On assumption of office President Bola Tinubu took certain steps to reposition the Nigerian digital economy sector when he signed the Nigerian Protection Bill into Law to strengthen the nation’s Nigeria’s place on the global map.
The President gave his assent to the bill on Monday June 12 as Nigeria leaps forward in the global data race. The move may have renewed the hope of over 200 million Nigerians in the advancement of Privacy rights and other fundamental freedoms both in cyberspace and in analogue transactions.
The National Commissioner of Nigeria Data Protection Commission (NDPC) Dr. Vincent Olatunji, equally expressed high optimism on the prospects of Nigeria’s Digital Economy following the emerging regulatory dispensation.
The Nigeria Data Protection Bureau, pursuant to the express provisions of the new act, has transmuted into a fully fledged Commission and it is mandated to among others: regulate the deployment of technological and organisational measures to enhance personal data protection; foster the development of personal data protection technologies, in accordance with recognised international best practices and applicable international law and conduct investigations into any violation of a requirement under the Act.
Others include to impose penalties in respect of any violation of the provisions of the Act or subsidiary legislation made thereof; where necessary, accredit, license, and register suitable persons to provide data protection compliance services; issue regulations, rules, directives and guidance under the Act; and register data controllers and data processors of major importance.
The Act is one of the strategic ways of meeting the campaign promise of President Bola Ahmed Tinubu, of creating 1 million jobs in the Digital Economy sector. About 500, 000 jobs are expected to be created through the training of Data Protection Officers and licensing of Data Protection Compliance Organisations to offer services to data controllers and processors.
With the establishment of the NDPC, the country is well-positioned in the global best practices on data protection and privacy ecosystem and as a result of this the Commission has embarked on massive awareness and enlightenment for stakeholders to see the inherent potential in this sector.
The importance of data protection and privacy, which is increasingly becoming a global best practice, cannot be overemphasised. It therefore shows that the commission could increase the number of Data Protection Officers (DPO), who are certified people with knowledge about data protection and privacy to assist their organisations and advise them on data policy and protection so that they don’t breach the law.”
At the moment there is a shortage of DPOs who are less than 10,000 and this huge gap of 490,000 DPOs, present opportunities for jobs for those willing to take up the training and skills and be certified as DPOs. He added that once certified, the DPO can work both within and outside Nigeria in various sectors such as banking, insurance, and schools among other.
Meanwhile Dr. Olatunji has leverage on the new Act warn commercial banks, telecommunications companies, and other organisations not to breach the law because of the sanction that will be imposed on defaulter, as the implementation of the recently signed Nigeria Data Protection Act 2023 by President Bola Tinubu takes effect.
According to the national commissioner, defaulters may lose up to 2 per cent of their revenue and other sanctions depending on the impact on the victim and other factors, the sanctions could be more or less severe. The Commission aims to intensify campaigns, develop a standardised framework for implementation to ensure consistency and clarity across all sectors and improve capacity-building for Data Protection Officers (DPOs) within the next two quarters of the year.
The new Act will upscale registration process for data controllers and data processors, introduce a definite calendar for filing annual Compliance Audit Returns and strengthen its regulatory frameworks for DPCOs as well as issue sector-specific guidelines particularly for financial and telecom sectors.
“At the core of the NDPR is the essence of respect – respect for the personal data of our citizens, respect for privacy, and respect for digital rights. This respect is now solidly etched in the NDPA.
“The change in legislation is not merely an addendum to the nation’s law books but a transformative stride towards shaping a culture where the protection of personal data is a cherished principle and an inviolable obligation.
“The move to make data protection a statutory requirement means every organisation, big or small, must cooperate with the government and also ‘walk the talk’ in the interest of our dear nation.
“This development should not be seen as a burden; rather, let us view it as an exciting journey towards gaining trust, building robust data protection structures, and strengthening our standing in the global digital economy landscape,”Olatunji said.
