The Nigeria Data Protection Commission (NDPC) has commenced an investigation into the alleged leak of voter information belonging to Nollywood actor and politician, Emeka Ike.

The commission said it had already engaged with the Independent National Electoral Commission (INEC) and the actor as part of efforts to establish the facts surrounding the incident.

Speaking on Friday during a media briefing at the commission’s headquarters in Abuja, the National Commissioner and Chief Executive Officer of the NDPC, Dr Vincent Olatunji, said the matter was being treated with urgency because of its possible implications for electoral credibility and public confidence.

The investigation follows controversy over the publication of details from Ike’s voter registration record by Lere Olayinka, the Senior Special Assistant to the Minister of the Federal Capital Territory, Nyesom Wike, on Information.

Ike, who is from Imo State, contested the House of Representatives seat for the AMAC/Bwari Federal Constituency in the Federal Capital Territory under the Nigerian Democratic Congress but was unsuccessful.

Olayinka attracted criticism after sharing what appeared to be Ike’s voter information obtained from an INEC administrative webpage.

In the post, Olayinka claimed that Ike was previously registered as a voter in Imo State before transferring his registration to the FCT on May 15, 2026.

He questioned Ike’s eligibility to contest for the federal constituency seat, attaching two images which many users alleged contained information accessed from INEC’s administrative portal.

The screenshots reportedly contained personal details including Ike’s application number, registration centre, Voter Identification Number, profile photograph, name, and date of application.

The incident raised concerns over possible unauthorised access to INEC’s voter database and renewed discussions about the protection of personal information ahead of future elections.

However, INEC denied reports of a major breach or external cyberattack on its Continuous Voter Registration database, explaining that the incident was linked to the alleged misuse of valid internal credentials by authorised personnel.

Meanwhile, investigators from the Force Intelligence Department–Intelligence Response Team have questioned Olayinka and an electoral officer as part of ongoing investigations into the alleged exposure of voter information from the INEC portal.

Confirming the NDPC’s involvement, Olatunji said the commission had already met with relevant parties and commenced its own investigation.

He explained that the commission does not depend solely on social media reports before taking action, but follows established procedures in handling allegations involving personal data.

“Emeka Ike is downstairs now. INEC, they were here last week, and they were here this week again,” he said.

The NDPC boss described the INEC matter as particularly sensitive because of its connection to the electoral system and the need to protect public confidence in voter databases.

“The one of INEC is really sensitive because we are moving towards elections. And it speaks to the credibility of the database. It’s of utmost urgency, and we are moving immediately,” he said.

Olatunji stressed that investigations into privacy-related matters must be handled carefully and based on evidence.

He said the commission considers several factors when assessing reported breaches, including the number of affected individuals, the sensitivity of the information involved, the credibility of the claim, and the possible impact on data subjects.

The commissioner added that the NDPC investigates all reported breaches, regardless of the individuals or organisations involved.

“No matter who you are, we invite you, and whatever action we are supposed to take, we take,” he stated.

He explained that when a data breach is reported, the commission examines an organisation’s wider data protection practices rather than focusing only on the specific incident.

According to him, investigators assess issues such as registration with the commission, compliance audits, appointment of data protection officers, privacy policies, and technical security measures.

Olatunji noted that where organisations demonstrate commitment to compliance, the NDPC often focuses on corrective measures rather than punishment.

“We don’t issue fines. We issue remediation fees unless and until you are not able to do what is right,” he said.

Beyond the ongoing investigation involving INEC, the NDPC chief revealed that the commission was collaborating with INEC to improve data protection awareness among political parties ahead of future elections.

He expressed concern that many political parties collect large amounts of personal information from members and supporters without adequate privacy safeguards.

Olatunji said the commission chose to work through INEC to avoid concerns about political bias while educating parties on their responsibilities under the Nigeria Data Protection Act.

“A lot of them are collecting data of their party members. What kind of privacy safeguards? What kind of guardrails do they have in place? They don’t even know. That’s the truth,” he said.

He added that the commission was providing training and awareness programmes to help political parties understand lawful data processing practices and compliance requirements.

The NDPC is also expanding public awareness efforts through traditional institutions and grassroots structures to help Nigerians understand their privacy rights.

Olatunji disclosed that the commission had translated the Nigeria Data Protection Act into major Nigerian languages, including Yoruba, Hausa, and Igbo, to improve accessibility.

He said citizens in rural communities should also be able to understand the law and their rights regarding personal data protection.

The commissioner emphasised that data protection has become increasingly important to national security and public trust, especially as elections and other services become more dependent on digital systems.

“There is no digital economy without trust. There is no public security without trust. Trust is not about what you say. It is about what you do,” he said.

He added that compliance with data protection regulations is essential for maintaining confidence in institutions that handle personal information, including government agencies, banks, and telecommunications companies.

Olatunji reaffirmed the NDPC’s commitment to working with public and private sector organisations to strengthen compliance and ensure that Nigerians’ personal information is adequately protected.