FG Probes UBA, Consulting Firm Over Data Breach

FG Probes UBA, Consulting Firm Over Data Breach

The Federal Government has stated that it is currently investigating the United Bank for Africa Plc (UBA), and Philips Consulting.

In a statement in which this development was disclosed, the Nigeria Data Protection Bureau (NPDB) said UBA and the consulting firm are under probe for violating the Nigeria Data Protection Regulation (NDPR).

“Following complaints of violation of the Nigeria Data Protection Regulation against Philips Consulting and United Bank for Africa PLC, the Nigeria Data Protection Bureau National Commissioner, Dr Vincent Olatunji, has ordered a forensic investigation in line with Article 4 of the NDPR.

“The complaint against Philips Consulting is in connection with the activities of online lending platforms who willfully breach the privacy of citizens whilst the investigation of UBA PLC pertains to allegations of infringement on the governing principles of data protection,” the statement read partly.

BizWatch Nigeria understands that in view of current happenings in the banking sector, UBA may be under probe for rending support to illegal activities of some lenders in the country.

Understanding the NPDR

The NDPR was established to regulate those who have access to and control people’s data.

Prior to the NDPR, there were provisions in a few laws which protected certain information or data from unlawful use. However, unlike the NDPR, these provisions were ambiguous, inadequate, and ineffective in imposing sanctions and ensuring compliance in the event of a data breach.

Thus, the introduction of the NDPR by the National Information Technology Development Agency (NITDA) was a well needed opium in data protection in Nigeria.

Compliance with data protection laws improves the trust between businesses and their customers. It also prevents the company from incurring expensive costs in form of fines, litigation expenses, public embarrassment, and a bad reputation.

Data protection compliance involves understanding not only a company’s policies, contracts, and legal engagements, it also requires an understanding of the company’s information technology, security, audit, and operational system.