By Sonny Aragba-Akpore
A little over a week ago,the Federal Competitions & Consumer Protection Commission (FCCPC) and the Nigeria Data Protection Commission (NDPC)imposed a whopping $220m fine on Meta Group,owners of Facebook, Instagram and WhatsApp.
It’s offence: violation of data privacy of individuals and corporate customers.
Although, analysts see this as killing a fly with a sledge hammer, Meta Platforms justified the encroachment of privacy when it delisted and deactivated 63,000 Facebook and Instagram accounts allegedly being used by certain category of subscribers for scam activities including sextortion and what is commonly referred to as”yahoo” in Nigeria, thus starting a battle that will only consume the beleaguered consumers.
In imposing the $220m fine, FCCPC in a statement, signed by its acting Executive Chairman, Adamu Abdullahi, said that Meta had denied Nigerian users control over their data, shared data without consent, and abused its market dominance.
It said, “The final order also imposes a monetary penalty of Two Hundred and Twenty Million U.S. Dollars only ($220,000,000.00) (at prevailing exchange rate where applicable) which penalty is in accordance with the FCCPA 2018, and the Federal Competition and Consumer Protection (Administrative Penalties) Regulations 2020.”
The FCCPC noted that this decision was reached after a joint investigation by it and the Nigeria Data Protection Commission (NDPC), which lasted for 38 months (May 2021 and December 2023). The investigation examined Meta’s conduct, privacy policies, and operations.
But a WhatsApp spokesperson said this decision will be appealed. “We disagree with both this decision and the fine and will appeal,” the spokesperson said.
“In 2021, we went to users globally to explain how talking to businesses among other things would work and while there was a lot of confusion then, it has proven quite popular,” the organisation said.
Acting Chairman of FCCPC stated that Meta was fined due to discriminatory practices and sanction-able offences, particularly the unauthorised transfer and sharing of personal data, which were not uniformly practiced in other regions.
“They provided options to data subjects in other regions to decide whether their data would be shared or not,” he said.
While elaborating on the specifics of the violation, FCCPC boss said “When you register for the first time to join WhatsApp, there is a column that says you have agreed for your data to be shared for research. This contrasts with other regions where users have the choice of saying yes or no, which is discriminatory.”
The Nigeria Data Protection Act of 2023, is designed to protect the rights of data subjects by ensuring that personal data is processed in a fair, lawful and accountable manner;
promote data processing practices in Nigeria that guarantee the security of personal data and ensure the privacy of data subjects;
provide the legal framework for regulating and safeguarding personal data, and the means of recourse and remedies where the rights of data subjects have been breached; ensure that data controllers and data processors fulfil their obligations to data subjects;”
The Act prohibits unlawful processing of personal information, which consists of personal data and sensitive personal data of natural persons. For the purposes of the Act, “personal data” means any information relating directly or indirectly to an identified or identifiable individual, by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, psychological, cultural, social, or economic identity of that individual.
Data from DataReportal state that as at January 2024, no fewer than 36.75m Nigerians were connected to Facebook platform alone. And Statista, a global research platform, ranked Nigeria as one of the top countries that spend time on social media, averaging a total of 04:20 hours on every social media platform visited.
The average social media user spends approximately two hours and 23 minutes daily on these platforms. Comparatively, in Africa, Kenya has an average of three hours and 43 minutes daily.
In terms of visited platforms, YouTube has 28.50 million,
Snapchat 15million, Instagram 12.4 million, WhatsApp 10.6million, Linkedln 9.1million and X(Twitter) 5.75 million users.
It said, “This could be driven by the market generally having a younger population, with the 16 to 24 years segment driving growth globally.”
“The totality of the FCCPC investigation concludes that Meta over the protracted period of time has engaged in conduct that constituted multiple and repeated, as well as continuing infringements… particularly, but not limited to abusive, and invasive practices against data subjects in Nigeria,” Abdullahi said.
“Being satisfied with the significant evidence on the record, and that Meta has been provided every opportunity to articulate any position, representations, refutations, explanations or defences of their conduct, the Commission has now entered a final order and issued a penalty against Meta,” Abdullahi said.
In a similar vein, Osun and Delta States Internal Revenue Services (IRS) also imposed fines of $150m and $200m on Google and Meta Platforms respectively for alleged non-remittances of With-holding Tax (WHT) from content creators. The fines were imposed after a 14-day grace period, while they cover a period from 2020 to 2024.
“The companies were issued a 14-days notice of compliance, effective July 12 and July 19 respectively, from the affected states.”
In separate letters signed by Ademola Odetunde, Chief Operating Officer, LafriquePromedia Ltd., the revenue collection agent for the states, they were specifically addressed to the companies for failing to comply.
According to Odetunde, LafriquePromedia is also consulting for the IRS of Plateau, which is also facing the same challenge and coming up with similar demand.
In May, Turkey’s competition board fined Meta 1.2 billion lira following investigations on data-sharing on its Facebook, Instagram, Threads and WhatsApp platforms. Meta has faced pushback in Europe and other jurisdictions over alleged breaches of data protection laws. Meta’s plan to use personal data to train its artificial intelligence models without seeking consent has come under fire in Europe.
The Competition Commission South Africa also announced plans to investigate whether digital platforms, including Meta unfairly compete with news publishers by using their content to generate ad revenue.
Inspite of all these, Meta Platforms Inc., the parent company of Facebook, Instagram, and WhatsApp, announced Wednesday last week that it has removed 63,000 accounts connected to alleged Nigerian cybercriminals involved in financial sextortion scams targeting users in the United States.
The decision is based on its Q1 2024 Adversarial Threat Report.
Meta said that the takedown included a smaller coordinated network of no fewer than 2,500 accounts linked to a group of roughly 20 individuals.
“These accounts primarily targeted adult men in the U.S., using fake profiles to conceal their identities,” Meta reported. The company utilized advanced technical signals and comprehensive investigations to identify and disable these accounts, thereby enhancing its automated detection systems.
“Financial sextortion is a global crime, driven in recent years by increased activity from Yahoo Boys—loosely organized cybercriminals allegedly operating mainly from Nigeria and specialising in various scams.
The company also dismantled a set of Facebook accounts, pages, and groups allegedly managed by Yahoo boys, which were banned under its Dangerous Organisations and Individuals policy for attempting to organize, recruit, and train new scammers.
Although, Meta Platforms appear very stiff about its decision to deactivate 63,000 accounts, a better strategy would have been employed to resolve the issues with FCCPC and The Data Protection Commission in Nigeria because it appears the grass is at the receiving of the elephants clash.
Although it’s not clear whether Meta sent warnings to alleged subscribers, it announced that it had also deleted thousands of additional accounts, pages, and groups that were distributing scripts on how to blackmail and sexually extort users.
Nigerian alleged online fraudsters, often referred to as “Yahoo boys,” are notorious for various scams, including posing as individuals in financial distress or as Nigerian princes offering lucrative investment returns. In this instance, the scammers used fake accounts to mask their identities and engage in “sextortion,” threatening victims with the release of compromising photos unless they paid to prevent it.
Meta revealed that the removed accounts included a smaller, coordinated network of scammers.These scammers mainly targeted adult men in the U.S., but there were also attempts against minors, which Meta reported to the National Centre for Missing and Exploited Children in the U.S. The investigation showed that most of the scammers’ attempts were unsuccessful.
Additionally, some accounts were found to be providing tips and guides on conducting scams, as well as links to collections of photos for creating fake accounts.
Online scams have grown in Nigeria as economic hardships worsen in the country of more than 200 million people. Scammers operate from various locations, including university dormitories, shanty suburbs, and affluent neighbourhoods.
● Aragba-Akpore, an analyst on tech trends lives in Abuja, and sent this via WhatsApp.
