*NIMC Dismisses News On Data Breach
*NDPC To Investigate Report
THE National Identity Management Commission (NIMC) and Nigerian Communications Commission (NCC) have partnered to enhance processes related to the National Identification Number (NIN)-SIM linkage.
According to a statement jointly signed by NCC Director Public Affairs, Dr. Reuben Muoka, and Technical Adviser, Media and Communications to NIMC, Ayodele Babalola, on Sunday, March 17, in Abuja, the organisations acknowledged that in recent times, the NIN-SIM linkage exercise has become subject of national discourse, reflecting the critical importance of aligning SIM registrations with individuals’ unique national identification numbers.
The statement read: “Recognising the significance of this initiative in enhancing security and improving service delivery, both NIMC and NCC are committed to improving processes and enhancing efficiency.
“NIMC and NCC will work closely to explore synergies and leverage each other’s expertise and resources in some key areas.”
While streamlining the NIN-SIM linkage process, the two agencies agreed to collaborate to ensure a seamless experience for Nigerian telecommunication subscribers.
“This includes exploring innovative approaches to facilitate the swift verification and authentication of NINs during SIM registration and activation processes.
“Capacity building and public awareness, both agencies will collaborate on initiatives aimed at enhancing public awareness and understanding of the NIN-SIM linkage requirements.
“These include educational campaigns, training sessions for stakeholders and the dissemination of accurate information to the public to encourage compliance with the linkage directives.
“Data Verification and Validation: NIMC will continue to extend its support to NCC by providing assistance in verifying National Identification Numbers (NINs) associated with SIM registrations.”
The agencies noted that telecommunication operators would validate submitted NINs to ensure accuracy and integrity of subscriber data when leveraging NIMC’s robust database and authentication infrastructure.
On policy harmonisation and regulatory framework, they added that NIMC and NCC would collaborate on aligning policies and regulatory frameworks to facilitate the seamless integration of NIN-SIM linkage processes within the telecommunications ecosystem.
“This includes harmonising data protection and privacy regulations to safeguard the confidentiality and security of subscriber information.
“Both NIMC and NCC are committed to fostering a collaborative and transparent partnership that prioritises the interests of Nigerian citizens and promotes national development.
“By pooling our resources and expertise, we aim to overcome the challenges associated with the NIN-SIM linkage exercise and ensure its continued successful implementation.”
Meanwhile, NIMC has dismissed reports that its database was compromised as a result of the undersea cable cut that disrupted services of banks and telecoms operators in Nigeria.
NIMC, in a statement by its Head of Corporate Communications, Mr. Kayode Adegoke, in Abuja, assured Nigerians of safety and protection of their data.
The assurance was response to report from some sections of the media concerning an alleged breach of citizens’ data by a private organisation, XpressVerify.
NIMC said: “We express gratitude to media partners and the whistleblowers for bringing this to our attention and wish to assure Nigerians and legal residents that there is no data breach of any sort and the citizens’ data is safe and secure in the Nigeria’s national identity database.”
Director General of NIMC, Abisoye Coker-Odusote, had ordered a comprehensive investigation into the matter to find out if any of the Commission’s tokenisation verification agents has in any way breached the licensing agreement either directly or through any of their sub-licences.
She stated that top-level security was in place to protect the NIN and other personal data of every citizen and legal
resident.
NIMC reaffirmed its unwavering dedication to safeguarding, securing and responsibly managing the data entrusted to us, adding that it understands the critical importance of maintaining public trust and confidence in its operations and would continue to uphold the highest standards of integrity and accountability.
Recall that the NCC had explained that repair works were ongoing on the undersea cable cuts that resulted in equipment faults on the major undersea cables along the West African coast on Thursday, march 14, leading to Internet service disruption.
The West Africa Cable System, MainOne and ACE sea cables, arteries for telecommunications data, were all affected, triggering outages and connectivity issues for mobile operators and Internet service providers in the region.
MainOne, on Friday, March 15, said an “external incident” resulted in a cut to its cable system in the Atlantic Ocean, offshore Cote D’Ivoire, along the coast of West Africa, even as it ruled out human activity as a cause.
It stated that its preliminary analysis would suggest some form of seismic activity on the seabed resulted in a break to the cable, adding that it would obtain more data when the cable is retrieved during repair.
Reuters quoted MainOne as saying: “Given the distance from land, and the cable depth of about 3 kilometres (1.86 miles) at the point of fault, any kind of human activity- ship anchors, fishing, drilling, etc- has been immediately ruled out.”
The incident negatively impacted data and fixed telecoms services in several countries of West Africa, including Nigeria, Ghana, Senegal, Côte D’Ivoire, among others.
However, the NCC, in a statement, said operators of the damaged cables had commenced repairs and Internet services were gradually being restored.
“Cable companies- West African Cable System (WACS) and African Coast to Europe (ACE) in the West Coast route from Europe- have experienced faults, while SAT3 and MainOne have downtime.
“Similar undersea cables providing traffic from Europe to the East Coast of Africa, like Seacom, Europe India Gateway (EIG) and Asia-Africa-Europe 1 (AAE1) are said to have been cut at some point around the Red Sea, resulting in degradation of services across on these routes.
“In Nigeria and other West African countries, Internet access and speed have experienced disruptions in the networks of service providers in the affected countries,” the NCC said in the statement.
However, the Nigeria Data Protection Commission (NDPC) said it would investigate the alleged unauthorised access to the personal data of enrollees by the NIMC.
NDPC’s National Commissioner, Dr. Vincent Olatunji, said in a statement in Abuja on Sunday, March 17, signed by the Head of Legal, Enforcement and Regulations, Babatunde Bamigboye: “This investigation is a further regulatory measure to be taken by NDPC in the wake of public concerns over reports of illegal access to personal data of enrollees by a shadowy entity, called XpressVerify.com,”
Olatunji recalled that the NDPC, while engaging with NIMC on fostering adequacy of data protection and consequently, had a workshop in February, this year, as one in a continuum of measures being put in place by the federal government to ensure data privacy and protection.
“We note that NIMC has initiated internal investigation and has immediately given full assurance of cooperation with NDPC.
“NDPC will get to the root of the allegation and review existing mediums through which any entity may lawfully verify the identity of enrollees on its platform.
“Furthermore, NDPC will work with relevant agencies to audit the trails of the alleged unauthorised data processing and monetisation of same,” he said.
Olatunji noted that those found culpable in violating the Nigeria Data Protection Act, 2023, would be brought to justice, saying he had directed that preliminary findings of the investigation should be made public within seven days.
