Nigerian privacy watchdog, Nigeria Data Protection Bureau (NDPB), may have imposed hefty fines on some ICT/telecom and financial institutions after investigations proved data breaches significant enough to raise concerns by regulatory authorities, persons familiar with the matter told IT Edge News.
RELATED: Wema Bank, Bet Naija face fines above N10M and hefty sanctions over privacy breaches
IT Edge News learnt the organisations have accepted the sanction procedures, agreed to pay the fines and pleaded for non-publicity of the matter fearing this could undermine their global standing as Nigeria’s privacy watchdog waddles through challenges of asserting its authority and raising awareness on the Nigeria Data Protection Regulation (NDPR).
The NDPB has been relatively active in enforcing the NDPR within the private sector. But new memos by the Secretary to the Government of the Federation, Mr. Boss Mustapha, and the Head of Service, Dr. Folasade Yemi-Esan, directing all federal ministries, departments and agencies (MDAs) to comply with the NDPR would allow the data ombudsman robust reign enforce the NDPR in the public sector.
Earlier this year, the regulator opened investigations into reports of breach of data privacy involving Wema Bank PLC and KC Gaming Networks (Bet Naija), two top actors in corporate Nigeria to signal its resolve to penalise breaches by major data controllers in Nigeria.
The NDPB investigated complaints by customers of Wema Bank alleging that their data had been used without their consent to open accounts via the ALAT app – the digital banking platform of the bank. Personal data of customers of Bet Naija were allegedly breached within their system but the firm failed to file notification even though the breaches were quickly addressed.