The Nigeria Data Protection Commission is currently examining more than 400 incidents of privacy violation related to online loan apps.
Instances of data privacy violation have become common recently because of the increase in digital lending platforms.
This information was shared by the commission in its 2023 Annual Report which was provided to The PUNCH on Thursday.
It observed that its ongoing inquiries have shown that “loan apps are overly intrusive.”
NDPC is also looking to prohibit or limit the use of phone numbers that lenders have used to violate their customers' privacy.
“They generally violate the principles of Data Protection and Privacy because they have access to contacts, pictures, messages, etc. of data subjects,” the commission stated.
This indicates that despite an April 2023 policy introduced by Google prohibiting loan apps from accessing photos and contacts of users, the practice has continued.
Recognizing that privacy violations by loan apps are a systemic issue, the commission stated it is also implementing a systemic solution by collaborating with other regulators and third-party platforms used by the lenders.
A user of a loan app, Haruna Michael, who spoke to our correspondent on Thursday, said that one of the digital lenders used his photos and tagged him as a fleeing criminal because he defaulted in paying the loan he received within the stipulated time.
He said his contacts were reached and he was reported as a fraudster.
“Over 400 cases of privacy breaches involving shadowy loan sharks are being addressed at the systemic level.
“The commission has now drafted the Nigeria Data Protection Act-General Application and Implementation Directive which addresses the abetment of data breaches, the need for data ethics and privacy by design and by default among others.
“Under abetment, the third-party platforms through which data privacy breaches take place will now be required to deny access to those who use their platforms for privacy breaches.
“Organisations, particularly communication networks should be willing to restrict or ban telephone lines that are implicated in privacy violations,” the commission said.
The NDPC added that it is also collaborating with regulators under the Joint Enforcement and Regulatory Taskforce to sanitise the digital lending space.
It noted that the Federal Competition and Consumer Protection Commission now requires lending companies to obtain data protection clearance from NDPC before operation.
