Personal data and privacy in Fintech

‘Fintech’ is often described as a ‘revolution' that continues to displace more traditional forms of banking. It uses technology and often behavioural data to provide a range of financial services especially to sections of society that are underserved by or that do not have access to more traditional forms of banking, for example in the informal economy and rural populations. Technology and in many cases, mobile phone ownership continue to drive Fintech adoption - in 2019 there were 520 million registered mobile money accounts across Africa alone.

Fintech, especially mobile Fintech in Africa has multiple use cases from mobile payments, money transfers and loans, to supporting micro-enterprise, to financial inclusion, to paying for electricity and water including via cryptocurrency. Fintech sits at the intersection of multiple regulation from banking, AML/KYC, mobile money licenses, telecom law (including mandatory sim registration), identity law and even social protection law.  While Fintech provides opportunities it also carries risks to privacy and fundamental rights and freedoms, arising from the capture and mining of detailed behavioural data that may be used for reputation scoring for example, to the use of data brokers, to location privacy.

The workshop aims to explore and discuss key issues, challenges and considerations in the use of personal data in Fintech drawing from experiences in Africa and beyond.

What are the key considerations for data protection authorities? What lessons can be learnt to support data protection authorities across Africa for example? Is data protection law sufficient to address concerns and risks over the use of behavioural data for example? What is the lawful basis for using behavioural data – consent? Is regulatory oversight and enforcement effective across over complex Fintech ecosystems? To what degree has COVID driven Fintech adoption and exacerbated issues?  What cross-border issues does Fintech create in regulating global or cross-border platforms and how can these be best addressed?

Speakers for this workshop include:

Olumide BABALOLA is a practising data protection, privacy and digital rights lawyer in Nigeria and a co-founder of the Digital Rights Lawyers Initiative (DRLI) that is committed to the promotion and protection of digital rights. The DLRI recently filed a lawsuit against the Central Bank of Nigeria over their instruction that commercial banks must share customer data with Fintechs.  Olumide will share experiences from the Nigerian Fintech ecosystem and a critique of data protection and privacy challenges and key considerations.

Linda BONYO is a lawyer and the CEO and founder of 'The Lawyers Hub' (a Pan-African policy organisation that focuses on providing innovative and technology driven solutions to policy, including internet governance, digital trade, digital ID, and digital inclusion.) Linda is an advocate of the High Court of Kenya and also serves on the ICT committees of the regional bar associations. She is also a 2020 Tech Women Emerging Leaders Fellow and winner of the 2020 GoodID global awards on Privacy and Digital Identity. Linda advocates for privacy-conscious approaches to technology and prioritises data protection and a user-centric approach and will discuss key challenges considerations for an inclusive Fintech.

Ali Hussein KASSIM is the Chief Executive Officer and Co-Founder of Kipochi Ltd – a Pan African Fintech company. Ali is also the Chairman of the Board of Trustees of the NGO ‘KICTANet’ - an ICT Policy Advocacy & Development Think Tank and is an Advisory Board Member of the Mifos Initiative, an open-source financial services platform focused on digitally transforming the Microfinance financial services sector.  Ali will talk about a privacy-first approach to Fintech and data transforming of financial services, especially on mobile

Programme