ABUJA (Sundiata Post) – The Federal Government says organisations and entities that fail to comply with data privacy protection laws and regulation risk penalty as high as N10 million.
The Nigeria Data Protection Act (2023) establishes the legal framework for the regulation of personal data in Nigeria.
Dr Vincent Olatunji, the National Commissioner of NDPC, said this on Friday during an interview with Newsmen in Abuja.
He said that in some circumstances the fine could be as stiff as two per cent of the organisation’s gross earning the previous year.
Olatunji said the Federal Government was committed to protecting the privacy of Nigerians for better global image, creation of jobs and wealth.
The NDPC chief said the nation’s data privacy awareness has risen from four per cent to 25 per cent in three years.
Olatunji described awareness and public enlightenment as keys to achieving data protection and privacy inclusivity, which he said, remained still low in the country.
“The awareness level is still very low but it is getting better. When the Nigeria Data Protection Regulation (NDPR) came on in 2019, the compliance in the sector was just 4 per cent.
“Presently, it has risen to over 25 per cent and if you look at the budget this year you will see that a lot of Ministries, Departments and Agencies (MDAs) have a budget line for data protection.
“A lot of MDAs before never had a dedicated Data Protection Officer (DPO) but now they have; a lot of jobs are being created in this ecosystem which speaks to awareness,’’ he told NAN.
He also said the numbers for certified DPO across the country was increasing, adding that the government had started local certification of DPO.
“When we started those of us who were certified DPOs were not up to 1000 but now we have over 10,000.
“For registration of data controllers and processors, initially we had 1,000 but last year we did 33,000, for audit filing we used to have 630 but as of last year we have gone beyond 4000.
“Due to the awareness, a lot of organisations are getting knowledgeable of the need to protect personal data in their custody.
“We are also trying to domesticate the certification process with the training of 500 DPOs in January,’’ he said.
He said soon the commission would commence training the next batch of DPOs and encouraged private, public institutions, including the National Assembly to take advantage of the opportunity to improve their data protection efforts.
He told NAN that data protection growth rate in the country could have been higher considering the huge number of companies, banks, hospitals, among other entities that control and use data.
According to him, there are no fewer than 500,000 in Nigeria, adding that the law says that each of them should have a data protection officer to manage their data.
He said unfortunately data protection skills were still lacking.
Olatunji stated that with about 10,000 certified DPOs, the gap of 490,000 DPOs was still a huge concern.
Olatunji blamed ignorance, lack of skilled personnel, poor remuneration, poor conditions of service, funding as the major limitations to data protection and privacy in the country. (NAN)
