EU, AU demand stronger enforcement institution
Activities of data protection in Nigeria over the last year have created a new sector now worth over N2.2 billion, the National Information Technology Development Agency (NITDA) has said. Director-General of the agency, Mr. Kashifu Inuwa, who disclosed this, said many companies, including startups, were now turning up to play in the sector, which has created almost 3,000 new jobs.
NITDA had also last year licensed 70 firms as Data Protection Compliance Organisations (DPCO) to help Nigerian firms in complying with the Nigeria Data Protection Regulation (NDPR). Speaking during the virtual commemoration of 2021 Data Protection Day, which is observed globally on January 28 every year, Inuwa said Nigeria was now leading in Africa and competing favourably with the world in the area of privacy technology.
According to him, several innovative start-ups in the country have been coming up with solutions on how to ease compliance, filing process, and visitor management, thus enhancing compliance and expanding the sector. On the theme of this year’s celebration, which is, “Har-nessing Data as Critical Infrastructure for the Digital Economy,” Inuwa noted that data played a huge role in building and sustaining a digital economy. He commended the Minister of Communications and Digital Economy, Dr. Isa Pantami, for coming up with the NDPR in 2019.
Corroborating the DG, the minister, who was the special guest at the virtual event, said enforcement of data protection and data privacy was the bedrock of any digital economy. Pantami noted that the data protection regulation was not just to take people to court but rather to create awareness for citizens to know that when they fail to comply with Nigerian law, action is going to be taken against them. While noting that there had been an improvement in the level of compliance with the NDPR, the minister observed that prior to the NDPR, several existing laws of Nigeria had made provisions for data protection.
“If you look at Nigeria Communications Act (NCA 2003), the law empowers the Nigerian Communications Commission to also come up with another form of legislation that will ensure that the information and data of our citizens with the telecom operators are secured.
“NCC, therefore, came up with the consumer code of practice regulation of 2007. Part 6 of the document mandates telecom operators to ensure that the data and information of citizens with them are highly secured and that they must ensure they deploy technology facilities and human management to ensure it is not compromised.
“The National Identity Management Commission (NIMC ACT 2006) also makes provision for data protection. Under section 26, it is clearly stated that it is not allowed for corporate bodies or individuals to get access to the database of NIMC without the authorisation of that commission. This means that getting access to people’s data without authorisation is a criminal offence,” the minister said.
He, however, noted that though there are several laws and regulations to ensure data protection in Nigeria, the NDPR, which is being coordinated by NITDA, was the most comprehensive. The minister urged all stakeholders to ensure that awareness about data protection was not limited to the Data Protection Day, but an all-year-round effort.
Meanwhile, representatives of the African Union (AU) Commission and the European Union (EU) Commission that participated in the virtual event have advised Nigeria to come up with a stronger data protection institution. While commending Nigeria’s efforts so far in data protection, the Head of ICT African Union Commission, Mr. Moctar Yedaly, said there was a need for the country to create and empower a data compliance agency.
The representative of the EU Commission, Mattia Tempimi, observed that data protection is an area in which Nigeria and Europe share a common value, common challenges, and hope to forge a common solution.
“The EU looks forward to seeing Nigeria with a state-ofthe- art data protection regime that strikes a balance between the protection of citizens’ data on the one hand and the interest of business operators on the other hand. “Nigeria needs a strong data protection Commission and the EU will be ready to share experience, if the country is willing to accept, on how to go about it as the EU has just passed through that phase,” he said.