Dr. Oludare Ogunlana Joins Privacy Symposium Africa Panel to Explore the Hidden Dangers Behind ‘I Agree’

When “I Agree” Means Silent Surrender

Every day, billions of people click “I Agree” without reading a single word. Behind that single action often lies an invisible contract, one that hands over personal data, browsing habits, location, and even voice or biometric information. Dr. Sunday Ogunlana, cybersecurity scholar-practitioner and founder of OGUN Security Research and Strategic Consulting LLC, was invited to speak on this very topic at the 7th Privacy Symposium Africa held in Lagos, Nigeria.

With a lighthearted comparison to saying “I do” in marriage without reading the terms and conditions of matrimony, Dr. Ogunlana humorously but powerfully drew attention to the risks hidden behind digital consent. “That button,” he said, “is not just a gateway to service. It is a trapdoor to surveillance.”

Behind the Button: Real-World Privacy Exploits

Dr. Ogunlana presented real-life examples of how companies have misused vague or open-ended data-sharing clauses:

• TikTok was fined €345 million under GDPR for processing children's data without adequate transparency or parental consent.

• Facebook’s Cambridge Analytica scandal affected over 87 million users, including citizens in Nigeria and Kenya, using harvested data for political manipulation.

• Zoom, during the pandemic, shared personal data with Facebook through undisclosed SDKs, leading to a public backlash and a $85 million settlement.

These examples illustrated a growing problem. Users are losing control of their digital lives through routine clicks and uninformed consent.

Africa Responds: Data Sovereignty Through Local Laws

The panel also discussed the legal and regulatory landscape in Africa:

• Nigeria’s Data Protection Act (2023) has replaced the NDPR, created the Nigeria Data Protection Commission, and established strong frameworks for consent, data security, and cross-border data flow.

• Kenya’s Data Protection Act (2019) was lauded for empowering the Office of the Data Protection Commissioner (ODPC), which recently took enforcement actions against WorldCoin over biometric data concerns.

• South Africa’s POPIA, in force since 2021, defines lawful data processing and mandates breach notifications, marking a new era of enforcement.

Dr. Ogunlana emphasized that while these laws are a good start, enforcement, funding, and public education remain critical.

Where Innovation Ends and Overreach Begins

Not all data use is malicious, but lines are crossed when:

1. Consent is coerced through platform access requirements.

2. Terms of service include vague language like “trusted partners.”

3. AI models are trained on user data without disclosure.

Citing international frameworks like the EU GDPR, the OECD Privacy Guidelines, and the African Union’s Malabo Convention, Dr. Ogunlana urged African governments to adopt privacy-by-design approaches and to fund independent data regulators capable of conducting investigations and issuing sanctions.

What OSRS Can Do to Help

At OGUN Security Research and Strategic Consulting LLC, we help governments, institutions, and private companies:

• Conduct compliance assessments and digital risk audits

• Train cybersecurity and privacy teams on AI governance and data handling

• Design user education campaigns on digital rights and responsible innovation

Digital privacy cannot wait. It is time to demand transparent consent, strong enforcement, and ethical innovation.

Enjoyed this article?Share it with your network and subscribe to our email list for the latest insights in cybersecurity, privacy law, and digital intelligence.

Stay informed by following OSRS on Google News, Twitter, and LinkedIn for more exclusive cybersecurity insights and expert analyses.