The Nigeria Data Protection Commission has said that investigations are presently being conducted into over a thousand financial institutions, educational institutions, insurance providers, and consulting firms for varying degrees of citizen data breaches.
This was disclosed by the National Commissioner of the commission Vincent Olatunji, in his address to press men to mark the first anniversary of President Bola Tinubu’s signing into law of the Nigeria Data Protection Commission Act in Abuja.on Tuesday, according to The Punch.
Olatunji stated that four large banks and three other organizations had been sanctioned and fined N400 million for violations involving breaches of people’s data.
Tinubu in June last year approved the data protection bill to promote fundamental freedoms and privacy rights in both digital and analog commerce.
In addition to requiring that citizen data be “processed in a fair, lawful, and accountable manner,” the law gives Nigerians the right to file complaints about any data breaches.
Olatunji stressed that the value of the country’s data ecosystem had crossed 10 billion naira.
He emphasized the Commission’s commitment to protecting it in line with international best standards and practices to ensure the safety, security, and protection of citizen data.
He said, “Cumulatively, we have had over 1,000 reports of data breaches between when we started and now. The figure is low because of the low level of awareness among Nigerians.
“Out of the 1,000 cases, about 400 of them are digital revenue companies that we call loan sharks, but the main ones we have conducted investigations in the education sector, financial institutions, real estate, insurance, consulting, and schools, and as of today, we have finalised four major investigations, and some have paid their remediation fees. In the law, we can fine companies depending on the nature of the breach, impact on the subject, and level of cooperation, and we got N400m from remediation fees.”
He further said that investigations into data violations are still being carried out.
Olatunji also emphasized how the Nigeria Data Protection Act is now more frequently followed in both the public and private sectors as a result of the NDPC’s efforts.
“When we started, the levels of compliance within the private sector was about 49 per cent while the public sector was 4 per cent. But today, private sector compliance is above 55, while the public sector has reached 15 per cent,” he added.
