NITDA slams N1m fine on LIRS for alleged breach of NDPR

Honourable Minister of Communications and Digital Economy,  Dr Isa Ali Pantami, Executive Vice-Chairman,Nigerian Communications Commission(NCC),Prof.Umar Danbatta, Managing Director Nigeria Communications Satellites ltd,Dr Abimbola Alale,Managing Director,Galaxy Backbone ltd,Prof.Mohammed Abubakar,Director-General,National Information Technology Development Agency(NITDA),Mallam Kashifu Abdullahi,Chairman NITDA Governing Board, Dr Abubakar Saidu,Director-general,Nigeria Identity Management commission(NIMC),Engr.Aliyu Abubakar and other dignitaries at the Public Presentation of the NIGERIA DATA PROTECTION REGULATION (NDPR) Performance Report 2019-2020 in Abuja.

By Ibiyemi Mathew

The National Information Technology Development Agency (NITDA) has slammed N1 million fine on Lagos Internal Revenue Service (LIRS) for allegedly breaching the provisions of the Nigeria Data Protection Regulation (NDPR).

Revealing this at the Agency’s first NDPR Annual Performance Report 2019-2020 in Abuja, the agency said the LIRS was found to have exposed the personal data of some taxpayers in the process of harmonising historical tax data.

“NITDA initiated an investigation on LIRS and its major data processor. A fine of N1million (over $2,500) was imposed on the LIRS.”

Earlier in December 2019, NITDA had accused the Lagos State Internal Revenue Service, LIRS, of exposing taxpayers’ identity online.

The Agency said it was reliably informed and duly ascertained LIRS published a web portal – – where personal information of tax payers of Lagos State was gleaned by the general public in breach of the Nigeria Data Protection Regulation (NDPR), 2019.

Although, the said portal has been disabled, however, NITDA said LIRS cannot be exonerated from the breaches, adding than more wide scale investigations have commenced on the matter.

According to NITDA, “180 compliance notices were served on Ministries, Departments and Agencies of government, one of which is the Lagos Internal Revenue Service (LIRS) breach.”

“The Agency is being mindful of the implications of negative publicity on business, hence refrained from making public statements on breach until the legal and procedural basis has been established”, NITDA said.

“The decision on fine value was reached after considering the cooperation and prompt remedial actions taken by the LIRS in the course of the investigation.”

The agency also revealed that it has commenced investigations into the activities and operations of seven  data controllers as part of its enforcement drive.

The agency also provided regarding the year under review stating that it served 51 enforcement notices on data controllers who are perceived to have breached the provisions of the NDPR.