The Federal Government has fined Fidelity Bank Plc N555,800,000 over alleged data breaches.
The National Commissioner of the Nigeria Data Protection Commission (NDPC), Dr Vincent Olatunji, disclosed this at the Nigeria Data Protection (NDP) Act General Application and Implementation Directive (GAID) validation workshop in Abuja on Wednesday, August 21, 2024.
Olatunji recalled that President Bola Tinubu signed the NDP Act into law on June 12, 2023, thereby empowering the NDPC to enforce compliance of data protection on organisations by way of fines and other means.
He said the commission commenced an investigation into Fidelity Bank in April 2023 and, upon conclusion, found that it defaulted.
He said: “The penalty is huge if you don’t comply; penalties can range from N10 million to even up to two per cent of the organisation’s annual gross income for the previous year.
“Most of the breaches we have treated, we look at the level of the breach, the impact, the number of data subjects affected and the level of cooperation that is involved.
Hardship: Fidelity Bank donates 3,000 food packs to Zamfara community
“Since we started, the only time we issued a major penalty was yesterday (Tuesday) on Fidelity Bank; a fine of N555,800,000 after we observed some breaches.
“We have been working with them since April 2023 on the investigation and by the time we finalised, we decided to issue a full penalty on them, which is about 0.1 per cent of the gross earnings for 2023.”
Olatunji stated that the NDPC was engaging with stakeholders across board and collating their input which would form the final guide document.
He recalled that a similar workshop was held in Lagos on June 19 for about 70 per cent of data protection organisations in the private sector.
Olatunji further stated that the NDPC would deploy a public-private partnership model to ensure compliance with data protection.
He added: “We have licenced about 194 professionals on data protection.
“The licenced data protection professionals go round organisations and take them through compliance in terms of crafting their privacy policy.
“They help in creating awareness within the organisations, letting them know their obligations under the law and carrying out data protection impact assessments.
“They train the staff, register them with us and submit their annual report to the NDPC; with this, we will know the level of compliance.”
- EPL: Salah nets brace as Liverpool beat Southampton to go 8 points clear - November 24, 2024
- Leicester City sack coach Steve Cooper after 5 months in charge - November 24, 2024
- Okpebholo sets up panel to probe Obaseki’s administration - November 24, 2024
