The Nigeria Data Protection Commission (NDPC) has disclosed that it has generated over ₦5.2 billion in revenue for the Federal Government and facilitated the creation of more than 23,000 jobs, underscoring the growing economic impact of Nigeria’s data protection ecosystem.
The National Commissioner and Chief Executive Officer of the NDPC, Dr. Vincent Olatunji, made the disclosure yesterday at a media workshop organised by the Commission in Lagos. He noted that although the NDPC is not established as a conventional revenue-generating agency, its regulatory activities have yielded significant financial and employment benefits for the country.
According to Olatunji, the ₦5.2 billion accrued to government coffers was generated through compliance-related revenues, while the total value of Nigeria’s data protection ecosystem has now exceeded ₦16.2 billion.
He revealed that the Commission has concluded 246 investigations into data protection and privacy breaches nationwide, a development he said reflects a deliberate shift toward a more aggressive, enforcement-driven regulatory posture under the Nigeria Data Protection Act, 2023.
Out of the concluded investigations, 11 have resulted in formal enforcement actions, including the imposition of substantial fines and remediation directives. Olatunji stressed that these actions demonstrate the NDPC’s readiness to apply significant penalties against violators, cutting across major corporations and financial institutions.
Among the high-profile cases cited was the July 2025 enforcement action against MultiChoice Nigeria, which attracted a ₦766.2 million fine. The sanction followed findings of intrusive, unfair, and disproportionate data processing practices, including unlawful cross-border transfers of subscribers’ personal data without adequate safeguards or consent.
Fidelity Bank was also penalised ₦555.8 million in 2024, with ongoing regulatory implications highlighted in subsequent reviews. The case involved the processing of personal data without informed consent, non-transparent use of cookies in banking applications, and the engagement of third-party processors that failed to meet data protection requirements.
Olatunji said these landmark sanctions, among others, contributed significantly to the ₦5.2 billion compliance revenue generated so far, while also serving as a deterrent against widespread non-compliance.
He added that the broader data protection ecosystem, now valued at over ₦16.2 billion, has created more than 23,000 jobs, reflecting strong economic ripple effects driven by firm regulatory enforcement.
Linking these achievements to Nigeria’s broader digital ambitions, Olatunji said accountability and trust are critical to the country’s aspiration of building a $1 trillion digital economy.
“Enforcement is the backbone of privacy protection. By concluding 246 investigations and applying meaningful consequences, we are not only protecting citizens but also creating the secure environment needed for innovation, foreign investment, and sustainable growth,” he said.
The enforcement drive has been supported by expanded compliance initiatives across the country. Olatunji disclosed that 38,677 Data Controllers and Processors of Major Importance have been registered, alongside 307 licensed Data Protection Compliance Organisations. In addition, over 8,155 Compliance Audit Returns have been filed.
He also highlighted key regulatory milestones, including the issuance of the General Application and Implementation Directive, which takes effect in September 2025, the translation of the Nigeria Data Protection Act into three major local languages, and the launch of a multi-sector compliance drive in August 2025. During the exercise, compliance notices were issued to 1,348 organisations across the banking, insurance, pension, and gaming sectors, with further enforcement actions planned for defaulters.
Looking ahead, the NDPC said its priorities for the year include intensifying enforcement of the Nigeria Data Protection Act, increasing public awareness on data protection and privacy, and taking decisive action against non-compliant organisations. The Commission also plans to provide clearer guidance and support to organisations on data protection best practices.
Other focus areas include capacity building and the certification of professionals through the National Data Protection Officer Certification programme, aimed at aligning Nigeria’s data protection practices with global standards.
With international recognition such as the Picasso Award for Best Data Protection Authority in Africa and active participation in global data governance forums, Olatunji said Nigeria’s data protection regime is increasingly regarded as credible and robust.
As emerging technologies accelerate data generation and cross-border data flows, the NDPC said its record of 246 resolved cases, billions of naira in compliance revenue, and decisive enforcement actions sends a clear message that privacy violations will attract strict consequences, while compliance remains the only sustainable path forward.
The Commission added that activities marking the National Privacy Week, scheduled for January 28 to February 4, will further build on this momentum through nationwide awareness campaigns and stakeholder engagements aimed at embedding a culture of ethical data stewardship across Nigeria.