The Nigeria Data Protection Commission (NDPC) has launched a new programme with Meta Platforms aimed at strengthening how personal data is protected in Nigeria. This came out of a legal process that held one of the world’s biggest tech companies accountable for how it handles Nigerian users’ information.
The initiative, called the Meta-Supported Initiatives for Data Protection (M-SIDP), was announced today and follows a court-approved settlement concluded in 2025 between the NDPC and Meta over concerns about the company’s data processing practices in Nigeria.
As part of that settlement, Meta committed to funding and supporting a two-year programme of public-facing data protection measures aligned with Nigeria’s data protection framework.
For the average Nigerian using Facebook, Instagram, or WhatsApp, which are all Meta products, this matters in a way that goes beyond regulatory language. Every time you create an account, click accept on a terms and conditions page, upload a photo, or share your location, data about you is being collected, processed, and in many cases used to serve you targeted content or advertising.
Most people do not read the fine print. Most people do not know what rights they have. And in Nigeria, where digital adoption has grown rapidly but consumer awareness of rights has lagged, that gap has left millions of people exposed.
The M-SIDP programme is built around four strategic areas. The first is governance, research, and development, strengthening the institutional capacity of Nigeria’s data protection ecosystem. The second is fostering safety and sustainability mechanisms across technology and digital systems.
Read also: NDPC boss talks tough as Nigeria’s high-stakes battle for data sovereignty enters a critical phase
The third focuses on capacity development for Data Protection Officers and Protection Compliance Organisations, the professionals responsible for ensuring companies actually follow the rules. The fourth, and perhaps most important for ordinary Nigerians, is public awareness, with specific focus on vulnerable groups, including children, elderly users, and people in rural or low-literacy communities who are least equipped to protect themselves online.
The NDPC was clear that the settlement does not restrict its regulatory powers. “Nothing in this settlement limits the Commission’s independent statutory powers as we continue to exercise our regulatory mandate in relation to data processing activities in Nigeria,” the statement read.
Why this data settlement with Meta matters
The fact that this programme exists at all is significant. It means Nigeria’s data protection regulator took on one of the world’s most powerful technology companies, pursued legal action, and secured a binding commitment to invest in the protection of Nigerian users. That is not a small thing.
Nigeria’s Data Protection Act 2023 established one of the most comprehensive data protection frameworks on the continent, and the NDPC has been steadily asserting its authority, investigating alleged breaches at Remita and Sterling Bank earlier this year, and ordering inquiries into other platforms.
The Meta settlement represents the most high-profile application of that authority yet.
The commission said it will provide periodic updates on the implementation of M-SIDP and called on stakeholders to support the initiative in building a more secure and accountable digital environment in Nigeria.
Technext Newsletter
Get the best of Africa’s daily tech to your inbox – first thing every morning.
Join the community now!
