The National Identity Management Commission (NIMC) has received $45.5 million from the World Bank thus far as part of the Digital Identification for Development (ID4D) project, which aims to increase the number of Nigerians applying for National Identification Numbers (NINs).
This aligns with current worries that, as Nigerians’ data is being bought online, the NIN database and other government organisations’ databases are unsafe. As per the Bank’s project execution report, the fund was dispensed in several instalments from December 2021 to April 2024, and the disbursement is currently in progress.
Read also: Nigeria’s Data Breach: NIMC names fraudulent sites, says public info is secure
The release of the $45 represents about 10.5% of the total project cost, which is $430 million.
While the June 1, 2024 deadline for enrolling 148 million Nigerians for the NIN has passed and Nigeria is still lagging, the Bank described the project’s progress as ‘moderately satisfactory’. NIMC recently disclosed that 107.3 million NIN had been issued as of April this year.
Need for Enhanced Data Protection Measure in Nigeria
Fund release for the project, which comprises a combination of loans and grants, was predicated on the institutionalisation of data protection.
Based on World Bank’s records, Nigeria was able to unlock the release of funding for the project with the passing of the law of the Nigeria Data Protection Act in June last year, which is a guarantee that all the data being collected will be adequately protected.
Despite a data protection law, Nigerians’ data security has been scrutinised by Paradigm Initiative, which promotes data rights throughout Africa. Then, there was the revelation that certain websites were selling Nigerians’ personal information taken from government databases such as the BVN, NIN, international passports, etc.
Gbenga Sesan, the Executive Director of Paradigm Initiative, stated that contrary to Saturday’s warning by NIMC that Nigerians should desist from sharing their data with illegal websites, the data being sold on the websites were sourced directly from the government’s databases.
How Can Businesses Mitigate Risks After Nigeria Data Breach?
The Paradigm Initiative Director warns of severe security implications for Nigerians due to a data breach by the Nigeria Data Protection Commission. The breach allowed a SIM to be obtained with the NIN, potentially enabling kidnapping.
Read also: World Bank Funds Ghana $250 Million and Nigeria $2.25 Billion
The NDPC has not yet responded to the data breach allegations, but the NIMC has debunked the claims for the second time within three months, admitting illegal data harvesting by websites.
In March, FIJ reported that expressverify.com, a private website, has unrestricted access to every registered Nigerian’s NIN database and personal details.
The Nigerian National Identity Card (NIMC) has restricted third-party access to its database, expressverify.com, following allegations of monetisation of NIN recovery. However, Paradigm Initiative’s latest discovery suggests unauthorised third parties still have access to Nigerian databases.