Meta Platforms Inc., the parent company of Facebook and Instagram, is preparing to settle a $32.8 million data privacy fine imposed by the Nigerian government, marking a landmark step for digital rights and regulatory enforcement in Africa’s technology space.
The fine was levied by the Nigeria Data Protection Commission (NDPC) in February 2025 after the company was found to have allegedly violated provisions of the Nigeria Data Protection Act. According to the NDPC, Meta was accused of using Nigerians’ personal data for behavioural advertising without explicit consent, processing the data of non-users, failing to file mandatory compliance audits, and transferring user data abroad without proper authorisation.
After months of legal back-and-forth, Meta has reportedly agreed to an out-of-court settlement, which is expected to be concluded by the end of October 2025. The company initially contested both the fine and the process leading to it but has since opted for negotiation, a move widely interpreted as a sign of its growing willingness to align with Nigeria’s expanding regulatory framework for digital platforms.
Regulators view the case as a milestone for data privacy enforcement across Africa, as Nigeria positions itself at the forefront of digital governance on the continent. Industry analysts say the NDPC’s firm stance could set a precedent for how African nations hold multinational tech giants accountable for user data protection and cross-border information transfers.
As part of the settlement terms, the NDPC has directed Meta to revise its privacy policies, perform localized data protection impact assessments, and obtain explicit user consent before deploying targeted advertising campaigns. These requirements are aimed at promoting greater transparency and ensuring that users’ personal information is handled responsibly.
The settlement follows a broader pattern of regulatory assertiveness in Nigeria, where authorities have recently imposed multi-million-dollar penalties on other international tech firms for similar privacy violations. The country’s actions reflect a continent-wide movement toward digital sovereignty, emphasizing accountability, user rights, and ethical data handling in the tech ecosystem.
This development represents not only a pivotal moment for Meta but also a defining shift in how global technology companies will need to navigate data protection standards in Africa. As the continent’s digital economy expands, the Nigerian case could serve as a model for other governments seeking to strengthen consumer protection and enforce compliance with local data privacy laws.
