• Tuesday, November 05, 2024
businessday logo

BusinessDay

Dear 3rd world country, what do you need all my data for?

Dear 3rd world country, what do you need all my data for?

The first time I ever got fingerprinted in my life was not in a police station.

It was at a location of a mobile telecoms operator in Lagos nearly a decade ago when I went to do this newfangled thing called “SIM registration.” Whereas in the UK, nobody had ever asked me to do any such thing to have access to telecoms services, apparently Nigeria required my biodata, my address details, my employment details, my next of kin’s details and even my fingerprints because something something security, something something Boko Haram, something something fish out the perpetrators.

Over the next few years, I would get increasingly inured to the objectively absurd experience of having all my identifying data including fingerprints taken from me like a convict being booked into prison, every time I wanted to do anything involving the Nigerian government. Drivers licence? Full data capture needed. Passport renewal? Full data capture plus a picture of your grandma’s casket if possible. BVN? Spread your metaphorical cheeks in the banking hall. NIN? Well I never did that, but it too, I guess. PVC? You know the drill.

All this data – What for, exactly?

The first problem I have with the multiplicity of data collection processes that are springing up around Nigeria, Africa and the rest of the Global South is that I am yet to hear a cogent explanation as to why precisely, all this data is necessary. What are the collecting entities using it for? This is data that can theoretically be used to create an entire Nigerian citizen out of thin air – passport, BVN, voters card, mobile SIM, drivers licence and National Identification Number.

Read also: Nigerian telecom sector continues sluggish subscriber growth in November

Why does the MVAA (Motor Vehicle Administration Agency) for example, need a biometric database? What utility does the fact of a drivers licence being connected to a set of fingerprints serve, exactly? What added value does that create that a regular old drivers licence, such as that issued by just about every OECD country in the world, does not? If the licence is misplaced for example, does the existence of a biometric database hasten the sloth-paced process of reissue, which currently involves aggressive palm-greasing to motivate someone in uniform to press “Enter” on a computer keyboard?

Even the mobile SIM biometric database, I have been reliably informed, is a cosmetic waste of time. I got this information when I wondered aloud one day, asking why despite having your fingerprints, telcos make you present a police report and an affidavit to retrieve a lost or stolen SIM. A tech old timer who had a front row seat at the initial implementation of the SIM registration project sent me a private message informing me that the information in the database is practically useless to the telco.

According to him, the idea was not well conceived and its implementation was rushed and haphazard, leading to a situation where one individual can have multiple sets of biometric registration profiles without the system recognising them as the same person. In other words, the one thing which this project was intended to achieve – to link every mobile SIM in Nigeria to a real individual or entity with fingerprint authentication – has simply not happened. So again the question is, why do we have it at all?

Have they heard of data minimisation?

The second problem I have with the 3rd World’s newfangled obsession with digital data collection is this: Where and how is all this data being stored? Over the past few days, we have seen what appears to be a significant data leak from a Nigerian entity with access to at least 3 million profiles containing sensitive data such as NIN information. Denials notwithstanding, it raises the question of where this data was and how someone sitting in San Francisco could view NIMC cards belonging to existing Nigerian citizens.

It begs the question whether these 6 distinct duplicates of the exact same data that every voting, driving, travelling and financial service-using Nigerian must give up, are being stored according to suitable security standards. Are Nigerian agencies like the MVAA investing in the state-level standard of encryption security that should be used to store the data of Nigerians? Or are they simply Nigerian government agencies cutting corners and being cheap so as to profit from arbitrage like Nigerian government agencies do?

One would imagine that a less risky solution would be for a single centralised database to be created by aggregating all this data which has ALREADY been collected – there should be no need for any further disruptive “registration” exercise. Somewhere among my BVN, PVC, SIM and drivers licence details, you should have all the data you need to build out such a database.

You should not need to threaten to unplug my mobile number from telecoms services if I do not submit to yet another pointless exercise called NIN registration, “digital census” registration, or whatever hair brained idea a mediocre civil servant comes up with next. For the love of all that is good and pure, please make it stop.

Here’s wishing a Happy New Year to all my readers.

Socio-Political Affairs

Join BusinessDay whatsapp Channel, to stay up to date

Open In Whatsapp