Nigeria Fines Meta $220m Over Privacy Infringements

Nigeria’s competition and consumer protection agency has fined WhatsApp and Facebook parent Meta Platforms $220 million (£170m) over abusing its dominant market position to impose user policies that it said illegally collect user information without consent.

The Federal Competition and Consumer Protection Commission (FCCPC) said it began its investigation after Meta’s WhatsApp updated its privacy policy in May 2021 and concluded the probe in December of last year.

The probe, whiih was conducted along with the Nigeria Data Protection Commission (NDPC), found the privacy policy was imposed on Nigerian users without following standards of fairness.

Meta proposed remedies in April that did not resolve the commission’s concerns.

Data infringements

The commission said Meta carried out discriminatory practices against Nigerian users compared with other jurisdictions with similar regulatory environments and failed to provide Nigerians the opportunity to self-determine or otherwise withhold consent to the gathering of their data.

“The totality of the investigation has concluded that Meta Parties over a protracted period of time engaged in conduct that constitute multiple and repeated, as well as continuing infringements of the FCCPA and NDPR,” said FCCPC chief Adamu Abdullahi, referring to competition and data protection laws.

“Being satisfied with the significant evidence on the record, and that Meta Parties have been provided every opportunity to articulate any position, representations, refutations, explanations or defences of their conduct and practices under law, the Commission have now entered a Final Order, and issued a penalty against Meta Parties,” he said.

The commission said Meta had provided documents and retained counsels that met with the agency.

The final order mandates steps and actions Meta must take to comply with local laws, Abdullahi said.

Privacy complaints

Nigeria is Africa’s most populous countries and has some 154 million active internet users as of 2022, according to the country’s statistics agency.

The FCCPC said Meta had failed to engage a Data Protection Compliance Organisation and had not filed a Nigeria Data Protection Regulation audit report for two years.

Meta has faced similar charges in other jurisdictions, including the EU, where privacy groups complained about the company’s plans to train its AI systems on users’ data without obtaining consent.

Meta said last week it would not release its multimodal Llama AI model in the EU due to “unpredictable” regulatory requirements.