic Data Privacy Law. Georgetown Law Journal, 106, 115-179.
[58]
Skeel, D. (2021). Pandemic Hope for Chapter 11 Financing. The Yale Law Journal Forum, No. 10, 315-336. https://www.yalelawjournal.org/pdf/F7.SkeelFinalDraftWEB_3s3482o2.pdf
[59]
Sobel-Read, K., Anderson, G., & Salminen, J. (2022). The Critical Role of Choses in Action: A Call for Harmonization across Common Law Jurisdictions. Fordham International Law Journal, 45, 513-574.
[60]
Solove, D. J., & Schwartz, P. M. (2018). Information Privacy Law (6th ed.). Aspen Publishers.
[61]
United Nations (2023, May 5). WHO Chief Declares end to Covid-19 as a Global Health Emergency. https://news.un.org/en/story/2023/05/1136367.
[62]
Wagner, J. (2018). The Transfer of Personal Data to Third Countries under the GDPR: When Does a Recipient Country Provide an Adequate Level of Protection? International Data Privacy Law, 8, 318-337. https://doi.org/10.1093/idpl/ipy008
[63]
Westin, A. F. (1970). Privacy and Freedom. Atheneum.
[64]
Whitman, J. Q. (2004). The Two Western Cultures of Privacy: Dignity versus Liberty. The Yale Law Journal, 113, 1151-1221. https://doi.org/10.2307/4135723
