It’s no news that Nigeria currently does not have a centralised database and the National Identity Management Commission (NIMC) is probably cool with that.
The NIMC Act No. 23 of 2007 mandated the commission to establish, own, operate, maintain and manage the National Identify Database in Nigeria. The commission was also empowered to assign a Unique National Identification Number, and also harmonize and integrate existing identification databases.
This post is not to discuss the reason behind the establishment of NIMC in the first place but what happens to our details collected by other government agencies. From the SIM card registration, to National electronic ID card, voters’ registration, LASRA – we keep giving out confidential details about ourselves with little or no consideration for the protection of our information.
The most recent Bank Verification Number registration exercise was started earlier in 2014, by the Central Bank of Nigeria, through the Bankers’ Committee, to have a centralised biometric identification system for the nation’s banking system. Did you just ask why NIMC was established?
Now the real question – are we really protected?
The only trace of data protection I came across is the Guidelines on Data Protection draft published by the National Information Technology Development Agency (NITDA) in September 2013.
We might want to ask questions like how tough is it to access the SIM registration database or that of voters’ registration exercise, even when there are scenarios where registered voters’ details are missing? Who can access these databases and how?
Various collectors of personal (including biometric) data promise diverse security features but how do you seek redress in cases of abuse?
— 'Gbénga Ṣẹ̀san (@gbengasesan) July 2, 2015
We have our data flying around yet there are no laws protecting us from its misuse.
The Data Protection law if in existence in the country is expected to control how our personal information is used by organisations, businesses or the government, and everyone responsible for using the data has to follow strict rules called the data protection principles.
And let’s allow one of Gbenga Sesan’s tweets on this matter be our last question:
What if your now-unprotected biometric data is planted in a terrorism scenario, by a government/entity that doesn't like you? Or in error?
— 'Gbénga Ṣẹ̀san (@gbengasesan) July 2, 2015
