Businesses have been tasked on the need to embrace data protection practices as the policy would become a law once the Data Protection Bill 2020 is passed.
The National Information Technology Development Agency (NITDA) made this call recently at a virtual workshop organised for Data Protection Officers (DPOs) of various organisations in the country.
According to the Director-General of NITDA, Mr Kashifu Inuwa, while the Nigeria Data Protection Regulation (NDPR) is currently being enforced, the Data Protection Bill 2020, which is under consultations, would impose more obligations on companies handling data when it becomes law.
He noted that the workshop was organised as part of NITDA’s strategic engagement to deepen the implementation of the NDPR and the Nigeria Data Protection Bill.
“Our goal is to make you have a grasp of what the Bill entails and how you can start preparing your organisation for the coming realities. The Bill is also seeking to establish a Data Protection Commission, is to give legal backing to the NDPR being enforced by the NITDA”.
The current Minister of Communications and Digital Economy, Dr Isa Pantami, was the Director-General of NITDA, then issued the NDPR on January 25, 2019, pursuant to Section 6(a, c) of the NITDA Act, 2007.
“This visionary move has become a game-changer for the digital economic aspirations of Nigeria. Data Protection falls under Developmental Regulation – the first pillar of the National Digital Economy Policy and Strategy (NDEPS: 2019). This shows the critical place it holds in our desire for a brand new economic paradigm that works for the innovative and hardworking mass of Nigerians,” he explained.
Presenting a keynote at the workshop on the roles of Data Protection Officers (DPOs) under the data protection law regime, the Executive Director, Data Protection and Privacy, Mr Franklin Akinsuyi, said the DPOs in every organisation must understand how to build, implement, & manage data protection programmes.
“The more complex or high-risk the data processing activities are, the greater the expertise the DPO will need. They must have in-depth knowledge of the NDPR and they must also have a reasonable understanding of the organisation’s technical and organisational structure and be familiar with information technologies and data security,” he stated.