NDPC commissioner

The Nigeria Data Protection Commission (NDPC) has said that it is actively investigating 17 major cases of data breaches across various sectors, including finance, technology, education, consulting, government, logistics, and gaming/lottery.

The National Commissioner of the NDPC, Dr. Vincent Olatunji, disclosed this at the Global Data Privacy Day on Sunday in Abuja.

He added that the commission received over 1000 complaints of data breaches, which led to the investigations. Olatunji also said that the commission’s operations in the country have led to N400 million in revenue for the government.

Olatunji said:

“In the area of complaints and investigations, we have received over 1000 complaints, and after thorough review, 50 have been verified, and investigations are currently ongoing on 17 major cases covering several sectors such as Finance, Technology, Education, Consulting, Government, Logistics and Gaming\Lottery among others.
“Through remedial actions for completed cases, we have generated over 400 million Naira revenue for government.”
In June 2023, NDPC disclosed that Zenith, GTB, Fidelity, Leadway Insurance, Babcock University, and some companies were under investigation for alleged data breaches. By October 2023, the Commission said it was investigating Opay, Meta, and DHL for alleged data breaches. These investigations reflect Nigeria’s commitment to data protection and privacy, bolstered by a robust legislative framework and strategic initiatives.

The National Commissioner of NDPC also said that there has been an increase in the number of Data Protection Compliance Organisations from 103 to 163, which has led to an increase in annual audit filings.

He added that the total revenue expected from the sector is about N6.2 billion, and about 10,100 jobs have been created from this sector.

Olatunji said:

“In addition, to foster compliance, we have increased the number of Data Protection Compliance Organisations from 103 to 163. As a result of this, annual audit filings have increased to over 2000 per annum while cumulative revenue in the sector is estimated at 6.2 billion and approximately 10,100 jobs have been created so far.
“It is also worthy of note that Nigeria has now been admitted to the Global Privacy Assembly, which is made up of about 130 countries. This is in addition to being an active member of the Network of African Data Protection Authorities (NADPA). Membership in the organisations is a credence to our international recognition and the modest traction we have garnered in the data protection ecosystem in Nigeria.”
He stressed the need for proper awareness on data privacy and protection in the country.

Olatunji also said that a comprehensive outline of the commission’s progress and next steps will be made public though the Nigeria Annual Data Protection Report that will be released at the Annual Anniversary and Award Ceremony scheduled to hold on February 4, 2024.

The Minister of Communications, Innovation and Digital Economy, Bosun Tijani, stressed the need to look beyond fines and focus on more on awareness.

He added that the Data Privacy Week should be used to celebrate those companies that have been compliant and to create more awareness, noting that there is a knowledge gap that needs to be filled.

Bosun said, “The knowledge is lacking because there is no capacity and it is a new way of doing things and we need to consider behavioural change.”
The minister also said the Federal Government is on the verge of digitising all public services to harness the benefits of the digital economy and ensure adequate protection of the citizens’ data.