A coalition of civic-tech and civil society organisations has called on the Independent National Electoral Commission (INEC) to strengthen the security of Nigeria’s electoral infrastructure following the alleged unauthorised disclosure of voter information belonging to Mr. Emeka Ike.
The groups, in a joint statement issued on Thursday in Abuja, expressed concern over the incident involving Mr. Lere Olayinka, Senior Special Assistant to the Minister of the Federal Capital Territory, Mr. Nyesom Wike, whom they accused of publishing sensitive voter data obtained from INEC’s database.
The organisations, which include Policy Shapers, Accountability Lab Nigeria, BudgIT, PROMAD, Brain Builders Youth Development Initiative, Centre for Journalism Innovation and Development (CJID), and Enough is Enough (EiE) Nigeria, commended INEC for promptly acknowledging the incident and launching an investigation.
However, they argued that the electoral body’s response did not go far enough in addressing public concerns about the security of voter information ahead of the 2027 general elections.
According to the statement, INEC confirmed that the incident resulted from the misuse of authorised staff credentials during the ongoing Continuous Voter Registration (CVR) exercise rather than an external cyberattack.
While noting that INEC maintained the breach affected only a specific voter record and not the entire database of over 90 million registered voters, the coalition stressed that the disclosure remains a serious violation of privacy and electoral integrity.
The groups warned that voter records contain sensitive information, including photographs, voter identification numbers, registration details, and transfer histories, which could expose citizens to harassment, intimidation, or political manipulation if misused.
They further expressed concern that the information was allegedly released by a political appointee, describing the development as troubling and capable of undermining public confidence in the electoral process.
Citing provisions of the Nigeria Data Protection Act (NDPA) 2023, the organisations said INEC, as a data controller, has a legal responsibility to protect personal data from unauthorised access, disclosure, or misuse.
They also referenced the Cybercrimes (Prohibition, Prevention, etc.) Act 2015 (as amended), which criminalises unauthorised access to computer systems and the misuse of access credentials for obtaining and disclosing restricted information.
The coalition urged INEC to ensure that all individuals involved in the incident, including any external beneficiaries, are investigated and prosecuted where necessary.
According to the statement, public confidence in the voter register remains critical to Nigeria’s democratic process, and any perception that electoral data can be accessed or used for partisan purposes could damage the credibility of future elections.
The groups also warned that such incidents could discourage citizens from participating in voter registration exercises if they fear exposure to political intimidation, surveillance, or retaliation.
Among their recommendations, the organisations called on INEC to publish a detailed timeline of the incident, disclose the outcome of its internal investigations, strengthen access controls within the CVR system, and fully comply with breach notification requirements under the NDPA 2023.
They also urged the commission to implement stronger security measures, including multi-factor authentication, periodic independent security audits, and enhanced data anonymisation mechanisms.
The coalition further called on law enforcement agencies to investigate, arrest, and prosecute all individuals found culpable in the alleged breach.
“Weaponising citizens’ personal data for political scoring is unacceptable and unethical in a democratic environment,” the statement read.
The organisations reaffirmed their readiness to collaborate with INEC, the Nigeria Data Protection Commission (NDPC), and security agencies to improve the protection of electoral data and safeguard citizens’ digital rights.
They pledged to continue monitoring developments surrounding the incident while advocating for transparency, accountability, and credible elections in Nigeria.
