Latest Headlines
DATA PROTECTION AND LESSONS FROM TIK TOK

Personal data must be guarded jealously
Although TikTok has teamed up with the National Information Technology Development Agency (NITDA) and Data Science Nigeria (DSN) to expand digital safety awareness in Nigerian communities, the current travails of the company in the United States should also be a lesson to the authorities in the country. This interest should be about the importance of data protection. In a unanimous decision last month, the US Supreme Court upheld a law banning TikTok in the country on national security grounds if its Chinese parent company ByteDance would not sell the short-video app.
In Nigeria, data breaches have become rampant as a growing number of private companies use the personal information of citizens for marketing or other reasons unrelated to those for which it was originally obtained, without consent. Last June, Paradigm Initiative, a civil society organisation that works with young people across the continent, confirmed an online report that the National Identity Numbers (NINs), Bank Verification Numbers (BVNs), and other sensitive personal information of Nigerians were available for sale online. “We were able to confirm that what they were selling is NIMC (National Identity Management Commission) data and we have proof. We got the NIN slip of the Minister of Communications, Innovation, and Digital Economy, Bosun Tijani”, said the executive director of the organisation, Gbenga Sesan. He reaffirmed that the data of Nigerians being sold online were sourced directly from government databases. “We got the NIN slip of the number one data regulator in Nigeria, Vincent Olatunji. We bought them for N100 each to demonstrate that this is not a joke.”
Following public reactions, the NIMC ordered an investigation regarding allegations of unauthorised access to the commission’s database. A shadowy organisation that is not one of the commission’s licensed partners was alleged to be responsible but there must also be collaborators within. “NIMC reaffirms its unwavering dedication to safeguarding, securing, and responsibly managing the data entrusted to us,” the NIMC director general and chief executive officer, Abisoye Coker-Odusote said at the time. Up till now, nothing has been heard about the matter.
From the Central Bank of Nigeria (CBN) to the Federal Road Safety Corps (FRSC) to the Nigeria Immigration Service (NIS) and others, Nigerians are daily subjected to a multiplicity of data collection without any protection. In recent months, all the telecoms’ networks in the country have directed their clients to link up their Subscribers Identification Module (SIM) with NIN which have also been largely complied with. Meanwhile, Nigerians are submitting their data to authorities that are careless. Last year, the Nigeria Data Protection Commission (NDPC) announced that it was investigating two frontline banks in connection with alleged “unlawful disclosure of banking records to a third party, unlawful access, and processing of personal data.” At about the same period, the commission said it was investigating 110 companies for what it called “data breach”, stating that these firms included online lending companies, banks, telecoms companies, and gaming companies. We do not know what has happened to that investigation.
In a resolution adopted by the General Assembly on 18 December 2013, titled ‘The right to privacy in the digital age’, the United Nations called on member States to institute laws to put an end to illegal data collection and abuse of individual privacy. As of year-end 2024, Nigeria’s connected population has exceeded 164 million phone lines and over 139 internet connection across the country. Yet, data privacy breaches and related infractions continue to pose clear and present danger to Nigeria’s connected millions. If there is any lesson to take from the TikTok controversy, it is that the federal government must assert decisive action on data protection and safeguard of privacy of Nigerians.