The National Information Technology Development Agency (NITDA) hereby notifies the general public that consequent upon its official issuance and public presentation of the Nigeria Data Protection Regulation on the 25th of January 2019, full implementation of the Regulation commenced from the 25th of April 2019. The Data Protection Regulation seeks:
- to safeguard the rights of Nigerians to data privacy;
- ensure the exchange of personal data is done safely and securely;
- prevent the manipulation of personal data; and
- ensure that Nigerian businesses remain competitive globally as Data Protection is a key requirement in ensuring confidence in business transactions.
The Agency, according to section 6 (c) of the NITDA act of 2007, is mandated to develop regulations for electronic governance and monitor the use of electronic data interchange and other forms of electronic communication transactions among others. The Act also grants NITDA powers to enforce compliance and penalise defaulters.
The penalty for breaching this Regulation in addition to any other liabilities includes:
- a) Payment of the fine of 2% of the annual gross revenue of the preceding year or the sum of 10 million Naira, whichever is greater in the case of a data controller dealing with more than ten thousand data subjects; and
- b) In the case of a data controller dealing with less than 10,000 data subjects, payment of the fine of 1% of the annual gross revenue of the preceding year or the sum of 2 million Naira, whichever is greater.
NITDA as Nigeria’s Information Technology Regulator, notes with pleasure, the interest, inputs and efforts of many stakeholders in complying with the Regulation and to further explore the economic and job creation potential the Regulation presents to Nigeria. We urge all Nigerians to support this initiative as your right to privacy is fundamental!
For comprehensive information on the Nigeria Data Protection Regulation, please visit our website on www.nitda.gov.ng
DR ISA ALI IBRAHIM PANTAMI,
FNCS, FBCS, FIIM, MPCN