NITDA Probes 17 Firms Over Breach Of Customers’ Private Data
TECHDIGEST – The National Information Technology Development Agency engaged in 17 data breach investigations and issued N15m fines in 2021, a new report has revealed.
This was disclosed in the Nigeria Data Protection Regulation Performance Report 2020-2021, which was launched by the Minister of Communications and Digital Economy, Prof Isa Pantami, last week.
The report further disclosed that seven investigations were concluded and sanctions were imposed on three entities.
It was also disclosed that the number of ongoing investigations on alleged data breaches rose from 15 in 2020 to 17 in 2021, while the number of investigations concluded rose from one in 2020 to seven in 2021.
In addition, the amount of fines issued rose from N1m in 2020 to 15m in 2021.
The report further disclosed NITDA that was partnering with key stakeholders to ascertain appropriate sanctions for different kinds of violations of the Nigeria Data Protection Regulation.
Read Also:
It read in part, “NITDA is partnering with stakeholders to determine administrative sanctions for identified categories of the NDPR breaches. This would provide clarity and predictability to the NDPR enforcement efforts and serve as a good foundation for any future data protection law.”
Earlier this month, The Director General of the National Information Technology Development Agency (NITDA), Kashifu Inuwa Abdullahi revealed that as part of the NITDA’s 2021 vision, the Agency is poised to develop a toolkit for sector stakeholder to agree on a single, workable template for data privacy compliance in their sector, standardize NIDPR courses trainings in order to develop a multi-billion naira sector that would create thousands of jobs for trainers, content providers and other professionals, rejig enforcement mechanism for data protection compliance as it has become a pivot for the continued growth of the digital economy, among other plans.
In March 2021, NITDA ordered a data controller, Electronic Settlement Limited, to pay the sum of N5m as a fine for certain breaches on personal data entrusted to the company.
In August 2021, NITDA imposed a sanction of N10m on an online lending platform, Soko Lending Company Limited, for data privacy invasion.
In November 2021, NITDA partnered with the Federal Competition and Consumer Protection Commission to address the increasing rates of data privacy abuse by money lending organisations, particularly fintech firms.