The Nigeria Data Protection Commission (NDPC) announced that it is currently investigating 17 key data breach cases across various sectors, including finance, technology, education, government, logistics, and gaming. The Commission’s National Commissioner, Vincent Olatunji, revealed this in Abuja on January 28, 2024, during the Global Data Privacy Day.
Additionally, the NDPC reported receiving over 1,000 data breach reports at the event, hence the ongoing investigations. Out of the 1,000 reports, only 50 cases were confirmed after a comprehensive review by the commission, with 17 currently under investigation.
Olatunji mentioned that the remedial actions taken for completed cases have enabled the Commission to generate ₦400 million in revenue for the Nigerian government.
In June 2023, the NDPC had announced that it was investigating Zenith, Fidelity, and Guarantee Trust Banks, Babcock University, Leadway Insurance, and other entities for alleged data breaches.
Subsequently, in October 2023, the Commission revealed that it was investigating Opay, Meta, and DHL for alleged data breaches. These investigations show that many private and public institutions are falling short when it comes to data protection and privacy compliance.
The investigations being conducted emphasize Nigeria’s dedication to data protection and privacy, supported by a strong legal structure and strategic initiatives.
Additionally, the National Commissioner revealed that the number of Data Protection Compliance Organizations in the country has surged from 103 to 163 to enhance compliance, leading to an annual increase of up to 2,000 audit filings.
The Commission estimates the revenue from data protection compliance to be around ₦6.2 billion, pointing out that approximately 10,100 jobs have been created in the sector thus far.
Olatunji stated that Nigeria has joined international organizations, highlighting that the country’s efforts in the data protection ecosystem are gaining well-deserved global recognition.
It is also worthy of note that Nigeria has now been admitted to the Global Privacy Assembly, which is made up of about 130 countries. This is in addition to being an active member of the Network of African Data Protection Authorities (NADPA).
While emphasizing the need for extensive data privacy and protection awareness in the country, the Commission committed to releasing a comprehensive report on its progress and future plans.
The details of this report will be made public in the Nigeria Annual Data Protection Report, which will be available at the Annual Anniversary and Award Ceremony on Sunday, February 4, 2024.