An investigation has been implemented by the National Information Technology Agency (NITDA) into a possible breach of privacy rights of Nigerians by the Truecaller service. This was stated in a press statement issued in Abuja on Monday. The agency is displeased with Truecaller for alleged breach of privacy rights of Nigerian users.
According to the CEO of the agency, Kashifu Inuwa, early findings by the agency showed that the Truecaller Privacy Policy is not in compliance with global laws on data protection and the Nigeria Data Protection Regulation (NDPR) in particular. According to NITDA, “The attention of the National Information Technology Agency (NITDA) has been drawn to the potential breach of privacy rights of Nigerians by the Truecaller Service. The Agency, in accordance with Section 6(f) of the NITDA Act 2007.
He said further findings also revealed that there are over seven million Nigerians who are active users of the Service, hence the need to enlighten the public on some of the areas of non-compliance as well as guide those affected.
‘‘The Truecaller Privacy Policy is made of two sets – one for those in the European Economic Area (EEA) and the other for those outside the EEA. Nigeria falls under the second category. Furthermore, every Nigerian user is contracting with Truecaller India. There are marked differences between both policies. A critical assessment of the policy revealed non-compliance with the NDPR. ‘‘The provision of the Truecaller Privacy Policy is clearly excessive and invasive of the privacy of its users. Article 2.3(2)d of the NDPR provides – when assessing whether consent is freely given, utmost account shall be taken of whether the performance of a contract, including the provision of a service, is conditional on consent to the processing of Personal Data that is not necessary (or excessive) for the performance of that contract,’’ said NITDA.
“Contrary to the expectation of many users, the Truecaller service collects far more information than it needs to provide its primary service.
Article 3 states that ‘Truecaller may also share personal information with third party advertisers, agencies and networks. Such third parties may use this information for analytical and marketing purposes.’
“It is global best practice for Users to be informed of the possible third-party processors’ information may be shared with and for what purpose. This Policy flaunts this rule which is also enunciated in the NDPR.
“The foregoing are samples of the many illegitimate provisions found in the Truecaller Privacy Policy and Terms of Service. The implications of these are far-reaching. The provisions of the policy can be exploited to put many Nigerians in unsavory conditions. In view of this, we urge all Nigerians to take advantage of Article 4 of the Truecaller Privacy Policy which provides – “If any persons do not wish to have their names and phone numbers made available through the Enhanced Search or Name Search functionalities, they can exclude themselves from further queries by notifying Truecaller via its website at www.truecaller.com or as set forth in the contact details below…” Members of the public may also decide to delist themselves from the Truecaller Service completely.
Read also: Internet set to reach 3.9 billion people worldwide
“NITDA would like to assure Nigerians that it will continue to monitor the activities of digital service providers with a view to ensuring that the rights of Nigerians are not unduly breached while also improving the operational environment to support ethical players in their bid to get maximum benefit from Nigeria.
“The National Information Technology Development Agency (NITDA) is a Federal Government Agency under the supervision of the Federal Ministry of Communications. NITDA is established in April 2001 to implement the Nigerian Information Technology Policy as well as coordinate general IT development and regulation in the country. Specifically, Section 6(a, b, c, f & m) of the Act mandates NITDA to create a framework for the planning, research, development, standardization, application, coordination, monitoring, evaluation and regulation of Information Technology practices, activities and systems in Nigeria; provide guidelines to facilitate the establishment and maintenance of appropriate infrastructure for information technology and systems application and development in Nigeria for public and private sectors, urban-rural development, the economy and the government; render advisory services in all information technology matters to the public and private sectors and accelerate internet and intranet penetration in Nigeria and promote sound internet Governance by giving effect to the Second Schedule of the Act.”