Dr. Vincent Olatunji, the National Commissioner/CEO of the Nigeria Data Protection Commission (NDPC), has issued a stern warning to commercial banks, telecommunications companies, and other organizations regarding the breach of data regulations in the country. During a recent news conference in Abuja, Dr. Olatunji emphasized that these defaulters could face severe sanctions, potentially losing up to two percent of their annual revenue.
The implementation of the Nigeria Data Protection Act 2023, signed by President Bola Tinubu, aims to establish a sustainable digital economy. To bridge the capacity gap in the subsector and support the President’s goal of creating one million jobs, the commission plans to create 500,000 employment opportunities. In the coming months, the NDPC will intensify awareness campaigns, develop standardized frameworks for implementation, enhance capacity-building for Data Protection Officers (DPOs), and strengthen regulatory frameworks for Data Protection Compliance Organizations (DPCOs).
The registration process for data controllers and data processors will be streamlined, and a specific calendar for filing annual Compliance Audit Returns will be introduced. Sector-specific guidelines will be issued, with a focus on the financial and telecom sectors, to ensure clarity and consistency in data protection practices.
Dr. Olatunji emphasized that the Nigeria Data Protection Act (NDPA) is founded on the principles of respect for personal data, privacy, and digital rights. It is not merely an addition to the country’s legislation but a transformative stride towards cultivating a culture where the protection of personal data is paramount. The NDPA places a statutory obligation on organizations of all sizes to collaborate with the government and prioritize data protection.
The NDPC urges organizations to embrace this change as an exciting journey towards building trust, fortifying data protection structures, and enhancing Nigeria’s position in the global digital economy landscape. By adhering to data regulations, organizations can contribute to a secure and thriving digital ecosystem while safeguarding the personal data of citizens.