The news:
- According to the Nigeria Data Protection Commission (NDPC), seven companies — four banks and three companies — in Nigeria have paid ₦400 million for compromising Nigerians' data.
- Vincent Olatunji, the commission's National Commissioner and Chief Executive Officer (CEO), announced the development on Tuesday, June 11, 2024, during an interactive session with journalists in Abuja to commemorate the first anniversary of President Bola Tinubu signing the Nigeria Data Protection Commission Act into law.
Olatunji stated that the commission had completed over 1,000 investigations, including four major ones, across sectors such as education, financial institutions, real estate, schools, insurance companies, and consulting firms, for various data breaches since the Act was enacted in 2023.
He also said that about 400 of the cases involve digital lending companies.
“In the law, we can fine companies depending on the nature of the breach, impact on the subject, and level of cooperation, and we got ₦400 million from remediation fees.”
While the commission has received over 1,000 reports of data breaches since the Act was enacted, the NDPC believes the figure would have been much higher if the awareness level among Nigerians weren’t so low.
As the NDPC continues to make an effort to improve the Nigeria Data Protection Act 2023 compliance across both the private and public sectors, Olatunji urged all stakeholders to safeguard the data of citizens in line with global best practices.
“When we started, the levels of compliance within the private sector was about 49% while the public sector was 4%. But today, private sector compliance is above 55%, while the public sector has reached 15%,” the NDPC added.
In an earlier report, the NDPC stated it would penalise chief executives of government Ministries, Agencies, and Departments (MDAs) for any data breach that occurs under their watch.
In June 2023, NDPC revealed that Zenith, GTB, Fidelity, Leadway Insurance, Babcock University, and other companies were under investigation for alleged data breaches.
In January 2024, the Commission said it was looking into 17 priority data breach cases across various sectors, from finance, technology, and education to government, logistics, and gaming.
Let the best of tech news come to you
Give it a try, you can unsubscribe anytime. Privacy Policy.