The Nigeria Data Protection Commission (NDPC) has begun a sector-by-sector investigation of organisations suspected of violating provisions of the Nigeria Data Protection Act 2023.
Mr. Babatunde Bamigboye, Head of Legal, Enforcement and Regulations at the commission, said this in a statement in Abuja.
He explained that the probe was in line with NDPC’s mandate to safeguard the rights and freedoms of data subjects under the 1999 Constitution, while also strengthening Nigeria’s digital economy through responsible use of personal data.
According to him, the investigation will cover banks, insurance companies, pension managers, gaming firms, and insurance brokers.
The commission has already issued compliance notices, requiring the listed organisations to, within 21 days, submit evidence of filing compliance audit returns for 2024, appointment of a Data Protection Officer, and proof of registration as data controllers or processors of major importance.
They are also expected to provide details of their technical and organisational data protection measures.
Bamigboye warned that failure to comply could attract enforcement orders, administrative fines, or criminal prosecution as stipulated in the Act.
He added that the commission remains committed to ensuring accountability and trust in Nigeria’s data protection and privacy ecosystem.
(NAN)