The National Information Technology Development Agency (NITDA) in continuation of its efforts to address the alarming rates of data privacy abuse by money lending operators, has entered into a strategic partnership with the Federal Competition and Consumer Protection Commission (FCCPC).

Section 17(a) of the FCCPA, 2019 empowers the Commission to administer and enforce provisions of every Nigerian law with respect to competition and protection of consumers. NITDA has therefore found the FCCPC as a key stakeholder in its efforts to rein in the activities of some micro-money lenders who have formed a penchant for abuse of personal data of Nigerians. These operators execute this by abusing their personal data, breaching their privacy and sharing it with others who are not part of the initial contract.

The Agency has received over 40 petitions from members of the public on the personal data abuse of some lending companies. Our investigation led to the imposition of Ten million naira (N10,000,000) fine and other administrative sanctions on Soko Lending Company.

As an Agency focused on using its mandate to empower Nigerians and make them active players in the digital economy, NITDA is very concerned about the worrisome effect the nefarious activities of the money lending companies is having on families, friends, and the society at large. Some of the complainants had contemplated suicide, indicating that government needed to do more to protect vulnerable Nigerians.

The partnership with FCCPC will lead to a more robust and concerted regulatory approach which we believe would ensure that Nigerians get necessary reprieve from the illegal use of their personal data for money lending operations. The partnership would entail joint investigations, enforcement and possible prosecution.

We therefore use this medium to inform all money lending operators and other data controllers and processors that NITDA is set to enforce the privacy right of Nigerians in line with the Nigeria Data Protection Regulation (NDPR) 2019. Controllers and Processors who seek guidance on Compliance with the NDPR should contact NITDA licensed Data Protection Compliance Organizations (DPCO).

 

Mrs. Hadiza Umar, mcipr, m.apra, mcipr

Head, Corporate Affairs and External Relations,

NITDA