Introduction

The fourth industrial revolution has led to a lot of novel innovations on how everyone lives their life. Most operations in life can now be done digitally since the digital age and social networking rise. Since the Corona Virus mandated lockdowns most social interactions from work to school to parties, weddings and funerals are done digitally. In Nigeria, there is a ramped up pressure to create a digital profile for every Nigerian through the National Identity Card Scheme which is now operated by the Federal Ministry of Communications and Digital Economy. The result is most individuals who use any of these applications fairly often have built a digital profile or identity of sorts which has all their perceived likes and dislikes, patterns, personal details, medical details, physical details, financial details, political affiliations and ideologies, location and many of the other details that make up that individual. This information is known as the digital identity of a person. This paper will analyse the few legal issues that have arisen due to the discovery of digital identity and raise suggestions for protecting one’s digital identity.

What Is One’s Digital Identity?

The digital identity of an individual is the body of information about that individual, organisation or electronic device that exists on the internet or any other digital framework. It is created by unique identifiers and user patterns that make it possible to detect individuals or their devices, and it often includes:

1. The collective aspect of the set of characteristics by which a thing is definitively recognisable or known.
2. The set of behavioral or personal characteristics by which an individual is recognisable as a group member.
3. The distinct personality of an individual regarded as a persisting entity; individuality
4. Information, such as an identification number, used to establish or prove a person’s individuality.

Generally, the information generated through one’s digital identity is often so accurate that it can read patterns enough to identify what products the individual will be interested in purchasing, the political leaning of the individual in any particular election, and in some cases

when an individual is even pregnant before the person even knows it. This information frequently is generally kept close to one’s heart, and now it is collected often without the user knowing it has been collected or understanding what exactly has been collected. The result is when one’s digital information is available for sale to the highest bidder without one’s knowledge.

Legal Issues Digital Identity Raises

Discrimination

Many believe that digital identities would reduce discrimination issues because even the person who designs the digital platforms has perceived biases. One can surmise that technology alone cannot protect human rights or prevent discrimination. Studies from the World Bank have concluded that digital identity technologies may unintentionally impede the rights of those they mean to benefit. These technologies can concurrently include and exclude individuals from protection. For instance, the Blockchain technology used to identify highly persecuted groups of people such as the Rohingya minority in Myanmar and allow them to access services in a host country such as Bangladesh may also allow for more efficient ways to discriminate these populations since identification makes them more visible. Another instance is the marginalisation of ethnic minorities, such as the Uyghurs in China. It was alleged that their digital profiles were used to identify them for arrest.

In another aspect of discrimination, it has been shown that older individuals’ biometric data are often of less good quality. This is because ageing and manual labour have caused changes in aged people’s biometric information. Sole reliance on biometric technology for identification and verification purposes can, therefore, affect older individuals harshly, as their thumbprints and iris scans may not be accurate enough to guarantee verification and identification will always be possible. As a result of this, they may experience obstacles in joining and using digital identity programmes. There is also the problem of facial recognition software, which law enforcement often uses to identify suspects mixing up black people’s faces and identities, often to devastating effect. This is often caused by the person who programmed the facial recognition software not using enough black faces to test run the algorithm that identifies faces. As a result, the algorithm identifies multiple black people as the same person. Finally, there have been incidences of individuals being targeted based on their perceived political affiliation as a result of the data obtained from their aggregated digital profil.

The next primary concern is that Digital identities are notably not exempt from cybersecurity threats. One can state that they are even more susceptible . If the data falls into the wrong hands, authorities may enable persecution targeting individuals based on their ethnicity.

All technology that collects and manage Digital identities must also comply with all the statutory and regulatory requirements of digital privacy and data protection. All states that are parties to international treaties on human rights must as a rule protect, respect, and fulfil all individuals’ rights to privacy within their jurisdiction.

Digital Privacy

It has now been decided that one’s right to private life encompasses one’s ‘personal identity,’ ‘aspects of physical and social identity a person’s right to their image and personal data, including biometric, genetic and electronic data in EU countries. State interventions with this right can only be necessary if the state has a legal basis in municipal law to pursue a legitimate aim and are necessary and proportionate to that aim. The question now is the legal protection if a business infringes this private life?
The principles exercised in targeted advertisements ought to be the same when their perceived political beliefs target one from analysing the individuals’ digital data. In the case of state intervention, domestic policies establishing and managing digital identity programmes must determine with enough transparency their perceived scope of application, the protections they put in place on data storage, the duration, usage, destruction and access of third parties, as well as all the assurances to counter arbitrariness and misuse. As an illustration, the Supreme Court of India recently confirmed that these requirements applied to India’s Aadhaar programme , which had been criticised for lacking a comprehensive privacy safeguard mechanism.

This case may eventually become instructive in Nigeria. Some rumours have since been refuted that most of the data collected by government agencies are for sale on the dark internet . Domestic laws ought to mandate technology developers implement those safeguards as a matter of government policy. Public-private initiatives have been led by several non-state actors, including private companies, those participants as a matter, of course, ought to align their industry practices to the prevailing principles on privacy and data protection. Thus, the data protection guidelines provided by the European General Data Protection Regulation and

Nigerian Data Protection Regulation are of immense importance. These guidelines are crucial because they apply to both state and non-state actors alike. However, it must be noted that their extraterritorial reach is limited to processing or controlling of EU/ Nigerian data subjects’ data, respectively.
Another question that has been asked is whether digital personality can include an individual’s right to be represented digitally. This will include the addition of the right to access the internet and the right to utilise freedom of speech and expression on the internet. It must be noted that these perceived rights are untested and thus must be first tested in Court and recognised in municipal and then international law and treaties before it can become established. Finally, digital personality raises how the right to be forgotten balances with the new Government drive for smart/ digital identification. If the Government’s digital identification is backed by law, it will supersede the individual’s right to be forgotten.

Conclusion

In conclusion, while new technologies can revolutionise how individuals are identified and how the information about the individual is collected online, they must also be used ethically and legally within the law’s bounds and best practices. However, emergent digital identity platforms will only effectively contribute to protecting human and digital rights if they comply with the legal framework and that if that framework is tested regularly in Court. This will sufficiently alleviate the threats of probable discrimination and stimulate elevated principles of privacy and data protection. These considerations must be integrated into digital identity platforms’ design from the outset. In Nigeria, it is proposed that steps are taken to build a secure, locally hosted Cloud service to hold all the Federal Data being collected. It is also advised that innovators and technology developers promote best practices and contribute to the execution of improved levels of protection of human rights worldwide, maybe through the creation of a developer ethical code of conduct of sorts. These actions would ensure that human rights remain essential amid all the swift technological developments that define the current digital age and the fourth industrial revolution.