- President Signs Nigeria Data Protection Act (NDPA) 2023
- Violators now required to pay fines within a year
- MDAs heads to be prosecuted for data breach
CEM REPORT, ICT | Nigeria Data Protection Commission (NDPC), had revealed that 100 private sector institutions were investigated for varying degrees of personal data privacy violation within the past year.
This is as the commission stated that ₦200 million has been paid into the coffers of the Federal Government by violators of the data privacy of Nigerians.
According to the National Commissioner of Nigeria Data Protection Commission (NDPC), Vincent Olatunji, the sum was paid by seven banks and other institutions.
He stated this while addressing reporters at the headquarters of the Commission in Abuja, following the signing of the Nigeria Data Protection Act (NDPA) 2023 by President Bola Tinubu.
Olatunji stated that the penalty for data privacy violations committed by institutions is payable within a year after a full investigation by the Commission.
According to him, Data Processors and Controllers must have Data Protection Officers (DPOs) in their organizations to comply with the new law.
He pointed out that the law would not only develop the country’s digital economy but also mainstream it into international recognition and increase its position in the landscape of the world’s digital economies.
According to the provisions of the new law, Olatunji issued a warning that the Chief Executive Officers of Ministries, Departments, and Agencies (MDAs) of the government would going forward be prosecuted for data privacy breaches committed by their institutions. He also pointed out that MDA compliance with the data privacy law has increased from 4% to 9%.
Speaking further about what Nigeria stands to benefit from the new law, he claimed that President Tinubu’s pledge to quickly fulfil his promise to create one million jobs in the digital economy sector would be kept.
“We have crossed a significant threshold in the frontiers of the 4th Industrial Revolution; we are now at the decisive arena where the duty of care and standard of care expected of everyone in the data processing ecosystem are laid down in principal legislation: The Nigeria Data Protection Act (NDPA) 2023.
“It is in the certainty of our law that we can begin to put in place the building blocks of a sustainable Digital Economy.
“As you are aware, His Excellency, President Bola Ahmed Tinubu, GCFR, has set an achievable target of creating one million jobs through the Digital Economy sector.
“Gladly, to walk the talk, he has signed the data protection law that will inspire trust for jobs to be created. Accordingly, measures are being put in place to create 500,000 jobs data protection ecosystem. This is 50 per cent of the job creation target for the sector.”
Additionally, Olatunji added that the commission is currently looking into a private university and several insurance companies for data breaches while withholding the names of the bank and institutions that paid the fine.
He gave examples of cases in which banks had improperly obtained the personal information of customers, preventing those individuals from accessing monies in their accounts as a result of violations, while other consumers had money removed from their bank accounts as a result of personal data breaches.