The Federal Competition and Consumer Protection Commission (FCCPC) announced on Friday that it has imposed a $220 million fine on Meta Platforms, Inc. following a comprehensive 38-month investigation into the company’s data privacy practices and market behavior. The joint investigation, conducted with the Nigeria Data Protection Commission (NDPC), revealed extensive and ongoing violations of Nigerian laws.
According to the FCCPC statement, the investigation, which spanned from May 2021 to December 2023, scrutinized Meta’s privacy policies and practices. It uncovered multiple infringements of the Federal Competition and Consumer Protection Act (FCCPA) and the Nigeria Data Protection Regulation (NDPR). These violations included the unauthorized appropriation of personal data without user consent, discriminatory practices against Nigerian users, and the abuse of Meta’s dominant market position.
The investigation concluded that Meta engaged in abusive and invasive practices against Nigerian data subjects. These practices included transferring personal data across borders without authorization and forcing users to accept exploitative privacy policies. Despite being given numerous opportunities to present their case, Meta’s defenses were deemed insufficient by the regulatory bodies.
The FCCPC’s final order mandates several corrective actions for Meta to comply with Nigerian laws. These include ensuring Nigerian users’ right to data self-determination, ceasing unauthorized data transfers, and eliminating discriminatory practices. The order also imposes a $220 million penalty on Meta, emphasizing the gravity of the violations.
“Being satisfied with the significant evidence on the record, and that Meta Parties have been provided with every opportunity to articulate any position, representations, refutations, explanations or defenses of their conduct and practices under law, the Commission has now entered a Final Order, and issued a penalty against Meta Parties,” the FCCPC statement read.
The final order elaborates on the specific conduct or practices of the Meta Parties, the relationship between Meta Parties concerning the infringements, and the violations, which include:
Denying Nigerian data subjects the right to self-determine
Unauthorized transfer and sharing of Nigerian data subjects’ personal data, including cross-border storage in violation of prevailing law
Discrimination and disparate treatment
Abuse of dominance, and tying and bundling
The FCCPC mandates steps and actions Meta must take to comply with prevailing law and cease the exploitation of Nigerian consumers and their market abuse. The commission also requires Meta to desist from future conduct or practices that do not meet national standards and undermine the rights of consumers. The imposed monetary penalty of $220 million is in accordance with the FCCPA 2018 and the Federal Competition and Consumer Protection (Administrative Penalties) Regulations 2020 (APR).
