JUST IN: Data Protection Commission Investigates Alleged Privacy Breach At NIMC

Data Protection Commission Investigates Alleged Privacy Breach At NIMC

The National Commissioner, Data Protection Commission (NDPC), Dr Vincent Olatunji, has ordered a full-scale investigation in respect of allegations of unauthorised access to the personal data of enrollees in the database of National Identity Management Commission (NIMC).

This investigation is a further regulatory measure to be taken by NDPC in the wake of public concerns over reports of illegal access to personal data of enrollees by a shadowy entity called XpressVerify.com.

Recall that prior to now, NDPC has been engaging with NIMC on fostering adequacy of data protection. To this end, NDPC held a training with relevant officers of NIMC early February, 2024. This is one in a continuum of measures being put in place by the federal to ensure data privacy and protection.

“We note that NIMC has initiated internal investigation and it has immediately given full assurances of cooperation with NDPC to get to the root of the allegation and to review existing mediums through which any entity may lawfully verify the identity of enrollees on its platform,” Olatunji said, in a statement.

“Furthermore, NDPC will work with relevant agencies to audit the trials of the alleged unauthorised data processing and monetization of the same, and those who are found culpable for violating the Nigeria Data Protection Act, 2023 will be brought to justice.

The national commissioner further directed that preliminary findings of the investigation should be made public within seven days.

Meanwhile, the National Identity Management Commission (NIMC) has reiterated that it offers NIN verification and other services through licensed partners.

However, XpressVerify is not one of the Commission's licensed partners, it added.

It said, “We express our gratitude to our media partners and the whistleblowers for bringing this to our attention and wish to assure and legal residents that there is no data breach of any sort and the Citizens' data is safe and secure in Nigeria's National identity database.”

LEADERSHIP learnt that the director general and chief executive officer of NIMC, Engr. Abisoye Coker-Odusote has promptly ordered a comprehensive investigation into the matter to find out if any of the Commission's Tokenisation verification agents has in any way breach the licensing agreement either directly or through any of their sub-licensees.

Coker-Odusote affirmed the commitment of NIMC to data protection and privacy, and assured that no stone will be left unturned in ensuring the safety and security of the data of all enrollees. “Top-level security is in place to protect the NIN and other personal data of every citizen and legal resident.

“NIMC reaffirms its unwavering dedication to safeguarding, securing, and responsibly managing the data entrusted to us. The Commission understands the critical importance of maintaining public and confidence in our operations, and we will continue to uphold the highest standards of integrity and accountability,” she stated.

Be the first to comment

Leave a Reply

Your email address will not be published.