Cybersecurity expert, Mr. Remi Afon, has called on the Nigerian President, Muhammadu Buhari, to assent to the Data Protection Bill, which was passed by the 8th National Assembly in May 2019.
Afon, who is also the President of the Cyber Security Experts Association of Nigeria (CSEAN), said signing of the bill had become more necessary owing to the fact that Muhammadu Buhari was a victim of data privacy violation by Cambridge Analytica during the 2015 presidential elections when the firm allegedly worked with the Israeli intelligence firm, Black Cube, to acquire hacked medical and financial information about him.
“As part of our advocacy as cybersecurity professionals, we urge the President of Nigeria, Muhameddu Buhari, to assent to the Data Protection Bill, which we believe is on his table to commemorate with this year’s Data Privacy Day,” he said.
He explained that in May 2019, the National Assembly passed the Data Protection bill and sent it to the President for assent, unfortunately, this is yet to be signed into law for the past eight months.
“One would have expected the President to act swiftly in signing the bill into law,” he added.
The Cyber Security Experts Association of Nigeria has been advocating for data protection law for years now. But both the lower and the upper legislative chambers were magnanimous to pass the Data Protection bill last year.
According to Remi, the Data Protection bill, if signed into law, will ensure the protection of personal data and data subjects’ rights and regulation of the processing of personal information.
He added that that the bill, when finally signed into law, would see an increase in the number of data protection officers in the country.
“In today’s world of big data analytics, machine learning and artificial intelligence, where organisations are making a fortune from data mining, the benefits of the Data Protection Bill cannot be overemphasised. The bill contains strict rules called data protection principles which organisations, government, and businesses must follow to keep personal data accurate, safe and secure.
“It also ensures that personal data are used fairly and lawfully and not kept more than necessary. The bill, when passed into law will ensure Nigerians personal data are protected,” he said.
In the absence of a legal instrument, the National Information Technology Development Agency (NITDA) had last year come up with a data protection regulation, which is fashioned after the European General Data Protection Regulation (GDPR).
However, unlike the GDPR, Nigeria’s data protection regulation lacks the force of law. Stakeholders have also argued that the country may not achieve significant data protection, except the bill to that effect becomes law.