The Federal Competition and Consumer Protection Commission (FCCPC), on Friday, announced a substantial fine of $220 million against Meta Platforms, Inc. and WhatsApp LLC for violations of data protection regulations, antitrust laws, and consumer protection acts.
A statement issued by the FCCPC said the decision followed a comprehensive investigation spanning 38 months, commencing in May 2021.
The statement says, “Between May 2021 and December 2023, and over this period of 38 months, a joint investigation by the Commission, and the Nigeria Data Protection Commission (NDPC) into Meta Parties conduct, privacy policies, the operation thereof, and Meta Parties practices has evolved.
“Meta Parties have provided some information/evidence that is in part responsive to document requests and summons under the joint investigation.
“Meta Parties by themselves, and retained counsels have also repeatedly engaged with, and met with investigators and analysts from the Commission, and the NDPC, including as recently as April 4, 2024.”
The investigation scrutinised their privacy policies and practices, ultimately concluding that Meta Parties engaged in multiple and repeated infringements of the Federal Competition and Consumer Protection Act (FCCPA) and the Nigeria Data Protection Regulation (NDPR).
The investigation revealed that Meta Parties were involved in several abusive and invasive practices against Nigerian data subjects, including:
- Denial of the Right to Self-Determination: Nigerian consumers were not given the option to control their personal data or information.
- Unauthorized Data Transfer: The personal data of Nigerian users was transferred and shared without consent, including cross-border storage, violating existing laws.
- Discriminatory Practices: Nigerian consumers faced disparate treatment compared to users in other jurisdictions with similar regulatory frameworks.
- Abuse of Dominant Market Position: Meta Parties enforced exploitative and non-compliant privacy policies, appropriating consumer personal information without consent.
- Tying and Bundling: The company imposed unfair conditions on Nigerian consumers.
The commission says despite repeated engagements and opportunities to defend their practices, Meta Parties failed to provide satisfactory explanations or defences.
The statement adds, “The totality of the investigation has concluded that Meta Parties over a protracted period of time have engaged in conduct that constitutes multiple and repeated, as well as continuing infringements of the FCCPA and NDPR, particularly, but not limited to abusive, and invasive practices against data subjects/consumers in Nigeria, such as appropriating personal data or information without consent, discriminatory practices against Nigerian data subjects/consumers or disparate treatment of consumers/data subjects compared with other jurisdictions with similar regulatory frameworks, abuse of dominant market position by forcing unscrupulous, exploitative, and non-compliant privacy policies which appropriated consumer personal information without the option or opportunity to self-determine or otherwise withhold or provide consent to the gathering, use, and/or sharing of such personal data.”
Consequently, the FCCPC issued a Final Order, detailing the specific violations and mandating corrective actions.
The Final Order imposes a $220 million monetary penalty on Meta Platforms, Inc. and WhatsApp LLC, in accordance with the FCCPA 2018 and the Federal Competition and Consumer Protection (Administrative Penalties) Regulations 2020 (APR).
The order also outlines the steps Meta Parties must take to comply with Nigerian laws and cease exploitative practices.