Nigeria Data Protection Bureau (NDPB) has commenced investigations into reports of breach of data privacy involving two major data controllers in Nigeria, namely, Wema Bank PLC and KC Gaming Networks (Bet Naija).
According to a statement issued yesterday by the Legal, Enforcement & Regulations Lead of the NDPB, Babatunde Bamigboye, the investigation is in line with Section 37 of the 1999 Constitution and the provisions of Nigeria Data Protection Regulation (NDPR) 2019 – particularly Articles 2.1(2)-(3), 2.6 and Article 4 of the NDPR.
The statement said that sometime in May 2022, some customers of Wema Bank PLC complained of breach of their rights to data privacy and protection by the Bank.
“This data processing, according to the complaints against the Bank, involves using their personal data to open accounts. The Bureau is also investigating a report of breach of data privacy at KC Gaming Networks. The breach in this case involved alleged external attack on the KC Gaming Networks,” the statement said.
He said further that at this stage, the objectives of these investigations as directed by the National Commissioner/CEO of the Bureau, Dr. Vincent Olatunji, are to determine the impact of the breaches on the affected data subjects and the remedial actions taken by the concerned data controllers.
The Bureau further assured members of the general public that it will ensure proper accountability of the data controllers in the ongoing investigations.