Privacy International critical of Nigerian eID cards
Privacy International critical of Nigerian eID cards
Nigeria's electronic identity card scheme in partnership with MasterCard puts personal data at risk and could exclude millions of people, according to human rights watchdog organisation Privacy International.
The country's National Identity Management Commission (NIMC) began rolling out the cards last year, as part of its efforts to create the country's first central National Identity Database and provide proof of identity to Nigerians 16 years and older.
The eID card has 13 applications within it, most associated with personal information, though through the collaboration with MasterCard one applet includes prepaid payment technology in an effort to provide millions of previously unbanked Nigerians with the ability to make electronic payments.
However, Mike Rispoli, spokesman for Privacy International, told ITWebAfrica his organisation had concerns about the safety of the personal data of individuals obtaining the cards, particularly in light of the involvement of a private, commercial company such as MasterCard.
"In a democratic society, national ID cards tend to fall within a spectrum where it is mandatory and very limited in its use, or truly voluntary and expansive in its use," Rispoli said.
"No matter where it falls on the spectrum, national ID cards must have strong legal and technological safeguards that protect the right to privacy. Nigeria is failing terribly on both counts. Sadly, governments too often see the opportunity in shiny ID systems to spend a lot of money and to accumulate vast new stores of information on their citizens."
Rispoli said given the country's history of corruption, it was inevitable it would find its way into the ID card scheme, as it had in India despite claims it was technologically impossible.
"Nigeria's weaker legal safeguards pose significant threats to privacy. Anytime that a vast and expansive identity system with weak protections is built, it runs the serious risk of being abused," he said, adding "serious questions" needed to be answered as to what happens when there are errors or fraudulent activities occur.
The danger of MasterCard obtaining access to the personal data of citizens is also a concern for Privacy International.
"To our knowledge, the country has not outlined a way to protect citizen's information from being shared commercially with MasterCard. It is possible that every time the card is used, both the government and MasterCard will find out where it was used, how it was used, for what purpose. It will create a map of a Nigerian's every interaction in daily life," Rispoli said.
"In our experience, government identity cards have been more about excluding people rather than giving them rights. Nigeria's system is going to create a vast excluded class - ironically who will have some vestige of privacy. Those who sign up to the scheme will be tracked across their lives. And the government and most likely Mastercard will have even more information on nearly an entire nation."
However, Daniel Monehin, division president of MasterCard for Sub-Saharan Africa, said the company was simply providing the payments technology for 13 million of the eID cards as part of the pilot programme, and would have no access to the other types of data on the card.
"It is important to note that MasterCard is not involved in the identification component of the programme and cannot access the National Identification Database or any citizen's personal or biometric information. We also never collect personal information of cardholders," he said.