Let's Talk
Insights, Corporate Communications
  • 2023-10-31

Navigating the Uncertainties in the Nigerian Data Protection Act, 2023: Expectations From the National Committee for GAID

The Nigerian Data Protection Act, 2023 (NDPA) is the primary legislation governing data protection in Nigeria. However, despite its robust provisions, the NDPA has left the task of crafting specific regulations and directives for the implementation of the NDPA to the Nigerian Data Protection Commission (NDPC). While this approach provides adaptability to changing circumstances, it also underscores the urgent need for NDPC’s intervention in providing the necessary regulatory framework to effectively implement the NDPA.
In response to this need, the NDPC recently inaugurated the National Committee for NDPA General Application and Implementation Directive (‘GAID”) to ensure the implementation of the NDPA. It is a welcome development as it holds the potential to bring much-needed clarity to the interpretation and application of critical and novel provisions within the NDPA. This article highlights key areas and issues where we anticipate GAID’s guidance and offers some recommendations on the implementation of the NDPA.

A. Designation of data controllers or processors of major importance
The NDPA introduced the designation “data controllers or data processors of major importance” and empowered NDPC to ascertain the specific threshold for qualifying as such. This designation carries additional compliance obligations, such as mandatory registration with the NDPC and the appointment of Data Protection Officers (DPOs). This marks a departure from the NDPR, which requires all data controllers and processors to have designated DPOs. Hence, further guidance from NDPC is needed to (a) clarify which data controllers and processors are exempt or required to comply with these additional obligations and (b) ascertain the registration procedure and requirements for data controllers and processors of major importance.

In addition, GAID may consider the possibility of limiting the requirement to submit annual audit reports to data controllers and processors of major importance, streamlining the compliance process, and concentrating efforts on key data protection stakeholders…

To read the full article, kindly download the PDF

Download

Tolulope Oguntade

Senior Associate

Practice Key Contacts

More To Read

See All
  • Insights, Oil & Gas
29/08/2024
Fuelling Nigeria’s Future: A Roadmap for Domestic Gas Pricing And Regulation (Part 2)

Introduction In Part 1 of this article series on Nigeria’s evolving gas pricing mechanism, we discussed the foundational principles guiding Domestic Base Pricing (DBP) in

Read Article
  • Dispute Resolution, Insights
26/08/2024
Zhongshan Fucheng Industrial Investment Company Ltd. v. Nigeria: How the Concept of Attribution applies in International Investment Arbitration

Introduction: On 14th August 2024, Nigerians woke up to the news of the seizure of three (3) Nigeria’s presidential jets, as ordered by a French

Read Article
See All

Tope Adebayo LP is a law firm registered under the Laws of the Federal Republic of Nigeria as a Limited Partnership to carry on the business of Legal Practice and Consultancy.

COMPANY
PRACTICE GROUPS
LEGAL
SUBSCRIBE TO OUR NEWSLETTER

The latest news, articles, and resources, sent to your inbox weekly

© 2024. Tope Adebayo LP. All rights reserved.

Web Development by Fresible