Seventy-Three Million People Lose Partial Access to Mobile Phone Networks in Nigeria For Not Having Digital ID

As the World Bank drives the implementation of digital ID programs across the Global South, including in Nigeria, its fellow Bretton Woods institution, the IMF, is doing much the same for central bank digital currencies (CBDCs).

“I would never want to get a digital ID.”

Those are the words of Ann Cavoukian, who knows a thing or two about digital identity  platforms having served three terms as privacy commissioner for the Canadian province of Ontario (1997-2014), which is now developing its own digital ID system. She is renowned for pioneering the concept of privacy by design, which takes privacy into account throughout system engineering processes.

Now serving as executive director of the Global Privacy and Security by Design Centre, Cavoukian has expressed fears that digital ID systems will fall victim to identity theft and online accessing of data by unauthorized third parties. These are just two of the many concerns the digital ID programs rapidly being rolled out around the world throw up. Another is their potential to exclude people — particularly those already on the margins — from being able to participate in the economy or society.

Cutting Off 73 Million People

Nigeria’s government, determined to speed up public adoption of its mandatory digital ID, just gave one example of how this could happen. To encourage (to put it kindly) citizens to get with its ID program, it has barred anyone who isn’t registered in the national digital identity database from being able to make outgoing calls from their mobile phones. The move has affected some 73 million people, according to a Thomson Reuters article.

That is roughly a third of the West African nation’s just over 200 million inhabitants. Considering just under half of Nigeria’s population is under the age of 15, many of whom presumably do not own a smartphone, it means the vast majority of Nigerians are currently unable to use their mobile phones to make outgoing calls. Given how important mobile networks are in Sub-Saharan Africa, serving as the only form of internet access for many, the impact will have been huge. Here’s more from the Reuters piece:

Nigeria is among dozens of African countries including Ghana, Egypt and Kenya with SIM registration laws that authorities say are necessary for security purposes, but digital rights experts say increase surveillance and hurts privacy.

Nigeria has been rolling out 11-digit electronic national identity cards for almost a decade, which record an individual’s personal and biometric data, including fingerprints and photo.

The National Identity Number (NIN) is required to open a bank account, apply for a driver’s license, vote, get health insurance, and file tax returns.

Multiple Functions

The government says digital identity is needed to bolster security and identify criminals as it battles insurgents and armed bandits who have kidnapped hundreds of people for ransom. A similar argument was used by the government of Mexico to justify the proposed creation of a National Register of Mobile Telephone Users, a centralized database containing the line number, date and time of activation for each user, their full name and biometric data, among other information.

Besides serving as a national ID card, Nigeria’s digital ID number (NIN) has multiple other functions, says French military contractor Thales Group, one of the companies contracted to help implement Nigeria’s digital ID system. It will also serve as a travel document, an electronic ID, a biometric e-ID (containing the holder’s 10 fingerprints and photograph captured during the registration process) and a payment card. In the second phase of its implementation, complementary applications such as an e-drivers’ license and other e-services, including eVoting, eHealth, and eTr​ansport​, will be included.​

The National Identification Number (NIN) is mandatory for all Nigerian citizens and legal residents in the territory of the Federal Republic of Nigeria. But most people are still not registered. According to the local Guardian newspaper, as of March 31, 2022, 126.7 million Nigerians did not have a national identity number. In 2020, Nigeria’s telecommunications regulator declared that every active mobile phone number must be linked to the user’s NIN. It then repeatedly extended the deadline until April 4 this year, as Reuters reports:

The government said outgoing calls were being barred from April 4 from any mobile phone numbers that had not complied.

Millions of Nigerians have not registered their SIM cards, for reasons ranging from concerns over privacy to problems reaching registration centres or not having a NIN.

“There have been no reasonable explanations as to why we have to link NIN to our SIM,” said Nneka Orji, a journalist in southeast Nigeria who has not registered her SIM.

“For that reason, I am not ready to do that,” she told the Thomson Reuters Foundation. She now relies on WhatsApp to make calls, even though not all of her contacts use the messaging service.

Data Privacy and Security Fears

In Nigeria, some citizens in rural areas may lack the means to travel to registration centers, of which there are nearly 800, according to official data. Others fear their personal data, including their most personal data of all — their biometric information — will be compromised or shared with third parties:

“I don’t think the NIMC and telcos have the right infrastructure to protect my data,” said Favour Akachukwu, a call centre agent in Ibadan in southwest Nigeria, who has not registered his phone.

Akachukwu said he has received numerous calls from fraudsters who had his 11-digit bank verification number – which is required to hold a bank account in Nigeria – and were trying to get further details from him to access his account.

Privacy activists have cautioned that African governments are increasingly using new technologies and laws to expand surveillance of citizens and dissidents. Nigeria’s order to bar unregistered phones is “an infringement on the rights to freedom of expression and privacy” guaranteed by its constitution, human rights lawyer Festus Ogun, managing partner at Festus Ogun Legal in Lagos, told Reuters.

In theory, Nigeria has a data protection act in place — the so-called Nigerian Data Protection Regulation (NDPR), which came into being in 2020 after a long process of public consultation. But as the online newspaper Premium Times reported in November, 2021, the government is now seeking to rewrite the rules with the help of an external (as in overseas) consultancy firm. It will pay for the consultancy’s services with a loan applied for from the World Bank, the French Development Agency (AFD) and the European Investment Bank (EIB).

Experts in Nigeria have expressed umbrage that the federal government is planning to engage consultants for a process that “had already been concluded” by relevant stakeholders in 2020. One expert, who did not want his name mentioned due to the sensitivity of the position he holds in the digital ecosystem, said:

“What will a World Bank consultant do differently that competent government agencies and industry professionals have not done in the 2020 Bill they worked on tirelessly last year? Also, what is the rationale behind seeking a World bank grant? Is it to feather the nest of some government officials? Are we saying it is right for World Bank to set the stage and determine the bill that will affect our data sovereignty as a nation?”

World Bank Driving Adoption of Digital ID Programs, Including Among Dictatorships

Nigeria’s digital ID program is already largely funded by the World Bank, which is driving digital ID adoption around the world, particularly in the Global South, through its Identity for Development (ID4D) program. The ostensible goal behind the program is to provide legal identity to the 1.1 billion people, mainly in Asia and Africa, who do not currently have one. This is in line with the UN’s Sustainable Development Goal 16.9, which aims to ‘’provide legal identity for all, including free birth registrations’’ by 2030.

To date, the World Bank has “assisted” 41 countries in this endeavor, by conducting country assessments, providing technical advice, and funneling the funding necessary for their development and implementation. The list includes a fair number of unsavory regimes that would like nothing more than to expand their surveillance and enforcement capabilities and powers — something digital ID programs, deployed alongside other forms of AI-enabled surveillance technologies, can certainly offer.

The ID4D program was launched in 2014 with “catalytic contributions” from the Bill & Melinda Gates Foundation (quelle surprise!) as well as the UK Government, the French Government, the Australian Government and the Omidyar Network. According to the World Bank Group’s website, it is a “cross-sectoral platform that creates and leverages partnerships with United Nations agencies, other donors, non-government organizations, academia, and the private sector” with the goal of “help[ing] countries realise the transformational potential of digital identification systems.”

The Nigerian government received additional financing for its digital ID program from the French Development Agency and the European Commission, which appears to be externalizing its migration/deportation policy by pushing countries that provide large inflows of migration into the EU (mainly Africa, the Middle East and non-EU member states in the Balkans) to set up biometric databases and digital identity programs.

World Bank + IMF = Digital Identity + CBDC

The digital ID programs are wrapped up in cozy buzz words such as digital development, social protection, gender issues and financial inclusion. But digital ID systems can also be weaponized by authorities to exclude millions of people from access to the most basic services and amenities, as the NGO Access Now warned in October 2021:

As it stands, governments are making digital identity systems central to our lives, including making them requirements for access to vital government services and assistance, without the necessary input from civil society. At a pre-summit panel discussion, Digital ID for Inclusive Development? Emerging evidence on social exclusion and its broader implications, the panelists presented cases demonstrating patterns of exclusion in IndiaUganda, and Kenya. They showed how digital identity programs are creating barriers to access to legal identity and public services for many people, while exacerbating inequalities and perpetuating systemic discrimination.

Interestingly, as the World Bank pushes the development and implementation of digital ID programs in the Global South, its fellow Bretton Woods institution, the International Monetary Fund (IMF), is doing exactly the same for central bank digital currencies (CBDCs), both in the Global South and North. As the FT recently reported, central bank digital currencies will almost certainly have to go hand in hand with digital IDs:

What CBDC research and experimentation appears to be showing is that it will be nigh on impossible to issue such currencies outside of a comprehensive national digital ID management system. Meaning: CBDCs will likely be tied to personal accounts that include personal data, credit history and other forms of relevant information.

It just so happens that Nigeria is one of the first jurisdictions on planet Earth to have  launched a central bank digital currency (CBDC): the so-called e-Naira, which as the IMF’s African department said in November 2021, is drawing substantial interest from the outside world, including from central banks. While central banks insist that CBDCs are intended as  complementary to rather than a replacement of physical cash, Thales Group’s own communications suggest otherwise: one of the “ambitious aims” of Nigeria’s national identity program, says the military contractor, is the creation of a cashless society.

Print Friendly, PDF & Email

32 comments

  1. You're soaking in it

    On the one hand, “Nigerian Data Protection” is a phrase ripe for online meme creation. On the other hand, I live in the US, so people in glass digital houses, etc.

    Reply
  2. ambrit

    This is a cautionary example of the truth behind the old “Conspiracy Theory” of the ‘Number of the Beast’ style programs.
    The Panopticon is being rolled out. While the original Panopticon was designed to ‘reform’ the prison system of Olde England, this one has the seeds of turning Civil Society into one vast, all encompassing prison.
    Cynicism has become a survival trait.

    Reply
  3. Nigerian

    Right.

    It becomes less straightforward when you realise that the government gave people months to link their lines and that terrorists use burner SIM cards to coordinate their activities.

    Reply
    1. T_Reg

      “You’ve had MONTHS to come in and get your complimentary anal probe. What’s your problem?”

      And terrorists. Oooh. And the children! It’s for the children! /s

      Reply
      1. Fritzi

        To be fair, I think it makes a real difference if terrorists means the occasional psychos who blow up stuff, but where you are still more likely to be killed by lightning…

        Or if by terrorists one means well organised and armed paramilitary groups capable of making open war on the government, that could conceivably take over the country at some point.

        The later being very much a thing in various African countries after all.

        Reply
  4. Louis Fyne

    There really needs to be a “freedom to transact” — right to have a bank account, phone account in the US Constitution.

    1st amendment is worthless if you are blacklisted from having a phone number or have your bank account frozen (Canada)

    Reply
  5. Eureka Springs

    Imagine what a government or IMF/World Bank which can and will do things like this to 73 million people without digital I.D. will do once most are locked in. Imagine finally getting through to Karen on a phone help line after months of trying to convince her info on your file is incorrect. Basic renewal of a U.S. passport now costs 135 bucks and requires one has a printer. The amount of info now required for a State issued I.D. should more than suffice to make it a passport equivalent nowadays.

    Reply
  6. Carolinian

    I’ve been reading an interesting book called The Address Book that is about the origins and purposes of street names and house numbers. Ancient Rome didn’t have them but in 18th century Austria Maria Theresa decided she needed to know where all her subjects were in order to locate conscripts for her army and also who to tax. And so government officials went around painting house numbers on all the houses to give them a “digital ID.”

    Since absolute monarchs liked to use their armies, and the taxes that paid for them, to further their feuds with other absolute monarchs many at the time rightly viewed this as a sinister development–even if it did help with delivering mail. A total analogue with now? Our big money selected functional monarchs are even still fighting over eastern Europe.

    Reply
  7. Thuto

    The uneasy dance between privacy and security isn’t as easily resolved as privacy advocates like to suggest, certainly not in a country like Nigeria where the links between unregistered SIM cards and a deteriorating security situation are very real and well documented. A friend who worked as an executive at the South African telecoms firm MTN, the largest mobile operator in the Nigerian market, says unregistered SIMs and their use by the likes of Boko Haram to organize terror attacks and kidnappings is a vexing problem for the company and the Nigerian government. While the concerns raised by this post are valid, I think the tendency by privacy advocates to label any attempts at using surveillance to bolster the security apparatus of countries facing an insurgency threat as justifications by governments to trample on the privacy of citizens is a gross oversimplification of a complex issue. Is there a risk of overreaching by the government if surveillance laws don’t come with sufficient guardrails? Sure, but in a country like Nigeria, there’s a corresponding risk of an insurgency running amok if the government “over-indexes” on privacy when engaging in policymaking, which is another way of saying there are no easy answers, and the motives of the government, while certainly open to abuse in the hands of the wrong politicians, aren’t as malign in this case as privacy advocates suggest.

    Reply
    1. flora

      Sometimes very bad things come wrapped in very attractive packages. Call it the Trojan Horse effect. I’m thinking of the anti-terrierism laws passed in the US in the last 20 years on the premise of “keeping us safe”. (attractive package) The real result has been undermining the Bill of Rights, secret courts and secret warrants, a proliferation of the MIC. (that’s the very bad thing).

      Reply
      1. Thuto

        Far be it from me to be dismissive of the threat of governments passing repressive laws under the guise of “keeping the population safe”. However, the situation in Nigeria is, I say again, quite complex and an absolutist stance on this vis a vis privacy is tantamount to pitting what COULD happen (I.e. government overreach and the emergence of a surveillance state) with what IS happening (unregistered SIMs being used by terror groups to terrorize the very population whose privacy may be trampled upon) and deciding that what is happening is of secondary importance. I’m framing it in such stark terms precisely because I mean to emphasize that it’s exceedingly difficult for the Nigerian government to balance the demands of privacy advocates with the need to bolster its capacity to foil terror attacks.

        Reply
        1. David

          Have to agree. Most people who know both countries would not easily confuse Canada with Nigeria: the issues are slightly different. The Nigerian mafia is the most powerful in Africa, and is extremely sophisticated and violent. The situation in the North of the country, with Boko Haram and its friends, is pretty much out of control. People are dying, in large numbers.

          Burner SIM cards are indeed a favourite tool of terrorists, for obvious reasons. The best-known case is probably the assassination of the Lebanese PM Rafiq Hariri in 2005, which was a very sophisticated operation over several weeks, involving multiple networks of burner phones. I’d be inclined to turn the question around: what acceptable figure of real dead people justifies a theoretical invasion of privacy, given that neither prefect security nor perfect privacy is ever possible?

          Reply
          1. Thuto

            Exactly David, with Boko Haram able to coordinate its activities unrestrained by state security surveillance, the price of over-indexing on privacy is scores dead and hundreds of schoolgirls kidnapped while learning in Northern Nigeria, week after week, month after month. Sometimes a government just has to operate within its own context (as you say Canada can’t be likened to Nigeria), grit its teeth and go with the lesser of two evils, and weather the storm of criticism from activists (known more colloquially as “doing what needs to be done”).

            Reply
    2. Societal Illusions

      You bring a dose of reality to this. Sure, in a perfect world their is no malicious governemnt activity or individual security issues arising from this security apparatus, but for every obstacle to crime use implemented does it not just open the door to a different criminal solution to avoid being tracked? I can imagine a few quite readily.

      Reply
      1. Thuto

        That game of cat and mouse between governments fortifying their surveillance capabilities and criminal networks “upgrading” their evasive countermeasures is always on going. My view is that a government should solve what’s put in front of it (in this case requiring all sim cards to be registered) while also attempting to anticipate and close the loop holes that rogue actors may exploit to circumvent its actions.

        Reply
    3. bold'un

      Good point; but what about roaming rights for foreign sims? If this is allowed, then criminals can make hay… so being tough on local privacy is easily circumvented by real baddies.

      Reply
      1. Thuto

        True, the only thing I can think of is the government working with the mobile operators to develop a quick and easy way for foreigners intending to roam to register their sims upon entry into Nigeria, with the sim being linked to the passport holder. This may delay passport control at ports of entry but the security situation trumps minor inconveniences to incoming foreigners. Any foreign sim not registered will then not be activated for roaming.

        Reply
  8. The Rev Kev

    So Nigeria is cutting off 73 million people unless they basically get a security clearance from them and link their identity into a database whose intent and purpose remains unclear. Seems legit. And having a French military contractor does not exactly give once confidence. So, being inspired by the recent Canadian example of people having access to their own money being cut off because they disagreed with their government, would that mean that down the track that the Nigerian government for example could pull the plug on political opponent’s mobile communications via those IDs? I seem to remember reading too some time ago that a lot of people in African countries use their mobiles to do their banking with in a sophisticate network that puts a lot of western countries to shame. By cutting off those mobiles, would that not threaten to cut off those people’s banking as well?

    Reply
    1. Thuto

      Re: your last sentence. My understanding is that what is being restricted is the ability to make outgoing calls and send outgoing texts, not the mobile service in its entirety. To your point about the government potentially being able to cut off political opponents, that’s a real risk that shouldn’t be trivialized that falls into the category of “down the line risks” that unfortunately at this current time, and with the trajectory of the security situation in the country, contrast unfavourably with the “right now risk” posed by unregistered SIMs enabling terror attacks.

      Reply
      1. fjallstrom

        Per the above, couldn’t Boko Haram just use WhatsApp or Signal or whatever on their data plans?

        General surveillance is rarely an effective tool against the organised crime or terrorists that are claimed to be target, because you are building a bigger haystack and giving the nails more incentive to hide.

        Reply
      2. Skunk

        Sounds like laziness to me on the part of those wanting to deter terrorist attacks. Deterring terrorist attacks is an admirable goal, but find another way that doesn’t include harassing and degrading the entire population.

        Reply
  9. flora

    It’s the new colonialism. It’s digital! It’s modern! It’s digital colonization. Behind the World Bank and the IMF is the BIS, imo, sitting like a fat spider in the center of the web.

    Thanks for this post.

    Reply
  10. RobertC

    If I’m understanding this article correctly, the WB and IMF are funding the rollout of a “Western” Social Credit System

    The Social Credit System is an extension to the existing financial credit rating system in China. The origin of the system can be traced back to the 1980s when the Chinese government attempted to develop a personal banking and financial credit rating system, especially for rural individuals and small businesses that lack documented records. The Chinese government aims to enhance trust in the society with the system and regulate businesses regarding issues such as food safety, intellectual property theft, and financial fraud.

    Are we looking at West is Good, China is Bad?

    And perhaps China’s Xinjiang approach to the safety and security of its citizens and institutions is successful? And perhaps should be a model for other nations and societies?

    Reply
    1. flora

      Did China’s citizens get a vote on the system? Is the CCP democratically accountable to anyone? The means justify the ends? These are important questions in the democratic West. There have been other totalitarian regimes that promised to create stability, stability presented as the highest good, a higher good than democracy or accountability to citizens, and ended up creating instability.

      “The point is that both Hitler and Stalin held out promises of stability in order to hide their intention of creating a state of permanent instability.”
      ― Hannah Arendt, The Origins of Totalitarianism

      Reply
    2. flora

      Did China’s citizens get a vote on this plan? Is safety and security a higher value than democracy, democratic accountability, and legal restraints on govt actions ?

      Reply
      1. RobertC

        flora — tough questions, although I’m sure you know the answer to the first one.

        WRT to your second question, I think you should ask the Nigerians, Ghanians, Egyptians and Kenyans … and the Palestinians. The security of three hots and a cot; an education for you and your children; a job for you; and safety from bombings, shootings, etc is very attractive. Especially when democracy and democratic accountability vanish when governments blow past their legal restraints.

        Reply
  11. digi_owl

    Thales Group is also the ones responsible for EU’s id card system that supposedly can replace a passport for travel inside the Schengen area.

    Covid et al has left them short on materials though, so there may be up to 6 month to wait if you need one…

    Reply
  12. RobertC

    Forget the nose, most of the camel is already in the tent as US appeals court ruling could ‘eliminate internet privacy’ Tech terms of service dissolve Fourth Amendment rights, EFF warns

    …The court appears to have given US government agents its blessing to copy anyone’s internet account data without reasonable suspicion of wrongdoing – despite the Fourth Amendment’s protection against unreasonable searches and seizures. UC Berkeley School of Law professor Orin Kerr noted the decision with dismay.

    “Holy crap: Although it was barely mentioned in the briefing, the CA9 just held in a single sentence, in a precedential opinion, that internet content preservation isn’t a seizure,” he wrote in a Twitter post. “And TOS [Terms of Service] eliminate all internet privacy.”

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *