Facts:

The 1st Applicant claims to be a Data Protection Compliance Organization with the mandate to ensure protection of data privacy as compliance with the provisions of the Nigeria Data Protection Regulation (NDPR). The 2nd Applicant who is a data subject claims that his personal data was collected and processed by the Respondents. According to the Applicants, the 1st Respondent is the operator of a software known as True Caller App which they claim collects and controls over 150 million persons including 2nd Applicant. The Applicants stated that the 1st Respondent uses the True Caller app to harvest telephone numbers of users around the world and makes them available to users of their software all over the world with the 2nd Applicant’s consent. The Applicants believe that the exposure of their telephone numbers to third parties without their consent has caused and will likely cause interference with their telephone conversations as they are likely to receive calls from unknown persons who got their number from the software. That the harvesting of phone number through the phone contact list of users is an invasion of their privacy contrary to section 37 of the Constitution of the Federal Republic of Nigeria, 1999 (as amended) and Regulation 2.1 and 2.3 of the Nigeria Data Protection Regulation i sued by 2nd Respondent on the 25th of January, 2019 pursuant to section 37 of the Constitution. The Applicants therefore urged the Court to intervene on their behalf.

The 1st Respondent in its defence states that it is not in charge of Truecaller activities in Nigeria rather it is the responsibility of Truecaller International LLP, India (TC India). The 1st Respondent stated further that it does not harvest phone contacts of users and non-users of the app neither does it make them available to the whole world. The 1st Respondent stated that the app does not have access to the phone of a user except where the user grants it access as a dialer so that the versions of the app on the Google Playstore and Appstore have no option for enhanced search where a person’s name can be imputed to produce his phone number. The 1st Respondent stated further that any access to the phone contacts of a user is with the consent of such user and any contact available on its data base is that of a user who gave consent for his details to be played by the app. The 1st Respondent denies exposing any person’s details to privacy risk as alleged by the Applicants. The 1st Respondent therefore urged the Court to dismiss the application.