Connect with us

Finance

NITDA fines LIRS N1million for alleged breach of data protection regulation

 . Commences investigation into the activities, operations of 7 data controllers

Published

on

NDPR

Lagos Internal Revenue Service (LIRS) has been fined one million naira (N1million) for allegedly breaching the Nigeria Data Protection Regulation (NDPR).

The ​​National Information Technology Development Agency (NITDA) disclosed this in the Agency’s first NDPR Annual Performance Report 2019-2020.

LIRS

Backstory:

On December 2019, TechEconomy.ng reported that NITDA accused the Lagos State Internal Revenue Service, LIRS, of exposing taxpayers’ identity online.

The Agency said it was reliably informed and duly ascertained LIRS published a web portal – https://lagos.qpay.ng/TaxPayer – where personal information of tax payers of Lagos State was gleaned by the general public in breach of the Nigeria Data Protection Regulation (NDPR), 2019.

Although, the said portal has been disabled, however, NITDA said LIRS cannot be exonerated from the breaches, adding than more wide scale investigations have commenced on the matter.

DRIL file suit against NITDA and LIRS – EIE, PIN call for investigations

Meanwhile, Civil Society Organisations – Enough is Enough Nigeria (EiE) and Paradigm Initiative (PIN) – had expressed reservations over the ability and suitability of NITDA to play the role of a data protection agency in Nigeria.

In a joint statement issued on February 12, 2020, the CSOs said, “One would have thought the agency would work to prove doubters wrong by ensuring that violations against its regulations are duly punished.

“We are mindful that the Digital Rights Lawyers Initiative (DRLI) has filed suit No. FHC/L/CS/56/2020 against both LIRS and NITDA on the data breach seeking orders mandating NITDA to fine LIRS as provided under the NDPR to the tune of 2% of their annual gross revenue.

ALSO READ  COVID-19: Heritage Bank promises seamless service delivery to customers

“We are monitoring this process and we will work with the litigant to ensure it is seen to a reasonable conclusion.

NITDA gives update in new report

In the year under review, NITDA said it served 51 enforcement notices on data controllers who are perceived to have breached the provisions of the NDPR.

“Also, 180 compliance notices were served on Ministries, Departments and Agencies of government, one of which is the Lagos Internal Revenue Service (LIRS) breach.

“The LIRS was found to have exposed the personal data of some taxpayers in the process of harmonising historical tax data. NITDA initiated an investigation on LIRS and its major data processor. A fine of One Million naira (N1,000,000.00) (over $2,500) was imposed on the LIRS”, the NITDA report reads.

TechEconomy.ng gathered that the decision on fine value was reached by NITDA after considering the cooperation and prompt remedial actions taken by the LIRS in the course of the investigation.

“On the other hand, NITDA has commenced investigation into the activities and operations of seven (7) data controllers as part of its enforcement drive.

“The Agency is being mindful of the implications of negative publicity on business, hence refrained from making public statements on breach until the legal and procedural basis has been established”, NITDA said.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Advertisement
Advertisement
Advertisement
Advertisement

Facebook