NITDA is on a mission to safeguard the data privacy rights of Nigerians

by | Mar 21, 2019

On a global level, data privacy has become one of the major concerns of governments and their regulatory agencies as far as the Internet is concerned. Early last year, there was a data breach saga involving Facebook and Cambridge Analytica over which the United State Congress summoned Mark Zuckerberg, Facebook founder and CEO for testimony.

Also, the United Kingdom and European parliaments invited Zuckerberg for questioning. The bottom line of all these is that governments around the world are privy to the importance of data privacy.

Shortly after the Facebook data breach saga, Europe’s General Data Protection Regulation, a regulation on data protection and privacy for all individuals within the European Union which was adopted in 2016, became effective.

Apparently, Nigeria is not left out in the drive for data privacy. One of the Nigerian government’s recent actions in that line is the Digital Rights and Freedom Bill which was recently transmitted to President Muhammadu Buhari by the country’s National Assembly for assent.


The bill, which the president is yet to sign, not only promotes freedom of expression, it also aims to guarantee data privacy.

Beyond the bill, another move is the Nigeria Data Protection Regulation 2019 (NDPR), released in January 2019 by the National Information Technology Development Agency (NITDA). This was prior to the transmission of the bill for assent

Why you should care about the NDPR as an individual

The NDPR provides a broad framework for safeguarding the rights of persons to data privacy.

The framework gives organisations (both public and private) in the country, that control personal data, three months after the release of the NDPR to publicise their respective data protection policies, which shall be in compliance with the regulation.

The regulation explicitly states that no data shall be obtained except the specific purpose of the collection is made known to the data subject. The person or organisation collecting the data must also ensure that consent of the data subject has been obtained without fraud, coercion or undue influence.

Furthermore, the objection of a person to the processing of his data is also safeguarded. A data subject can request for information relating to processing his/her data which the data controller is obliged to honour. A data controller according to the regulation is a person who either alone, jointly with other persons or in common with other persons or a statutory body, determines the purposes for and the manner in which personal data is processed.

This information requested by the data subject shall be provided for free except on the account that the data controller considers the request to be “manifestly unfounded or excessive.”

In the event that the request would not be honoured, the organisation shall inform the data subject of the reason for not taking action. And the communication has to be done within a month of making the request.


What’s in it for organisations (public and private)?

NITDA’s three-month timeline for organisations will soon lapse, which begs the question of what it means for organisations from both the public and private sectors.

Abisodun Adewale, Senior Associate at Olajide Oyewole LLP affirms that indiscriminate use of people’s data without consent or authorisation is a huge issue which necessitated the regulation that protects all Nigerians, whether resident in the country or not.

Aside the three months for organisations to make available their data protection policies to the public, there will also be an audit of data controllers’ privacy and data protection policies three months after the policies have been made available to the public. Adewale believes that the timeline is practical.

There are penalties attached for organisations that fail to abide by the data regulation. For data controllers dealing with more than 10,000 people, it is either 2% of annual gross revenue of the preceding year or the sum of ₦10 million, whichever is higher. For data controllers dealing with less than 10,000 people, the penalty will be the higher value between 1% of the annual gross revenue and the sum of ₦2 million.

NITDA hopes the penalty will be enough motivation for organisations to put in place data protection policies. The aim is to ensure they remain competitive in international trade as a result of the “just and equitable legal regulatory framework on data protection and which is in tune with best practice.”

Yinka Awosanya
Yinka Awosanya

Mobile & African Tech Enthusiast │ Data Analyst │ Music

Are you in tech and you are looking at getting a foreign remote job or you want to move abroad? Fill this form and you will get the BEST resources to help you get that high paying remote job as well as japa easily! WAGMI!

Notify of
Inline Feedbacks
View all comments

Recent News

Reclaiming stolen African artefacts

Reclaiming stolen African artefacts

On #TechpointDigest, Victoria Fakiya (@latoria_ria) discusses how Traction wants to stop fake alerts, Canza Finance’s journey, Esaal’s $1.7m seed round, and JABU’s $15m series A.

[PODCAST] Relooting African art with NFTs

[PODCAST] Relooting African art with NFTs

What do you think about an NFT project that wants to reclaim Africa’s lost artefacts? Well, the editorial team had some interesting thoughts, and you can listen to this and other stories on today’s episode of #TechpointAfricaPodcast.

$2 million to drive learning via WhatsApp 

$2 million to drive learning via WhatsApp 

On #TechpointDigest, we discuss how major players in the African mobility space can change the mobility narrative, FoondaMate’s $2 million funding, Twitter Create, and AMP’s $5.6 million seed round.

[PODCAST] Taxing calls to give you healthcare

[PODCAST] Taxing calls to give you healthcare

The Nigerian government wants to tax phone calls to provide better healthcare. In today’s edition of the #TechpointAfricaPodcast, we discuss possible implications and upsides to this.

Subscribe to Techpoint Digest!

A daily 5-minute roundup of happenings in African and global tech, sent directly to your email inbox, between 5 a.m. and 7 a.m (WAT) every week day!

Please check your email to confirm your subscription.

Subscribe to Blockchain Explorer

Analysis oninnovation, regulations, and trends inthe blockchain sector, as it concerns Africa

Please check your email to confirm your subscription.

Subscribe to The Experts

A bi-weekly where tech career specialists take us on their journey from newbie to expert, and how they became successful in the industry.

Please check your email to confirm your subscription.

Subscribe to Founder's Table

A monthly series, where we catch up with founders in the startup ecosystem, learn about their failures, successes and a few tricks of the trade

Please check your email to confirm your subscription.

Copy link
Powered by Social Snap