The National Information Technology Development Agency, NITDA says it has licensed eleven Data Protection Compliance Organisations, DPCOs, to provide training, auditing, consulting, and compliance services to data controllers.
The Director General of the agency, Kashifu Inuwa, who was represented Director of e-Government Regulations, NITDA, Dr. Vincent Olatunji, disclosed this at a one day Media Executives’ Master Class on Nigeria Data Protection Regulation 2019 organised by the agency in Abuja, Nigeria.
He also noted that out of the eleven licensees, six had started recruiting staff for the commencement of work in line with the government policy of building capacity and job creation.
Dr. Vincent Olatunji also said that the agency took the initiative to ensure maximum protection of Nigerians from possible breach and to ensure that Nigeria is not blacklisted from the rest of the world in doing genuine business.
According to him, the agency recently signed an MoU with the European Union Data Protection Agency, making Nigeria the first African nation to take such initiative.
‘‘NITDA is embarking on data protection to make sure that our country is not blacklisted. 11 companies have been licensed for this purpose and additional 16 licenses have been approved.
‘‘Nigeria signed MoU recently with the EU Union data Protection Council to give it international outlook. Data is our oil and by next 10 years, everything about oil will be obsolete.
‘‘For this reason, NITDA is putting in place an administrative Redress Panel to handle all issues that will arise from the practitioner going forward. NITDA has also set up a legal Team to take up any legal issue that may arise. We are also going to have a National Advisory Council to offer advice from time to time where necessary. The data protection advocacy is going to be a continuous thing. All we want to do is to ensure all we do in Nigeria is in line with the world best practice,’’ he explained
The Desk Officer NDPR, NITDA Mr. Olufemi Daniel that added that the objectives of the NDPR is to safeguard data privacy, foster safe conduct of transactions involving personal data and to make Nigerian institutions globally competitive and relevant.
In case of breach, a data controller dealing with more than 10, 000 data subjects- payment of the fine of 2% of the annual gross revenue of the preceding year or payment of the sum of 10 million naira, whichever is greater or criminal prosecution under NITDA Act.
According to him, NITDA is supporting moves for the enactment of a law that would establish a Data Protection Commission.
The Agency had in July commenced investigations into allegations of data breach against commercial banks and telecommunications firms.
Mr. Daniel noted that the agency was still engaging the concerned banking and telecommunications institutions.
Also, a Data Protection Consultant T&Y Information Management Services Limited, Mr.Tokunbo Smith said the National Data Protection Regulation (NDPR) is expected to exceed the 300,000 job target because of the ripple effects it would have from all the licensees and companies that would operate under the policy.
He said there is the need for businesses to review their data protection policies according to world standards to ensure effective compliance.
“They must be proactive and protect the data they hold, encrypt it and always keep up to date with your security solutions,” he said.
Mr. Smith added that the Master Class is expected to expose media practitioners on the rudiments and basic skills needed in the reportage of data protection.