A cybersecurity expert, Emmanuella Aston, has expressed concern over the low level of awareness surrounding personal data protection in Nigeria, warning that poor understanding of digital privacy is leaving many citizens vulnerable to cyber threats and exploitation.
Speaking during an interview on Nigeria’s cybersecurity challenges, Aston explained that many internet users unknowingly expose themselves to risks by sharing sensitive personal information online without understanding how such data can be exploited by cybercriminals.
According to her, attackers often gather publicly available details such as names, phone numbers, social media activities, and other personal information to build profiles of potential victims and launch targeted attacks.
She noted that many Nigerians still underestimate the value of personal information, including certificates, phone numbers, and email addresses, despite the security implications attached to such data.
Aston pointed to instances where personal records and certificates shared online were later used for unauthorised activities, stressing that even a single image can reveal significant details about an individual’s education, profession, and background.
The cybersecurity specialist also criticised businesses for collecting excessive customer information without proper justification or security safeguards, noting that some organisations request unnecessary personal details simply because it has become common practice.
She expressed concern about the low compliance culture among many small businesses operating mainly on social media platforms, questioning whether such businesses fully understand their responsibilities under Nigeria’s data protection laws.
Aston further warned that weak public awareness has contributed to risky behaviour, with many people willingly exchanging personal data for small incentives without understanding the long-term consequences.
She called for stronger grassroots sensitisation campaigns, improved enforcement of data protection regulations, and increased awareness on how citizens can protect their digital rights and report data breaches.
According to her, organisations must begin to treat customer data protection not only as a legal requirement but also as an essential part of responsible service delivery.
