The agency, in a statement issued on Monday, September 23rd, said the violation is in accordance with section 6(f) of the NITDA Act 2017, which empowers it to render advisory services in all information technology matters to the public and private sectors.
The findings also revealed that there are over 7 million Nigerians who are active users of the Service, hence the need to enlighten the public on some of the areas of non-compliance as well as guide those affected," Abdullahi Inuwa, DG/CEO of the agency said on Monday.
What is the bone of contention
Checks by Business Insider SSA show the first part of the policy is for Non-EU users of Truecaller.
“When you create a user profile in the service and confirm being the holder of a certain number, Truecaller will collect the information provided by you. In order to create a user profile, you must register your first name, last name, and phone number. Additional information that may be provided at your option includes, but is not limited to, photo, gender, street address and zip code, country of residence, email address, professional website, Facebook page, Twitter address and a short status message.
“Truecaller may supplement the information provided by you with information from third parties and add it to the information provided by you e.g. demographic information and additional contact information that is publicly available.”
However, article 4 of the same policy states that individuals “can limit or opt-out of the collection and use of your information for ad targeting by third parties via your device settings.”
This is quite different from the policy statement carefully crafted for the European Union users.
Digital rights advocate says Nigeria is still suffering for lack of a proper data privacy law
Adegoke Adeboye, a Digital Rights Advocate/Public Policy Analyst, told Business Insider SSA in a telephone conversation on Tuesday, September 24th, that the issue with Truecaller infringement still has to do with absent of data protection policy in the country.
“This is a good approach to data protection and privacy in Nigeria, but NITDA is not going about it in the right way."
He said the country needs to formulate a data protection policy to be able to address the issue. "Nigeria has no regulations to check data breaches and violations and the same organisations fighting for this cause were part of those that sabotage the passage of the Data Protection Bill,” Adeboye said.
When Business Insider SSA reached out to Truecaller, the Sweden-based tech company said users’ privacy in Nigeria and globally is of utmost importance to it.
It stated further that for users to continue using the app for free, “we work with advertising partners such as Google and provide trusted partners with caller ID services.”
The world of communication is getting more complex, but we make your communication more safe and efficient. We make sure users understand what permissions are needed to make Truecaller work how they want.
“We are in the process of reviewing the comments made by NITDA and will give more information on it very soon,” the company said in a statement exclusively obtained by Business Insider SSA.
Nigerian government yet to enact a data protection law for its citizens
Data rights organisation, Paradigm Initiative, had called on the Nigerian government to enact a data protection law for its citizens.
Some of the data protection Bills formulated by the group and others include Data Protection Bill (HB02), Protection of Personal Information Bill (SB 310), and the Digital Rights and Freedom Bill (HB 490) in line with internationally recognised principles of data protection.
Nigerians like other African countries are still vulnerable and exposed by the absence of data protection law. If data breaches occur, there is no legally stipulated process, redress or resort for the aggrieved, no laws detailing data protection responsibilities on the data holders, no real laws to guide the judiciary.