The National Commissioner, Nigeria Data Protection Commission (NDPC), Dr Vincent Olatunji, has ordered a full-scale investigation in respect of allegations of unauthorised access to the personal data of enrollees in the database of the National Identity Management Commission (NIMC).
A statement signed by Head of Legal, Enforcement and Regulations, NPDC, Babatunde Bamigboye, on Monday, said the investigation is a further regulatory measure to be taken by the commission in the wake of public concerns over reports of illegal access, to personal data of enrollees by “a shadowy entity” called XpressVerify.com.
It would be recalled that before now, NDPC has been engaging with NIMC on fostering adequacy of data protection.
To this end, NDPC said that it held a training with relevant officers of NIMC in early February 2024, as a measure being put in place by the Federal Government to ensure data privacy and protection.
“We note that NIMC has initiated an internal investigation and it has immediately given full assurances of cooperation with NDPC to get to the root of the allegation and to review existing mediums through which any entity may lawfully verify the identity of enrollees on its platform.
“Furthermore, NDPC will work with relevant agencies to audit the trails of the alleged unauthorized data processing and monetization of same, and those who are found culpable for violating the Nigeria Data Protection Act, 2023 will be brought to justice,” the statement said on part.
The National Commissioner further directed that preliminary findings of the investigation should be made public within seven days.
