Let's Talk
Insights, Corporate Communications
  • 2023-10-31

Navigating the Uncertainties in the Nigerian Data Protection Act, 2023: Expectations From the National Committee for GAID

The Nigerian Data Protection Act, 2023 (NDPA) is the primary legislation governing data protection in Nigeria. However, despite its robust provisions, the NDPA has left the task of crafting specific regulations and directives for the implementation of the NDPA to the Nigerian Data Protection Commission (NDPC). While this approach provides adaptability to changing circumstances, it also underscores the urgent need for NDPC’s intervention in providing the necessary regulatory framework to effectively implement the NDPA.
In response to this need, the NDPC recently inaugurated the National Committee for NDPA General Application and Implementation Directive (‘GAID”) to ensure the implementation of the NDPA. It is a welcome development as it holds the potential to bring much-needed clarity to the interpretation and application of critical and novel provisions within the NDPA. This article highlights key areas and issues where we anticipate GAID’s guidance and offers some recommendations on the implementation of the NDPA.

A. Designation of data controllers or processors of major importance
The NDPA introduced the designation “data controllers or data processors of major importance” and empowered NDPC to ascertain the specific threshold for qualifying as such. This designation carries additional compliance obligations, such as mandatory registration with the NDPC and the appointment of Data Protection Officers (DPOs). This marks a departure from the NDPR, which requires all data controllers and processors to have designated DPOs. Hence, further guidance from NDPC is needed to (a) clarify which data controllers and processors are exempt or required to comply with these additional obligations and (b) ascertain the registration procedure and requirements for data controllers and processors of major importance.

In addition, GAID may consider the possibility of limiting the requirement to submit annual audit reports to data controllers and processors of major importance, streamlining the compliance process, and concentrating efforts on key data protection stakeholders…

To read the full article, kindly download the PDF

Download

Tolulope Oguntade

Senior Associate

Practice Key Contacts

More To Read

See All
  • Taxation, Insights
25/07/2024
What You Must Know About the Deduction of Tax at Source (Withholding) Regulation 2024

The Deduction of Tax at Source (Withholding) Regulation, 2024, was issued by the Federal Ministry of Finance, on July 1, 2024. It stipulates the rules

Read Article
  • Insights, Oil and Gas
24/07/2024
Mid-Year Report on The Nigerian Gas Industry and Investment Projections for 2024 and Beyond

INTRODUCTION In our 2023 year-end report, we analysed the opportunities, challenges, and transformations experienced in Nigeria’s oil and gas industry, with a particular emphasis on

Read Article
See All

Tope Adebayo LP is a law firm registered under the Laws of the Federal Republic of Nigeria as a Limited Partnership to carry on the business of Legal Practice and Consultancy.

COMPANY
PRACTICE GROUPS
LEGAL
SUBSCRIBE TO OUR NEWSLETTER

The latest news, articles, and resources, sent to your inbox weekly

© 2024. Tope Adebayo LP. All rights reserved.

Web Development by Fresible