NDPC (The Nigeria Data Protection Commission) has initiated an investigation into alleged data breaches involving prominent companies, including OPay, Meta, and DHL, stirring concerns about data privacy violations.
According to insider reports, the NDPC has summoned these three entities in response to complaints alleging infringements on the rights of data subjects.
Under the provisions of the Nigeria Data Protection Act, these companies are designated as data controllers and are obliged to adhere to specific legal safeguards while handling Nigerian citizens’ data.
If found guilty, each of these companies faces a potential penalty amounting to 2% of their gross revenue, by the stipulations of the Data Protection Act.
Read Also: The Path to Wealth: Signs You Might Not Be Ready
The Nature of the Complaints against OPay, Meta, and DHL
- Meta: Complaints against Meta revolve around behavioral advertising practices conducted without obtaining explicit consent from data subjects. Approximately 40 million Facebook accounts in Nigeria may have been affected by the ongoing data processing investigation. These allegations also have far-reaching implications for Nigeria’s digital economy.
- DHL: DHL is under investigation for purportedly violating the lawful basis and principles of data protection. According to a Civil Society Organization dedicated to safeguarding citizens’ privacy rights, DHL’s data processing practices fall short of the confidentiality standards prescribed in the Nigeria Data Protection Act. Section 24(2) of the Act emphasizes the requirement for data controllers and processors to employ suitable technical and organizational measures to ensure the confidentiality, integrity, and availability of personal data.
- OPay: OPay may face scrutiny regarding allegations that it opens bank accounts for data subjects without their consent. If substantiated, this would constitute a significant breach of data privacy rights for the affected individuals. It’s worth noting that OPay claims to have around 40 million data subjects. The Nigeria Data Protection Commission has already served each of these data controllers with a Notice of Investigation.
Dr. Vincent Olatunji, the National Commissioner, reiterated the paramount importance of safeguarding Nigeria’s data economy ecosystem during the Commission’s presentation of the Nigeria Data Protection Act in 2023. He also issued a stern warning to data controllers and processors, cautioning against any form of data processing not recognized under the Act. Violators of the Act could face penalties of up to 2% of their gross revenue from the preceding year.
Follow techkudi.com for more juicy content