In today’s world, data is driving an increase in the number of businesses around the world.
The quality and volume of information obtained from customer experiences, and automated marketing messaging will go along way in determining how valuable data will be in driving your business decisions.
As companies are eager to obtain valuable data, the government is also keen in ensuring the protection of privacy and safety of its citizens.
Businesses are faced with challenges as they strive to comply with data privacy regulations. These regulations require strict access controls to protect sensitive personal data.
In Nigeria, data protection is a constitutional right founded on Section 37 of the Constitution of the Federal Republic of Nigeria 1999 (as amended) (‘the Constitution’).
The Nigerian Data Protection Regulation, 2019 (‘NDPR’) is the main data protection regulation in Nigeria.
This regulation was issued by the National Information Technology Development Agency (‘NITDA’).
The Regulation is the current national law on data protection in Nigeria. It applies to public and private sector processing of personal data within and outside Nigeria.
The Regulation is aimed at protecting the right to privacy, creating the right environment for digital transactions, job creation and improving information management practices in Nigeria.
The NDPR makes provision for the rights of data subjects, the obligations of data controllers and data processors, transfer of data to a foreign territory amongst others.
Thus the NDPR is the starting point for understanding Nigeria’s data protection landscape.
The importance of having data protection and privacy institution has increased as a result of the successful execution of the National Digital Economy Policy and Strategy (NDEPS).
Keeping private data and sensitive information safe is paramount. In addition, a data breach at the government level may risk the security of an entire country.
This is where data protection laws come into play. As an increasingly large portion of our lives and activities occur online, cybersecurity is an ever-growing concern.
Recently, President Muhammadu Buhari, approved the establishment of The Nigeria Data Protection Bureau (NDPB).
The NDPB was founded in accordance with international best practices and sets to focus on data protection and privacy in Nigeria.
Recommended by the Minister of Communications and Digital Economy, Professor Isa Pantami, the NDPB will be headed by Dr.Olatunji Vincent, who was until now the Director of the eGovernment Development and Regulations Department at NITDA.
However, will this appointment really ensure data protection at its maximum?
As more socio-economic activities appear online, the necessity of privacy and data protection won’t go down anytime soon.
Beyond that, it is of the most importance and equal concern that the gathering, usage and sharing of personal information to third parties is increasing.
According to United Nations Conference on Trade and Development (UNCTAD), 137 out of 194 countries had put in place legislation to secure the protection of data and privacy.
UNCTAD’s report as at December 2021, also reveals that Africa and Asia show a different level of adoption with 61 and 57 per cent of countries have adopted such legislations. The share in the least developed countries in only 48 per cent.
According to the report, 71% of countries have legislation in place for data protection and privacy, 9% of the countries are with draft legislation, 15% of the countries are with no legislation, while 5% countries of the countries are with no data.
Fortunately, Nigeria falls under the 71% aforementioned and with this recent establishment of the NDPB, a distinct body to ensure data protection and privacy, we hope that the country is on a right track for full implementation.
Olatunji is a Certified Public Private Partnership Specialist (IP3 Specialist) and a PECB Certified Data Protection Officer.
He coordinated the development of strategies and plans for the implementation and coordination of Nigeria’s eGovernment and National ICT Transformation Agenda.
Olatunji has been involved in various policies development and the very notable ones include, Nigeria Data Protection Regulation and Smart Initiatives Framework to enhance Nigeria’s digital transformation.
He has spent more than three decades working in the government sector to implement policies that will drive the required changes in Nigeria’s ICT ecosystem.
NITDA’s Role
NITDA as the Regulatory Authority for Data Protection aims at innovating data protection management in Africa through inclusive regulatory strategies, partnerships and continuous improvement.
The Agency represents Nigeria (as Deputy Chair of the Data Protection and Localisation Working Group) at the African Union Policy and Regulatory Initiative for Digital Africa (AU-PRIDA).
Don’t miss important articles during the week. Subscribe to techbuild.africa weekly digest for updates.