Let's Talk
Insights, Corporate Communications
  • 2023-10-31

Navigating the Uncertainties in the Nigerian Data Protection Act, 2023: Expectations From the National Committee for GAID

The Nigerian Data Protection Act, 2023 (NDPA) is the primary legislation governing data protection in Nigeria. However, despite its robust provisions, the NDPA has left the task of crafting specific regulations and directives for the implementation of the NDPA to the Nigerian Data Protection Commission (NDPC). While this approach provides adaptability to changing circumstances, it also underscores the urgent need for NDPC’s intervention in providing the necessary regulatory framework to effectively implement the NDPA.
In response to this need, the NDPC recently inaugurated the National Committee for NDPA General Application and Implementation Directive (‘GAID”) to ensure the implementation of the NDPA. It is a welcome development as it holds the potential to bring much-needed clarity to the interpretation and application of critical and novel provisions within the NDPA. This article highlights key areas and issues where we anticipate GAID’s guidance and offers some recommendations on the implementation of the NDPA.

A. Designation of data controllers or processors of major importance
The NDPA introduced the designation “data controllers or data processors of major importance” and empowered NDPC to ascertain the specific threshold for qualifying as such. This designation carries additional compliance obligations, such as mandatory registration with the NDPC and the appointment of Data Protection Officers (DPOs). This marks a departure from the NDPR, which requires all data controllers and processors to have designated DPOs. Hence, further guidance from NDPC is needed to (a) clarify which data controllers and processors are exempt or required to comply with these additional obligations and (b) ascertain the registration procedure and requirements for data controllers and processors of major importance.

In addition, GAID may consider the possibility of limiting the requirement to submit annual audit reports to data controllers and processors of major importance, streamlining the compliance process, and concentrating efforts on key data protection stakeholders…

To read the full article, kindly download the PDF

Download

Tolulope Oguntade

Senior Associate

Practice Key Contacts

More To Read

See All
  • Power, Insights
27/11/2024
The Lagos State Electricity Bill 2024

Introduction Following the 2023 amendment of the Constitution of the Federal Republic of Nigeria 1999 and the enactment of the Electricity Act 2023 (the “Act”)

Read Article
  • Insights, General
19/11/2024
International Men’s Day: Mental Health and Work- Life in the Industry

Introduction International Men’s Day (IMD), celebrated on 19th November each year, is an opportunity to recognize the contributions and challenges of men across the globe.

Read Article
See All

Tope Adebayo LP is a law firm registered under the Laws of the Federal Republic of Nigeria as a Limited Partnership to carry on the business of Legal Practice and Consultancy.

COMPANY
PRACTICE GROUPS
LEGAL
SUBSCRIBE TO OUR NEWSLETTER

The latest news, articles, and resources, sent to your inbox weekly

© 2024. Tope Adebayo LP. All rights reserved.

Web Development by Fresible