CEM REPORT, ICT | Preparing for a leading role in advancing data protection and exploring the opportunities of the global digital economy, the Nigeria Data Protection Bureau (NDPB) has said that it is currently investigating over 110 companies in Nigeria over allegations of data breach.
The bureau says the companies being investigated include banks, telecom firms, gaming companies, and online lending companies.
According to the National Commissioner of the Bureau, Vincent Olatunji, the vulnerabilities in these sectors are high partly due to the capabilities of intrusive mobile apps they deploy in rendering their services.
’We are investigating over 110 data controllers and data processors for various degrees of data privacy and protection breaches. The most worrisome are those in the financial, telecom, gaming, and online lending industries.
“When you factor in the lack of due diligence on the part of data controllers in engaging data processors or vendors that have access to the personal data of customers, you find in some cases abuse and violation of the Nigeria Data Protection Regulation (NDPR) and section 37 of the 1999 Constitution.”
Olatunji while stating that the position of the government is that those who are into data would have nothing to fear but the consequences of their acts and omissions might constitute a civil or criminal liability.
He reassured Nigerians that every data controller and data processor within or outside Nigeria would be held accountable for any unlawful processing of personal data from their jurisdiction noting that the Nigeria Police Force is currently working with the bureau in this regard.
Additionally, Olatunji disclosed that the Bureau recently licensed additional 48 Data Protection Compliance Organisations (DPCOs), which increased the number of DPCOs to 138.
The NDPB was established in February 2022 by President Muhammadu Buhari as the nation’s data protection authority and to fully implement the provisions of the Nigeria Data Protection Regulation (NDPR) issued in 2019.