Director-General of NITDA, Kashifu Abdullahi, disclosed in a statement on Friday that the development breached provisions of the Nigeria Data Protection Regulation, 2019.
According to Abdullahi, NITDA was reliably informed, and duly ascertained, that the LIRS published a web portal – https://lagos.qpay.ng/TaxPayer, where personal information of Lagos State taxpayers was gleaned by the general public in breach of the NDPR, 2019.
He added that agency had been informed that the LIRS had indicated that public access to the portal was a glitch from a consultant of the service and that the portal had been duly disabled.
He commended the LIRS for the swift remedial action in disabling the portal and pulling the website away from the public domain.
However, Abdullahi warned that the LIRS would not be insulated from “responsibility or culpability from whatever actions, civil or criminal, that may arise from such glitch.”
“We stress that such glitches are in breach of the NDPR and invariably the National Information Technology Development Agency Act, 2007,” he added.
Abdullahi said NITDA would go ahead to investigate the development.
“The agency will further investigate this breach and the circumstances surrounding it with the aim of assessing the impact of the breach as well as determine responsibility and culpability of data controllers or processors connected to the breach and prevent future occurrence.
“We also advise the public to be vigilant and to report immediately to NITDA or other law enforcement agencies if they notice that the information of any data subject on the LIRS database is further disclosed or used in any manner in violation of the NDPR,” he said.
The NITDA boss urged members of the public to cooperate with the agency in its bid to protect the personal and confidential information of Nigerians from misuse and abuse.