Matters eRising with Olusegun Oruame
Barring any hiccups, the Nigerian Data Protection Bill will become law before the curtain finally goes down for the Muhammadu Buhari’s administration. With the bill already sent to the Senate by the President for approval, stakeholders including the larger international community are high on hope that the executive bill will complete its transition to become an Act of Parliament before May 29, 2023.
RELATED: NDPB is fostering a national culture of compliance to data privacy, says Olatunji
Nigeria is seeking to provide a “legal framework for the protection of personal information and the establishment of the Nigerian Data Protection Commission for the regulation of laws on personal information” via the bill.
The executive bill is part of a steady ‘privacy’ journey since 2019 when the National Information Technology Development Agency (NITDA) first instituted the Nigeria Data Protection Regulation (NDPR) as the regulatory guide for data protection in Nigeria.
Since then, the country has pushed for many policy and institutional changes all fundamental to defining the data protection sector whether as an industry or a profession within a statutory ambience including the establishment of a data protection watchdog: Nigeria Data Protection Bureau (NDPB).
That bill if it becomes law will finally provide statutory guidance to a sector that will ultimately become a major definer of Nigeria’s gradual shift into a digital economy and regulate all activities around data privacy whether for individuals or corporate entities(public and privately owned).
“A data protection and privacy law is essential for safeguarding personal information, promoting responsible business practices, complying with international standards, and building trust and confidence in Nigeria’s economy.”
According to its promoters, the main objective of the bill is “to safeguard the fundamental rights and freedoms and the interests of data subjects, as guaranteed under the Constitution of the Federal Republic of Nigeria.”
Nigeria needs a data protection and privacy law for several reasons, including:
Protection of Personal Information: With the increasing use of digital technology and online platforms, there is a growing risk of personal information being misused, leaked, or stolen. A data protection and privacy law would provide legal protections for individuals and their personal data, including the right to access, correct, and delete their data. the government
Business Compliance: In today’s digital age, businesses rely heavily on the collection and processing of personal data to conduct their operations. A data protection and privacy law would ensure that businesses comply with ethical and legal standards for the collection, storage, and processing of personal data.
International Compliance: Many countries, including those in the European Union, have already implemented data protection and privacy laws. By enacting its own law, Nigeria would align with global standards and improve its ability to do business with international partners.
Trust and Confidence: A data protection and privacy law would help build trust and confidence among Nigerian citizens and foreign investors in the country’s ability to protect personal information. This would create a positive environment for business and economic growth.
Overall, a data protection and privacy law is essential for safeguarding personal information, promoting responsible business practices, complying with international standards, and building trust and confidence in Nigeria’s economy.
“It will require a national awareness campaign to take the messages to all the six zones and ultimately, build a national culture … of data protection and privacy consciousness.”
Even while we await an Act to come to be, the government in its wisdom, having instituted the NDPR and created the privacy ombudsman, NDPB, has not allowed a vacuum to exist. Privacy regulation with enforcement is readily becoming a norm with several corporate actors including banks sanctioned for not adhering to the provisions of the NDPR and abusing privacy rights if their customers.
Though knowledge of data protection and privacy is gaining grounds across Nigeria, it will require a national awareness campaign to take the messages to all the six zones and ultimately, build a national culture of cyber awareness or create a culture of data protection and privacy consciousness.
“The law alone in itself cannot do this, without awareness a law merely becomes a curio, and does not necessarily promote compliance.”
This is very important to promote a positive growth in the data economy sector. The law alone in itself cannot do this, without awareness a law merely becomes a curio, and does not necessarily promote compliance. Awareness with the right attitude does. The National Commissioner of the NDPB, Dr. Vincent Olatunji, agrees with this. Months back, he told IT Edge News.Africa that the NDPB was aiming at “fostering a national culture of compliance to data privacy.”
Since the General Data Protection Regulation (GDPR became the standard law on data protection and privacy in the EU and the European Economic Area, it has become somewhat the benchmark for a combination of legal, administrative, and technical safeguards in several countries across the world whether in Asia, Africa, the Americas and the Middle East.
Africa’s most populous country and the largest economy on the continent cannot but join the rest of world to be part of the shared prosperity in the global data economy.
COVER IMAGE: Business Today