--Advertisement--

Data privacy day: Celebrating citizen’s right to privacy and protection in Nigeria

BY MUBARAK UMAR

2022 marks the third year in which Nigeria will be joining the international community to celebrate World Data Privacy Day – an international event that occurs on January 28th of every year. The purpose of Data Privacy Day is to raise awareness, promote privacy and data protection best practices. It is currently observed in the United States of America, Canada, and over 40 European countries since 2007. The international celebration offers opportunities for collaboration among governments, industries, academia, nonprofit organizations, privacy professionals, educators, etc.

As a global event, Data Privacy Day encourages compliance with data privacy laws and regulations; dialogues among stakeholders interested in advancing data protection and privacy and provides a robust platform for global networking and local action on mutually cherished principles of data privacy.
The initiative that was initially on raising awareness to protect the information of government and private sectors’ business transactions, expanded over the years to include families, consumers, and all online activities as a result of the revolution brought by digital devices. Of a truth, a vast majority of our people are generally unfamiliar with the risks involved in the data processing. In the same vein, they are hardly aware of what they can do if they consider that their rights have been breached.

There are approximately 108.75 million internet users in Nigeria and the figure is projected to grow to 143.26 million by 2026. According to Statista, a leading provider of market and consumer data, internet penetration stood at 51.44% of the country’s population in 2021, and will likely reach 59.92% by the year 2026.

Advertisement

The appointment of Isa Ali Ibrahim Pantami, (now minister of communications and digital economy) as the director-general of the National Information Technology Development Agency (NITDA), marked a turning point in the history of data privacy in Nigeria. Under his leadership, NITDA issued the Nigeria Data Protection Regulation (NDPR) 2019. It applies to both the public and the private organisations as they process the personal data of Nigerian citizens and Nigerian residents anywhere in the world. The regulation is aimed at protecting the right to privacy, creating the right environment for digital transactions, job creation, and improving information management practices in the country.

Working in concert with the federal ministry of communications and digital economy, NITDA has sustained the momentum of data privacy protection in Nigeria. For instance, from approximately 600 organisations filing privacy audit reports in 2020, Nigeria now has at least 1,230 organisations in 2021.

The incumbent director-general of NITDA, Kashifu Inuwa, CCIE, memorably shared Nigeria’s strides in the international community thus; “in less than two years of active implementation of NDPR in Nigeria, we were admitted to the Common Thread Network (a network of data protection authorities of commonwealth countries). We also got admitted as a full member of the Network of African Data Protection Authorities (NADPA). Our contribution at the Africa Union’s Policy and Regulatory Initiative for Digital Africa (PRIDA) Data Protection Laws’ Harmonisation Work Group led to Nigeria being considered for inclusion in the list of countries where a developed framework for data laws harmonisation was tested”.

Advertisement

The impact of NDPR on job and wealth creation is also remarkable. 7,680 jobs were created, and 5,746 Nigerians were trained on Nigeria Data Protection Regulation (NDPR) in 2021. The sector is currently valued at N4,080,000,000 using the median value of audit implementation cost, according to the director-general of NITDA, Kashifu Inuwa, CCIE.

Before the introduction of the NDPR, no Nigerian entity could boast of full compliance with data protection laws. A handful of multinationals had some level of compliance imposed on them by their parent companies. The narrative changed drastically within one year. From zero compliance in 2018, Nigeria now has over 1,230 organisations filing NDPR compliance.

The place of NDPR in human rights jurisprudence has been litigated in our courts. Gladly, our courts, as the bastion of justice, have established a binding precedent to the effect that NDPR is rooted in section 37 of the 1999 constitution. The section provides thus: “The privacy of citizens, their homes, correspondence, telephone conversations, and telegraphic communications is hereby guaranteed and protected”. The implication of this is that no data controller or data processor can wish away the NDPR. See the case of Incorporated Trustees of Digital Lawyers Initiative and Ors. V. National Identity Management Commission (NIMC) CA/ IB/291/2020.

It is believed that the future of work will be fundamentally different when digital machines are deployed in virtually everything that we do. Soon, the new machines; artificial intelligence and robotics will be a platform of innovation in Nigeria, especially in instrumenting, automating, tracking, and analysing the core operations of businesses.

Advertisement

While exploring and utilizing these digital economy potentials, NITDA is always proactive in creating awareness on how Nigerians can protect their personal information. It is only when customers trust their activities online that the digital economy will thrive.

To deter breach of data privacy, NDPR provides that: “Any person subject to the regulation who is found to be in breach of the data privacy rights of any data subject shall be liable, in addition to any other criminal liability, to the following: a) in the case of a data controller dealing with more than 10,000 data subjects, payment of the fine of 2% of annual gross revenue of the preceding year or payment of the sum of N10 million, whichever is greater; b) in the case of a data controller dealing with less than 10,000 data subjects, payment of the fine of 1% of the annual gross revenue of the preceding year or payment of the sum of N2 million, whichever is greater”.

This clearly shows that NITDA, acting as Nigeria’s data regulatory body, is committed to protecting citizens’ data to ensure that Nigerian businesses remain competitive locally and internationally. Nigeria is the only country in Africa that dedicates a full week, January 24 – 28 of every year, to raise awareness on data protection with a series of programmes, both physically and virtually.

NITDA is playing its role in the best possible way to attract investment, open more digital job opportunities for Nigeria’s teeming population and support the security architecture by effectively implementing its mandate of protecting peoples’ data.

Advertisement

The implication of the foregoing is that Nigeria with over 200 million citizens can tackle any prejudice or misgivings about digitisation through a potent regulatory instrument on data privacy. The resulting effect is momentum for a sustainable digital economy. This momentum will invariably create jobs for essential public services. It is however important for Nigerians to take ownership of the legal regulatory framework on data privacy with a view to sustaining the present administration’s effort in building an inclusive and sustainable digital economy.

Advertisement


Views expressed by contributors are strictly personal and not of TheCable.
Add a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

error: Content is protected from copying.