By 
The Nigeria Data Protection Commission (NDPC) has announced that over 1,000 financial institutions, schools, insurance companies, and consultancy firms are currently under investigation for various data breaches affecting citizens.
During an interactive session with journalists in Abuja, marking the first anniversary of the Nigeria Data Protection Commission Act, the National Commissioner, Vincent Olatunji, disclosed that four major banks and three other institutions have been fined a total of N400 million for data breaches.
Olatunji highlighted that President Bola Tinubu signed the data protection bill into law on June 12, 2023. This legislation aims to enhance privacy rights and fundamental freedoms in both digital and analogue transactions, allowing Nigerians to seek redress for data breaches and ensuring that citizens’ data is processed fairly and lawfully.
Reflecting on the passage of the bill, Olatunji recalled, “A year ago, we were uncertain if the president would sign the bill. The bill had been passed by the ninth Assembly, and with a new government in place, there was concern it might be overlooked. However, on June 12, the president signed it, marking a significant milestone for data protection in Nigeria.”
Olatunji noted that the nation’s data ecosystem now exceeds N10 billion in value, a testament to the positive impact of the data protection law. The commission remains committed to safeguarding citizens’ data by adhering to global standards and best practices.
He stated, “We have received over 1,000 reports of data breaches since we began. This figure is low due to limited awareness among Nigerians. Out of these, about 400 cases involve digital revenue companies, commonly known as loan sharks. We have conducted thorough investigations in sectors such as education, finance, real estate, insurance, and consulting. To date, four major investigations have concluded, resulting in fines totalling N400 million.”
Olatunji added that ongoing investigations continue to address data infractions, and the activities of the NDPC have significantly increased compliance with the Nigeria Data Protection Act in both the private and public sectors. He noted, “Initially, private sector compliance was around 49%, while public sector compliance was at 4%. Today, private sector compliance has risen above 55%, and the public sector has reached 15%.”
The NDPC’s efforts have also placed Nigeria at the forefront of global data protection activities, impacting the national economy and attracting foreign direct investment. Olatunji announced that Nigeria will host the 2024 All African Data Protection Commissions and Institutions event, with about 30 countries expected to participate.
The commission plans to train 10,000 public servants in responsible data management and 1,000 data protection officers and processors, including journalists.
To address the issues posed by digital loan platforms, the NDPC collaborates with regulatory authorities like CBN, ICPC, and EFCC. Olatunji lamented that many illegal digital loan platforms operate without traceable addresses, often preying on vulnerable Nigerians due to lack of awareness. Efforts are ongoing to raise awareness and clamp down on these activities despite the challenges posed by Nigeria’s large population and vast landmass.
Comments