By Adedapo Adesanya

The Nigeria Data Protection Commission (NDPC) has disclosed that the country’s data protection ecosystem has grown to N16.2 billion within just two years of formal regulation.

The disclosure was made by the chief executive of the data regulating agency, Mr Vincent Olatunji, during a media workshop and capacity-building engagement held in Lagos recently.

He further said  the growth reflects rising enforcement, compliance activity, and increasing confidence in Nigeria’s digital governance framework, even though the NDPC was not designed as a revenue-generating agency.

Mr Olatunji explained that regulatory compliance fees and enforcement actions under the Nigeria Data Protection Act (NDPA), 2023, have created significant economic value while also contributing to government revenue and job creation across the country, noting that regulatory fees and sanctions after investigations have contributed over N16.2 billion to federal revenue while supporting an estimated 23,000 jobs nationwide.

“These investigations have resulted in 11 major enforcement actions, including significant financial penalties and corrective directives.”

“The message is clear: violations of data privacy will attract serious consequences, regardless of the size or status of the organisation involved,” Mr Olatunji stated, adding that the commission has concluded 246 investigations into data protection and privacy breaches across multiple sectors, signalling that enforcement will remain central to Nigeria’s data governance strategy.

Business Post reports that NDPC has over the last two years carried some sanctions against some top companies including a N766.2 million fine on MultiChoice Nigeria in July 2025 as well as Fidelity Bank, which was fined N555.8 million in 2024 for processing personal data without informed consent.

The NDPC Commissioner linked the Commission’s enforcement milestones to Nigeria’s broader ambition of building a $1 trillion digital economy.

He stressed that accountability and trust are foundational to digital transformation and long-term investment.

“Privacy enforcement is the foundation of digital confidence. By holding violators accountable, we are safeguarding citizens while creating the secure environment required for innovation, investment and sustainable growth,” he said.

He said the Commission has significantly expanded compliance structures across the economy to support this objective, moving beyond sanctions to system-wide institutional strengthening.

The NDPC has registered 38,677 Data Controllers and Processors of Major Importance, licensed 307 Data Protection Compliance Organisations, and received more than 8,155 Compliance Audit Returns.

In addition, the Commission has issued the General Application and Implementation Directive, which takes effect from September 2025, translated the NDPA into three major Nigerian languages, and launched a multi-sector compliance sweep covering banking, insurance, pensions, and gaming, with 1,348 entities already served with compliance notices.

By Adedapo Adesanya

Nigeria will purchase to new communication satellites to boost Nigeria’s digital infrastructure as part of efforts to achieve President Bola Tinubu’s plan to grow the economy to $1 trillion.

The Minister of Communications and Digital Economy, Mr Bosun Tijani, disclosed this on Wednesday in Abuja at a press conference to mark Global Privacy Day 2026, organised by the Nigerian Data Protection Commission (NPDC).

Mr Tijani said the approval marked a significant shift in Nigeria’s digital strategy, noting that the country currently stands out in West Africa for lacking active communication satellites, a gap the new assets are expected to address.

“As you know, Mr President has been very clear about his ambition to build a $1 trillion economy, and digital technology is central to achieving that vision,” adding that, “The President has now approved that we should procure two new satellites. Nigeria today is the only country in West Africa with non-communication satellites. And we have been given the go-ahead to procure two new ones, ensuring that we can use that satellite to connect.”

He also said progress had been made on the Federal Government’s flagship 90,000-kilometre fibre optic backbone project, which is aimed at expanding broadband access across the country. According to the minister, about 60 per cent of the fibre project has been completed, while funding for the remaining work has already been secured.

“The 90,000 kilometres fibre optic project is not a dream. About 60 per cent of the work has already been completed, and the funding for the project is secure. As we bring more Nigerians online, connectivity without protection is incomplete. Privacy is the foundation of trust, safety, and sustainability in the digital world.”

“The success of Nigeria’s digital economy will depend not just on infrastructure and talent, but on trust, and the NDPC remains central to building that trust,” the minister said.

Mr Tijani said the Tinubu administration was positioning digital technology as a key driver of inclusive growth, improved public service delivery, and long-term economic expansion, adding that investments were also being channelled into digital skills, rural connectivity, and institutional reforms.

He stressed that the expansion of connectivity must be matched with stronger data protection, especially as Nigeria’s young and digitally active population continues to grow.

Recall that Nigerian Communications Commission (NCC) recently granted licenses to three global internet service providers – Amazon’s Project Kuiper, BeetleSat-1, and and Germany-based Satelio IoT Services – as part of efforts to strengthen internet connectivity via satellite and to boost competition among existing internet service providers in the country.

By Dipo Olowookere

In 2026, there should be a surge in individual claims and constitutional privacy actions, a leading Data Protection Compliance Organisation (DPCO) in Nigeria, DataPro, has projected.

In a statement signed by its Head of Emerging Services, Ademikun Adeseyoju, the company noted that this means organisations must remain “litigation ready” by preserving processing records and strengthening internal controls.

In the disclosure to prepare for this year’s Privacy Week themed Privacy in the Age of Emerging Technologies: Trust, Ethics, and Innovation, it noted that 2026 would also be defined by board and executive ownership, as privacy will no longer be an IT-only concern but a standing governance issue requiring regular risk reports and dedicated budgets.

“DataPro anticipates intensity on sector-specific enforcement, with the NDPC (Nigeria Data Protection Commission) focusing on high-risk industries like fintech, healthcare, etc,” a part of the statement made available to Business Post on Wednesday said.

Giving a review of key milestones from the 2025 ecosystem, DataPro said the NDPC moved decisively into active enforcement, publicly naming non-compliant entities, particularly in the financial services sector.

It also said the year witnessed landmark court rulings, affirming that transparency in personal data handling is a constitutionally protected right, as courts awarded significant damages to data subjects for privacy breaches, signalling that organisational size no longer shields against accountability.

The firm noted that regulatory settlements with multinational technology firms have set a high bar for behavioural advertising and data processing standards in Nigeria.

In the cybersecurity landscape, the year under review experienced an unprecedented surge in cyber threats, as attackers shifted their focus from technical exploits to identity-driven campaigns, targeting valid credentials with high precision.

“This identity-centric threat environment has made robust access management a non-negotiable requirement for corporate resilience,” it stressed.

As for the 2026 Privacy Week, DataPro has lined up activities, with launch of the Privacy Pulse A year-in-review of Nigeria’s Data Protection Ecosystem on Thursday, January 29.

The next day, a webinar tagged Privacy Pulse to train attendees on the new mandatory bi-annual in-house audits and DPO certification requirements will hold and next Monday, there is an interactive quiz designed to test organizational response to identity-driven cyber campaigns.

A social media session answering complex privacy questions via concise 30-second videos is slated for Tuesday, February 3, and the next day, it is for a social media showcase where winners will be selected for their insights on building Trust, maintaining Ethics in AI, and fostering Innovation under the NDPA.