Future Governance: The Internet, Vulnerability, Social Change, and State-Society Relationship in Nigeria

© Okey Uzoechina, January 2019
Ofala Publishers Ltd., Abuja
Cover and Design layout: Samson Nnah
The opinions expressed in this publication are those of the author. They do not purport to
reflect the opinions or views or official positions of any institution or organization to which
the author is affiliated.
All rights reserved. No part of this publication may be reproduced, stored in a retrieval
system, or transmitted in any form or by any means, electronic, mechanical,
photocopying, recording, or otherwise, without written permission from the author.
ISBN: 978 - 978 - 971 - 999 - 0
II
AUTHOR BIO
Okey Uzoechina is currently Programme Officer, Security Sector Reform at the

Commission of the Economic Community of West African States (ECOWAS), contributing
to making security a public good as well as a vital element in achieving sustainable
development for the people of West Africa. He has been based at the ECOWAS
Commission in various roles from 2008 to 2018. Combined experience from the justice,
peace, security and humanitarian roles afford him a three-dimensional view of
development dynamics and challenges to policymaking and implementation at the
regional and national levels. Okey was called to the Nigerian Bar in 2005 and holds a
Master's degree in Conflict, Security and Development from King's College London. He is
also an education enthusiast and alumnus of the African Leadership Centre. He loves to
write, to teach, and to capture beautiful moments of joy and wonder through travel
photography. His research interests include: the meeting point of security governance
and political governance, cyber security, e-governance, and terrorism prevention.
III
DEDICATION
To my dearest Prof. 'Funmi Olonisakin—

Founding Director, African Leadership Centre
Vice President and Vice Principal International, King's College London—
Who taught me to explore and connect, to dream big and envision the long term, and to
be authentic.
IV
PREFACE
This book is divided into two parts which are separate but interconnected. Part I focuses
on the future of e-Governance (e-Participation) in Nigeria. Part II focuses on the security of
cyberspace and vulnerability of the systems that undergird e-Governance.
Part I—The People's Manifesto: E-Governance and the Disruption

and Remaking of State-Society Relationship
In our brave new world of ultra-high-speed, seamless interconnectivity of bandwidth,
ideas, peoples, finance, resources, goods and services, nearly anything is possible in
cyberspace. Not surprisingly, processes of government and governance are not spared
in the global centripetal move towards digitization and the Internet of Things. Recent
events in the Nigerian public space irrefutably point to the fact that the cyber-enabled
surge in citizen consciousness and explosion of virtual spaces for engagement inspire
and incite needed change by making increasing demands on transparency,
accountability, responsiveness, efficiency and effectiveness. Just as people and groups
increasingly lend their ideas, voices and votes to processes and decisions that were
hitherto reserved for public servants and political office holders, governments are
adapting by creating structured and digitized channels for engaging with citizens, state
and non-state entities in a participatory manner. A potential pressure cooker is created by
the fact that advancements in information and communication technology (ICT) invariably
outpace social change, and social change often outpaces political reform. Disruption is
ripe when developments in other areas significantly and irreversibly outpace
government capacity to adapt, thereby leading to a sharp contrast that is impossible to
ignore or difficult to manage. Combined reading of open data and government datasets
on ICT, demographics, social development and political processes as presented in this
book suggests that the current reality is likely to change in significant ways in the next 15-
30 years (2033-2048). Therefore, the inevitable task before the government and the
people is to anticipate, prepare for and adapt to the change. Part I of this book maps likely
V
future scenarios of social change from a policy perspective, indicating the drivers of
change and what needs to be done now to prepare for the future.
Part II— Cybersecurity and Data Protection: Legal Regimes,

Vulnerability, and Smart Options for Improvement
Long before Boko Haram, Nigeria could be said to have been highly vulnerable to
terrorism and violent extremism. However, there was no real or perceived threat of
terrorism to the people, the government and society. Nigeria's vulnerability to terrorism
was undeniable but it was latent. Put simply, the country was never ready for what hit her
though she could have seen it coming. A similar narrative could be related to the security
of our cyberspace. Almost anything is possible in cyberspace. It is projected that by 2020,
the centripetal move towards the Internet of Things would see 50 billion interconnected
devices globally. Inevitably, cyber governance, cybersecurity and data protection will
become indispensable in the future. Imagine that a virtual version of Boko Haram
emerges and begins to attack millions of people, communities, businesses, the state and
institutions of democratic governance. Such attacks would happen in an environment
where the risk is very high, the threat is real, but the capacity of state and non-state
entities to resist or deal with the threat and its effects is very low. Beyond imagination, the
above scenario is already playing out in Nigeria and all around the world. Part II shines a
light on the endemic nature of cyber vulnerability and explores the meeting point of
cybersecurity and data protection in Nigeria. It considers the level of risk, scope of
potential threats, degree of vulnerability, resilience, capacity to mitigate impacts of
cyberattacks and data privacy breaches, and legal and extra-legal measures to boost
cybersecurity and data protection. It concludes with a scorecard on cyber vulnerability in
Nigeria and proffers policy options and recommendations to key stakeholders for
strengthening cybersecurity and data protection.
VI
CONTENTS
Author Bio III

Dedication IV
Preface V
Contents VI
Boxes, Figures and Tables IX
Abbreviations X
Part I—The People's Manifesto: E-Governance and the

Disruption and Remaking of State-Society Relationship 1
1. Introduction 2
2. Approach, Methodology and Objectives 3
Box 1: Key Questions: Justification 5
3. E-Government and e-Governance 7
4. E-Governance Models 2.0 8
5. ICT-enabled Dimensions of the Disruption 10
6. Demographics and Social Dimensions of the Disruption 13
7. Constitutional and Political Dimensions of the Disruption 24
8. The People's Manifesto: A New Social Contract 27
9. The Link between Consciousness and Empowerment 32
10. Vox Populi: The Other Side 34
11. Conclusion 37
Box 2: Recap of Likely Significant Shifts in State-Society
Relationship in Nigeria by 2033 38
References 40
Notes 44
VII
Part II — Cybersecurity and Data Protection: Legal Regimes,
Vulnerability, and Smart Options for Improvement 48
1. Introduction 49
2. Approach, Methodology and Objectives 50
3. The Nature of Cyberattacks and Data Privacy Breaches 52
4. Definition of Terms 54
5. Constitutional Foundations of Cyber Security and Data Protection 55
6. Policy and Legal Framework for Cybersecurity and Data Protection 57
7. ECOWAS Legal Regime for Cybersecurity and Data Protection 61
Box 1: New ECOWAS Legal Regime 61
8. Vulnerability of State and Non-state Entities 64
9. Scorecard: Nigeria's Cyber Vulnerability 73
10. Conclusion 75
Box 2: Recommendations and Suggestions for Action 76
11. Smart Recommendations 77
References 82
Notes 85
VIII
BOXES, FIGURES AND TABLE
Part I
Box 1 Key Questions: Justification 5
Box 2 Recap of Likely Significant Shifts in State-Society Relationship
in Nigeria from 2018 to 2048 38
Figure 1 Demographic clusters (loci) as at 2018 15
Figure 2 Projected demographic clusters (loci) by 2033 16
Figure 3 Population of Nigeria as at 2018: male and female 17
Figure 4 Projected population of Nigeria by 2048: male and female 18
Figure 5 Distribution of loci in 2018 23
Figure 6 Projected distribution of loci by 2048 23
Figure 7 Women and youth blocs comparative to ruling party:
2015 presidential elections 30
Figure 8 The link between political awareness and political empowerment 33
Part II
Box 1 New Article 9: Legal Regime of the (ECOWAS) Community 61
Box 2 Recommendations and Suggestions for Action 76
Figure 1 Elements of risk assessment 51
Figure 2 Elements of vulnerability assessment 51
Figure 3 Elements of vulnerability assessment 74
Figure 4 Nigeria's vulnerability rating 74
Table 1 Policy and legal framework for cybersecurity and data protection
in Nigeria 57
Table 2 Vulnerability rating table 65
Table 3 Vulnerability rating key 65
IX
ABBREVIATIONS
3-D Three-dimensional
ATM Automated Teller Machine
AVS Address Verification System
CBN Central Bank of Nigeria
CCIS Committee of Chiefs of Intelligence Services
CCSS Committee of Chiefs of Security Services
CEO Chief Executive Officer
CIA Central Intelligence Agency
CSO Civil Society Organization
ECOWAS Economic Community of West African States
EFCC Economic and Financial Crimes Commission
EGDI E-Governance Development Index
EU European Union
FBI Federal Bureau of Investigations
GIABA Inter-Governmental Action Group against Money Laundering
GPS Global Positioning System
GSM Global System for Mobile Communications
ICT Information and Communication Technology
INEC Independent National Electoral Commission
INTERPOL International Criminal Police Organization
IPOB Indigenous People of Biafra
IT Information Technology
MDAs Ministries, Departments and Agencies
NBS National Bureau of Statistics
NCC Nigerian Communications Commission
NeGSt National e-Government Strategy
NIMC National Identity Management Commission
NITDA National Information Technology Development Agency
X
NITEL Nigerian Telecommunications Limited
NPC National Planning Commission
NPopC National Population Commission
POS Point-of-Sale (terminals for processing card payments)
PVC Personal Voter Card
SNC Sovereign National Conference
SNG Save Nigeria Group
WAPCCO West African Police Chiefs Committee
WAPIS West African Police Information System
YEAA Youth Earnestly Ask for Abacha
XI
PART I
The People's Manifesto

E-Governance and the Disruption and Remaking of
State-Society Relationship¹
FUTURE GOVERNANCE
1. Introduction
In our brave new world of ultra-high-speed, seamless interconnectivity of bandwidth,
ideas, peoples, finance, resources, goods and services, nearly anything is possible in
cyberspace. Not surprisingly, processes of government and governance are not spared
in the global centripetal move towards digitization and the Internet of Things. Recent
events in the Nigerian public space irrefutably point to the fact that the cyber-enabled
surge in citizen consciousness and explosion of virtual spaces for engagement inspire
and incite needed change by making increasing demands on transparency,
accountability, responsiveness, efficiency and effectiveness. Just as people and groups
increasingly lend their ideas, voices and votes to processes and decisions that were
hitherto reserved for public servants and political office holders, governments are
adapting by creating structured and digitized channels for engaging with citizens, state
and non-state entities in a participatory manner.
According to the National Bureau of Statistics, telecoms data for the second quarter of
2018 reflected that a total of 162,522,772 subscribers were active on voice (GSM and
others) and a total of 103,514,997 subscribers were active on the internet, with mobile
platforms making up over 90% of the traffic². Comparative data updated to August 2018 is
also available on the Industry Statistics page of the Nigerian Communications
Commission's website³. With Nigeria's population projected to hit over 281 million by
2033 and over 380 million by 2048⁴, ICT will increasingly become an essential part of
everyday life and ICT companies will compete to deliver goods and services to people in
the most efficient and convenient ways. Undoubtedly, ICT-driven people participation in
governance (e-Governance) will continue to grow and expand. The lesson from most ICT-
enabled processes is that the future is hardly predictable and possibilities are endless:
the trajectory of such development may go in paths not anticipated today.
However, a potential pressure cooker is created by the fact that advancements in

information and communication technology (ICT) invariably outpace social change, and
social change outpaces political reform. Disruption is ripe when developments in other
areas significantly and irreversibly outpace government capacity to adapt, thereby
leading to a sharp contrast that is impossible to ignore or difficult to manage.
Theoretically, ripples of change will likely interact and continue to grow until they are
2
Part I -The People's Manifesto
harnessed into a critical mass and attain critical momentum that is able to counterbalance
and overtake resistance to change.
People participation in governance through cyber platforms is influencing and will

continue to influence collective consciousness, even if the level of participation in
political processes is still mostly indirect and intangible. Conceivably, due largely to the
pull factor of ICT and social change, direct and tangible forms of people participation in
political processes and political decision making will become institutionalized in Nigeria
in the next 15-30 years.⁵ For instance, Nigeria may transition from the current
experimental use of Personal Voter Card (PVC) and electronic card readers at polling
stations to online voting on mobile devices from the comfort of one's home through
remote sensing of fingerprint, face recognition or iris recognition technology.
Notably, ICT is an enabler in the disruption and remaking of state-society relationship but
not the sole factor. Working together, other factors also play a critical role in the process.
While some of the factors are virtually on autopilot, there should be a deliberate effort to
harness and direct them towards achieving desired results. Significantly, the difference in
the locus of power and authority in Nigeria is that while the mass of the people are still on
autopilot and therefore not in control of decisions, direction, destination, conditions and
outcomes, the political élite harness resources available to them (including the divided
voices and votes of the people) to achieve their desired results. The people have no
manifesto; political parties have manifestos and the élite have their gentleman's
agreements. Combined reading of open data and government datasets on ICT,
demographics, social development and political processes as presented in this book
suggests that the current reality is likely to change in significant ways in the next 15-30
years. Therefore, the inevitable task before the government and the people is to
anticipate, prepare for and adapt to the change.
2. Approach, Methodology and Objectives

Any attempt to precisely predict a fixed path to social change and political development
in Nigeria would be nonsensical. There are multiple possible paths, and this is the more
reason political decision making should not be left in the hands of governments alone.
The purpose of this part of the book is not to predict specific behaviour or events but to
3
FUTURE GOVERNANCE
raise the flag on likely outcomes and crucial measures based on a convergence of
various observable and measurable trends. Its central thesis is that cyber-enabled
disruption to political governance in Nigeria is likely to happen not in the sense of a
violent takeover of the mantle of political power from the élite by the masses, but in the
sense of a progressive realization of the power available to the people, renegotiating
present and future realities with the government and other stakeholders, and making the
transition from political consciousness to empowerment. The people will play a central
role in reshaping their relationship with the government and political stakeholders by
clearly articulating their goals and expectations and negotiating the new political reality
based on those. The process will not always be smooth; some level of friction and conflict
is inevitable and must be anticipated and managed.
In the sphere of political governance, ICT acts as a catalyst for political awareness, an
enabler of political participation and a tool for political mobilization. However, in attaining
political empowerment, the impact of ICT may be limited. This study finds that ICT
enables Level I and Level II disruption on autopilot and through its ripple effect; however,
Level III disruption and remaking of state-society relationship requires effective
leadership, unity of purpose, deliberate planning and unity of action. Although the
progression is not always linear, the various factors that engender the transition to
empowerment and the landmarks in the process are highlighted in this part of the book.⁶
The approach is not remedial but expository and future-based. It seeks to inspire
“planning from the future” by major stakeholders including governments at all levels,
government agencies, policy makers, planners, political parties, electoral umpire, civil
society organizations, traditional and informal institutions, platforms for social inclusion,
businesses, and the people. Notably, projections of likely future scenarios of ICT-enabled
disruption to “government as usual” and rise in mass political consciousness for the next
15-30 years (2033-2048) are made based on the assumptions of continuing rise in
education and innovation in the ICT sector. The methodology used in data gathering
includes examination of primary and secondary sources, interpretation of datasets and
interviews. In drawing from the vast literature on e-Governance in Nigeria, social
dynamics and people participation in governance, a multidisciplinary approach which
combines demographic, statistical, social, legal and political analyses is used to
synthesize knowledge.
4
Part I has six objectives which are developed along the following tracks:
a) map the potential and the future development of e-Governance in Nigeria;
b) envision scenarios of ICT-enabled disruption of state-society relationship and
highlight landmarks in the process;
c) propose a new form of social contract in remaking the relationship between the
people and the government and highlight the pros and cons of people power;
d) clarify the link between political consciousness and political empowerment, and
what is needed to make the transition from awareness to empowerment;
e) challenge popular assumptions on the role if ICT and the internet in influencing
political consciousness, participation, behaviour and mobilization; and
f) present likely significant shifts in state-society relationship from 2018 to 2048 in
order to inform long term planning by major stakeholders and decision makers.
Box 1: Key Questions: Justification
Q: Why is political governance central to social change?

A: Because politics controls or influences everything: the cost of food, potable
water, housing, refuse disposal, access to education, healthcare, roads, power,
freedom, protection, inclusion or exclusion, the salary of workers, pensions and
gratuity, security, justice, the environment, climate change, jobs, livelihoods,
taxation, foreign trade, foreign direct investment, agriculture, media,
communication, lawmaking, law enforcement, policy formulation, international
relations, urban development, rural development, corporate governance,
business climate, private enterprise, industry regulation, natural resource control,
revenue generation, revenue allocation, political appointments, political reform,
electoral cycle, electoral laws and conditions, etc. Political governance is therefore
a necessary entry point to making social change happen on a massive scale, to
affect the lives of millions of people.
Q: What is the link between ICT, political governance and social change?
A: ICT is at the intersection of political governance and social change and it can
5
FUTURE GOVERNANCE
enable processes at all levels. It plays a role in increasing political awareness,

political expression, political participation and political mobilization for social
change. In other words, ICT can enable shift in thinking which will inspire action to
achieve desired outcomes. In the context of disruption and remaking of state-
society relationship, renegotiating the future reality requires an alchemy of
algorithms, social engineering, and political reform, not the one to the exclusion of
the others.
Q: Leveraging on ICT, which factors will combine to produce a generational shift in

governance in Nigeria in the next 15-30 years?
A: The factors include demography youth attrition gender urban population

education economy social enterprise sovereignty (people power) new forms of
alliances leadership.
Q: Why should the government and the people prepare for the future and when
should they prepare?
A: It is important for major stakeholders—including governments at all levels,

government agencies, policymakers, planners, political parties, electoral umpire,
civil society organizations, traditional and informal institutions, platforms for social
inclusion, social and political activists, businesses, and the people—to envision,
anticipate and prepare NOW for how to make the best of and manage the worst of
the future scenarios of combined ICT advancement, demographic change, social
dynamics and political development. The potential costs of not preparing for the
future—social imbalance, political instability, and reversal of development— far
outweigh the costs of preparing for it.
6
3. E-Government and e-Governance

At this point, it is important to clarify the sense in which e-Governance is generally used in
this book and the nuances of its multifarious uses. There is no universally accepted
definition of the term. Different institutions and entities use it to mean different things.
Ü Government vs. Governance
Government refers to the action or manner of controlling or regulating an organization, a

state or a people by a group of people with authority to govern. In this sense, it is closely
associated with administration or administrative processes. Government is state-centric
and so far mostly one-directional. Governance refers to all of the processes of overseeing
a formal or informal organization or social system whether through laws, regulations,
norms, unwritten codes or rules of behaviour. Governance is people-centric, participatory
and multi-directional.
Ü e-Government vs. e-Governance
E-Government involves the use of ICT by governments to enhance the range and quality
of information and services provided to citizens, CSOs, businesses, and ministries,
departments and agencies (MDAs) in an efficient, cost-effective and convenient manner.
E-Governance involves the use of ICT by both governments and the governed to enhance
the range and quality of people participation in their government in a manner that
strengthens democracy by making governance processes more responsive, responsible,
transparent and accountable. E-Governance is often referred to as e-Participation.
Ü e-Government (ICT) vs. e-Government (state services)
E-Government is often touted as a legitimizing and “sexy” initiative by many governments

around the world. While that is commendable, the nuance here is in the objective or in the
point of focus. The focus of some initiatives is to transit to the digital paradigm and thereby
promote access to public information and transparent and efficient public service
delivery. In other words, the focus tends to be on deploying ICT (buying computers and
designing websites) to translate government processes rather than on transforming
government processes to be more participatory by using ICT.
Ü Digitization (efficient public services) vs. e-Governance (citizen participation)
Digitization is broader and finds application across virtually all sectors and processes. In
essence, it can be applied to the banking sector, oil and gas, telecoms, transportation,
7
FUTURE GOVERNANCE
migration, security, public procurement, biometrics, tracking systems, production, etc. E-

Governance often refers to the narrower sphere of digitization of processes so as to
enable people participation in governance, for instance electronic voting and e-
Rulemaking. Some use e-Governance in the broader sense.
4. E-Governance Models 2.0

Constructive engagement involving multiple stakeholders—state and non-state—in a
society oils the wheels of governance and contributes largely to influencing. E-
Governance enables broad-based stakeholder engagement. It is therefore equally
important to the government and to the people. In March 2004, the federal government of
Nigeria created the National eGovernment Strategies (NeGSt) as a Special Purpose
Vehicle through the National Information Technology Development Agency (NITDA) with
the mandate to facilitate, drive and implement the Nigerian e-Government Programme
under a Public Private Partnership (PPP) model. The vision of NeGSt is to implement e-
Government at multiple levels in such a way as to promote transparency and efficient
delivery of services with increasing citizens-government interaction while at the same
time tapping into the economic viability of the venture.⁷ In its fourteen years of operation,
the NeGSt has laudably assisted some MDAs in Nigeria to transit to the digital paradigm.
However, its success seems to go as far as digitization of public information but is yet to
extend tangibly to promotion of citizen participation in governance through digital
platforms.
In the views of Hai and Ibrahim,⁸ e-Government consists of digital interactions between
the following: a citizen and their government (C2G), governments and other government
agencies (G2G), government and citizens (G2C), government and employees (G2E), and
government and businesses/commerce (G2B). The above spheres of interactions have
come to be known by some as “models of e-Government”. Although the classification
offers a good starting point for analysis, it has several limitations. First, e-Governance is
not a one-way traffic. Rather it is multi-directional and includes initiatives by the citizen
sector in adding voice to matters of concern to the citizenry, expanding participation in
governance and providing input and feedback for policy and law formulation or reforms.
Secondly, the five business models above do not sufficiently capture the complexities of
interactions in society which often involves stakeholders and intermediaries,
unstructured networks and multiple channels of influence.
8
Dalal Ibrahem Zahran, et al. capture it better:⁹ “The common limitations of most models
are focusing on the government and not the citizen, missing qualitative measures,
constructing the e-equivalent of a bureaucratic administration, and defining general
criteria without sufficient validations.”
Notably, any attempt at modeling may become limiting in the light of emerging
developments and greater ICT-life integration. Processes that enable citizens to
participate in a transparent manner and to engage in real-time feedback to the
government include electronic voting, voter registration, online referendum, e-
Rulemaking, e-payments of bills and rates, online tax return, online registration of
businesses, complaints and grievance-remedial procedures, submission of legislative
proposals and petitions by private citizens, scholarships for students, etc. Such processes
have the potential to demystify and simplify the process of governance, and to reduce the
cost of governance by eliminating physical barriers.
Expanded channels of e-Governance include the following. The list is not exhaustive.
Ü Government to Citizens (G2C)
Such channels use customer relationship management principles for public service
where citizens are seen as customers or consumer. For instance, SERVICOM (described
as a service compact between the federal government including all its organs and the
Nigerian people), the Nigerian Communications Commission and the Nigerian
Immigration Service portals.
Ü Citizens to Government (C2G)
These include state-owned and non-state platforms for citizen feedback, citizen
participation in government and influencing public policy. For instance, Public Complaints
Commission, filing tax returns online through the Federal Inland Revenue Service portal,
and #Not-Too-Young-To-Run campaign.
Ü Government to Business (G2B)
Government transactions dealing with contractors and the organized private sector. For
instance, the Nigerian Stock Exchange portal, Central Bank of Nigeria portal, Corporate
Affairs Commission, E-payment systems.
Ü Business to Government (B2G)
Platforms of the organized private sector for advancing sectoral interests and influencing
9
FUTURE GOVERNANCE
policy. For instance, National Association of Chambers of Commerce, Industry, Mines and
Agriculture, Manufacturers Association of Nigeria.
Ü Citizens to Business through Government (C2B-G)
Some government MDAs operate to regulate or supervise relations between the citizens
and businesses. For instance, Consumer Protection Council, National Communications
Commission, National Agency for Food and Drug Administration and Control, etc. Citizen
feedback may be enabled for better regulation and service provision.
Ü Government to Employees (G2E)
Government services provided in relationship to its civil service and public sector
workforce. For instance, the Nigeria Pension Scheme system, Public Service Commission.
Ü Employees to Government (E2G)
Employee organizations for collective bargaining with the government, such as the
Nigerian Labour Congress, National Union of Teachers, National Union of Local
Government Employees.
Ü Government to Government (G2G)
This often takes the form of unified communication via a structure dedicated Virtual
Private Network among state agencies or between the foreign agencies of various states.
Although e-Governance in Nigeria is still inchoate, the above options and combinations of
options offer directions for future development. Potential future applications of ICT to
governance and possibilities for the next 15-30 years are virtually endless.
5. ICT-enabled Dimensions of the Disruption

A truism that applies to the ICT sector probably more than any other is that one cannot
predict the future based on the past. The sheer speed and scale of ICT developments is
increasing in geometric proportions, coupled with endless possibilities and multiple
potential tracks to development. Yet, it is instructive to do a rearview assessment of the
rise in ICT in Nigeria so as to get a sense of the scale of possible transformation or
disruption. A lot has changed in the past 15 years although we have grown accustomed to
the new and emerging reality.
10
5.1 The past and the present
Back in 2003, NITEL telephone booths and banking halls with agonizingly long queues
and cybercafés with snail-paced internet connections were the norm. If one needed to
browse the internet to research on a topic or to call one's relations overseas, one had to
go for “night browsing”. Between 2003 and 2018, the power of mobile telephony, GSM
and the internet—which have more computing power than NASA used to land a man on
the moon in 1969—has been put in the hands of over 100 million more Nigerians. Beyond
the numbers and the convenience of person-to-person communication, ICT applications
have revolutionized entire sectors: media and broadcasting, banking,
telecommunications, trade and commerce, defence and intelligence, entertainment,
education, etc. Some things that never existed before have now become the norm. Think:
mobile and internet banking, electronic transactions, online shopping, online trading,
social media, automated reminders, live video and music streaming, unlimited
downloads, face-timing, live chat, activity tracking, GPS navigation, vehicle tracking and
anti-theft, cloud computing, real-time language translation and interpretation, mobile
gaming, online betting, online poll, online learning, e-books. More so, there are no special
admission criteria or induction ceremony in cyberspace; anyone with a cyber-enabled
device can create or recreate their own virtual reality.
5.2 A likely future
And it gets better. With immense power in the hands of over 100 million more Nigerians,
the next question becomes: what will the people do when they realize the potential in
their hands and how do they wield such power to achieve the outcomes they desire? In
the future, ICT applications will expand to improve service delivery in the health sector,
education, transportation, agriculture, tourism and hospitality, micro- and macro-
economy, security and governance. Self-driving and electric cars will become the norm
globally by 2033. The impact of self-driving electric cars will not only be measured by the
millions of people who will switch from fossil fuel to digital reality, it will disrupt entire
sectors. Over time, the impact will also be felt in the global collapse and phasing out of the
fossil-fuel-powered auto industry, loss of millions of jobs that supported the industry,
shrinking of the auto insurance industry due to improved safety standards, reduction in
death and injury caused by auto accidents, freefall in oil prices, possible economic slump
in oil-producing countries, global reduction in carbon emission, seamless connectivity
and communication between the new-age cars and other systems and devices.
Interestingly, self-driving and electric cars will not be the only new things. Ongoing
11
FUTURE GOVERNANCE
research and development in artificial intelligence and computer learning including drone
technology, space travel, cyberspace weaponization, virtual reality, big data, 3-D printing,
all point to a 2033 which will bear little or no semblance to 2003. Certainly, the trend is
irreversible and the future is as promising as it is unpredictable.
5.3 Future governance
In the sphere of governance, ICT-driven disruption will likely be witnessed in the form of
rise in political consciousness, political participation and political mobilization. Various
processes of governance will be conducted through online and cyber-enabled platforms.
For instance, there will be a shift from manual voting at polling stations to online voting,
online voter registration and online registration of political party membership.
Furthermore, the nature, structure, constitution and internal governance of political
parties will likely be reconfigured. The youth will have greater voice in political decision
making. Informed citizens will make greater demands on their governments to improve
delivery of public goods and services, to increase efficiency, transparency and
accountability in governance, and improve responsiveness to the needs of the people. A
likely consequence of the waning of “oil money” will be leaner governments and leaner
budgets for government projects and structures, and diversification of the economy into
more productive sectors. ICT-driven disruption is happening at a pace that governments
at all levels could never keep up with. To bring home the point, governments in Nigeria still
struggle with establishing efficient refuse disposal systems, potable water and public
transportation systems. In fact, our “systems” are anything but systems—if a system is
understood to mean different parts working harmoniously together to become greater
than the sum of the parts. Over time, it will no longer be enough for governments to focus
on aspects of development that are relevant and important to the political class only. The
sharp contrast will likely force governments to adapt and renegotiate the new reality or
become obsolete.
5.4 E-Governance
Adoption of online/mobile ballot will be the ultimate enactment of e-Governance in

Nigeria. It will enable direct Citizen to Government (C2G) feedback and participation in
decision making. Beyond voting in four-year election cycles, online ballot will find
application in various forms of polling, surveys, referendum, testing government policies,
and testing new products and services by both government and private enterprises.
Mobile voting by SMS is already the rave for reality shows such as Big Brother Nigeria and
Nigerian Idol. In early 2018, Nigeria hosted its first ever Integrity Idol, a reality TV show
12
celebrating the most honest public officials. As reported by CNN, Integrity Idol started in
Nepal in 2014 and the competition is now conducted by volunteers in Liberia, Pakistan,
Mali and South Africa. Although early trials of the show have not attracted massive traffic
compared to celebrity shows and entertainment, this is only an indication of what is
possible in the next 15-30 years with explosion in creativity and innovation. Also,
online/mobile voting is likely to be tested at the local and state levels before being
adopted for nationwide elections.
E-Governance is inevitable but also inevitable are actual and potential risks that undergird
the systems that support e-Governance. In the case of online/mobile ballot, the risks of
cyberattacks, hacking, system failure or shutdown, systematic disenfranchisement of
specific segments of the population, are real and the impact will be high. ICT
compromised can also enable massive rigging at the click of a button and distortion or
manipulation of results. In theory, online/mobile voting will also have many good sides. It
will reduce bribery (money-for-votes), undue influence, and voter apathy caused by long
queues at polling stations. Introduction of early online voting will likely improve voter
participation. It will also remove the inconvenience of having to travel out of one's state of
residence to one's state of origin/registration in order to vote during elections, and the
collateral disenfranchisement of millions of Nigerians in the diaspora. Furthermore, by
limiting physical exposure of people and voting materials, it will reduce political thuggery
and violence and will drastically shrink the heavy financial costs and logistic nightmare
associated with organizing and conducting elections in Nigeria.
6. Demographics and Social Dimensions of the Disruption

If demography and social dynamics are anything to go by, Nigeria will witness a
generational shift in its state-society relationship in the next fifteen years. Structures and
processes of governance would change radically, and so will the nature of interactions of
the people with their government and demand for better governance. The generational
shift will happen as a result of changes in four key clusters (loci), marked off in fifteen-year
brackets. The current state of things as at 2018 is enumerated below.
Ü Locus of decision making
Public service leadership and political authority in Nigeria currently resides in the age
brackets 45-60 years and 60-75 years. This is the locus of authority and power. In terms of
making things happen on a society-wide scale, all the other loci feed into this one. Reality
13
FUTURE GOVERNANCE
check: the flagbearers of the two main political parties in Nigeria for the 2019 presidential
election are both over 70 years old. An overwhelming majority of political influencers are
also in the 60-75 years bracket and have had a relentless hold on political power for
decades.
Ü Locus of service/impact
To a large degree, the age brackets 30-45 and 45-60 years currently represent the
generation of change-makers. More or less, they have learned to channel their creativity
and innovation to enabling social change and achieving desired result. Service and
impact are their credo. Career and job satisfaction are strongly linked to meaningful work
that impacts the community or has potential for impact. This is the locus of influence. While
they are not yet in top decision-making positions, their influence is likely to ripple out and
expand.
Ü Locus of creativity/innovation
The age brackets 15-30 years and 30-45 years house the creators and innovators of our
time. These are not only active on social media but are learning to harness the power of
ICT and online interactions to solve problems in various sectors. This is the locus of
potential and personal power. Well cultivated and nurtured potential and personal power
often matures into influence and social impact.
Ü Locus of social learning
0-15 years and 15-30 years are virtual explorers. By 2013 figures, almost half of the
Nigerian population of around 182 million people was under 15. These are the most
active social learners and currently the most active on social media and online platforms.
This is the locus of learning and formation. Games, fun, chat, live videos and photo sharing
is the norm. Snapchat and Instagram are their tribe. Because this bracket operates mostly
on autopilot, guidance and demonstration are essential in their learning curve.
While the above clusters depict the big picture, the age brackets should not be seen as
water-tight compartments. Also, some people are able to make the exceptional upward
leap beyond their age bracket. The above loci are represented in the pyramid below.
14
Figure 1. Demographic clusters (loci)

as at 2018. Source: Author
Projecting from the above demographics and social dynamics, a combination of the
following changes will produce the generational shift in governance in the next 15-30
years (by 2033-2048).
6.1 Youth
Those currently in the loci of social learning and creativity/innovation will naturally
transition into the loci of decision making and service/impact to various degrees.
Concurrent with the upward movement will be a deepening of the internet and ICT
penetration in government and all other sectors. The growth will be significant in many
dimensions. First, the next 15-30 years will witness a massive youth bulge but also an
explosion of creativity, innovation and social enterprise. While this represents an upward
movement in age and responsibility, it will also come with heightened political
consciousness and political participation, personal power, greater demands for better
governance. The youth bulge will also bring along with it challenges that are likely to
overwhelm many sectors of the government and the society if we do not plan and prepare
for them now. Currently, ICT favours the youth. Most Nigerians aged 40 and above did not
use computers in high school and university and did not start using smartphones until they
were 25-30 years. They are therefore less likely to be ICT-savvy. This creates a digital
divide which in the next fifteen years will shift the locus of decision making more than any
other factor. It will also come with a fundamental shift in orientation: leadership will
15
FUTURE GOVERNANCE
become more distributed due to the push-and-pull factors of increased personal power,
leverage of social influence, greater social and political consciousness and the desire to
participate in decision making. Decision making will be flipped on its head and brought
closer to the people. The likely transitional scenario is represented below.
Figure 2. Projected demographic clusters (loci)

by 2033. Source: Author
6.2 Attrition
A related change will be that the age brackets in each locus will shrink in the upper sphere
and expand in the lower sphere. For instance, by 2033 the locus of decision making is
more likely to shrink in the 60-75 bracket and expand in the 45-60 bracket. In comparison
to 2018, by 2033 there will be more people in positions of authority and power between
ages 45-60, and less people in such positions between ages 60-75. Attrition will lead to
greater age diversity, balance and opening up of spaces in government for the youth.
Authority and power will progressively shift away from the older generations and towards
the younger. Political participation and decision making will become part of everyday lives
of the people and interwoven with other spheres. This current of change will likely
16
normalize around 2048. Also by 2048, a combined result of the expanding middle class,
social awareness and social learning, government policy and education is that families will
mostly be characterized by fewer offspring, and greater cultural acceptance of family
planning pathways is likely to lead to lower birth rates. The federal government of Nigeria
is considering deeper family planning and child spacing sensitization as part of the
Economic Recovery and Growth Plan. Significantly, the percentage of Nigerians aged 0-
15 will shrink from around 43.7% in 2018 to a projected 35.8% in 2048. This dynamic will
more or less balance out the distribution of the loci.
The likely scenarios are represented in the images below.
Figure 3. Population of Nigeria as at 2018: male and female. Source: PopulationPyramid.net
17
FUTURE GOVERNANCE
Figure 4. : Projected population of Nigeria by 2048: male and female. Source: PopulationPyramid.net
6.3 Gender
In Nigeria, women are disadvantaged compared to men in terms of levels of education,

earnings and political participation. Low education combined with cultural factors and
socially constructed gender roles translate to high rates of teenage pregnancy, early
marriage, and low participation in decision making and family planning. A 2013 survey by
the National Population Commission reveals that the average Nigerian woman caters to
5.5 offspring in her lifetime. Overall, 38% of women between 15-49 years have received
no formal education. Almost 50% of women between 25-49 years were married by age 18,
nine years earlier than men. The role of women decreases in each of the loci with upward
movement in age and responsibility. Thus, although the population of women-to-men is
fairly balanced in each cluster, much fewer women make it to positions of decision making
and service/impact. The good news is that levels of women's education and age at first
marriage have also been increasing over time and the trend will likely continue for a long
time. Given increasing focus on education of the girl child, maternal and infant healthcare,
18
and cultural sensitization, the country is primed to witness greater participation of women
in politics in the next 15-30 years. Also, women are increasingly forming platforms for
social cohesion, social learning and self-help which will translate to greater voice,
consciousness and empowerment.
6.4 Urban population
The National Population Commission has put Nigeria's current population as at 2018 at
198 million, with urban population growing at an annual rate of about 6.5%. According to
the World Urbanization Prospects: The 2018 Revision, the urban population of Nigeria
as at 2018 (at mid-year) as a percentage of the total population is 50.3%. That percentage
is projected to rise to 61% by 2033 and 68.9% by 2048. Translated in real terms, of the 198
million people in Nigeria, around 99.6 million reside in urban centres as at 2018. That
number is projected to jump to 196.7 million by 2033 and 293.8 million by 2048. The
statistics is staggering and its likely implications even more so. Politicians and political
parties understand this dynamic. This is why they focus on “swing states” during
electioneering campaigns.
A high ratio of poor governance to ICT development is usually an indicator of potential

friction and will build up to a crescendo if unaddressed. The continuing rise in urban
population will cause severe stress on urban infrastructure and on the sustainability of
economic, social and environmental development in the future. Sectors that will need to
expand to accommodate the new reality include housing, transportation, education,
health, security, agriculture, industry, the private sector and MSMEs. As a consequence of
the population growth, political contestation in the urban centres will increase in intensity
and scale at the same time that the people will make greater demands for better
governance. On the flipside, the ICT sector will grow and improve and internet
penetration will continue to widen and deepen. Interestingly, ICT innovations can buffer
the sharp contrast to some extent. Rather than “The Coming Anarchy”, society will likely
evolve in significant ways. For instance, we are already witnessing a burst of new
platforms and apps for delivery of educational (Khan Academy) and health (LiveHealth
Online) products and services, and for pooling transport (Uber) and alternative
accommodation (Airbnb). The key determinant will be whether such palliatives would be
wide and deep enough to cushion the effects of massive rise in urban population. Either
way, ICT will become even more of an essential life management tool in the future.
19
FUTURE GOVERNANCE
6.5 Education
For over two decades, it has been widely acknowledged that the education sector in
Nigeria is in crisis. Despite such acknowledgement, needed change in the sector is not
happening at a pace and on a scale that would avert catastrophe. The youth are central to
our education model, yet they are hardly if ever involved in designing their own curriculum
or in influencing the teaching and learning ecosystem that suits their needs. There is
hardly any long term vision and long term commitment to incentives for both teaching and
learning. There is scarcely any comprehensive, long term study involving the youth,
students, pupils, out-of-school children, and communities underserved and unserved by
the formal schools system to determine what works for them or what might work better if
done differently. For instance, given that pupils and students are more ICT savvy today
than 15 years ago and that the way they are socialized to learn is widely different from the
learning environment of the 1960s to 1980s, it is surprising that there is yet to be a focused
attempt at or large-scale experiment with gamification models for learning. Also, given the
rise of real and virtual social networks in the age brackets, schools are yet to introduce
social networking models for problem solving, group projects and take-home
assignments.
The scenario is likely to change in growing and increasingly connected spurts with the rise
of the locus of social learning and the locus of creativity/innovation into service/impact.
Their rise will not only bring about change in the education sector but will also bring about
crosscutting change in other sectors. Curriculum design will become more future-based,
so that what is taught in schools at any time would be relevant to the labour market 10-15
years thence. Education will necessarily move away from the old colonial paradigm of the
3Rs (reading, writing, arithmetic) to a new paradigm which prioritizes life skills and
practicable knowledge relevant within and outside the workplace of the twenty-first
century. Life skills in the schools' curriculum at various levels will likely expand to include
civic education, governance, social studies, decision making, goal setting, problem
solving, dispute resolution, family planning, national development, history, political
economy, entrepreneurship, astronomy, astrology, quantum physics, medical and health
sciences, meditation, local languages, foreign languages, business administration, ICT
and its multifarious applications, coding, software engineering, e-Governance,
performing arts, and technical or vocational skills. A major challenge for Nigeria for the
next 15-30 years is to pool together a critical mass of teachers and educators with the right
balance of knowledge, skills and commitment to drive change in the sector, backed up by
positive policy, action and incentives for learning.
20
6.6 Economy
The economy, jobs, livelihoods and survival are key factors likely to make people demand
for better governance. A slow, diminishing or unstable economy is bad news for the
political class. The Nigerian polity is already overburdened with multifarious economic
challenges and a restive youth population half of which is either unemployed or
underemployed. The country is just recovering from the economic recession of 2016 and
many state governments are battling with unsustainable recurrent expenditure. The
national economy is remains largely susceptible to both external and internal shocks and
a double dip in the near future would be much harder to recover from. The picture is not so
bright. The country needs able managers of the economy to steer it away from likely
depression, and people-oriented initiatives to tackle present challenges and invest in the
future. Following the trajectory of development in key sectors of the economy since
independence, including power, oil and gas, education, rural development, it is obvious
that the country needs a new generation of leaders who are able and willing to do things
differently.
The illusion of invisible money and transfer of intangible wealth facilitated by ICT poses a
problem to the global economy much like the fated Ponzi schemes. The economy of most
“advanced” countries has been based on credit since the 1950s and forms a cyclical
credit bubble. Cashless economy supports the credit economy, the effect of which is
stupendous overdrafts on value that may have never existed in the first place. In 2008,
governments bailed out banks and financial institutions in the United States (US) and in
the European Union (EU). Today, many governments all over the world have borrowed up
to unsustainable levels, up to 250% and 300% debt to GDP ratio in Japan and China and
150% in some EU countries and the US. The coming phenomenon will likely be
catastrophic since there is nobody to bail out the governments. Any external shocks is
likely to affect Nigeria in one or more ways: wiping out of significant foreign direct
investment (FDI), drying up of development funding, crashing of the stock market, loss of
value of government bonds, exposure of non-viable state, and deepening of lack of trust
and confidence in governments. Internally generated revenue and capital investments
will also dip due to cash crunch. With loss of jobs and loss of hopes, the people will seek
alternatives to government and the informal economy will expand. These will likely come
to a head between 2020 and 2022.
6.7 Social enterprise
Social enterprise goes beyond entrepreneurship or private business. It is
21
FUTURE GOVERNANCE
entrepreneurship with social impact. A significant wave of development since 2000 is the
rise of social enterprise, private foundations and online platforms for crowdsourcing and
crowdfunding. By “demonstration effect”, these entities and channels are likely to play a
greater role in political development in the future since they provide public goods,
services and finance much faster, cheaper and often better than most governments. Their
methods of decentralized and participatory decision making and delivery sharply contrast
with centralized and top-heavy government structures and channels. In 2017 alone, the
Bill and Melinda Gates Foundation contributed over 4 billion dollars as total direct grantee
support mostly to developing countries for global development, global health, global
growth and opportunity, and global policy and advocacy. The amount dwarfs the annual
budgets of most African countries for the same year. Furthermore, the multi-billion dollar
model of crowdfunding ensures that capital follows potential in both non-profit and for-
profit projects, instead of capital following few projects pre-selected by the élite often
based on criteria that do not resonate with the needs and desires of the people.
Social enterprise will expand in the next 15-30 years as the people aspire towards better
services and greater impact in society. The people will become more empowered when
they realize that they do not have to wait for the government to solve most of their
problems, thus leading to a push towards greater self-governance. The demonstration
effect of social enterprise is rubbing off not only on the Nigerian people and communities
of social inclusion but also on governments at the federal and state levels. This is because
social enterprise offers a nuanced model of governance which will likely improve
transparency, accountability, efficiency, effectiveness and responsiveness to the needs of
the people. It is likely that governments will adapt and adopt models of social enterprise in
the future. Interestingly, governments are increasingly partnering with and even
outsourcing the provision of public goods and services to these entities instead of
integrating their good practices into governance. From another perspective, these
developments may in fact be less a challenge to government and the notion of statehood
and more a return to paths of socialism and communalism which formed the basis of many
African societies long before the foreign notions of statehood and liberal democracy were
foisted on the people.
To represent the above demographics and shifting social dimensions in a snapshot,

distribution of loci in 2018 looks like this.
22
Figure 5. Source: Author
Projected distribution of loci by 2048 would look more like the following.
23
FUTURE GOVERNANCE
7. Constitutional and Political Dimensions of the Disruption

Unlike individuals, small groups and business entities, governments are largely very slow
to change and to adopt new ways of doing things. Government is anchored on the idea of
status quo: objectivity, certainty, stability and predictability based on maintaining an
existing state of affairs. Due to the fact that government—which is static by default—exists
within a dynamic society, the reality often manifests in rigid and outmoded procedures,
structures, laws, norms and values. Nonetheless, government is unlikely to disrupt itself
by itself for the same reason that disruption signals uncertainty, renegotiation of power,
and adjusting to a new reality or new ways of doing things. Disruption is ripe when
developments in other areas significantly and irreversibly outpace government capacity
to adapt, thereby leading to a sharp contrast which is impossible to ignore or difficult to
manage.
To place the people at the centre of renegotiation of power and adjusting to a new reality,
a reconsideration of the ideas of sovereignty and legitimacy is apposite.
7.1 Sovereignty and legitimacy
Political theory has long established that sovereignty—supreme power and authority—is
one of the attributes of a state. While this is not erroneous, it requires some clarification.
The first point of clarification is the dividing line between sovereignty and legitimacy.
Section 14(2) of the Constitution of the Federal Republic of Nigeria 1999 (1999
Constitution) is central to this point because it touches of sovereignty, security and people
participation in their government. Section 14(2) is reproduced hereunder:
14. (1) The Federal Republic of Nigeria shall be a State based on the principles of
democracy and social justice.
(2) It is hereby, accordingly, declared that:
(a) sovereignty belongs to the people of Nigeria from whom government through
this Constitution derives all its powers and authority;
(b) the security and welfare of the people shall be the primary purpose of
government; and
(c) the participation by the people in their government shall be ensured in
accordance with the provisions of this Constitution.
24
Let us x-ray the three limbs of Section 14(2). Sovereignty belongs to the people.
Essentially, the people in exercise of that sovereignty, bestow legitimacy on a
government/administration during periodic democratic elections. The combined effect of
the Preamble and Chapter I to the 1999 Constitution is that the people of the Federal
Republic of Nigeria, through the Constitution which is the grundnorm, bestow legislative,
executive and judicial powers on institutions of state at the federal, state and local
government levels. That act thereby delegates the people's powers to the institutions and
clothes them with the legitimacy to act on behalf of the people and in accordance with the
will of the people. Through Chapter II of the 1999 Constitution, the people go further to
prescribe in what manner and towards which objectives the state shall direct its affairs in
exercise of the delegated powers. To leave no room for doubt, the people, by virtue of
Section 13 of the 1999 Constitution, place the duty and responsibility on “all organs of
government, and all authorities and persons, exercising legislative, executive or judicial
powers”, to not deviate from Chapter II of the Constitution.
Although authority and legitimacy are delegated to institutions of state (what we often
refer to as government), sovereignty resides in people and cannot be delegated. For the
avoidance of doubt, sovereignty does not reside in the National Assembly of Nigeria or in
the Presidency or in any other state institution. As a representative body, the National
Assembly has delegated authority and the legitimacy to act on behalf of the people. Due
to the fact that processes of state administration and the machinery of government would
grind to a halt if the people were to exercise their sovereignty directly on a regular basis
every day, it makes sense to delegate to and to legitimize “agencies” for the people. To
catch up with reality, the interpretation of paragraph (b) of Section 14(2) above on security
and welfare of the people extends to cybersecurity and data protection, security of e-
Governance platforms and digitization of services that touch on the welfare of the people.
The National Cybersecurity Policy and the National Cybersecurity Strategy of 2014, and
the Cybercrime (Prohibition) Act of 2015 were made to fill this vacuum. Future legal and
extralegal developments are envisaged to keep up to speed with the changing reality.
With respect to paragraph (c) of Section 14(2), the arrangements elucidated above
regarding the agency of institutions of state between the people and their governance
are presently in a state of disruption. It is a paradox that the people are sovereign and yet
are disempowered; political participation by the people in determining their own destiny
has mostly shrunken to voting during four-yearly election cycles. The current reality is
likely to change in the next 15-30 years when the people realize their power. As a matter of
25
FUTURE GOVERNANCE
necessity, the social contract between the people and their political leaders will be
renegotiated. Such renegotiation would entail significant review of the Constitution or the
adoption of an autochthonous constitution which will be truly owned by the people. The
walls of state agencies and structures will either change, recede or fast become obsolete.
In the future, direct exercise of sovereignty will become a matter of course in the lives of
the people. Public opinion, feedback, dialogue, discussions, rallies, decisions and even
voting will likely be expressed and conducted in real time. Whereas much of the
controversy surrounding passage of the Electoral Act (Amendment) Bill in 2018 has been
on compulsory use of card reader, in the future the Electoral Act will likely be reviewed to,
among other things, enable online voting, the emergence of independent candidates
with greater emphasis on service and impact, and to consider staggered elections and
midterm elections to promote continuity and reduce logistic nightmare. It is conceivable
that in the near future, there would be no need to wait for four-yearly election cycles for
the renewal or impeachment of legitimacy and authority of state administrators. Through
the instrument of e-Governance, democracy as we know it will be on steroids. Importantly,
the phenomenon will demand legal, policy and practical reviews and adjustments by the
government to better enable and expand participation of the people in their governance.
7.2 Sovereign National Conference
Since the country's return to democratic rule in 1999, Nigerians from all walks of life have
advocated for the convocation of a Sovereign National Conference (SNC). According to
most advocates, the SNC would have the task to renegotiate restructuring of the Nigerian
state so as to truly reflect the political, economic, social, cultural, religious and multifarious
realities of the country. In essence, what the advocates clamour for is a People's National
Conference to trigger a disruption and remaking of the relationship between the Nigerian
state and the society. Indeed, a National Conference was convoked by the Goodluck
Jonathan administration in 2014. The 492-member National Conference took four
months to deliberate, articulate its positions and submit its report to the federal
government. To its credit, the report of the National Conference contains far-reaching
recommendations which, if implemented, could form the bases for a new Nigeria.
However, it appeared that the process was set up to fail from the outset. The main reason
is that it was largely based on the same calibrations of the status quo which it sought to
disrupt. Delegates to the National Conference were appointed by the federal government
without heed to the wishes of the people, it was funded by the federal government, and
was not a true reflection of the voices of the Nigerian society given the low ratio of its
26
youth and women membership. It was clearly not people-driven but government-driven.
Moreover, a people's conference should be dynamic, not static. The assumption that a
handpicked conference would deliberate and resolve the existential issues that have
bedeviled Nigeria for so long in four months and then is functus officio, and thereafter
hand over the baton to a government willing and ready to self-disrupt was poorly
conceived from the start. Not surprisingly, some segments of the Nigerian society
rejected and disassociated themselves from the National Conference and its report.
8. The People's Manifesto: A New Social Contract

The social contract theory was expounded by Thomas Hobbes, John Locke and Jean-
Jacques Rousseau during the Age of Enlightenment. In summary, the theory holds that in
the beginning man lived in a state of nature. There was no government and no law to
regulate human interactions. This led to hardships and oppression of some sections of the
society. To overcome such hardships, men entered into two agreements, thus: pactum
unionis (union agreement) and pactum subjectionis (subjection/submission agreement).
By virtue of the first pact, the people sought protection of their lives and property,
undertook to respect each other and to live in peace and harmony. By the second pact,
the people united together and pledged to obey an authority and surrendered the whole
or part of their freedom and rights to such authority. The authority guaranteed everyone
protection of life, property, and to a certain extent liberty. Thus, it was imbued with the
authority and power to enforce the initial contract. In other words, to ensure their escape
from the state of nature, the people “contracted” to (1) live together under common laws,
and (2) create an enforcement mechanism (government) for the social contract and the
laws that constitute it.
However, something seems to be off-kilter in much of society today: governments are

either no longer keeping their side of the bargain, or have extended their powers beyond
that which was delegated. The government which was created by the people and for the
people often becomes an unruly monster which needs to be tamed. In such instance, it
becomes necessary to invoke a new “contract” to exercise the sovereignty of the people,
to restore balance and keep the government in check, and ensure that processes of
government are conducted according to the needs and desires of the people. This third
agreement I call pactum summae potestatis (sovereign agreement). From another
perspective, pactum summae potestatis is implied in the first two since sovereignty
resides in the people and not in the government. In theory, where there is conflict
27
FUTURE GOVERNANCE
between pactum summae potestatis and pactum subjectionis, sovereignty prevails and
the government may become replaced or rendered obsolete. The Arab Spring of 2010-
2012 which swept through Tunisia, Egypt, Libya, Yemen, Syria, Kuwait, Lebanon, Morocco
and other countries in the Middle East and North Africa is a locus classicus of the
manifestation of such conflict.
With continuing advances in ICT, the Internet of Things and near-seamless ICT-life
integration—coupled with the demographic and political dynamics and projections
above—the years 2033 to 2048 will witness a ground shift in political processes, political
governance and political decision making in Nigeria. A clear demonstration of the rise in
political consciousness of the people and a landmark on the path to remaking of state-
society relationship will be articulation and adoption of the People's Manifesto, an
invocation of pactum summae potestatis. The coming era will be marked by keen
awareness of the contrast between the people's current state (Point A) and their desired
state (Point B), clear articulation of what needs to happen to get from Point A to Point B,
and greater unity of action in moving from Point A to Point B.
8.1 Essential elements of the new social contract
First, a social contract is dynamic, not static. It is not time-limited. If the idea and principles
are reduced in a document, such document should be organic and not rigid. The needs,
goals and expectations of a people often change with changing times and should
therefore be adapted and renegotiated to bring them into alignment with the times as
much as possible. Secondly, a social contract is process-based. The process is just as
important as the outcome. The people do not become functus officio once The People's
Manifesto is adopted or once a report is submitted or a negotiated agreement is reached
with a political stakeholder. The people are to represent, accompany and defend their
manifesto. Negotiations and interface with the state is a continuing engagement and the
people should carry out continuous oversight of the social contract to ensure that the
state is guided by its fundamental objectives and principles in taking action on behalf of
the people. Thirdly, a social contract is people-driven. Ideally, there should be open
membership or subscription to all Nigerians which cut across ethnic, regional, religious,
income and party lines. However, it is important to have credible and widely accepted
guardians or conveners to kick-start the process. For practical reasons, there should also
be a steering committee and a platform for dialogue. ICT will play a key role in mass
mobilization and mass participation in the platform for dialogue. Fourthly, the people
should be bound together in unity of purpose and unity of action. This also means that the
28
people play a more direct role in governance even if they choose to surrender part of their
freedom and delegate authority to a government. That will be the true test of sustainability
of The People's Manifesto.
When the people clearly articulate their manifesto, it will become a basis for renegotiation
of the new reality with multiple stakeholders including governments and political parties.
Elements of the new social contract which needs to be renegotiated in Nigeria today
include access to quality education and healthcare, security of lives and property, access
to justice, infrastructural development, economic diversification and sustainable
livelihoods. The focus will be on good governance to deliver human development. In the
coming era, the People's Manifesto will likely supersede Party Manifesto. Party
Manifestos will reflect the principles, visions, goals and expectations elaborated in the
People's Manifesto; electioneering campaigns will be based on the People's Manifesto.
As such, political parties will have to sign up to the People's Manifesto or risk losing mass
support and mass votes. Consequently, political parties in power will have to deliver on
the People's Manifesto or risk being voted out. This will likely happen in Nigeria in the next
15 years. Early glimpses of what may be possible are already manifesting.
8.2 New forms of alliances
With the generational shift in loci (above) and social dynamics, new forms of alliances and
shifting of spheres of influence will likely lead to an awakening where voting patterns will
tilt towards considerations that cut across ethnic, regional, religious, income and party
lines. It is instructive that the ruling party as at 2018, the All Progressive Congress (APC),
was formed in February 2013 from a merger of three ethnically and regionally based
political parties. Before then, opposition parties were mostly fragmented along regional
and ethnic lines, making it impossible for them to mount a credible challenge to the
formerly ruling party, the People's Democratic Party (PDP). The youth and women in
Nigeria, if they will lay aside differences and galvanize their voices and potential into
action, will become more influential than any one political party and will have the power in
the palm of their hands to vote in or vote out any party or government. An alternative
scenario is that the youth and women may sponsor independent candidates or form their
own political parties and enter into alliances with other parties that subscribe to their
manifesto.
During the 2015 presidential elections, the Nigerian population was around 182 million
people, total number of registered voters stood at 67,422,005 while actual votes cast
stood at 29,432,083 representing a turnout of 43.65%. This means that over 50% of
29
FUTURE GOVERNANCE
registered voters were either unwilling or unable to vote. Total votes cast to give the ruling
party APC victory was 15,424,921 reflecting the combined support of the merger of three
political parties. With the rise in political consciousness added to the use of online and
mobile voting platforms which will likely increase political participation in the next 15
years, it is conceivable that the Nigerian youth (18-35 years) whose projected population
for 2018 stand at over 64.8 million and women in Nigeria (females 18-75 years) whose
projected population stand at over 46 million—if they devise a definite strategy and take
the necessary steps to actualize their objectives—will constitute formidable negotiating
blocs in the future. The above data is captured in the graph below.
Based on statistics for 15-30 years, any political party that devises and pursues a definite
strategy to capture the hearts and votes of half of Nigerian youth and half of Nigerian
women will likely win the presidential elections, other factors considered. It is instructive
that political organization and political alignment have started to occur along these lines.
Some of the newly-registered political parties— New Generation Party of Nigeria, Young
Democratic Party, Young Progressive Party, Youth Party, etc.—and their manifestos are
indicators of such new forms of alliances and political alignment needed to tilt the
30
balance. From the current practice of a party-focused and candidate-focused non-

violence pact midwifed by the electoral umpire, the Independent National Electoral
Commission (INEC), political negotiations and pre-elections commitment at the federal,
state and local levels will move towards a new social contract midwifed by the people and
for the people. Political parties and their candidates will have to commit to the articulated
goals and expectations of the people for their society. Following the trends of political
engagement and political behaviour in Nigeria since our return to democracy in 1999,
such developments are more likely to be tested first at the local, state and regional levels
before conditions are ripe for the collapse of traditional loyalties at the national level.
8.3 Missed opportunities
A missed opportunity to put the idea of the People's Manifesto to test was the case of the
Indigenous People of Biafra (IPOB) led by Nnamdi Kanu. Sustained efforts by the
movement to galvanize the teeming youth and to raise their political consciousness
through propaganda broadcast on the London-based Radio Biafra and social media
campaigns bore fruits, even if IPOB was seen by the élite as a misguided venture of a
separatist. Radio Biafra broadcasts live through multiple online streaming platforms. IPOB
identified with the challenges and sufferings of the masses. It also tapped into the
emotional well of unaddressed grievances from the Nigeria-Biafra Civil War of 1967-1970.
In the aftermath of his arrest and incarceration by the Department of State Services in
October 2015 on accusations of criminal conspiracy, intimidation and membership of an
illegal organization and his release in April 2017, Nnamdi Kanu had become something of
a martyr to millions of youth from the South-East and South-South geopolitical zones of
Nigeria who felt disenchanted with long years of poor governance and disconnected from
the dividends of democracy. His arrest led to protests in parts of Abuja, Abia, Anambra,
Cross River, Delta, Enugu, Imo and Rivers States, and in Germany, the United Kingdom and
the United States. In two years, IPOB support spread like wildfire and Nnamdi Kanu rose
from a political commentator and activist to a leader who enjoyed near-cult worship by a
significant portion of the people.
In the run-up to the gubernatorial elections in Anambra state in November 2017, IPOB was
strongly positioned to articulate a People's Manifesto and to put the goals and
expectations of the teeming youth and communities on the front burner in negotiating
with frontline political parties and stakeholders. As its bargaining chip, it could have
pledged the support of the millions of its members and followers for the party or parties
that adopt their manifesto, and mobilize them to vote on election day. IPOB was also
31
FUTURE GOVERNANCE
strongly positioned to negotiate to get some of its leaders elected into office. Political
power and planning for the long term could have given the movement greater leverage to
expand its base, make its demands and achieve its objectives through legitimate
means. Instead, it ordered its supporters to boycott the elections on the reason that
IPOB was clearly a secessionist movement, not a political one: it would therefore not
entertain any government-organized election in the entire Biafra land until referendum on
Biafra independence was conducted. Even though IPOB made no overt moves to parley
with political parties, some parties and their candidates—perceiving the advantage of
IPOB mass support—made attempts to ride the wave by endorsing the movement,
advocating for the right to self-determination, acknowledging IPOB grievances and
adopting a people-oriented manifesto. By being rooted in a separatist ideology, IPOB
missed an opportunity to transition from political consciousness and mobilization to
political participation and empowerment.
Another movement of human rights and pro-democracy organizations is the Save Nigeria
Group (SNG). It was formed in January 2010 in response to the crisis associated with late
President Umaru Musa Yar'Adua's sickness at the time, and played a strong role in
mobilizing for mass rallies across major cities in the country and sensitizing Nigerians
through mass media, social media and ICT platforms. The group was also active and
visible in the buildup to the 2011 presidential elections. SNG describes itself as “a non-
profit, cross party, non-partisan and non-governmental organisation at the heart of the
movement for the promotion of fundamental human rights, freedoms, constitutionalism,
peace and good governance in the country”. SNG did not articulate a People's
Manifesto but was adept in organizing protests against unjust and oppressive policies of
the government. It also held strong positions on restructuring the Nigerian federation and
crowdfunded for people-oriented projects and causes. The convener of SNG, Pastor
Tunde Bakare, was later adopted by Muhammadu Buhari of the Congress for Progressive
Change as his running mate for the 2011 presidential elections—a clear move to transition
from political mobilization to empowerment.
9. The Link between Consciousness and Empowerment

The link between greater people participation which is a result of increased awareness
and empowerment which is a result of applied strategy will need to be bridged for the
people to fully realize their power. The difference between the two is highlighted below.
32
Ü Consciousness entails being aware of the contrast between one's current state
(Point A) and one's desired results (Point B) and of what needs to happen to get
from Point A to Point B.
Ü Empowerment entails being able to harness the individual and collective

resources available to one (including the divided voices and votes of the people) to
make the needed transition from Point A to Point B.
However, the transition is not a one-step process and the progression is not always
linear. It involves applied strategy which may be overt or covert, and requires
navigating through various levels of political involvement. A simplified illustration is
given below.
Figure 8. The link between political awareness

and political empowerment. Source: Author
33
FUTURE GOVERNANCE
In making the transition, ICT-driven people participation in governance plays an important

role. However, ICT is not the only factor. Other critical factors which may be seen as
ingredients of change include demographics, social dynamics, political and constitutional
reforms. Other drivers include unity of purpose, unity of action, and political alignment. ICT
spreads and reinforces political consciousness; political consciousness in turn leads to
greater ICT applications to political governance. While political awareness is realized by
the masses, empowerment is realized by the few. Thus, it is necessary for a critical mass of
the people to be politically aware to achieve desired outcomes, but a few enlightened
ones can wield enormous political power and influence over the masses. Political parties,
particularly the party leaders and major stakeholders, constitute enlightened political
formations and alignments with clearly articulated and adaptive strategies for taking over
and/or consolidating power. Even with ICT-enabled disruption to “government as usual”
and rise in political consciousness, the mass of the people are yet to organize themselves
into empowered political formations.
10. Vox Populi: The Other Side

10.1 The limits of ICT
For good reason, the Arab Spring has become a perennial reference point for the role of
ICT in political mobilization and disruption. With regard to remaking of state-society
relationship or renegotiating a new reality after disruption, the extent of the role of ICT is
debatable. This is because remaking cannot result from autopilot; it requires clear vision,
definite strategy and deliberate effort. Disruption which is not matched by the above trio
can be catastrophic. In Egypt and Libya for instance, it may be said that ICT-enabled
disruption happened without a common vision by the people of the future they wanted to
create. For the most part, majority of the people were preoccupied with getting rid of their
unresponsive or repressive rulers. Although the path taken by each of the countries of the
Arab Spring in forging a new social contract has varied widely and has met with varying
levels of success, it is beyond dispute that leadership plays a central role in midwifing a
new reality.
To further test the limits, it is relevant to consider the question: to which extent has ICT and
the internet influenced political consciousness, behaviour, participation and mobilization
in Nigeria? From the findings of this study, the answer would be a qualified: to a significant
degree, directly or indirectly, although other critical factors are also at play. Twenty years
34
ago, long before the GSM and internet revolution, a mass movement successfully
mobilized millions of Nigerian youth towards a political cause. That movement was
tagged “Youth Earnestly Ask for Abacha” (YEAA). The convener of YEAA, Daniel Kanu,
and the campaign tapped into the power of traditional media: TV, radio, billboards, and
newspaper adverts. YEAA was in the news every day and in no time General Sani Abacha
became the single story. YEAA also tapped into other existing youth networks to organize
a two-million-man march in 1998. The antecedents of late General Sani Abacha are well
documented elsewhere, and it appears that four key factors were at play in influencing
political behaviour and political mobilization during that era without significantly
expanding political consciousness and political participation in any sustainable way. The
factors are:
Ü Widespread lack of desire or motivation for political participation due to fear of

oppression, distrust and apathy;
Ü The bandwagon effect of following the cause most likely to succeed in the
absence of credible alternatives;
Ü Readily available pool of millions of youth seeking gainful employment; and
Ü Opportunity for monetary, material and/or political gain.
To its advantage, YEAA had a definite strategy and was able to harness resources towards
achieving a political objective. The likely result was aborted only by the untimely death of
Sani Abacha in June 1998.
Furthermore, a second question which challenges an assumption on the role of ICT in

political development is this: is ICT actually expanding political consciousness and
participation or is it merely replacing traditional media as alternative platform for delivery
and engagement? From the findings of this study, the answer is somewhere in the middle
and the question may need to be fine-tuned. The influence of brick-and-mortar and print
media are receding with the expansion of cyber-enabled media platforms. To remain
relevant, traditional media is also innovative in integrating new technologies into their
practice. For instance, Channels Television has a 24-hour live streaming service on You
Tube and also has Facebook and Twitter accounts. ICT expands consciousness and
participation relative to the population of Nigerians reached and relative to their levels of
engagement. However, nobody stays glued to Channels' You Tube channel for 24 hours
just because the service exists. It is therefore important to interrogate the nature of
engagement on ICT- and internet-enabled platforms especially as the content is neither
35
FUTURE GOVERNANCE
curated nor regulated, to enable a realistic assessment of its influence and impact.
Random sampling and observation point to the fact that most youth in Nigeria between 15-
30 years—who will transition mainly into the locus of influence by 2033—are highly
engaged on Facebook, Instagram, WhatsApp, Twitter and other social media platforms
but more on matters of fashion, gossip, lifestyle, sports, gaming, chat and fun, and less on
political news, issues and debates. Instant gratification seems to be the order of much of
social media engagement. A limited study which involved the youth population of a
federal university in Nigeria reveals that “The youth's social media usage thus disengages
rather than makes for active engagement with their expected role in social transformation
and development”. The trend may change in the future with age, responsibility and
other dynamics, but it raises a yellow flag.
Another important observation here is that, although the level of political expression on
the internet, blogs and social media platforms has skyrocketed especially on issues
around elections and the electoral cycle, such political expression may not necessarily
translate to rise in political consciousness and political participation. Some of the factors
at play in the YEAA case above may still be at play today, twenty years later, only
transmuted to cheaper, faster and unbounded alternative platforms for delivery and
engagement.
10.2 Tyranny of the majority
While riding the crest of people power, it is critical to also consider scenarios of “tyranny of
the majority” which is equally likely in a future ICT-enabled disruption of state-society
relationship. This is important to guard against social imbalance, prevalent instability and
the crippling of governance. Today, mass mobilization for public protests or campaigns to
condemn or vote out an under-performing government are done in real-time, thereby
compressing the time, space and resources needed to do such in the past. By extension,
civil disobedience in the future may take less and less the form of violent public protests
and increasingly take the form of passive non-compliance and sabotage such as
withholding taxes and rates due to the government or sit-at-home order by organized
labour. Essentially, when people realize that they have the power and they have a choice,
they may rescind a false social contract if the government fails to hold up its own side of
the bargain. Other forms of negative behavior which have been enabled by ICT include
the rise in “fake news”, hate speech and manipulation of content to influence political
behaviour.
36
When the majority or major stakeholders realize their power which can be wielded on a
day-to-day basis and not only during four-year election cycles, such power will likely be
exploited and extended to its possible limits before some form of balance is restored. To
avoid decimation of the minority, it will be necessary to institute and safeguard processes
for receiving and analyzing minority reports and dissenting opinions, and integrating
tested parts of it into wider governance processes.
11. Conclusion
The likely future scenarios of ICT-enabled disruption of state-society relationship
expounded above are tenable, but they would seem to be something cut out of a
Hollywood movie if the story ended there. ICT is an essential life management tool and
finds application in all facets of life. It will become indispensable as the world moves into
greater interconnectivity of the Internet of Things. Furthermore, ICT represents an
important piece of the jigsaw in unity of consciousness since life itself may be seen as a
virtual simulation. As far as political governance goes, ICT applications in e-Governance
will expand. It is a catalyst for political awareness, an enabler of political participation and
a tool for political mobilization. The above trio are landmarks on the pathway to political
empowerment. However, in attaining political empowerment, the impact of ICT is limited
and a wide gap remains between the future we desire and the desires we realize. To fill
that gap requires both unity of purpose and unity of action: ability to set aside differences,
envision a common objective, devise a definite strategy for action, and willingness to take
the necessary steps towards political empowerment. A significant step in that direction is
articulation of The People's Manifesto. Working together with ICT-enabled disruption and
other critical factors, the People's Manifesto will play a major role in remaking of state-
society relationship in many contexts.
The outcomes of this study have significant implications for national development and
national planning. It is important for major stakeholders—including governments at all
levels, government agencies, policymakers, planners, political parties, electoral umpire,
civil society organizations, traditional and informal institutions, platforms for social
inclusion, businesses, and the people—to envision, anticipate and prepare NOW for
how to make the best of and manage the worst of the future scenarios of combined
ICT advancement, demographic change, social dynamics and political development,
even if they will all not play out by the book.
37
FUTURE GOVERNANCE
Box 2: Recap of Likely Significant Shifts in State-Society Relationship in Nigeria

from 2018 to 2048
Landmarks in the process of transitioning from political consciousness to political
empowerment.
Level 1 disruption: Autopilot

Ü Expansion of ICT applications to improve efficient service delivery in the
health sector, education, transportation, tourism and hospitality, security
and governance.
Ü Massive youth bulge and an explosion of creativity, innovation and social
enterprise result in challenges to the government and many sectors of
society.
Ü Rise in urban population cause severe stress on urban infrastructure and
on economic, social and environmental development sustainability.
Ü Expansion in various sectors including education, health, housing,
transport, security, agriculture, industry. Rise in levels education have a
knock-on effect on all other sectors.
Level 2 disruption: Ripple effect
Ü Rise in political consciousness, political participation and political
mobilization.
Ü Greater demands on governments to improve public service delivery,
efficiency, transparency, accountability, and responsiveness to the needs
of the people.
Ü Public opinion, feedback, dialogue, discussions, rallies, decisions and
even voting expressed and conducted in real time.
Ü Shift from manual voting at polling stations to mobile and online voting,
online voter registration and online registration of political party
membership.
Ü Reduction in political thuggery and violence, shrinking of the heavy
financial costs and logistic challenges associated with organizing and
conducting elections.
Ü Leaner governments and leaner budgets for government projects and
38
structures, and diversification of the economy into more productive

sectors.
Ü Leadership becomes more distributed between the older and younger
generations and decision making is flipped on its head and brought closer
to the people.
Ü Greater participation of women in politics and in platforms for social
cohesion, social learning and self-help translate to greater voice,
consciousness and empowerment.
Ü Families mostly characterized by fewer offspring, and greater cultural
acceptance of family planning pathways lead to lower birth rates.
Ü Social enterprise, private foundations and online platforms for
crowdsourcing and crowdfunding play a greater role in political
development.
Ü Political contestation in urban centres increase in intensity and scope due
to the “honeypot effect” of population density.
Ü Civil disobedience become less expressed in the form of violent public
protests and more in the form of passive non-compliance and sabotage.
Ü Governments increasingly improve in transparency, accountability,
efficiency, effectiveness and responsiveness to the needs of the people.
Level 3 disruption/remaking: Definite strategy and action
Ü Demands for significant legal, policy and practical reviews and
adjustments by the government to better enable and expand participation
of the people in their governance.
Ü Reform of electoral processes and reconfiguration of the nature, structure,
constitution and internal governance of political parties to reflect the new
reality.
Ü As a matter of necessity, the social contract between the people and their
political leaders renegotiated and such renegotiation entail significant
reviews of the Constitution.
Ü Articulation and adoption of the People's Manifesto, marked by keen
awareness of the contrast between the people's current state and desired
state and what needs to happen to attain the desired state.
39
FUTURE GOVERNANCE
REFERENCES
Abdulkareem, Kayode Abdulrasaq. “Challenges of E-Government Implementation in the
Nigerian Public Service,” Journal of Writing in Creative Practice 1, no. 4 (2015): 45-
56.
Adibe, Jideofor. “The 2015 Presidential Elections in Nigeria: The Issues and Challenges”,
Foresight Africa: Top Priorities for the Continent in 2015, (2015): 3-9.
Arbib, James and Tony Seba. Rethinking Transportation 2020-2030: The Disruption of
Transportation and the Collapse of the Internal-Combustion Vehicle and Oil
Industries, a RethinkX Sector Disruption Report, 2017.
http://www.ourenergypolicy.org/wp-
content/uploads/2017/05/RethinkingTransportation_May_FINAL.pdf.
Ashiru, Dele. “Democratization and the Politics of Self-Succession in Nigeria”, in Maurice

N. Amutabi and Shadrack W. Nasong'o (eds.), Regime Change and Succession
Politics in Africa: Five Decades of Misrule, Routledge African Studies (Book 9) 1st
edition. Oxford: Routledge, 2012. 123-142.
Babate, Alhaji Idi. “State of Cyber Security: Emerging Threats Landscape,” International
Journal of Advanced Research in Computer Science & Technology 3, no. 1 (2015):
113-119.
Bernholz, Lucy, et. al. Good Fences: The Importance of Institutional Boundaries in the
New Social Economy, Project on Philanthropy, Policy and Technology. Stanford:
Stanford PACS, 2013. https://pacscenter.stanford.edu/publication/good-fences/.
Branch, Adam and Zachariah Mampilly. Africa uprising: Popular protest and political
change. London: Zed Books, 2015.
Calic, Goran and Elaine Mosakowski. “Kicking off Social Entrepreneurship: How a

Sustainability Orientation Influences Crowdfunding Success”, Journal of
Management Studies 53, no. 5 (2016): 738-767.
https://onlinelibrary.wiley.com/doi/epdf/10.1111/joms.12201
Carter, Lemurla and France Belanger. “The utilization of e-government services: citizen
trust, innovation and acceptance factors,” Information Systems Journal 15,
(2005): 5-25.
40
Coglianese, Cary. E-Rulemaking: Information Technology and Regulatory Policy: New

Directions in Digital Government Research. Regulatory Policy Program Report
No. RPP-05 (2004). Cambridge, MA: Harvard University, 2004.
Computer Security Resource Centre. NIST Glossary of Information Security Terms.

https://csrc.nist.gov/glossary.
Demadiur Systems Limited & Serianu Ltd. Nigeria Cyber Security Report 2016. Lagos:
2016.
http://www.serianu.com/downloads/NigeriaCyberSecurityReport2016.pdf.
Fang, Zhiyuan. “E-Government in Digital Era: Concept, Practice, and Development,”

International Journal of The Computer, The Internet and Management 10, no. 2
(2002): 1-22.
Farina, Cynthia, et. al. “Designing an Online Civic Engagement Platform: Balancing
'More' vs. 'Better' Participation in Complex Public Policymaking”, International
Journal of E-Politics 5 (2014): 16-40.
Hai, Jeong Chun and Ibrahim. Fundamental of Development Administration. 2007.
Heeks, Richard and Savita Bailur. “Analyzing eGovernment Research: Perspectives,

Philosophies, Theories, Methods and Practice”, Government Information
Quarterly 24, no. 2 (2007): 243-265.
Kim, Seang-Tae. Converging E-Democracy and E-Government Model toward an

Evolutionary Model of E-Governance: The Case of South Korea.
http://unpan1.un.org/intradoc/groups/public/documents/unpan/unpan033197.p
df
Laskar, Manzoor Elahi. “Summary of Social Contract Theory by Hobbes, Locke and
Rousseau”, SSRN Electronic Journal (2013): 1-7.
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2410525
Lee, Jungwoo. “10 year retrospect on stage models of e-Government: A qualitative

meta-synthesis”, Government Information Quarterly 27 (2010): 220–230.
Madzova, Violeta, et al. E-Government as an Efficient Tool towards Good Governance

(Trends and Comparative Analysis throughout Worldwide Regions and within
West Balkan Countries), Balkan Social Science Review 1 (2013): 157-174.
41
FUTURE GOVERNANCE
National Institute of Standards and Technology. Glossary of Information Security

Terms. January 2017. https://csrc.nist.gov/glossary.
National Population Commission (Nigeria) and ICF International. Nigeria Demographic

and Health Survey 2013: Key Findings. Rockville: National Population
Commission and ICF International 2014.
https://www.dhsprogram.com/pubs/pdf/SR213/SR213.pdf
National Population Commission (Nigeria) and Health Policy Project. Nigeria's 2004
National Policy on Population for Sustainable Development: Implementation
Assessment Report. 2015. Washington, DC: Futures Group, Health Policy
Project.
Nigerian Communications Commission. Stakeholder Information: Industry Statistics.

2018. https://www.ncc.gov.ng/stakeholder/statistics-reports/industry-overview.
OECD: Digital Government Strategies for Transforming Public Services in the Welfare
Areas: OECD Comparative Study. 2016. http://www.oecd.org/gov/digital-
government/Digital-Government-Strategies-Welfare-Service.pdf.
Olukotun, Ayo. Repressive State and Resurgent Media under Nigeria's Military
Dictatorship, 1988-98, Research Report No. 126. Uppsala: Nordiska
Afrikainstitutet, 2004. 136 pp. https://www.files.ethz.ch/isn/95523/126.pdf
Onuigbo, Richard. “Understanding Electronic Governance in Nigeria: A Mix-Scanning

Approach,” Arabian Journal of Business and Management Review 5, no. 3
(2015): 27-37.
Persily, Nathaniel. “Can Democracy Survive the Internet? The 2016 U.S. Election,”
Journal of Democracy 28, no. 2 (2017): 63-76.
Power, Wogu and Fadeke Olu-Owolabi. Much Ado about the Idea of E-Governance in
Nigeria's Democracy: Myth or Reality?
http://eprints.covenantuniversity.edu.ng/6013/1/MUCH%20ADOABOUT%20E-
GOVERNANCE%20IN%20NIGERIA%20-%20for%20Conferencey%20pdf.pdf
Siau, Keng and Yuan Long. "Synthesizing e-government stage models – a

meta-synthesis based on meta-ethnography approach", Industrial Management
&Data Systems 105, no. 4 (2005): 443-458.
42
SOPHOS and Centre for Internet Security. Threatsaurus: The A-Z of computer and
data security threats. Oxfordshire, UK: Sophos, 2013.
https://www.sophos.com/en-
us/medialibrary/PDFs/other/sophosthreatsaurusaz.pdf?la=en.
Usman, Zainab. “Does Nigeria Really Need a 'Sovereign National Conference'?”

African Arguments, 29 January 2014.
https://africanarguments.org/2014/01/29/does-nigeria-really-need-a-sovereign-
national-conference-by-zainab-usman/
Uzochukwu, Chinwe E. and Uche P. Ekwugha. New Media and Youth's Online Civic
Engagement in Nigerian Politics: Potentials and Challenges, European
Scientific Journal 10, no. 19 (2014): 203-221.
Uzuegbunam, Chikezie E. “Young People's Engagement of Social Media for Social

Transformation: Study of Nigerian University Students”, Online Journal of
Communication and Media Technologies, Special Issue (2015): 171-194.
https://www.researchgate.net/publication/299598785
Wooldridge, Frosty. “The Ticking 'Population Bomb' in Africa, India, and China: The
ramifications of overpopulation for the West”, The Social Contract, Summer
(2018): 22-29.
World Bank Group. Digital Dividends: World Development Report 2016. Washington,
D.C.: 2016.
http://documents.worldbank.org/curated/en/896971468194972881/pdf/102725
-PUB-Replacement-PUBLIC.pdf.
Zahran, Dalal Ibrahem, et al. “A Critical Analysis of e-Government Evaluation Models at

National and Local Municipal Levels,” The Electronic Journal of e-Government
13, no. 1 (2015): 28-42.
43
FUTURE GOVERNANCE
NOTES
¹ Information and data backing up this study has been collated from open sources and
from six (6) government agencies: Independent National Electoral Commission (INEC),
National Bureau of Statistics (NBS), National e-Government Strategy (NeGSt), National
Planning Commission (NPC), National Population Commission (NPopC) and Nigerian
Communications Commission (NCC).
 National Bureau of Statistics. http://nigerianstat.gov.ng/elibrary.
³ Nigerian Communications Commission. Industry Statistics.

https://www.ncc.gov.ng/stakeholder/statistics-reports/industry-overview#gsm
⁴ PopulationPyramid.net. Population Pyramids of the World from 1950 to 2100.

https://www.populationpyramid.net/nigeria/2033/
⁵ ICT advancements can be measured in micro units of days or months but the
impacts of ICT on social change and human development are easier measured in
macro units of decades or generations (10-15 years).
⁶ See: Likely Significant Shifts in State-Society Relationship in Nigeria from 2018 to

2048, p. 30 below.
⁷ National eGovernment Strategies, Vision, Mission & Objectives.

http://www.negst.com.ng/index.php/about-us/vision-mission-a-objectives
⁸ Jeong Chun Hai and Ibrahim (2007), Fundamental of Development Administration.

Selangor: Scholar Press.
⁹ Dalal Ibrahem Zahran, et al. (2015), “A Critical Analysis of e-Government Evaluation

Models at National and Local Municipal Levels”, The Electronic Journal of e-
Government 13 (2015): 28.
 James Arbib and Tony Seba (2017), Rethinking Transportation 2020-2030: The
Disruption of Transportation and the Collapse of the Internal-Combustion Vehicle and
Oil Industries, a RethinkX Sector Disruption Report.
http://www.ourenergypolicy.org/wp-
content/uploads/2017/05/RethinkingTransportation_May_FINAL.pdf. Although the
report predicts that self-driving electric cars will become the norm in the United States
in eight years, the shift for Nigeria and much of Africa will taper into 2033 due to
challenges in the energy (electricity) sector and continuing reliance on fossil fuel.
11 Currently, the volatile oil industry comprises nearly three-quarters of Nigeria's $521
billion economy. Every month, the federal government, 36 states and the FCT, and 774
local government areas share an allocation from the federation account based on
revenue generated. About three-quarters of that revenue comes from the oil industry
regulator, the Nigerian National Petroleum Corporation. The revenue sharing formula
44
is: 52.68% to the federal government; 26.72% to the states; and 20.60% to the local
governments.
 Chris Giles (2018), “Nigeria Integrity Idol: Reality TV show celebrates most honest
public officials”, CNN African Voices, 1 February 2018.
https://edition.cnn.com/2018/02/01/africa/nigeria-integrity-idol-reality-tv-show-cnn-
africa/index.html
 National Population Commission (Nigeria) and ICF International (2014), Nigeria

Demographic and Health Survey 2013: Key Findings, p. 2. Rockville: National
Population Commission and ICF International.
https://www.dhsprogram.com/pubs/pdf/SR213/SR213.pdf
 From a 2013 survey, while over 30% of married women in southern Nigeria use
contraceptives and methods of family planning, less than 5% of women from North
West and North East Nigeria use such, pointing to cultural factors and correlated with
lower levels of education. https://www.dhsprogram.com/pubs/pdf/GF34/GF34.pdf
 “Economy: We're not placing cap on childbirth—Finance Minister”, The Citizen

Online, 24 October 2018. https://thecitizenng.com/economy-were-not-placing-cap-on-
childbirth-finance-minister/
 PopulationPyramid.net. Population Pyramids of the World from 1950 to 2100.

 National Population Commission (2013), Gender in Nigeria: Data from the 2013
Nigeria Demographic and Health Survey.
https://dhsprogram.com/pubs/pdf/DM52/DM52.pdf
 Ibid.
 Wale Odunsi (2018), “FG Reveals Nigeria's Current Population”, Daily Post, 11 April
2018. http://dailypost.ng/2018/04/11/fg-reveals-nigerias-current-population/
 United Nations, Department of Economic and Social Affairs, Population Division

(2018), World Urbanization Prospects: The 2018 Revision, Online Edition.
https://population.un.org/wup/Country-Profiles/
 Robert D. Kaplan (1994), “The Coming Anarchy: How scarcity, crime, overpopulation,
tribalism, and disease are rapidly destroying the social fabric of our planet”, The
Atlantic, February 1994 Issue.
https://www.theatlantic.com/magazine/archive/1994/02/the-coming-anarchy/304670/
 Bill & Melinda Gates Foundation, Annual Report 2017.

https://www.gatesfoundation.org/Who-We-Are/Resources-and-Media/Annual-
Reports/Annual-Report-2017
 Goran Calic and Elaine Mosakowski (2016), “Kicking off Social Entrepreneurship:

How a Sustainability Orientation Influences Crowdfunding Success”, Journal of
Management Studies, 53:5 July 2016, pp. 738-767.
45
FUTURE GOVERNANCE
https://onlinelibrary.wiley.com/doi/epdf/10.1111/joms.12201
 Emphasis mine.
 Zainab Usman (2014), “Does Nigeria Really Need a 'Sovereign National

Conference'?” African Arguments, 29 January 2014.
https://africanarguments.org/2014/01/29/does-nigeria-really-need-a-sovereign-
national-conference-by-zainab-usman/
 Previous conferences which deliberated on similar issues include the 1986-87

Constitutional Conference convoked by former Head of State, Ibrahim Babangida, the
1994-95 Constitutional Conference convoked by late Head of State, Sani Abacha, and
the 2005 National Political Reform Conference convoked by former President
Olusegun Obasanjo. Other attempts to address Nigeria's constitutional question have
been made by political parties and by the National Assembly.
 The People's Manifesto will likely not be one single document signed or adopted by
all, but is an idea which will encapsulate fundamental principles, goals and
expectations addressed to political stakeholders.
 Jideofor Adibe (2015), “The 2015 Presidential Elections in Nigeria: The Issues and
Challenges”, Foresight Africa: Top Priorities for the Continent in 2015, pp.3-9. The
Brookings Institution.
 Independent National Electoral Commission (INEC) 2015 Presidential Elections,

March 28, 2015, Summary of Results: http://www.inecnigeria.org/wp-
content/uploads/2015/04/summary-of-results.pdf
 PopulationPyramid.net. Population Pyramid of Nigeria 2018.

 International Centre for Investigative Reporting (2015), “2015 Election: Presidential

Candidates Sign Non-Violence Pact”. https://www.icirnigeria.org/2015-election-
presidential-candidates-sign-non-violence-pact/
 Radio Biafra: http://radiobiafra.co/, https://tunein.com/radiobiafra/,

https://www.liveonlineradio.net/english/radio-biafra.htm
 Pjilip Nwosu (2016), “Biafra: IPOB to hold mass protest against Nnamdi Kanu's
detention”, The Sun, 18 September 2016. http://sunnewsonline.com/biafra-ipob-to-
hold-mass-protest-against-nnamdi-kanus-detention/
 SBM Intels (2017), IPOB's Lost Chance: What the Separatist Movement Could Have
Done Differently, p. 5. http://sbmintel.com/wp-content/uploads/2016/03/201711_IPOB-
lost-chance.pdf
 Sam Egburonu (2017), “Anambra polls and IPOB's boycott threat”, The Nation, 12
November 2017. http://thenationonlineng.net/anambra-polls-ipobs-boycott-threat/
 My Nation News (2017), “Chidoka Support IPOB, Says Buhari Wrong on IPOB,
Nnamdi Kanu”, My Nation News, 9 November 2017.
46
http://mynationnews.com/2017/11/09/chidoka-support-ipob-says-buhari-wrong-on-ipob-
nnamdi-kanu/
 Save Nigeria Group. https://savenigeriagroup.org/about-us/
 Dele Ashiru, “Democratization and the Politics of Self-Succession in Nigeria”, in

Maurice N. Amutabi and Shadrack W. Nasong'o (eds.), Regime Change and
Succession Politics in Africa: Five Decades of Misrule, Routledge African Studies (Book
9) 1st edition, (London: Routledge, 2012) p. 134
 Chikezie E. Uzuegbunam (2015), “Young People's Engagement of Social Media for

Social Transformation: Study of Nigerian University Students”, Online Journal of
Communication and Media Technologies, September 2015, pp. 171-194.
https://www.researchgate.net/publication/299598785
47
PART II
Cybersecurity and Data

Protection
Legal Regimes, Vulnerability, and Smart Options for
Improvement ¹
Part II - Cybersecurity and Data Protection
1. Introduction
Long before Boko Haram, Nigeria could be said to have been highly vulnerable to
terrorism and violent extremism. However, there was no real or perceived threat of
terrorism to the people, the government and society. The potential risk of acts of terrorism
and its potential impact on society in terms of loss of lives and livelihoods, disruption of
social order and community, and destruction of built infrastructure was enormous for the
fact that the country did not anticipate and prepare for it. Nigeria's security services did
not have the capacity, the training and the tools to prevent, contain or counter terrorism
and its effects. Because there was no real or perceived threat of terrorism at the time,
serious attention was not given to building resilience for state institutions, the people and
communities so as to deter and cope with radicalization and violent extremism.
Therefore, no contingency plans were put in place to rebuild societies after multiple
cycles of vicious terrorist acts. Taking the above factors together, one can deduce that
Nigeria's vulnerability to terrorism was undeniable but it was latent. Put simply, the
country was never ready for what hit her though she could have seen it coming. That is
how we got here.
The above scenario relates to the security of our physical space; a similar narrative could
be related to the security of our cyberspace. Almost anything is possible in cyberspace
and that includes the good, the bad and the downright ugly. The internet is a great,
unbounded channel of energy and energy can be manipulated to create or recreate
reality. Imagine for a minute that a virtual version of Boko Haram emerges and begins to
attack millions of people, communities, businesses, the state and institutions of
democratic governance. Such attacks would happen in an environment where the risk is
very high, the threat is real, but the capacity of state and non-state entities to resist or deal
with the threat and its effects is very low. In such situation, the country's cyberspace
would be said to be highly vulnerable. Beyond imagination, the above scenario is already
playing out in mini episodes in Nigeria and all around the world.
In August 2012, personnel records of former and current details of Nigeria's national spy
agency, the Department of State Services, were reportedly hacked and leaked online in a
threatening message that claimed to originate from the radical Islamist sect Boko
Haram.² That incident served as a realization of the potency of cyberattacks and an
indication of the vulnerability of supposedly secure institutions. It also signified a red flag
49
FUTURE GOVERNANCE
to strengthen cybersecurity across state and non-state entities. Since that time, the
official websites and some operations of various federal ministries, departments and
agencies (MDAs) have also been reportedly compromised. In the aftermath of the
attacks, Nigeria has strengthened its policy and legal regimes on cyber security, adopting
the National Cybersecurity Policy and the National Cybersecurity Strategy in 2014, and a
Cybercrime (Prohibition) Act in 2015. These measures offer useful bases for action but
are by no means an elixir to Nigeria's vulnerability to cyberattacks and breaches.
2. Approach, Methodology and Objectives

Part II of this book shines a light on the endemic nature of cyber vulnerability and explores
the meeting point of cybersecurity and data protection in Nigeria. It has five objectives:
a) consider the constitutional foundations and the adequacy of the existing legal
regime for cybersecurity and data protection in Nigeria;
b) offer a comparative analysis of relevant national and regional (ECOWAS)

instruments on cybersecurity and data protection and make suggestions to fill
gaps;
c) assess the vulnerability of critical state and non-state entities to cyberattacks and
data privacy breaches;
d) present a scorecard on Nigeria's cyber vulnerability by combining micro indices of

rating vulnerability and mega analysis of the country's capacity in the face of risks;
and
e) proffer legal, policy, strategic and practical options for strengthening

cybersecurity and data protection in Nigeria.
It seeks to achieve the above objectives by considering level of risk, scope of potential
threats, degree of vulnerability, resilience in the face of attacks, and capacity to mitigate
the impacts of cyberattacks and data privacy breaches. Corollary to the above is an
examination of legal and extra-legal measures to boost cybersecurity and data
protection, and the effect of those measures in reducing vulnerability. Its approach is
expository, exploratory and remedial. The following equation from the humanitarian
sector is adapted to present a scorecard on the degree of cyber vulnerability:
50
Figure 1. Elements of risk assessment. Source: Author
Risk = Threat x Vulnerability x Impact
Figure 2. Elements of vulnerability assessment. Source: Author
Risk x Threat x Impact

Vulnerability = ------------------------
Capacity
The methodology employed in data gathering includes examination of primary and

secondary sources, scenarios, case studies and interviews. In adding to the vast
literature on cybersecurity and data privacy in Nigeria, a multidisciplinary approach which
combines legal, social, statistical and security analyses is used in synthesizing
knowledge. A guided vulnerability rating method for Information and Communication
Technology (ICT) users and consumers, cyber platforms and infrastructure is proposed.
The conclusion benefits of a mix of deductive and inductive reasoning in proposing
options and smart recommendations for strengthening cybersecurity and data
protection.
The next section exposes the nature of cyberattacks and privacy breaches and highlights
the need for cybersecurity and data protection in the face of new and emerging threats
and vulnerability. Section 4 offers a definition of key terms and concepts which appear
regularly in this part of the book. Sections 5 and 6 examine relevant statutory, legal and
policy frameworks for cybersecurity and data protection in Nigeria. Section 7 offers a
comparative analysis of ECOWAS legal regime on cybersecurity and data protection to
identify gaps, complementarities and areas of convergence. Section 8 zooms into user
groups of cyberspace including state and non-state entities, analyzes why and how they
may be vulnerable, and considers the degree of vulnerability. Vulnerability is assessed as
a factor of threat, risk and impact, and a simple technique for vulnerability rating is
proposed. Finally, a scorecard on cyber vulnerability in Nigeria is presented, touching on
51
FUTURE GOVERNANCE
micro-level vulnerability and macro-level capacity assessment, and options and

recommendations are proffered to key stakeholders for strengthening cybersecurity and
data protection.
3. The Nature of Cyberattacks and Data Privacy Breaches

Cyberattacks and data privacy breaches are real but not always easily detectable.
Consequently, they are also not easy to deter, stop, counter or trace. More so, because
there are no physical boundaries and time and space are by default compressed in
cyberspace, the vulnerability in cyberspace is more endemic than the vulnerability in our
physical space. Part of the dark side of cyberspace is attacks on platforms,
infrastructures, conduits, hotspots, tools or devices that enable individuals, groups,
corporations, institutions and governments to seamlessly interact and participate in the
affairs of our global village. Globally, every second, 18 adults become victims of
cybercrime, resulting in more than 1.5 million cybercrime victims each day. Cybercrime
and cyberattacks have become almost inevitable as cyber criminals and hackers are
creative in adapting and devising new ways to beat security protocols. Due to the cover of
near-anonymity, distance and fluidity, cyberattacks and data privacy breaches are now
enabling and compounding regular trends of crime and criminality including theft,
robberies, cybercrime, obtaining by false pretense, money laundering, various forms of
illegal trafficking, identity theft, breach of privacy and physical security, blackmail, and
even terrorism.
In understanding the nature of cyberattacks and data privacy breaches, it is important to

clear some false assumption.
3.1 All cyberattacks and data privacy breaches are planned, perpetrated and/or
sponsored by criminals or criminal groups (fallacy of the usual suspects).
Not always so. Non-criminal groups including governments, law enforcement agencies,
political groups, special interest groups, ICT companies, businesses, corporations and
even individuals also sponsor or carry out such attacks and breaches. Government-
sponsored cyberattacks and espionage is on the upswing as the big powers compete for
cyberspace supremacy and strategic advantage. It appears that the criminal element
here is not the nature of the entity perpetrating it but the actual use or intention behind
such acts. For instance, hacking has become a veritable means of gathering information
for strategic planning, strategic use, collecting intelligence, aiding crime prevention and
52
law enforcement, influencing public opinion, decisions and policies, market survey,
gaining business advantage or blackmail.
3.2 All forms of cyberattack and data privacy breaches are criminalized and
therefore punishable in many jurisdictions (nullum crimen sine lege, nulla poena sine
lege).³
Not always so. In many cases, the law is very slow to catch up with fast-paced advances in
ICT, therefore many gaps exist. This situation leaves a potentially infinite and shifting grey
area with weak regulation regimes that can be explored by anyone or group for various
purposes. For instance, while Nigeria has a Cybercrime Act, the country is yet to enact a
law prohibiting data privacy breaches and gaps remain on espionage, data harvesting,
information sabotage, etc.
3.3 All cyberattacks and data privacy breaches are financially profitable or are done
with the intention of financial profit.
Again, not always so. Such acts may be carried out primarily for non-financial benefit.
Benefit may be political, strategic, commercial, ideological or other advantage. Attacks to
undermine intellectual property, business secrets, national security information, missile
defence codes, personal health information, insurance or pensions data, or to manipulate
consumer behaviour or voter behaviour may go beyond immediate financial profit. Some
attacks or breaches may even be motivated by mischief, blackmail or intimidation.
Significantly, processes of government and democratic governance are not spared in the
global move towards digitization (e-Government), cyber-enabled people participation in
governance (e-Governance) and the Internet of Things. E-Governance is inevitable but
also inevitable are actual and potential risks that undergird the systems that support e-
Governance. E-Governance without cyber security and data protection is futile. As such
the design of e-Governance systems and data protection should essentially incorporate
advanced and upgradable cybersecurity measures from scratch.
The now famous United States Democratic National Committee email leak in 2016 and
several reports of the hacking of the Central Intelligence Agency (CIA) are indicators that
no person or institution is immune from the phenomenon. Cyberattacks that target
democratic processes and institutions of democratic governance can disrupt or cripple
societal progress. The vulnerability of governments, entities, groups, virtual
communities, families and individuals to cyberattacks—malicious or otherwise—and the
potential scale, cost and impact of such attacks underlines the need for all stakeholders
53
FUTURE GOVERNANCE
to invest attention, time, money, technology and effort in strengthening cybersecurity and
data protection measures and plugging vulnerability. Vulnerability exposes not only
individuals and homes to attacks but also exposes communities of social inclusion,
efficacy of commercial transactions, financial institutions, institutions of democratic
governance, and national security and defence systems.
4. Definition of Terms
Remarkably, cyber vulnerability and data privacy breaches go beyond cyberattacks
which are premeditated and targeted attempts to damage or compromise the reputation,
integrity, interest or security of an idea, person, group, corporation, institution or
government through activities in cyberspace. Insecurity or vulnerability in cyberspace
may also result from inherent weakness in an ICT infrastructure or platform, or
inefficiency in operating an ICT system.
To give a clear picture of the various dimensions of the subject matter and how they are
related, it is important to define key terms and concepts which appear regularly in this
part of the book. Glossaries of ICT terms abound.⁴
Ü Attack
[1] Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy
information system resources or the information itself.
[2] An attempt to gain unauthorized access to system services, resources, or information,

or an attempt to compromise system integrity, availability, or confidentiality.
Ü Cybercrime⁵
Offences that are committed against individuals or groups of individuals with a criminal
motive to intentionally harm the reputation of the victim or cause physical or mental harm,
or loss, to the victim directly or indirectly, using modern telecommunication networks
such as the internet and mobile phones or other cyber-enabled devices.
Ü Cybersecurity
Measures to prevent damage to, protect and restore computers, electronic

communications systems, services, wire communication, and electronic devices,
including information contained therein, to ensure its availability, integrity, authentication,
confidentiality, and nonrepudiation.
54
Ü Data privacy or data protection
[1] The aspect of information technology that deals with the ability an organization or
individual has to determine what data in a computer system can be shared with third
parties.
[2] The relationship between the collection and dissemination of data, technology, the
public expectation of privacy, and the legal and political issues surrounding them.
Ü Data loss
The exposure of private, proprietary, sensitive, or classified information through either

data theft (deliberate theft of information) or data leakage (unauthorized exposure of
information).
Ü Threat
[1] Any circumstance or event with the potential to adversely impact organizational
operations (including mission, functions, image, or reputation), organizational assets,
individuals, other organizations, or the nation through an information system via
unauthorized access, destruction, disclosure, modification of information, and/or denial
of service.
[2] A possible danger to a computer system, which may result in the interception,
alteration, obstruction, or destruction of computational resources, or other disruption to
the system.
Ü Vulnerability
[1] Weakness in an information system, system security procedures, internal controls, or

implementation that could be exploited or triggered by a threat source.
[2] A flaw or weakness in a computer system, its security procedures, internal controls, or
design and implementation, which could be exploited to violate the system security
policy.
5. Constitutional Foundations of Cybersecurity and Data

Protection
The Constitution of the Federal Republic of Nigeria 1999 (as amended) (1999
Constitution) sets the statutory foundation for cybersecurity and data protection. Section
14(2)(b) of same touches on security and welfare of the people:
55
FUTURE GOVERNANCE
14. (1) The Federal Republic of Nigeria shall be a State based on the principles of
democracy and social justice.
(2) It is hereby, accordingly, declared that:
(b) the security and welfare of the people shall be the primary purpose of
government.
Obviously, the drafters of the Constitution did not foresee the pervasive reality of
cyberspace in Nigeria today. To catch up with reality, the interpretation of “security and
welfare” in paragraph (b) of Section 14(2) above is extended in this book to include
cybersecurity and data protection, security of e-Governance platforms and digitization of
services that touch on the welfare of the people. By extension, cybersecurity and data
protection are also part and parcel of the primary purpose of the government. The
National Cybersecurity Policy and the National Cybersecurity Strategy of 2014, and the
Cybercrime (Prohibition, Prevention, etc.) Act of 2015 were adopted to fill this vacuum. It is
envisaged that future legal and extra-legal developments will evolve to keep up with the
changing reality.
Data protection and data privacy also relate to the right to private and family life which is a
fundamental right under Chapter IV of the 1999 Constitution. Section 37 of the 1999
Constitution states that: “The privacy of citizens, their homes, correspondence,
telephone conversations and telegraphic communications is hereby guaranteed and
protected.” Although this provision was promulgated long before the explosion of the
internet and electronic communication in Nigeria, it has become even more relevant
today, mutatis mutandis. By extension, the provision also means that citizens can take
action to protect against violation of their fundamental right under Chapter IV, or seek
redress where violation has occurred. Any unauthorized or illegal acquisition and use of
private data or information, whether for gains or for other purposes, is a breach of the
right to private and family life guaranteed under Section 37.
Notably, the constitution also makes restrictions on and permits derogation from
fundamental human rights under certain conditions. Thus, Section 45 of the 1999
Constitution permits any law that is reasonably justifiable in a democratic society: (a) in
the interest of defence, public safety, public order, public morality or public health; or (b)
for the purpose of protecting the rights and freedoms of other persons. Parts IV and VI of
the Cybercrime (Prohibition, Prevention, etc.) Act 2015 are some provisions enacted
under this permission of the Constitution.
56
6. Policy and Legal Framework on Cybersecurity and Data

Protection
The existing policy and legal framework for cybersecurity and data protection in Nigeria
include the following:
Table 1. Policy and legal framework for cybersecurity and data protection in Nigeria. Source: Author
Cybersecurity Regime Data Protection Regime
Ü Constitution of the Federal Republic of Ü Constitution of the Federal Republic of

Nigeria 1999 Nigeria 1999
Ü Corrupt Practices and Other Related
Ü Child Rights Act 2003
Offences Act 2003
Ü Economic and Financial Crimes Ü NCC Consumer Code of Practice
Commission (Establishment) Act 2004 Regulations 2007
Ü Advance Fee Fraud and Other Fraud Ü National Identity Management
Related Offences Act 2006 Commission Act 2007
Ü Federal Inland Revenue Service
Ü Money Laundering (Prohibition) Act 2011
(Establishment) Act 2007
Ü National Information and Communication
Ü Freedom of Information Act 2011
Technology Policy 2012
Ü NCC Guidelines for the Provision of Ü NCC Registration of Telephone
Internet Service Subscribers Regulations 2011
Ü Terrorism (Prevention) (Amendment) Act Ü National Information and Communication
2013 Technology Policy 2012
Ü NCC Mobile Number Portability
Ü National Security Strategy 2014
Regulations 2014
Ü National Cybersecurity Policy 2014 Ü NITDA Guidelines on Data Protection 2013
Ü CBN Consumer Protection Framework
Ü National Cybersecurity Strategy 2014
2016
Ü Cybercrime (Prohibition, Prevention, etc.)
Ü Credit Reporting Act 2017
Act 2015
The above table reveals some points of convergence and divergence which call for
clarification.
6.1 Convergence between cybersecurity and data protection regimes
For instance, the Cybercrime Act contains provisions that touch on both cybersecurity
and data protection. In a bid to balance privacy and security, cybersecurity laws generally
permit some degree of derogation from personal data protection. Data protection
57
FUTURE GOVERNANCE
applies to the narrow area of safeguarding the privacy of personal information. However,
the meeting point between cybersecurity and data protection is cyber vulnerability:
unauthorized access or violation of security procedure on the internet, electronic
communication, electronic transactions and electronic data due to a flaw or weakness in
an information system.
6.2 Lack of binding law (Act) on cybersecurity and data protection
Secondly, while the country has a Cybercrime Act, there is no act of parliament on
cybersecurity which is broader in scope. Not surprisingly, the Cybercrime Act—which by
default pitches the state against suspected cybercriminals—focuses more on the
protection of critical national information infrastructure, criminalizing and prescribing
punishment for offences, enabling the protection and gathering of evidence, conduct of
investigations and prosecution, administration and enforcement. This leaves a vacuum in
the form of absence of a binding and proactive law to authorize the taking of measures to
prevent, manage and respond to broader cybersecurity threats and incidents which may
not be criminalized, to enhance cybersecurity of state and non-state entities, to enhance
sharing of information about cybersecurity threats, to regulate owners of critical
information infrastructure, and to regulate cybersecurity service providers. Acts that have
wider implications on cybersecurity and related matters exist in advanced jurisdictions.⁶
With respect to data protection, although the above table shows a plethora of acts,
policies, guidelines and regulations which touch on data protection, there is yet no
comprehensive legislation on data privacy and data protection. Notably, a Data
Protection Bill and an Electronic Transactions Bill have been before the Senate of the
National Assembly since 2015. Such comprehensive legislation will not only engender
clarity and certainty on the subject matter but will ensure that breaches of data privacy are
criminalized in appropriate cases and adequately sanctioned or punished in a consistent
manner.
6.3 Status of instruments
There is a clear distinction in the status of a policy, a strategy and an act of parliament
which raises the issue of whether the above legal regime is adequate. While an Act
passed by the National Assembly and signed by the President is binding and
enforceable, a policy or strategy initiated and adopted by the executive is not so.
Between the two, a strategy is one step removed from a policy. To put it simply, whereas a
policy is adopted to guide executive decision, a strategy is adopted to guide executive
action. In the sphere of security, a policy usually assesses the current security context,
58
security needs, analyzes risks and threats, maps stakeholders and actors (Point A). A
security policy also outlines security objectives and clarifies a vision of security for the
future (Point B). A security strategy usually goes further to detail how to get from Point A to
Point B, and states required capabilities and who has responsibility for action. A strategy
is flexible, adaptive and responsive to emerging threats.
6.4 Filling the lacuna
Nature abhors vacuum, and so does the law. In the absence of comprehensive
legislation, three developments fill the lacuna. First, Nigerian case law has provided some
guidance on the matter. In the case of Habib Nigeria Bank Limited v. Fathudeen Syed M.
Koya⁷ which involved an alleged disclosure by a bank of a customer's personal
transactional information, the Court of Appeal held that it is elementary knowledge that
the bank owed its customer a duty of care and secrecy in the fiduciary relationship. This
case indicates that other than the statutory protection afforded to information provided to
lawyers, doctors and journalists, certain banks owe a duty to maintain confidentiality to
their clients even though such duty is not expressly prescribed by law. In the wake of the
case law, the Central Bank of Nigeria (CBN) Consumer Protection Framework 2016 was
developed and adopted. Secondly, there is ongoing effort to articulate and promulgate a
modern data protection law in Nigeria. A retreat on Data Protection Legislation in Nigeria
which was held in Calabar, Cross River State, in September 2018 worked on a draft
legislation to the National Assembly apparently in a bid to resuscitate the Data Protection
Bill 2015. Thirdly, through the instrumentality of subsidiary legislation, the National
Information Technology Development Agency (NITDA) 2013 Guidelines on Data
Protection,⁸ minimum data protection and privacy standards are prescribed for all
organizations or persons that control, collect, store or process personal data of Nigerian
residents and citizens within and outside Nigeria.⁹ Section 4 of the Guidelines enumerate
eight principles of data protection and personal data privacy which are also contained in
Section 35 of the NCC Consumer Code of Practice Regulations 2007.¹⁰
Ü Principle 1: Personal data must be processed fairly and lawfully
Data controllers are to process personal data in the manner prescribed by the Guidelines.
This includes disclosing to data subjects the purpose for which data is being collected
and, if personal data is to be transferred to a third party, notifying data subjects of such
transfer.
Ü Principle 2: Personal data should be used only in accordance with the purpose for
which it was collected
59
FUTURE GOVERNANCE
Data controllers have a duty to ensure that data collected for one purpose is not used for
a different purpose. This principle prevents the use of personal data in any manner
different from the purpose disclosed to the data subject at the point of collecting the data.
Ü Principle 3: Personal data must be adequate, relevant and not excessive
This principle prevents organizations from obtaining data without a real or specific
purpose. Only data which is specific to the stated purpose should be collected.
Ü Principle 4: Personal data must be accurate and where necessary kept up to date
Data controllers are required to have in place arrangements that enable data subjects to
confirm, edit and update their personal data.
Ü Principle 5: Personal data must be kept for no longer than is necessary
Data controllers must ensure that personal data is not retained for longer than necessary,
with reference to the purpose for which the data is obtained. Although the Guidelines do
not prescribe a timeframe for data retention, this principle places a burden on data
controllers to develop a retention policy for personal data.
Ü Principle 6: Personal data must be processed in accordance with the rights of data
subjects
Data controllers must respect the rights of data subjects. These rights include a right to
obtain information on the purpose of data collected and to request a copy of their
personal data in a usable form from data controllers. Such a request should be attended
to promptly and the data provided to the data subject within seven days of the request.
Importantly, data subjects are also entitled to the opportunity to object to the processing
of data for direct marketing purpose.
Ü Principle 7: Appropriate technical and organizational measures must be

established to protect the data
Data controllers are required to implement technical and organizational measures to

ensure security of personal data. Some organizational measures including, developing
an organizational policy for handling personal data, personnel training on data
protection, conducting privacy and data protection assessments, appointing a Data
Security Officer, etc. Technological solutions necessary to avoid data security breaches
are also recommended.
Ü Principle 8: Personal data must not be transferred outside Nigeria unless

adequate provisions are in place for its protection.
60
Data controllers have an obligation to ensure that personal data is not transferred to a
country which does not ensure, at the least, the same level of protection as imposed by
the Guidelines.
7. ECOWAS Legal Regime for Cybersecurity and Data

Protection
In terms of policy and legal framework for cybersecurity and data protection, the
Economic Community of West African States (ECOWAS) seems to be ahead of Nigeria in a
few key areas. This is relevant and important not only because Nigeria is a Member State
of ECOWAS but also because of the far-reaching implications of ECOWAS legal regime
on its Member States. The new ECOWAS legal regime which took effect in 2006 is
highlighted below.
Box 1
New Article 9: Legal Regime of the Community ¹¹
1. Community Acts shall henceforth be known as Supplementary Acts,

Regulations, Directives, Decisions, Recommendations and Opinions.
2. To accomplish their missions:
a. The Authority [Heads of State and Government of ECOWAS Member

States] shall adopt Supplementary Acts which shall be annexed to the
[ECOWAS Revised] Treaty;
b. Council [of Ministers] shall enact Regulations, issue Directives, take

Decisions or formulate Recommendations and Opinions;
c. The [ECOWAS] Commission may adopt Rules relating to the execution of

Acts enacted by the Council of Ministers. The Rules so adopted by the
Commission shall have the same legal force as Acts adopted by Council
for the execution of which the Rules are adopted.
d. The Commission shall formulate recommendations and opinions.
3. Supplementary Acts adopted by the Authority shall be binding on the

Community institutions and Member States, where they shall be directly
applicable without prejudice to the provisions of Article 15 of the
Revised Treaty.
61
FUTURE GOVERNANCE
4. Regulations shall have general application. The provisions of

Regulations shall be binding and directly applicable in Member States.
They shall equally be binding on the Community institutions.
5. Directives shall be binding on all the Member States in terms of the

objectives to be realized. However, Member States shall be free to
adopt modalities they deem appropriate for the realization of such
objectives.
6. Decisions shall be binding on all those designated therein.
7. Recommendations and opinions are not enforceable.
8. Unless otherwise provided in this Supplementary Protocol or in any

other Protocol, Community Acts under consideration shall be adopted
by unanimity, consensus or by a two-thirds majority of the Member
States.
New Article 12: Publication and entry into force of Community Acts
1. Supplementary Acts, Regulations, Directives and Decisions shall be

published by the Commission in the Official Journal of the Community
within thirty (30) days after signature. They shall also be published by
each Member State in its National Gazette within the same time-frame.
2. Supplementary Acts, Regulations, and Directives shall enter into force

after publication by the Commission on a date specified therein.
3. Decisions shall be communicated to the persons designated therein and

shall enter into effect on the date of the notification.
The implication of the above is that ECOWAS Supplementary Acts, Regulations,

Directives and Decisions from 2006 are binding and directly applicable in all Member
States without the need for ratification. The rationale is that, being a supranational body,
Member States of ECOWAS jointly bestow authority on the regional body to act in the
collective interest of all. In reflection of ECOWAS' evolving supranational status, the new
legal regime removes the need for ratification and makes Supplementary Acts,
Regulations, Directives and Decisions directly applicable in Member States. Furthermore,
the ECOWAS Conflict Prevention Framework 2008 which was adopted as Regulation
MSC/REG.1/01/08, clarifies its supranational status in Section 4 thus:
62
ECOWAS Member States bear primary responsibility for peace and security
[including cybersecurity]. However, as steps are taken under the new ECOWAS
Strategic Vision to transform the region from an “ECOWAS of States” into an
“ECOWAS of the Peoples”, the tensions between sovereignty and
supranationality, and between regime security and human security, shall be
progressively resolved in favor of supranationality and human security
respectively.
Comparatively, under European Union (EU) law on which ECOWAS Community law is
modelled, Regulations and Decisions become automatically binding throughout EU
Member States on the date they take effect. However, Directives must be incorporated
into national law by EU Member States. Each Directive contains a deadline by which EU
countries must incorporate its provisions into their national legislation and inform the EU
Commission to that effect. If national authorities fail to properly implement EU laws, the
Commission may launch a formal infringement procedure against the country in
question. If the issue is still not settled, the Commission may eventually refer the case to
the European Court of Justice. Similarly, the ECOWAS Court of Justice has jurisdiction
over: any dispute relating to the interpretation and application of Community Acts;
legality of Regulations, Directives, Decisions, and other subsidiary legal instruments
adopted by ECOWAS; cases of failure by Member States to honour their obligations
under the Community law; among others.
Since 2006, ECOWAS undertook efforts towards harmonization of the legal framework
governing ICT in West Africa. ECOWAS legal regime on cybersecurity and data protection
which are binding on and directly applicable to Nigeria includes the following:
Ü Supplementary Act on the Harmonization of Policies and Regulatory Framework

for the ICT Sector within ECOWAS 2007
Ü Supplementary Act on Personal Data Protection within ECOWAS 2010
Ü Supplementary Act on Electronic Transactions within ECOWAS 2010
Ü Directive on Fighting Cybercrime within ECOWAS 2011.
Happily, the ECOWAS legal regime supplements existing national laws and policies and
fills some vacuum that may exist at the national level. It has also influenced legal and
policy development in various Member States. For instance, Chapter V of the
Supplementary Act on Electronic Transactions within ECOWAS which touches on
electronic signature and conditions of acceptance of electronic signature is mirrored by
63
FUTURE GOVERNANCE
Section 84 of the Evidence Act 2011 which applies to the requirements of authenticating
electronically generated evidence by a certificate. Furthermore, the Supplementary Act
on Personal Data Protection within ECOWAS effectively expands NITDA responsibilities
and expands the principles guiding the processing of personal data (Section 4 of NITDA
Guidelines on Data Protection 2013). Comparatively, Chapter III of the Directive on
Fighting Cybercrime within ECOWAS incorporates traditional common law offences into
ICT offences, including theft, fraud, possession of stolen goods, breach of trust, extortion,
counterfeiting, terrorism, money laundering or organized crime, and media offences.
Cybercrime poses a significant threat to achieving the ECOWAS objectives of promoting

regional development and economic integration. Due to the fact that cybercrime is
borderless, efforts to combat cybercrime require the cooperation of law enforcement
agencies of all ECOWAS Member States. Through relevant structures and institutions
including the West African Police Information System (WAPIS), the West African Police
Chiefs Committee (WAPCCO), the Committee of Chiefs of Security Services (CCSS), the
Committee of Chiefs of Intelligence Services (CCIS), and the Inter-Governmental Action
Group against Money Laundering (GIABA), ECOWAS is making concerted efforts towards
digitization of crime data and statistics from all its 15 Member States, improved
information sharing, training of judicial officers and law enforcement agents,
harmonization of legislation and policies, and increasing awareness of decision makers
on cybersecurity and data protection. ECOWAS has also developed a Counterterrorism
Training Manual which includes modules on cyberterrorism and the internet.
8. Vulnerability of State and Non-state Entities

This section considers the vulnerability of user groups of cyberspace In Nigeria including
state and non-state entities. Vulnerability is assessed as a factor of threat, risk and impact,
and a simple method for rating vulnerability is proposed hereunder.
64
Table 2. Source: Author. Adapted from Manual of the US Federal Emergency Management Agency for
mitigating terrorist attacks
Vulnerability Rating Table
Very High 10
High 8-9
Medium High 7
Medium 5-6
Medium Low 4
Low 2-3
Very Low 1
Table 3. Source: Author. Adapted from Manual of the US Federal Emergency Management Agency for
mitigating terrorist attacks
Vulnerability Rating Key
One or more major weaknesses have been identified that make the system
Very High
or the user extremely vulnerable to a threat or risk
One or more significant weaknesses have been identified that make the
High
system or the user highly vulnerable to a threat or risk
An important weakness has been identified that makes the system or the
Medium High
user very vulnerable to a threat or risk
A weakness has been identified that makes the system or the user fairly
Medium
vulnerable to a threat or risk
A weakness has been identified that makes the system or the user
Medium Low
somewhat vulnerable to a threat or risk
A minor weakness has been identified that slightly increases the

Low
vulnerability of the system or the user to a threat or risk
Very Low No weaknesses exist to the system or the user
65
FUTURE GOVERNANCE
8.1 The individual and family units
The use of GSM and internet-enabled mobile devices in Nigeria has skyrocketed in the
past ten years (2008-2018). Mobile phones, devices, tablets, laptops, desktop
computers, electronics and home equipment are widely used by adults, adolescents and
children alike. Their ubiquitous use—though advantageous for the most part—also
translates to very high collateral exposure to cyberattacks and often very low awareness
of basic security measures or the risk and impact of attacks. In today's seamless world,
there is an app for almost everything. Apps find application for innumerable purposes, the
basic ones including: messaging, chatting, gaming, live—audio and video—streaming,
music players, face-timing, learning, education, storage, files sharing, office tools,
personal planners, web browsing, security and antivirus, photography, GPS navigation,
transportation, hospitality, gifting and courier, online betting, friend finders, news
broadcasting, organizing events and rallies, workouts, mobile banking, online
transactions and purchases, social and professional networking, crowdfunding and
crowdsourcing, curating special interests and hobbies. Cloud computing and cloud
storage is only gaining traction and its use is likely to rise in Nigeria in the coming years as
well as other new and emerging ICT applications including: 3-D printing, drone
technology, virtual reality, big data, artificial intelligence, computer learning and the
Internet of Things.
However, security of mobile devices and apps is often taken for granted even where such
security measures are offered free-of-charge and in-built in the devices, or come as add-
ons or upgrades to apps and operating systems. Although tech jargons such as malware,
spyware and ransom ware are usually associated with corporate and government
espionage given the motivations of high reward and consequence, individuals and
families are increasingly becoming targets of cyberattacks. At the same time, the level of
awareness of potential and tangible risks and threats associated with ICT is still very low.
Many individuals and family units may consider themselves unlikely targets; however,
data privacy breaches and cyber spoofing are often done on a mass scale and are mostly
indiscriminate. Areas with high internet penetration and traffic are the more vulnerable to
cybercrime and privacy breaches including child pornography, blackmail, emotional
manipulation, cyber defamation, email spoofing, drug peddling, identity theft, theft of
banking details, medical history or other details, cyberstalking and breaches of home
security systems.
66
Any unauthorized or illegal access to and use of private data or information, whether for
gains or for other purposes, is a breach of the right to private and family life guaranteed
under Section 37 the 1999 Constitution. In addition to personal measures that individuals
and families should take to safeguard their cyber existence, makers of mobile devices,
app developers, ICT firms, banks, internet service providers and other interests have a
fiduciary and social responsibility to users of their products and services and should be
held culpable in cases of abuse or unauthorized use of personal information.
8.2 Communities of social inclusion
Much of the post-2010 world runs on Google, Facebook, Twitter, Instagram, LinkedIn,
WhatsApp, Baidu, WeChat, Snap Chat, YouTube and other platforms for social interaction.
This phenomenon has created virtual communities of social inclusion which thrive on
fast-paced interactions, social norming and shared culture, complete with unwritten
codes of social inclusion and exclusion. For some, life without these platforms is almost
unimaginable and unbearable especially for young adults and adolescents. For this
generation, “internet separation syndrome” has become a health concern that is as real
as drug withdrawal syndrome.
“Freedom” is a sexy mantra and attractive rallying call in our brave new world. Section 39
of the 1999 Constitution guarantees to every person the right to freedom of expression,
including the freedom to hold opinions and to receive and impart ideas and information
without interference, and freedom to own, establish and operate any medium for the
dissemination of information, ideas and opinions. Virtual social platforms such as
Facebook, Instagram, Twitter and YouTube essentially put a jetpack on such freedoms,
enabling free flow of information and digital activism and giving birth to some unintended
consequences such as virtual bullying, content manipulation and “fake news”. Also,
Section 40 of the 1999 Constitution on the right to peaceful assembly and association
suffers extension of physical limitations to assembly and association through virtual
groups that may be formed on online social networks. While registration and approvals
are required to form political parties, trade unions, peaceful rallies, other associations and
physical assemblies, the ease and zero cost of setting up virtual groups on social
platforms make them difficult to monitor or regulate. As the number of users on such
platforms expands every day, they become a limitless pool for data mining, advert
targeting and potential cyberattacks.
On a positive note, virtual social platforms can serve as turbo-charged engines for social
and political mobilization and for influencing public policy and legislation. The popularity
67
FUTURE GOVERNANCE
of such platforms also arises from the fact that most of the Voices of Freedom are by
default anti-status quo and anti-establishment and they find alignment with kindred
voices which then ripples out and converges towards a common cause. It is therefore not
surprising that due to social pressure and the risk of backlash from the electorate, the
Nigerian Senate unanimously withdrew the Frivolous Petitions Bill (a.k.a. Anti-Social
Media Bill) in May 2016. Another recent demonstration of the potential of virtual social
platforms for social mobilization and influence in policy and legislation is the Not-Too-
Young-To-Run Bill which reduced the age of qualification to stand at federal and state
elections in July 2017. Crowdfunding and crowdsourcing also represent social
enterprise platforms for social mobilization and social action. Between 2010 and 2017,
over five billion dollars was raised on GoFundMe by over two million individual
campaigns and 50 million donors. Although crowdfunding is still sprouting in Nigeria, the
online traffic it is likely to generate in the next 10 years will be stupendous. As platforms for
social inclusion, social mobilization and political participation expand in the future, the
risk posed to cybersecurity and data privacy also expands and the potential impact is
colossal.
A recent case of breach of data privacy in the United States illustrates the risk and impact.
As at March 2018, Facebook recorded more than two billion active users per month
worldwide. The situation places an enormous responsibility on a service provider such as
Facebook to secure its users and address vulnerability issues. The recent crisis that
rocked the organization in March 2018 relates to monetization of user data of over 50
million of its users in the United States. While Facebook shares have steadied after an
initial dip, the uproar following the crisis resulted in the shutting down of Cambridge
Analytica, the United Kingdom-based political consulting and data harvesting firm linked
to the Trump campaign, which was at the centre of the data-sharing scandal. Facebook
CEO, Mark Zuckerberg, was called to testify before Congress from 10-11 April 2018. The
crisis led to significant changes in Facebook's privacy and security policies.
Sadly, the average user in Nigeria does not bother to read the terms and conditions of use
of services before they sign up to online platforms, and many of such breaches go either
undetected or unaddressed. To further complicate matters, entry into virtual communities
are either largely unregulated or not amenable to regulation. Although age restrictions
apply, an eight-year old can pose as a thirteen-year old and open a Facebook account in
three minutes. Security on some virtual social platforms, apps and devices may be further
compromised by built-in backdoors. Unsuspecting and vulnerable user groups and
68
individuals continue to fall victim to abuse and unauthorized use or sale of personal
information for advert and marketing purposes.
While unauthorized use or sale of personal information for advert and marketing
purposes are seemingly innocuous compared to other forms of cybercrime, they are
nonetheless breaches of privacy. A related significant issue on privacy rights is ethical
considerations vis-à-vis balancing freedom and regulation, especially against the reality
of terrorism and radicalization. Google and Facebook are often reportedly at
loggerheads with the Federal Bureau of Investigations (FBI) and the Central Intelligence
Agencies (CIA) over access to personal information of users who might run foul of the law.
Even in matters of national security, transparency and checks and balances need to be
built in to protect the rights of law-abiding citizens. The high level of vulnerability of
Nigerians on social platforms raises a need for more deliberate and thoughtful measures
for cybersecurity and data protection.
8.3 Commercial entities and financial transactions
This is the world of Konga.com, Jumia.com, Jiji.ng, online and mobile banking, etc. Konga
and Jumia are the Amazons and Alibabas of Nigeria, Jiji represents the village market
square, and all major banks in Nigeria currently offer popular online and mobile banking
options. These entities profit from making life easier for their teeming users, customers
and clients; thus an individual may save time, cost and effort by banking or transacting
from the comfort of his or her living room. E-wallets and various alternative payment
systems with incentives are offered to keep the customer coming back. The market for e-
commerce and online and mobile financial transactions is enormous and growing
exponentially. For instance, Jumia.com which started operations in Nigeria in 2012 has
also launched Jumia Force, Jumia Foods, Jumia Travel, Jumia Flights, Jumia Party, Jumia
Pay, Jumia Deals and Jumia One. Jumia also has large operations in Egypt, Morocco and
South Africa.
Similarly, we are witnessing an explosion of opportunities in the financial services world.

Banking transactions are fast leaving the four walls of brick and mortar branches to the
clouds. More and more transactions are being done via ATM, POS, internet banking,
Mobile Money, and account opening is now possible via Social Media platforms such as
Facebook. 24-hour banking via internet-enabled platforms is real. The rapid evolution of
alternative platforms and channels for the provision of banking services pose significant
threats to the financial services industry. This is because banks and financial institutions
worldwide are custodians of customers' funds and assets which runs into trillions of
69
FUTURE GOVERNANCE
dollars and billions of customer records. These constitute a honeypot to data miners,
hackers and cybercriminal networks.
Online shopping and online banking were destined to succeed in Nigeria with the largest
market in Africa, a teeming population currently estimated to be over 190 million people,
very high urban population ratio and access to mobile computing, and rising trust and
confidence in online retail and banking platforms post-2010. Nigeria's telecoms regulator,
the NCC, declares that as at August 2018, the number of the country's active mobile
subscribers surpassed 160 million with a teledensity of 114.92, and the number of internet
subscribers on GSM climbed to over 104 million. 
In addition to e-commerce and banking, other commercial entities with high levels of
financial transactions are found in telecommunications, oil and gas,
production/manufacturing, financing, servicing and trading sectors. The enormous
opportunities open to these entities also come with corresponding enormous
responsibility on service providers to maintain effective cybersecurity measures, and
responsibility of regulators to take measure to ensure that consumers and users are
protected from the profit-seeking entities.
An NCC study, Effects of Cybercrime on Foreign Direct Investment and National

Development, concludes that:
The internet has created a geometric growth and accelerated windows of

opportunities for international businesses and the removal of economic barriers
hitherto faced by the nation. Considering these limitless advantages of the
internet, one can easily subscribe to the fact that it is an important tool for national
development and foreign investment in Nigeria. However, cybercrime has
become huge menace threatening foreign investment, socio-economic and
technological advancement of Nigeria.
The above statement captures the risk and vulnerability of the country to cybercrime on a
macro level. The study adds that Nigeria's critical infrastructure may be targeted by
cyberattacks and that has led to immediate and long term economic losses to both
existing and potential foreign investors. Cybercrime was also estimated to cost Nigerian
businesses a whopping 550 million US dollars in 2016. The Minister of Communications,
Adebayo Shittu revealed that Nigeria lost 287 million US dollars' worth of revenue
annually on software piracy in 2016. More so, cybercrime has the potentials to fuel and
compound other criminal activities and increases cost in time and resources for law
enforcement agencies.
70
As an enabler of crime and criminality, cybercrime has overtaken drug trafficking as the
biggest illegal revenue generator for the underworld. Collaboration (national and cross-
border) among players and regulators in the global commercial and financial services
industry is very important in fighting the threat of cybercrime.
8.4 Institutions of democratic governance
Cyberattacks have targeted institutions of democratic government in Nigeria including

federal ministries, departments and agencies (MDAs). High profile websites of
government offices such as the Nigeria Customs Service, Ministry of Foreign Affairs,
Ministry of Justice and the Nigerian Law School have been reportedly hacked at various
times. On the flipside, the internet is an enabler of governance and political mobilization
and a tool for deepening democratic processes and citizen participation. The frontiers of
“community” and spaces for engagement are changing and expanding in ways never
anticipated before, and homegrown demand for better governance will keep rising.
Electronic governance (e-Governance) is a digital innovation in the delivery of public

services and information between the government and citizens, and in promoting citizen
participation in governance. In the United States, E-Rulemaking is an essential part of
regulatory policymaking and has expanded since the E-Government Act 2002. The
phenomenon holds a promise for innovation in governance through people-oriented
policymaking. In March 2004, the Nigerian federal government created the National
eGovernment Strategies (NeGSt) as a Special Purpose Vehicle through NITDA with the
mandate to facilitate, drive and implement the Nigerian e-Government Programme under
a Public Private Partnership (PPP) model. The vision of NeGSt is to implement e-
Government at multiple levels in such a way as to promote transparency and efficient
delivery of services with increasing citizens-government interaction while at the same
time tapping into the economic viability of the venture. In its 14 years of operation, the
NeGSt has laudably assisted MDAs in Nigeria to transit to the digital paradigm. However,
its success seems to goes as far as digitization of public information but is yet to extend to
promotion of citizen participation in governance through digital platforms.
The 2018 United Nations E-Government Survey advocates for a robust e-Governance
Framework to support sustainable development. It presents a systematic assessment of
the use of ICT to transform and reform the public sector by enhancing efficiency,
effectiveness, transparency, accountability, access to public services and citizen
participation in 193 countries. The survey covers health, education, social protection,
economic growth, employment and decent work, environmental protection and public
71
FUTURE GOVERNANCE
security domains. Morocco, Seychelles, South Africa and Tunisia were the only African
countries rated high on the e-Governance Development Index (EGDI) of 2016. Nigeria
was rated middle EGDI.
In contrast with the business and commerce sector, deployment of ICT in the government
sector in Nigeria is fairly recent and still encountering teething problems. It is also
happening at a much slower pace due to the fact that the drivers of commercial
transactions are different from the drivers of government processes. Internal
administrative processes in MDAs are still largely analogue; documentation and
correspondence are still largely done in hard copy. Furthermore, digitization is seen as a
promoting transparency and accountability and therefore a threat to corrupt practices
and unjust enrichment. Those that have benefitted from the status quo may therefore
have an incentive to block or retard the development of e-Governance. The capabilities
of e-Governance is threatened due to risk factors inherent in the current e-Governance
models. Although e-Governance is still gaining traction in Nigeria, little attention is paid to
risk exposure and vulnerability from a cybersecurity perspective.
8.5 National security and defence systems
The starting point here is the National Security Strategy of the Federal Republic of Nigeria
2014. The Strategy identifies IT and cybersecurity [cybercrime] as one of the national
security threats.
The leakage of the personal records of operatives of the Nigerian secret agency in 2012
remains a remainder that cyber vulnerability and the risk of cybercrime is a clear and
present danger. The safety and security of the lives, livelihood and property of the
people is the primary responsibility of any government worthy of its name. Security of the
supposed guardians of the people directly affects the security of the nation and therefore
should not be left to chance.
The following aspects of national security and defence all bear some significance to
cybersecurity and cyber vulnerability. The risk of cyberattacks in this sector is real and
some compromises are too costly to make. It is urgent and important to secure criminal
records held in police stations, courts and prisons, personal details of security and
intelligence operatives including: the National Intelligence Agency, State Security
Services, Criminal Investigations Departments, Directorate of Military Intelligence.
Critical national information infrastructure, online and offline records of armament and
defence equipment procurement, stockpiles and arms management databases,
72
communication satellite systems, airports, seaports and border security posts, missile
defence systems, pension funds and mutual unions are all potential honeypot to hackers.
Other critical infrastructure which may be cyber-enabled and therefore have a potential
to be cyber-disrupted include oil and gas installations, national power grid, aircraft and air
control towers.
Digitization of defence and security systems, services, processes and records not only
promote transparency and accountability but also enable information sharing and
cooperation between the armed forces and security services of a state and across states.
Information sharing and cooperation in cybersecurity measures are key in efforts by law
enforcement agencies to counter new and emerging threats to security including
terrorism, radicalization and violent extremism, trafficking in persons, smuggling of
goods and other forms of transnational organized crime. These efforts need to be
protected against cyberattacks and breaches.
9. Scorecard: Nigeria's Cyber Vulnerability

The ability to prevent, deter, detect, trace, disable, and counter cyberattacks and data
privacy breaches require enormous technical capacity and expertise by individuals,
groups, corporations, institutions and governments. Many organizations' ability to adapt
and respond to dynamic cyber risks have been impacted by underinvestment and poor
information management in certain areas. Enabling laws, guidelines and regulations also
play a key role in laying the foundation for action. Our ability to protect ourselves and to
resist exploitation of our vulnerability is ultimately dependent on our awareness of
potential risks, threats, vulnerabilities, and information on what to do about them.
There are two ways to look at vulnerability assessment. First, micro indices of the
vulnerability of a computer system, device or infrastructure to cyberattacks and data
privacy breaches may be assessed by using the vulnerability rating table and
vulnerability rating key discussed above. Secondly, cyber vulnerability may be looked at
from the macro perspective of the capacity of a state or non-state entity and indeed of a
country in cybersecurity and data protection. Capacity (security) counterbalances
vulnerability and may be weighed against risk and likely impact.
73
FUTURE GOVERNANCE
Figure 3. Elements of vulnerability assessment. Source: Author
Risk x Threat x Impact

Vulnerability = ------------------------
Capacity
There are three elements of capacity assessment referred to as the three-As (3-As).
Ü Authority
Adequacy of existing legal and regulatory regime for protection and combating of
cyberattacks and data privacy breaches in terms of breadth and depth. For Nigeria, gaps
still exist in terms of the scope (breadth) and extent (depth) of our legal regime on
cybersecurity and data protection and a coherent, comprehensive legislation is needed
in both cases.
Ü Ability
Availability and deployment of necessary technical capacity and expertise, material
resources, finance, information and other tangible and intangible assets for protection
and combating of cyberattacks and data privacy breaches. Technical capacity and
expertise are often lacking in both state and non-state entities. Long term investments in
acquisition and upgrading of technical capacity is essential to reducing vulnerability and
improving cybersecurity and data privacy.
Ü Attitude
Adequate information and sensitization on risk factors and potential threats, basic
cybersecurity measures, and what to do in case of cyberattack or data privacy breach.
Attitude also includes willingness to take action in applying and enforcing existing laws
and regulations, and proactive decision making and deploying resources for protection
and combating of cyberattacks and data privacy breaches.
Based on the findings of this study, the following formula is applied to make deduction
regarding the vulnerability of Nigeria to cyberattacks and data privacy breaches:
Figure 4. Nigeria's vulnerability rating. Source: Author
HIGH Risk x HIGH Threat x HIGH Impact

Nigeria’s Vulnerability = ----------------------------
Low Capacity
74
A combined reading of the above factors shows that Nigeria is HIGHLY vulnerable to
cyberattacks due to the fact that its high risk and high impact are undergirded by low
capacity to secure her cyberspace. As summed up by Segun Olugbile, an expert in
Cybersecurity, Internet Governance and Open Data and member of the Steering
Committee of the Nigerian Internet Governance Forum:
“Our country's cyber landscape is electronically porous, structurally

uncoordinated, unprepared and exposed! On the internet, either online or offline,
we are like a structurally exposed glass house with weakened frameworks, and
porous windows and doors with gullible occupants operating within a highly
vulnerable environment”.
10. Conclusion
This study examines Nigeria's cyber vulnerability and the adequacy of the country's legal
regime for cybersecurity and data protection. Given that developments in the ICT sector
outpace developments of the law, the breadth and depth of existing legal and regulatory
framework on cybersecurity and data protection in Nigeria can enable action but is not
adequate in the face of the high vulnerability of the country. Moreover, legislation by itself
cannot guarantee compliance and enforcement. Extra-legal measures should focus on
sensitization, improving compliance, as well as strengthening the ability to deal with
cyberattacks, and proactive attitude of MDAs entrusted with implementation and
enforcement.
Concerted effort is needed on the part of individuals and corporate bodies to report
cyberattacks and demand that government and stakeholders reinforce technologies to
reinforce cybersecurity and data protection. Internet service providers operating in the
country should also be mandated to report suspicious traffic going through their
networks. Since cyberattacks are a global problem, there is also the need for law
enforcement agents in Nigeria to collaborate in information sharing, infrastructure and
personnel exchanges with other states and international security agencies such as the
INTERPOL to crackdown on cyber criminals.
75
FUTURE GOVERNANCE
Box 2
Recommendations and Suggestions for Action
A study by the Department of New Media and Information Security of the NCC
titled Effects of Cybercrime on Foreign Direct Investment and National
Development, endorses suggestions for action and recommendations for
consideration in future reviews of the National Cybersecurity Policy and the
National Cybersecurity Strategy as follows.
a. The government should pursue aggressive public sensitization against

cybercrime using the mass media and the promotion of personal
cyberspace security should be incorporated in the primary, secondary and
tertiary education curriculum;
b. Individuals need to observe simple personal safety rules such as the use of
antivirus on their systems against malware, and not disclosing to strangers
personal effects and banking details such as credit card pins, bank account
numbers, e-mail codes;
c. Government and private sector should provide jobs for young graduates,
and where jobs are not readily available, vocational skills and
entrepreneurial development programmes should be developed to
reduce the number of youths getting involved in cybercrime;
d. Establishment of programs and IT Forums for the youth: Since the level of
unemployment in the country has contributed significantly to the spate of
e-crime in Nigeria, the government should create employments for these
youths and set up IT laboratories/forum where these youths could come
together and display their skills;
e. [Overtaken by legal development] In order to effectively curb the rate of

cybercrime, the government needs to enact enforceable laws to punish
offenders;
f. Address Verification System (AVS) checks could be used to ensure that the
address entered on an order form (for people that receive orders from
countries like United States) matches the address where the cardholder's
billing statements are mailed;
g. Software that could track the IP address of orders could be designed. This
software could then be used to check that the IP address of an order is from
the same country included in the billing and shipping addresses in the
orders;
76
h. There is need for the government to train special cybersecurity experts

while aiding the existing law enforcement agencies, intelligence agencies
and security agencies to understand both the nature of technology and the
individuals involved in cybercrime;
i. The use of cryptography needs to be encouraged to ensure data security;
j. Computer networks should be protected from access by unauthorized

persons using access control systems such as firewalls.
11. Smart Recommendations

While the above recommendations are all relevant and useful, suggestions to
stakeholders need to be smart, strategic and actionable to have any hope of preventing,
deterring, countering and overtaking the rising wave of cybercrime and data privacy
breaches. The following strategic recommendations are based on global best practice
and grounded on local needs and peculiarity, and are made to fill gaps exposed by this
study.
11.1 Cyber independence
Nigeria's ICT policy should include a national vision for the next 10-20 years which
integrates measures to promote cyber independence, local content, local capacity,
competitiveness and comparative advantage. The aggressive pursuit of ICT capacity
development as the emerging frontier of global power politics and influence is not
optional. Nigeria—nay, Africa with an estimated population of around 1.3 billion
people—is a large and growing market and a heavy consumer of ICT including computer
hardware and software. In this sector, the flow of ideas, products, services and
finance—and as a consequence the flow of power and influence—is mostly
unidirectional. It is therefore no surprise that external support remains significant in ICT.
Despite good intentions, foreign governments, ICT firms, businesses and social
enterprise support our indigenous governments, ICT firms, businesses and social
enterprises in a way that will sustain the unidirectional flow of ideas, products, services
and finance for a long time. For instance, although there are some indigenous mobile
phone companies and apps developers registered in African countries, discounting raw
materials, almost 100% of mobile phone hardware and software for the African market are
made outside Africa. The trend remains the same for cybersecurity: most support and
77
FUTURE GOVERNANCE
initiatives originate from the European Union, China and the United States. It is therefore
of utmost importance to develop Nigeria's ICT policy and legal regimes with an eye to
cyber independence.
11.2 Connected internet governance
The African Union Commission, Regional Economic Communities in Africa, African

countries, the private sector and civil society actors should better connect and integrate
efforts in promoting internet governance. Significant policy and practical efforts have
gone into promoting internet governance at the national, regional and continental levels.
As with most transnational concerns, it is important to connect and integrate such effort
where possible and to align them towards a common vision and common strategy so as
to avoid a muddle of policies and conflict of laws. African Heads of State and Government
adopted the African Union Convention on Cyber Security and Data Protection in 2014.
Further in May 2018, the AU Commission, jointly with the Internet Society, issued the
Personal Data Protection Guidelines for Africa. Both ECOWAS and Nigeria also have data
protection guidelines which are similar those of the AU but have significant points of
departure. Other relevant bodies in this space include the African Internet Governance
Forum, the West African Internet Governance Forum, the Nigerian Internet Governance
Forum, the African School of Internet Governance and the West African School of Internet
Governance. With respect to cybersecurity and personal data protection. Despite these
efforts, internet governance remains an area of shifting boundaries and imprecise
content. Also, most of the efforts remain more or less disparate threads of endeavor
which may inadvertently start to compete for “turf”.
11.3 Comprehensive national measures
Beyond criminal law and law enforcement, relevant MDAs, law enforcement agencies,
ICT firms and private sector stakeholders should endorse a cybersecurity and data
protection policy and should adopt cyber risk management strategies— including early
warning and early response mechanisms in case of cyberattacks. They should also
favour practices with broad and inclusive focus to address the clear and present danger
as well as emerging challenges and threats in cybersecurity and data protection. The
expanded focus of response should include requirements for the secure functioning of a
cyber-economy, optimizing e-business confidence and personal privacy, as well as
strategies to promote and protect the innovation, wealth-creating potential and
opportunities of the ICT sector.
78
11.4 Review of legal regime
The National Assembly of Nigeria, with the advice of relevant agencies including the
NCC, NITDA, CBN, the Economic and Financial Crimes Commission (EFCC), the Nigerian
Police Force and Office of the National Security Adviser, should introduce and enact
comprehensive binding legislation on data privacy, data protection and cybersecurity so
as to engender clarity and certainty on the subject and to ensure that breaches are
criminalized in appropriate cases and adequately sanctioned or punished in a consistent
manner. With respect to common law crimes committed through the use of new
technologies, criminal codes should be updated by abolishing provisions that are no
longer adequate, such as provisions unable to address destruction, misuse or theft of
intangibles, and by making provisions for new crimes, such as unauthorized access to
computers or computer networks.
11.5 Law enforcement
Law enforcement agencies including the police, the EFCC and the Ministry of Justice
should strengthen their capacity to investigate and prosecute cybercrime and data
privacy breaches. Regulatory agencies such as the NCC, NITDA, CBN and Consumer
Protection Council should also strengthen their capacity to enforce relevant codes,
guidelines and regulations in making the Nigerian cyberspace more secure and less
vulnerable. In addition to personal measures that individuals and families should take to
safeguard their cyber existence, makers of mobile devices, app developers, ICT firms,
banks, internet service providers and other interests have a fiduciary and social
responsibility to users of their products and services and should be held culpable in cases
of abuse or unauthorized use of personal data.
11.6 International security cooperation and information sharing
Since cyberattacks and data privacy breaches do not respect national boundaries,
international security cooperation and information sharing is essential in preventing and
combating the twin threat. Digitization of crime data, criminal records and defence and
security services will promote transparency, accountability and enable real-time
information sharing among security services of various states. The Nigerian Police Force
and relevant security services should strengthen regional cooperation for information
sharing through the WAPIS, WAPCCO and working together with National Central
Bureaus of ECOWAS Member States to aid crime prevention, detection, investigation,
prosecution and punishment across national borders.
79
FUTURE GOVERNANCE
11.7 Extradition and mutual assistance in criminal matters
The National Assembly of Nigeria should review the Extradition Act which was enacted in
1966 to bring it in tune with the 1999 Constitution and with current realities. Under the Act,
the Magistrates Court is vested with jurisdiction over extradition matters. However,
Section 251(1)(i) of the 1999 Constitution provides that the Federal High Court has
exclusive jurisdiction over extradition. The Guidelines for Authorities Outside of the
Federal Republic of Nigeria also vests jurisdiction in the Federal High Court. This
statutory lacuna may make significant difference in efficient and effective prosecution for
cybercrime and data privacy breaches. As a Member State of ECOWAS, Nigeria benefits
of the ECOWAS Convention on Mutual Assistance in Criminal Matters 1992 and the
Convention on Extradition 1994. Beyond the ECOWAS region, it is also necessary for the
country to enter into similar bilateral and multilateral agreements with other countries so
as to strengthen the web in combating cybercrime and other related transnational
organized crime.
11.8 Sensitization and capacity building
Relevant MDAs, the private sector and non-governmental organizations should work
together to bridge the digital divide by raising public awareness about the risks of
cyberattacks and data privacy breaches. The National Judicial Council and the Ministry of
Justice should introduce appropriate measures and to enhance the capacity of criminal
justice professionals, including law enforcement personnel, prosecutors and judges in
this emerging area. Institutions of learning including the National Universities
Commission, faculties of law in Nigerian universities, National Institute for Advanced
Legal Studies, the Council on Legal Education, and the National Judicial Institute should
develop and integrate comprehensive curricula on cybersecurity, data protection and
related issues.
11.9 Support to indigenous research and development
As stated above, Nigeria is a heavy consumer of ICT products, services and new
technology and is billed to remain so if no significant investments are made in the sector.
The benefits of such investment for the long term cannot be overemphasized. NITDA, in
conjunction with the private sector and think tanks, should support the establishment of
cybersecurity labs, institutes, and centres of excellence in Nigerian universities.
Concerted and coordinated efforts should be made to establish a pool fund (in addition to
the national budget) to facilitate practical research and curb many types of emerging
80
cyberattacks and cybercrime. It is also important to ensure that the results of technical
research be made widely available and presented in useful and usable formats to enable
less technical regulators, policy makers, practitioners and other stakeholders interpret
and actually make use of it.
81
FUTURE GOVERNANCE
REFERENCES
3T Solutions Consulting. West Africa Cybersecurity Indexing and Readiness
Assessment: A regional report on Cybersecurity ranking, readiness,
vulnerabilities and mitigating measures to improve awareness. Lagos: 3T
Solutions Consulting, 2017.
African Academic Network on Internet Policy. Building and Evidence Base and a Multi-
stakeholder Action Base for Personal Data Protection in Nigeria. Ibadan:
AANoIP, 2017. https://aanoip.org/wp-content/uploads/2018/04/Data-Protection-
AANOIP-REPORT.pdf
Babate, Alhaji Idi. “State of Cyber Security: Emerging Threats Landscape,” International
Journal of Advanced Research in Computer Science & Technology 3, no. 1
(2015): 113-119.
Baken, Denise. “Cyber Warfare and Nigeria's Vulnerability,” E-International Relations.

New York: International Relations, 2013. http://www.e-ir.info/2013/11/03/cyber-
warfare-and-nigerias-vulnerability/.
BBC. Nigeria SSS spy details leaked, 31 August 2012. http://www.bbc.com/news/world-

africa-19439590.
Bernholz, Lucy, et. al. Good Fences: The Importance of Institutional Boundaries in the
New Social Economy, Project on Philanthropy, Policy and Technology. Stanford:
Stanford PACS, 2013. https://pacscenter.stanford.edu/publication/good-fences/.
Boniface K. Alese, et. al., “Analysing Issues of Cyber Threats in Nigeria,” Proceedings
of the World Congress on Engineering 1 (2014): 4-5. 02-04 July 2014, London,
UK.
https://pdfs.semanticscholar.org/a060/99e8a545c94ac1e052b7b0e375b5822e
40bf.pdf.
Botha, Anneli, ed. ECOWAS Counterterrorism Training Manual Books 1 and 2. Pretoria:
Institute for Security Studies, 2012.
Chijioke, Collins Obioma. “Admissibility of Electronic and Computer Generated

Evidence in Nigeria: Issues and Responses,” International Journal of Advanced
Scientific Research 2, no. 1 (2017): 58-79.
Computer Security Resource Centre. NIST Glossary of Information Security Terms.

https://csrc.nist.gov/glossary.
82
Demadiur Systems Limited and Serianu Ltd. Nigeria Cyber Security Report 2016.
Lagos: 2016.
http://www.serianu.com/downloads/NigeriaCyberSecurityReport2016.pdf.
Fischer, Eric. Federal Laws Relating to Cybersecurity: Overview of Major Issues,

Current Laws, and Proposed Legislation, Congressional Research Service
Report, 12 December 2014. https://fas.org/sgp/crs/natsec/R42114.pdf
Gercke, Marco. Understanding Cybercrime: Phenomena, Challenges and Legal

Response. York: ITU, 2012. http://www.itu.int/ITU-
D/cyb/cybersecurity/docs/Cybercrime%20legislation%20EV6.pdf.
Halder, D., and Jaishankar, K. Cybercrime and the Victimization of Women: Laws,
Rights, and Regulations. Hershey, PA, USA: IGI Global, 2011.
KPMG. Building Cyber Security and Resilience in a Digital Africa. Lagos: May 2017.
https://home.kpmg.com/content/dam/kpmg/zm/pdf/2017/07/Building%20Cyber
%20Security%20&%20Resilience%20in%20a%20Digital%20Africa-
%20FINAL.pdf.
National Identity Management Commission. Privacy Impact Assessment Report:

Executive Summary. https://www.nimc.gov.ng/docs/pia_report.pdf
National Institute of Standards and Technology. Glossary of Information Security

Terms. January 2017. https://csrc.nist.gov/glossary.
Nigerian Communications Commission. Final Report: Effects of Cybercrime on Foreign

Direct Investment and National Development, 2016.
https://www.ncc.gov.ng/documents/735-nmis-effects-cybercrime-foreign-direct-
investment/file.
Nigerian Communications Commission. Stakeholder Information: Industry Statistics.

2018. https://www.ncc.gov.ng/stakeholder/statistics-reports/industry-overview.
OECD: Digital Government Strategies for Transforming Public Services in the Welfare
Areas: OECD Comparative Study. 2016. http://www.oecd.org/gov/digital-
government/Digital-Government-Strategies-Welfare-Service.pdf.
Olayemi, Odumesi John. “A socio-technological analysis of cybercrime and cyber

security in Nigeria,” International Journal of Sociology and Anthropology 6, no. 3
(2014): 116-125. http://www.academicjournals.org/journal/IJSA/article-full-text-
pdf/A79763043710.
Omolaye-Ajileye, Alaba. “Certificate of Authentication in Admissibility of Electronic

Evidence,” The Nation, 08 August 2016. http://thenationonlineng.net/certificate-
authentication-admissibility-electronic-evidence/.
83
FUTURE GOVERNANCE
Osho, Oluwafemi and Agada D. Onoja. “National Cyber Security Policy and Strategy of
Nigeria: A Qualitative Analysis,” International Journal of Cyber Criminology 9,
no. 1 (2015): 120-143.
Persily, Nathaniel. “Can Democracy Survive the Internet? The 2016 U.S. Election,”
Journal of Democracy 28, no. 2 (2017): 63-76.
RT. Cyberwar: Anonymous hack Nigerian government over “corruption, poverty and
theft”, 09 January 2016. https://www.rt.com/news/328382-cyberwar-
anonymous-hack-nigerian-government/.
SOPHOS and Centre for Internet Security. Threatsaurus: The A-Z of computer and
data security threats. Oxfordshire, UK: Sophos, 2013.
https://www.sophos.com/en-
Tamarkin, Eric. “The AU's cybercrime response: A positive start, but substantial
challenges ahead”, Institute for Security Studies Policy Brief, no. 73 (2015): 1-8.
https://issafrica.s3.amazonaws.com/site/uploads/PolBrief73_cybercrime.pdf
The Verge. Zuckerberg goes to Washington: all the updates on Facebook's reckoning
before Congress. 09 April 2018.
https://www.theverge.com/2018/4/9/17215758/facebook-zuckerberg-congress-
updates-analysis-livestream.
Ugwuanyi, Sylvester. “Nigeria loses $287 m annually to ICT piracy—Shittu.” Daily Post,
23 January 2016. http://dailypost.ng/2016/01/23/nigeria-loses-287m-annually-to-
ict-piracy-shittu/.
World Bank Group. Digital Dividends: World Development Report 2016. Washington,
D.C.: 2016.
http://documents.worldbank.org/curated/en/896971468194972881/pdf/102725-
PUB-Replacement-PUBLIC.pdf.
World Economic Forum. Recommendations for Public-Private Partnership against

Cybercrime. Geneva: WEF, 2017.
84
NOTES
¹ Information and data backing up this study has been collated from open sources and from five (5)
government agencies: National Bureau of Statistics (NBS), National e-Government Strategy (NeGSt),
National Identity Management Commission (NIMC), Nigerian Communications Commission (NCC), and
National Information Technology Development Agency (NITDA).
² Denise Baken (2013), “Cyber Warfare and Nigeria's Vulnerability”, E-International Relations.
http://www.e-ir.info/2013/11/03/cyber-warfare-and-nigerias-vulnerability/
³ Latin for “no crime or punishment without a law”. It is a legal principle requiring that one cannot be
criminalized or punished for doing something that is not prohibited by law at the time of the commission
of the act.
⁴ Some used in this book include: Computer Security Resource Centre and National Institute of
Standards and Technology, Glossary of Information Security Terms, January 2017.
https://csrc.nist.gov/glossary; SOPHOS and Centre for Internet Security, Threatsaurus: The A-Z of
computer and data security threats. Oxfordshire, UK: Sophos, 2013. https://www.sophos.com/en-
⁵ Debarati Halder and Karuppannan Jaishankar (2011), Cyber Crime and the Victimization of Women:
Laws, Rights, and Regulations. Hershey, PA, USA: IGI Global.
⁶ Examples from the United States include: Cybersecurity Act 2010, Federal Cybersecurity
Enhancement Act 2015, and Cybersecurity Information Sharing Act 2015. See: Eric A. Fischer (2014),
Federal Laws Relating to Cybersecurity: Overview of Major Issues, Current Laws, and Proposed
Legislation, Congressional Research Service Report, 12 December 2014.
https://fas.org/sgp/crs/natsec/R42114.pdf
 [1990-1993] 5 NBLR p. 368 at 387.
⁸ The NITDA Act 2007 empowers NITDA to “develop guidelines for electronic data interchange and
other forms of electronic communication”. Section 1.2 of the NITDA Guidelines affirms that: “a breach of
the Guidelines shall be deemed to be a breach of the Act”.
⁹ Ngozi Aderibigbe (2017), Nigeria Has a Data Protection Regime, Jackson, Etti & Edu, 12 December
2017. http://www.jacksonettiandedu.com/nigeria-has-a-data-protection-
regime/?utm_source=Mondaq&utm_medium=syndication&utm_campaign=View-Original
 A draft Consumer Code of Practice Regulations 2018 is currently under consideration.
 Supplementary Protocol A1SP.1/06/06 amending the [ECOWAS] Revised Treaty, published in ECOWAS
Official Journal Vol. 49, pp. 21-27. June 2006. Emphases mine.
 European Commission, Law-making process: Applying EU law. https://ec.europa.eu/info/law/law-

making-process/applying-eu-law_en
85
FUTURE GOVERNANCE
¹³ Ibid.
¹⁴ Community Court of Justice—ECOWAS, Jurisdiction of the Community Court of Justice.

http://www.courtecowas.org/site2012/index.php?option=com_content&view=article&id=10&Itemid=10.
Also see: Article 3(1) of the 2005 Supplementary Protocol amending the 1991 Protocol Relating to the
Community Court of Justice, mutatis mutandis.
¹⁵ Anneli Botha, ed. (2012), ECOWAS Counterterrorism Training Manual Books 1 and 2, Pretoria: Institute
for Security Studies.
¹⁶ Ali Adoyi (2016), “Senate withdraws anti-social media bill”, Daily Post, 17 May 2016.
http://dailypost.ng/2016/05/17/breaking-senate-withdraws-anti-social-media-bill/
¹⁷ The #NotTooYoungToRun Act (Constitution Alteration Act 2016) effectively altered Sections 65, 106,
131, 177 of the 1999 Constitution (as amended) to reduce the age qualification for the office of the
President from 40 years to 30 years; Governor 35 to 30, Senate 35 to 30, House of Representatives 30
to 25 and State House of Assembly 30 to 25. The Bill also seeks to mainstream independent candidacy
into Nigeria's electoral process. http://yiaga.org/nottooyoungtorun/wp-
content/uploads/2016/06/NotTooYoungToRun-Bill-HB.544-1.pdf
¹⁸ The Verge, Zuckerberg goes to Washington: all the updates on Facebook's reckoning before
Congress, 09 April 2018. https://www.theverge.com/2018/4/9/17215758/facebook-zuckerberg-congress-
updates-analysis-livestream
¹⁹ NCC (2018), Industry Statistics. https://www.ncc.gov.ng/stakeholder/statistics-reports/industry-

overview. Teledensity is calculated based on a national population of 140 million according to 2006 last
census figures.
²⁰ NCC (2016), Final Report: Effects of Cybercrime on Foreign Direct Investment and National
Development. https://www.ncc.gov.ng/documents/735-nmis-effects-cybercrime-foreign-direct-
investment/file
²¹ Sylvester Ugwuanyi (2016), Nigeria loses $287 m annually to ICT piracy—Shittu, Daily Post, 23 January
2016. http://dailypost.ng/2016/01/23/nigeria-loses-287m-annually-to-ict-piracy-shittu/
²² RT (2016), Cyberwar: Anonymous hack Nigerian government over “corruption, poverty and theft”, 09
January 2016. https://www.rt.com/news/328382-cyberwar-anonymous-hack-nigerian-government/.
²³ National e-Government Strategies, Vision, Mission & Objectives.

http://www.negst.com.ng/index.php/about-us/vision-mission-a-objectives
²⁴ United Nations (2018), United Nations E-Government Survey 2018, Forthcoming report.
https://publicadministration.un.org/en/research/un-e-government-surveys
²⁵ United Nations (2016), United Nations E-Government Survey 2016, p. 109.

http://workspace.unpan.org/sites/Internet/Documents/UNPAN97453.pdf
²⁶ BBC (2012), Nigeria SSS spy details leaked, 31 August 2012. http://www.bbc.com/news/world-africa-
19439590
86
²⁷ Segun Olugbile, Strategy for Addressing National e-Governance Risk. Presentation made at
cybersecurity conference organized by the National Communications Commission.
https://www.ncc.gov.ng/documents/230-strategy-for-addressing-national-e-governance-risk/file
²⁸ NCC (2016), Final Report: Effects of Cybercrime on Foreign Direct Investment and National
Development, pp. 95-96. https://www.ncc.gov.ng/documents/735-nmis-effects-cybercrime-foreign-
direct-investment/file
²⁹ Guided by the United Nations recommendations on fighting cybercrime, 13 May 2005.

http://www.crime-research.org/news/13.05.2005/1225/
³⁰ Chibueze Muobuikwu (2016), “Why Extradition Act needs amendment”, The Nation, 24 May 2016.
http://thenationonlineng.net/extradition-act-needs-amendment-2/
³¹ However, In Orhiunu v. FRN, it was held that in the light of Section 315 of the 1999 Constitution, the
Extradition Act, being an existing law shall have effect with such modifications as may be necessary to
bring it in conformity with the provisions of Section 251 of the Constitution.
87

Future Governance: The Internet, Vulnerability, Social Change, and State-Society Relationship in Nigeria

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Future Governance: The Internet, Vulnerability, Social Change, and State-Society Relationship in Nigeria

Uploaded by

Copyright:

Available Formats

© Okey Uzoechina, January 2019

Ofala Publishers Ltd., Abuja

Cover and Design layout: Samson Nnah

ISBN: 978 - 978 - 971 - 999 - 0

Okey Uzoechina is currently Programme Oﬃcer, Security Sector Reform at the

To my dearest Prof. 'Funmi Olonisakin—

Part I—The People's Manifesto: E-Governance and the Disruption

Part II— Cybersecurity and Data Protection: Legal Regimes,

Author Bio III

Part I—The People's Manifesto: E-Governance and the

The People's Manifesto

However, a potential pressure cooker is created by the fact that advancements in

People participation in governance through cyber platforms is inﬂuencing and will

2. Approach, Methodology and Objectives

Box 1: Key Questions: Justiﬁcation

Q: Why is political governance central to social change?

enable processes at all levels. It plays a role in increasing political awareness,

Q: Leveraging on ICT, which factors will combine to produce a generational shift in

A: The factors include demography youth attrition gender urban population

A: It is important for major stakeholders—including governments at all levels,

3. E-Government and e-Governance

Ü Government vs. Governance

Government refers to the action or manner of controlling or regulating an organization, a

Ü e-Government vs. e-Governance

Ü e-Government (ICT) vs. e-Government (state services)

E-Government is often touted as a legitimizing and “sexy” initiative by many governments

Ü Digitization (eﬃcient public services) vs. e-Governance (citizen participation)

migration, security, public procurement, biometrics, tracking systems, production, etc. E-

4. E-Governance Models 2.0

Ü Government to Citizens (G2C)

Ü Citizens to Government (C2G)

Ü Government to Business (G2B)

Ü Business to Government (B2G)

Ü Citizens to Business through Government (C2B-G)

Ü Government to Employees (G2E)

Ü Employees to Government (E2G)

Ü Government to Government (G2G)

5. ICT-enabled Dimensions of the Disruption

5.1 The past and the present

5.2 A likely future

5.3 Future governance

Adoption of online/mobile ballot will be the ultimate enactment of e-Governance in

6. Demographics and Social Dimensions of the Disruption

Ü Locus of decision making

Ü Locus of social learning

Figure 1. Demographic clusters (loci)

Figure 2. Projected demographic clusters (loci)

The likely scenarios are represented in the images below.

Figure 3. Population of Nigeria as at 2018: male and female. Source: PopulationPyramid.net

In Nigeria, women are disadvantaged compared to men in terms of levels of education,

6.4 Urban population

A high ratio of poor governance to ICT development is usually an indicator of potential

6.7 Social enterprise

Social enterprise goes beyond entrepreneurship or private business. It is

To represent the above demographics and shifting social dimensions in a snapshot,

Figure 5. Source: Author

Figure 6. Source: Author

7. Constitutional and Political Dimensions of the Disruption

7.1 Sovereignty and legitimacy

(2) It is hereby, accordingly, declared that:

this Constitution derives all its powers and authority;

(c) the participation by the people in their government shall be ensured in

accordance with the provisions of this Constitution.

7.2 Sovereign National Conference