Data Breach Alert: Nigeria Sets Strict Penalties to Safeguard Privacy
The Nigeria Data Protection Commission (NDPC) has announced plans to enforce the Nigeria Data Protection Act (NDPA) of 2023 more rigorously, including imposing substantial fines on data controllers and processors who violate data privacy regulations.
Dr. Vincent Olatunji, the National Commissioner/CEO of the NDPC, emphasized that while the Commission had not previously issued fines, it intends to implement “massive enforcement” and levy “heavy penalties” against violators moving forward.
This initiative aims to safeguard Nigerians’ data rights and ensure compliance with the NDPA. The NDPC has been actively engaging with stakeholders across both public and private sectors to promote awareness and adherence to data protection standards.
Additionally, the Commission plans to enhance job opportunities in the data protection field by launching trained and certified professionals into the job market, enabling them to work with data controllers and processors.
In recent enforcement actions, the NDPC fined Fidelity Bank N555.8 million for breaches of the NDPA during a customer’s account opening process.
The investigation revealed that the bank collected personal data without proper consent, leading to the largest fine imposed by the NDPC to date.
Furthermore, the NDPC has generated over N400 million through its compliance and remedial actions, reflecting its commitment to upholding data protection laws in Nigeria.