Until the National Information Technology Development Agency, NITDA introduced the National Data Protection Regulation, NDPR in January 2019, no Nigerian entity could boast of compliance with data protection laws.
Selected multinationals then had some level of compliance imposed on them by their parent companies.
But one year after the introduction of NDPR, the level of compliance seems to have shown a significant leap from near zero compliance.
This leap according to the Director-General, National Information Technology Agency (NITDA), Kashifu Inuwa Abdullahi was made possible despite low level of awareness and various challenges.
For Abdullahi, the level of compliance is now growing at a fast rate, making Nigeria the leading nation in Africa in terms of data protection.
At a 3-day Virtual Conference on “COVID-19 and Securing the Financial Services Industry” organised by Committee of Chief Information Security Officers of Nigeria Financial Institutions (CCISONFI), he noted that Nigeria has recorded success in Data Protection Regulation, since the introduction of the policy, with a verifiable database of statutory audit reports filed by 588 entities.
He however said banks in Nigeria spearheaded the tremendous growth Nigeria has attained in Data protection, commending them for being pro-activene in compliance with NDPR and information technology standards and regulation.
He said:”Your industry, the banking sector, is a primary target for data breach, and your level of compliance is building trust in your customers. Compared with other industries, you are fantastically doing well, but still, there is room for improvement for you to get to the promised land,” he said.
He informed that there were some initial resistance from various quarters over NITDA’s statutory powers and capacity to implement the NDPR but noted that the experiences garnered so far would be of immense benefit to the country.
“The resistance helped to stimulate and focus the agency on delivering valid results. Critical stakeholders represented by Data Protection Officers (DPO) have validated our innovative approach to NDPR implementation. And our role in pioneering data protection in Nigeria is also critical as the experiences garnered so far would be of immense benefit to the country.”
He further explained that in a survey conducted last month, July, 2020, 74% of the respondents opined that the NDPR met the need of the Nigerian environment; 76% said the unique introduction of Data Protection Compliance Organisations (DPCO) helped in their compliance with the NDPR, while 72% noted that NITDA had provided the necessary support for industry adoption of the NDPR.
The respondents put the rate of public awareness at 54%, which is the lowest score. But, 85.3% of the respondents stated that the NDPR compliance enhances good perception about their business.
Recalling some of NITDA’s achievements, Abdullahi said: “We have licensed 70 Data Protection Compliance Organisations (DPCO), created over 2,700 new jobs while the Data protection sector is valued at N1,860, 000,000, using median value of audit implementation cost.
” Perhaps, that is why the African Union – Working Group on Data Protection Harmonization and Localization on (Policy and Regulatory Initiative for Digital Africa- PRIDA) has appointed NITDA as Vice-Chair of the working group,” he added.