NDPC and Meta Launch Major Data Protection Initiative to Strengthen Privacy Rights in Nigeria

Lagos, Nigeria – The Nigeria Data Protection Commission (NDPC) and Meta Platforms have launched a landmark data protection programme aimed at strengthening privacy rights, improving public awareness, and enhancing data governance across Nigeria’s digital ecosystem.

The initiative, known as the Meta-Supported Initiatives for Data Protection (M-SIDP), emerged from a court-approved settlement reached in 2025 between the NDPC and Meta over concerns regarding the company’s data processing practices involving Nigerian users.

The programme marks a significant milestone in Nigeria’s evolving data protection landscape and demonstrates the increasing capacity of local regulators to hold global technology companies accountable for how they collect, process, and manage personal data.

A New Chapter for Data Protection in Nigeria

Under the terms of the settlement, Meta—the parent company of Facebook, Instagram, and WhatsApp—committed to funding and supporting a two-year programme designed to strengthen compliance with Nigeria’s data protection framework while promoting greater awareness of digital privacy rights.

For millions of Nigerians who use Meta’s platforms daily, the initiative has practical implications that extend beyond regulatory compliance.

Every interaction online—from creating social media accounts and accepting terms and conditions to sharing photos, locations, and personal information—generates data that is collected and processed by digital platforms. Yet many users remain unaware of how that data is used, shared, stored, or protected.

As Nigeria’s digital economy continues to expand rapidly, experts have repeatedly highlighted the need to close the gap between technology adoption and public understanding of digital rights.

Four Strategic Areas of Focus

According to the NDPC, the M-SIDP programme will focus on four key pillars designed to strengthen Nigeria’s data protection ecosystem.

The first pillar centres on governance, research, and development, aimed at improving institutional capacity and supporting the long-term growth of Nigeria’s data protection framework.

The second focuses on digital safety and sustainability, promoting mechanisms that strengthen trust, accountability, and responsible data management across technology platforms and digital services.

The third pillar targets capacity building, particularly for Data Protection Officers (DPOs) and Data Protection Compliance Organisations (DPCOs), whose role is critical in ensuring organisations comply with Nigeria’s data protection laws and regulations.

The fourth pillar focuses on public awareness and digital literacy, with special attention given to vulnerable groups including children, elderly citizens, rural communities, and low-literacy populations who often face greater risks online and have limited knowledge of their privacy rights.

NDPC Retains Full Regulatory Authority

The Commission emphasized that the settlement does not in any way diminish its oversight responsibilities or regulatory independence.

“Nothing in this settlement limits the Commission’s independent statutory powers as we continue to exercise our regulatory mandate in relation to data processing activities in Nigeria,” the NDPC stated.

The clarification underscores the regulator’s intention to continue enforcing compliance across both local and international organisations operating within Nigeria’s digital ecosystem.

Why the Meta Settlement Matters

Industry observers view the agreement as one of the most significant developments in Nigeria’s data governance journey.

The settlement demonstrates that Nigeria’s data protection regulator is increasingly willing and able to engage major global technology companies on issues relating to privacy, consent, transparency, and user protection.

It also signals the growing maturity of Nigeria’s regulatory environment following the enactment of the Nigeria Data Protection Act (NDPA) 2023, which established one of Africa’s most comprehensive legal frameworks for personal data protection.

Since the law came into effect, the NDPC has intensified enforcement efforts, including investigations into alleged data protection violations involving financial institutions and digital service providers.

Building Trust in Nigeria’s Digital Economy

The National Commissioner and Chief Executive Officer of the NDPC, Dr. Vincent Olatunji, has repeatedly emphasized that data protection is fundamental to building trust in Nigeria’s digital economy.

As businesses, governments, and citizens increasingly rely on digital platforms for communication, financial transactions, healthcare, education, and commerce, robust privacy safeguards have become essential for sustaining confidence in digital services.

The Commission said it will provide periodic updates on the implementation of the M-SIDP programme and called on stakeholders across government, industry, civil society, and academia to support efforts aimed at creating a safer, more transparent, and accountable digital environment.

For Nigeria, the initiative represents more than a regulatory settlement—it is a strategic investment in digital trust, consumer protection, and the long-term sustainability of the country’s rapidly growing digital economy.