FG Begins Probe Of Major Brands Over Allegations Of Data Breaches

An investigation has been launched by the Federal Government into the activities of some major brands like Meta, formerly known as Facebook, a haulage company, DHL, and online payment platform OPay for alleged data breaches.

There have been complaints against the three brands by Nigerians over the violation of data subjects’ rights. And if found liable, they would forfeit two per cent of their annual gross revenue to the government.

Naija News understands that the Nigeria Data Protection Commission (NDPC) has opened investigations into the data processing activities of the affected data controllers.

It was also learned that the Commission had served each of the data controllers with a Notice of Investigation, to give them ample opportunities to defend themselves against the law of the country.

According to The Nation, sources privy to the matter revealed that DHL is facing an investigation for allegedly violating the lawful basis and principles of data protection.

One of the sources told the platform that DHL’s data processing falls short of the confidentiality standard prescribed under the Nigeria Data Protection Act. The Act in section 24(2) (2) states that “A data controller and data processor shall use appropriate technical and organisational measures to ensure confidentiality, integrity, and availability of personal data.”

For Opay, the allegations are about how they open bank accounts for data subjects without their consent, which might likely amount to a grave violation of the data privacy rights of affected data subjects.

For Meta, it was gathered that the complaints were based on behavioural advertising without the explicit consent of data subjects.

Speculations are that approximately 40 million Facebook accounts in Nigeria might have been affected by the data processing under investigation.

Meanwhile, recently, it was learned that the National Commissioner of NDPC, Dr Vincent Olatunji, had warned, during the Commission’s presentation of the Nigeria Data Protection Act, 2023 to the public, that infractions would attract penalties in accordance with the letter and spirit of the law.

Olatunji said the commission would not hesitate in “safeguarding the integrity of Nigeria’s data economy ecosystem,” while warning data controllers and processors against all forms of data processing which are not in tandem with the Act,

He warned that the Chief Executive Officers of Ministries, Departments and Agencies of government would be held liable for infractions.