Liabilities Of Tech Companies In Data Protection
• The NDPR has outlined consequential liabilities in the form of fines and sanctions that accompany breach of the data protection regulations.
• Liabilities For Breach
• Breach of the NDPR may incurs civil or criminal liability.
• Revocation of License or Temporary ban on operations
• For data controllers dealing with ten thousand data subjects, any breach will result in payment of the fine of two per cent of annual gross revenue of the preceding year or the sum of N10m, whichever is greater while those dealing with less than 10,000 data subjects are subject to a 1 percent fine or two million Naira.
• The regulations also provide that data controllers are liable for all personal data processing carried on its behalf by a data processor.
• Ultimately, no limitation clause in a privacy policy will exclude a data controller from liability for violating the provisions of the Regulations.
• Additionally, actions in civil and criminal liability for breach of fundamental privacy rights of data subjects.
• The possibility of heavy sanctions is sufficient reason for any data based company to get thoroughly acquainted with the provisions of the regulations for maximum compliance.
References
1 https://www.dataguidance.com/notes/nigeria-data-protection-overview accessed on Feb 17 2023
2 5 Steps To Compliance With The NDPR, available at, https://www.appknox.com/blog/5-steps-to-compliance-with-the-nigeria-data-protection-regulation accessed on Feb 17 2023
3 Oyeyemi Aderibigbe, “ An Outlook On The NDPR 2019” available at, https://businessday.ng/amp/news/legal-business/article/an-outlook-on-the-nigerian-data-protection-regulation-2019/ accessed on Feb 17 2023