The Federal Government has begun investigating certain fast-loan operators, commonly referred to as “sharp sharp” lenders, over alleged breaches of customers’ data privacy.
The National Commissioner of the Nigeria Data Protection Commission (NDPC), Vincent Olatunji, disclosed this during an interview in Abuja, noting that authorities are aware of troubling practices by some digital lenders.
These loan providers, often described as loan sharks, operate largely online and offer quick, collateral-free loans to customers. However, concerns have grown over their methods of recovering debts, particularly regarding the misuse of personal data.
Olatunji explained that some operators allegedly gain unauthorized access to borrowers’ phone contact lists and use the information to reach out to family members and friends. In some cases, they are also accused of sharing personal images without consent and sending threatening or defamatory messages to pressure repayment.
He stressed the importance of public awareness, urging Nigerians to better understand their data rights and thoroughly review loan terms before accepting any offers.
According to him, such unethical practices are not limited to Nigeria but are a global issue, often worsened by borrowers’ failure to read and understand agreements before taking loans.
“Many people unknowingly expose their personal data because they do not go through the terms of the agreements they accept,” he said, adding that the largely digital nature of these businesses, often without physical offices, makes regulation more challenging.
Despite these challenges, Olatunji emphasized that all digital lenders must comply with Nigeria’s data protection laws. He noted that operators are required to obtain proper licensing and approval, particularly from the Federal Competition and Consumer Protection Commission (FCCPC), while adhering strictly to privacy standards.
He also highlighted the roles of other regulatory bodies, including the National Information Technology Development Agency (NITDA), the Nigerian Communications Commission (NCC), the Central Bank of Nigeria (CBN), and law enforcement agencies, in overseeing the sector.
Warning against violations, Olatunji stated that unauthorized access to individuals’ personal data, including contact lists, is a punishable offence, assuring that offenders would be held accountable.
On other ongoing investigations involving organisations such as Sterling Bank, Remita, and Temu, he said the commission is following due process to ensure fairness.
He revealed that a decision has already been reached in the case involving Sterling Bank, while investigations into Temu are still ongoing after the company requested additional time to respond to inquiries.
Olatunji reaffirmed that the NDPC remains committed to enforcing accountability among data handlers and ensuring that the personal information of Nigerians is adequately protected.