Davies Bamigboye, an information technology expert, has raised an alarm over the ease at which data belonging to Nigerians are sold and harvested illegally.
Bamigboye who is the chief executive officer of Conceptsworld Academy, based in the United Kingdom, lamented that the lack of data protection laws in Nigeria has exposed Nigerians to grave risk.
He, however, blamed the failure of the National Information Technology Development Agency (NITDA) in enforcing the Nigeria Data Protection Regulation (NDPR) since January 2019, for the brewing security crisis.
While he hailed NITDA for taking a bold step in constituting the Nigeria Data Protection Regulation (NDPR) in January 2019, he lamented that agency has not done enough to publicise the law and communicate deadlines to all organisations across the nation.
According to the Director-General of NITDA, the NDPR core principles include lawfulness and legitimacy; specific purpose; data minimisation; accuracy; storage and security; confidentiality, integrity, and availability; compliance and enforcement.
But reacting to the delay in implementing the data protection regulation, Bamigboye said “public and private institutions will continue to process Nigerian citizens data through third parties especially where due diligence has not been undertaken, contractual clauses are not favourable to Nigerians, data loss prevention methods have not been verified, or where such information is transferred outside of Nigeria.
“Children’s data (e.g pictures) for example, will continue to be used to support advertisements that aim to seek aids from foreign countries by NGOs. There is no reason to believe that such NGOs seek approval from Nigerian regulators before using these pictures.
“Even, if they (the NGO) had wanted to seek permission, there was no designated body in Nigeria which could serve as the Information Commissioner Office (ICO) that such requests should be directed to.
“The current monitoring of Nigerians by the other Nation States and large organisations will continue to go unchecked. For example, Multinationals possessing the “location data” of Nigerians gleaned from smartphones, laptops, iPad, smartwatches, smart TVs and other intelligent devices will continue to exploit this information for their own advantage to profile our citizens.
“The level of access that these organisations have meant that the privacy rights of Nigerians are at risk. It means that information in the hands of private companies can be used to identify where an individual Nigerian is, where they have been, who they have been in contact with, and who was situated around them. This has a major impact on the privacy and security of Nigerians.
“The risk of selling of Nigerian Citizens data for nefarious activities will continue – especially as it pertains to children for sex-trafficking etc. This decimates the future of our country.
“Not enforcing the NDPR means that legitimate organisations and criminal gangs can continue to target Nigeria with the sole purpose of trawling up information that could be used in a criminal or discriminatory manner.
“Without clear breach notification and process of seeking redress, when a breach occurs or indeed a crime is initiated, the lack of effective NDPR coupled with a judiciary with limited cyber awareness capabilities makes it hard to prosecute alleged offenders.
“The need to be able to prosecute and fine foreign companies for me sit on the top list of what needs to be addressed asap. If you compare Nigeria to other countries with effective data protection regulation, foreign companies are careful to exploit the privacy of their citizens,” he added.
He further expressed concern that if NITDA does not proactively push the initiative, it will further erode business confidence in Nigeria and international organisations will perceive the nation as formulating a policy with the intent of “looking” the part but not serious about carrying out its mandate.
“The Buhari administration can pride itself in the history of Nigeria as being the administration that facilitated this trillion-dollar industry. As the saying goes, data is the new gold and Nigeria can ride the wave of the data economy by coming to grips with the importance of data not just to our national security but a business opportunity that will open up employment to the youths of this nation.
“With roles such as Data Protection Officers, Privacy SMEs, Data Auditors, Data Analysts, Cyber Security Professionals expected to be in demand if NITDA can turn the regulation into a mainstream national requirement, Nigeria is bound to increase its GDP earnings from this nascent industry,” he said.