Nigeria Data Protection Bureau (the Bureau) has commenced investigations into reports of breach of data privacy involving two major data controllers in Nigeria, namely, Wema Bank PLC and KC Gaming Networks (Bet Naija). According to a press release signed by the Legal, Enforcement & Regulations Lead, NDPB, Babatunde Bamigboye, Esq. BL, CDPRP, he said that this is in line with Section 37 of the 1999 Constitution and the provisions of Nigeria Data Protection Regulation (NDPR) 2019 – particularly Articles 2.1(2)-(3), 2.6 and Article 4 of the NDPR. It will be recalled that sometime in May 2022, some customers of Wema Bank PLC complained of breach of their rights to data privacy and protection by the Bank. This data processing, according to the complaints against the Bank, involves using their personal data to open accounts. The Bureau is also investigating report of breach of data privacy at KC Gaming Networks. The breach in this case involved alleged external attack on the KC Gaming Networks. At this stage, the objectives of these investigations as directed by the National Commissioner/CEO of the Bureau, Dr. Vincent Olatunji, are to determine the impact of the breaches on the affected data subjects and the remedial actions taken by the concerned data controllers. The Bureau assures members of the general public that it will ensure proper accountability of the data controllers in the ongoing investigations.