
The Nigeria Data Protection Commission (NDPC) has launched an investigation into TikTok and Truecaller over alleged breaches of data privacy regulations.
This move affirms the commission’s dedication to upholding the Nigeria Data Protection Act (NDPA) and ensuring that both local and foreign entities operating in the country adhere to established data protection standards.
Speaking at a recent press conference in Abuja, Dr. Vincent Olatunji, the National Commissioner and CEO of the NDPC, reaffirmed the commission’s proactive stance on data privacy enforcement.
He stated, “As we speak, we have even gone to the extent of investigating multinationals. We are currently investigating TikTok and Truecaller in the area of data privacy.”
Despite its firm stance on violations, the NDPC prioritizes collaborative remediation over punitive measures.
Olatunji emphasized that companies under investigation have the opportunity to address deficiencies and improve compliance, demonstrating the commission’s commitment to fostering a culture of data protection rather than solely imposing penalties.
Also read: Kenya’s Data Protection Authority Fines Whitepath for Privacy Violations
Significant Strides in Compliance
The NDPC’s intensified regulatory oversight has led to a dramatic improvement in adherence to data protection laws.
Initially, only 4% of organizations in Nigeria complied with data regulations, but following sustained enforcement actions and stakeholder engagement, compliance rates have now exceeded 55%.
This reflects an increasing awareness of the importance of data privacy within the country’s corporate sector.
This is not the first time the NDPC has scrutinized companies over data protection concerns. In June 2024, the commission imposed a ₦400 million fine on seven Nigerian companies for mishandling user data.
Similarly, in September 2019, the National Information Technology Development Agency (NITDA) initiated an inquiry into Truecaller over suspected privacy violations.
Africa’s Data Protection Landscape
According to the 2025 Report on Data Protection in Africa, the continent has 39 countries enacting data protection laws with 35 of them establishing a dedicated data protection authority.
Despite the progress made, some countries like Djibouti, Burundi, Eritrea, Comoros, Liberia and Gambia are yet to introduce laws governing data protection.
African Data Protection Authorities (DPAs) will unite at the Network of African Data Protection Authorities (NADPA) conference in Nigeria in May to have discussions around trends, challenges and the way forward for Africa’s data protection.
NDPC’s Commitment to Data Protection and Capacity Building
To further strengthen Nigeria’s data protection ecosystem, the NDPC has partnered with the Federal Ministry of Youth Development to train 5,000 Nigerian youths as data protection professionals.
This initiative aims to build local expertise and ensure organizations have the necessary knowledge to comply with data protection laws.
The NDPC’s ongoing investigation into TikTok and Truecaller serves as a strong reminder to businesses in Nigeria to prioritize data privacy and regulatory compliance.
Source: TechPoint Africa