The Nigerian Government says it is building a globally competitive and robust Data Protection Ecosystem which will guarantee a sustainable Digital economy, following the signing of the Nigerian Data Protection Act (NDPA), 2023 by President Bola Tinubu.
The National Commission, Nigeria Data Protection Commission, NDPC, Dr Vincent Olatunji stated this in Abuja, Nigeria’s capital during a News Conference to mark the Implementation of NDPA 2023.
He said the landmark legislation represents a significant milestone in the country’s journey towards data privacy and protection.
“Having an NDPA place is just the beginning of a comprehensive effort to establish a sustainable digital economy. With a Data Protection Act Nigeria can say we belong to the wealthiest counties and that means we are open to digital businesses to attract foreign direct investment to the country in the digital economy. So we are building a robust data protection structure and strengthening our standing in the global data landscape,” Olatunji affirmed.
Dr Olatunji emphasized that NDPA places great importance on respecting the personal data of Nigerian citizens, safeguarding their privacy, and upholding digital rights.
“This respect is now firmly embedded in the NDPA, signalling a transformative step towards cultivating a culture where the protection of personal data is not only valued but also an inviolable obligation.
“The implementation of data protection as a statutory requirement means that every organization, regardless of size, must cooperate with the government and demonstrate compliance.”
He urged organisations to perceive this development as a journey toward building trust, establishing robust data protection structures, and fortifying Nigeria’s position in the global digital economy landscape.
As part of this initiative, the NDPC Boss said that measures will be taken by the Commission to generate 500,000 jobs within the data protection ecosystem, constituting 50% of the sector’s job creation target which is in line with President Bola Tinubu-led administration target of creating one million jobs through the Digital Economy sector.
Dr Olatunji disclosed that within the last two quarters of this year, implementing the act towards nationwide compliance will be guided by key initiatives and future these include ‘
“Public Awareness Campaigns: We understand that awareness is the first step towards compliance. Therefore, we will be expanding our active public awareness campaigns to educate and empower organizations and individuals as regards their roles, rights, and responsibilities under the Act.
“Development of Implementation Framework: Standardization is vital. Hence, we will be developing a standardized framework for implementation, ensuring consistency and clarity across all sectors. This will involve guidance notices on key provisions of the law particularly those that relate to lawful basis of data processing, data subjects rights, compliance audit returns and cross-border data transfer.”
On capacity-building for Data Protection Officers (DPOs), the National Commission stressed that DPOs are the frontline soldiers in this endeavour.
“We will improve capacity-building opportunities for DPOs enrolled under the National Data Protection Adequacy Programme (NaDAP), thereby enhancing their ability to lead their organizations towards compliance.”
Issuance of DPCO Practice Guidelines and Sectorial Guidance Notices:
“We will strengthen our regulatory frameworks for DPCOs and issue sector-specific guidelines, particularly for financial and telecom sectors.
The objective is to provide agile frameworks that address peculiar vulnerabilities, risks and opportunities on the one hand, and on the other hand, provide a clear path for compliance among other things.
“We will upscale the registration process for data controllers and data processors, simplifying compliance pathways and encouraging participation. Compliance Audit Filing Calendar: We will also introduce a definite calendar for filing annual Compliance Audit Returns. Our target is January to December. Organizations will have the opportunity to file within the first quarter of each. The current dispensation of compliance under NDPR will be completed and only those who are compliant will be eligible for inclusion on the NaDPAP Whitelist. This will also enable organizations to be up-to-date with their compliance obligations”
He however restated government commitment to ensuring that all Nigerian organisations become NDPA compliant in line with the new era of data protection where respect for personal data becomes an integral part of our national ethos according to best
He urged the media and civil society to be at the forefront in creating awareness through content, programmes and campaigns as it is crucial in pushing forward the 4th Industrial Revolution.
