National Data Protection Commission

National Data Protection Commission
Agency overview
Formed2022
JurisdictionFederal Government of Nigeria
HeadquartersNo.12 Clement Isong Street, Asokoro, Abuja
Agency executive
  • Dr. Vincent Olatunji, CEO
Websitendpc.gov.ng//

The National Data Protection Commission (NDPC) is a statutory Nigerian organization that is responsible for the regulation of data privacy in Nigeria. It was created by the Nigeria Data Protection Bureau (NDPB) in February 2022, as a mandate to oversee the implementation of the Nigeria Data Protection Regulation (NDPR) which was issued by National Information Technology Development Agency (NITDA) in 2019 as a subsidiary legislation of NITDA Act, 2007.[1]

History

In April 2022, the Nigeria Data Protection Bureau on the 7 of March 2022 hosted representatives of The Nigerian Association of Chambers of Commerce, Industry, Mines, and Agriculture (NACCIMA). The delegation was led by the Chairman, Digital Economy Group, Prince Adetokunbo Kayode, SAN, CON.[2] In February 2023, the commission partnered with Voice of Nigeria (VON) to harness the Fourth Industrial Revolution (FIR) era to promote Data Protection and Privacy in the country. They stressed the need for capacity building of staff to ensure efficiency and productive output in Voice of Nigeria in line with emerging technologies as the 4IR is an enabler of inclusive industrialization. [3][4] In March 2024, The Commission launched an investigation into an alleged privacy breach at the National Identity Management Commission (NIMC).[5]

Data Controller/ Processor

The commission is responsible for enforcing data protection laws and ensuring compliance with data protection standards in Nigeria. NDPC aims to safeguard the privacy rights of individuals and promote responsible data management practices across various sectors.[6]

Data Protection Compliance Organisation(DPCO)

According to the commission, Article 1(3j) of the Nigerian Data Protection Regulation provides that a Data Protection Compliance Organisation (DPCO) is any entity duly licensed by NDPB for the purpose of training, auditing, consulting and rendering services aimed at ensuring compliance with this Regulation or any foreign Data Protection law or regulation having effect in Nigeria. A DPCO may be one or more of the following; Professional Service, Consultancy firm, IT Service Provider, Audit firm, Law firm.[7][8]

References

  1. ^ "About - NDPC". ndpc.gov.ng. Retrieved 2024-03-19.
  2. ^ "Details - NDPC". ndpc.gov.ng. Retrieved 2024-03-19.
  3. ^ "Details - NDPC". ndpc.gov.ng. Retrieved 2024-03-19.
  4. ^ Chukwudiebere, Mercy (2023-07-24). "Commission Tasks Data Controllers And Processors on Compliance, Registration". Voice of Nigeria. Retrieved 2024-03-19.
  5. ^ Nigeria, Geeky (2024-03-19). "NDPC Launches Investigation Into Alleged Privacy Breach At NIMC - Geeky Nigeria". Retrieved 2024-03-19.
  6. ^ Content, Branded (2024-02-10). "Nigeria Data Protection Commission (NDPC) Announces Registration Notice for Data Controllers and Processors". Punch Newspapers. Retrieved 2024-03-19.
  7. ^ "Requirement - NDPC". ndpc.gov.ng. Retrieved 2024-03-19.
  8. ^ Nwachukwu, John Owen (2023-12-19). "NDPC issues code of conduct for Data Protection Compliance Organisations". Daily Post Nigeria. Retrieved 2024-03-19.