The Nigeria Data Protection Commission NDPC says its growing enforcement activities have helped create more than 23,000 jobs while strengthening Nigeria’s digital economy, as the broader data protection ecosystem now exceeds N16.2 billion in value.
The Commission has also concluded 246 investigations into data protection and privacy breaches, generating over N5.2 billion in compliance revenue, further cementing its reputation as a formidable regulator in the digital space.
The national commissioner and chief executive officer of the NDPC, Vincent Olatunji, disclosed this on Thursday in Lagos at a media workshop organised by the Commission.
According to the NDPC, the results reflect a deliberate shift toward aggressive, enforcement-driven oversight under the Nigeria Data Protection Act, 2023. The 246 concluded probes directly led to 11 enforcement actions, including significant fines and remediation directives, showing that the regulator is prepared to impose substantial penalties on violators, ranging from major corporations to financial institutions.
Several high-profile cases were cited to underline the Commission’s resolve. In July 2025, MultiChoice Nigeria was fined N766.2 million for intrusive, unfair, and disproportionate data practices, including unlawful cross-border transfers of subscriber personal information without adequate safeguards or consent.
Fidelity Bank also faced a N555.8 million penalty in 2024, with ongoing implications noted in recent reviews. The bank was found to have processed personal data without informed consent, used cookies in a non-transparent manner on its banking applications, and engaged third-party processors that failed to meet compliance requirements.
The NDPC said these landmark sanctions, among others, contributed to the N5.2 billion compliance revenue stream, which it said supports government finances while discouraging widespread non-compliance.
Olatunji linked the enforcement gains to Nigeria’s wider digital ambitions, stating that trust built through accountability is essential for the country’s push toward a $1 trillion digital economy.
“Enforcement is the backbone of privacy protection. By concluding 246 investigations and applying meaningful consequences, we are not only protecting citizens but also creating the secure environment needed for innovation, foreign investment, and sustainable growth,” he said.
The Commission reported expanded compliance efforts, including the registration of 38,677 Data Controllers and Processors of Major Importance, the licensing of 307 Data Protection Compliance Organisations, and the filing of more than 8,155 Compliance Audit Returns.
It also issued the General Application and Implementation Directive, which becomes effective in September 2025, translated the Act into three major languages, and launched a multi-sector compliance drive in August 2025. During the exercise, compliance notices were sent to 1,348 entities across banking, insurance, pension, and gaming, with further actions promised for defaulters.
Looking ahead to 2026, the NDPC said it will intensify enforcement against non-compliant organisations while expanding awareness, professional certification through the National DPO programme, and guidance on best practices.
The Commission said international recognition, including the Picasso Award for Best DPA in Africa and participation in global forums, has boosted confidence in Nigeria’s data protection regime.
It added that activities planned for National Privacy Week, scheduled for January 28 to February 4, will include nationwide campaigns and stakeholder engagements aimed at strengthening ethical data stewardship across the country.
