The recent report of a Joint Admissions and Matriculation Board (JAMB) computer-based test (CBT) manager chatting up a 15-year-old candidate using information accessed during her exam registration brings to light the need for strict enforcement of data privacy laws in Nigeria.
Development Diaries reports that JAMB has arrested the manager after the candidate’s mother raised concerns on her X account regarding an alleged breach of her daughter’s data protection rights.
It is understood that the issue was discovered when the candidate’s mother, who registered her daughter using her mobile number, started receiving strange texts on her phone soon after the registration procedure.
The Nigeria Data Protection Act was signed in June 2023 by President Bola Tinubu to address data privacy violations such as this, but how well has it been enforced?
As pointed out by the Executive Director of Paradigm Initiative, Gbenga Sesan, government agencies are some of the biggest violators of data protection policies in the country.
To this end, it is important to establish an impartial and effective regulatory commission to supervise data protection and privacy issues and supervise data controllers and data processors.
Recall in 2019, the Nigeria Immigration Service (NIS) posted the passport data page of a Nigerian resident, Jeffrey Ewohime, in the United Kingdom on their social media page without his consent. The action of the NIS at the time put Ewohime’s personal data in the full glare of the public.
The Data Protection Act imposes responsibilities on organisations to handle personal data responsibly. This accountability is expected to encourage businesses to implement robust data protection measures, conduct regular audits, and invest in cybersecurity infrastructure, ultimately reducing the likelihood of data breaches.
Development Diaries calls on JAMB to implement corrective measures, which may involve improving security protocols, updating systems, and providing additional training to staff on data protection, to prevent a similar breach in the future.
Also, the examination body must keep the public informed about the actions taken to address this incident. Transparency is crucial for maintaining trust.
Furthermore, we call on all private and public organisations and institutions to take crucial steps towards implementing the Data Protection Act to avoid violations.
