The National Information Technology Development Agency (NITDA) has recorded tremendous achievement as statistics in the Agency’s first Annual Nigeria Data Protection Regulation (NDPR) Performance Report 2019-2020, show the industry is worth over two billion naira (N2billion), TechEconomy.ng can report.
The Report unveiled by the Minister of Communications and Digital Economy, Dr Isa Ali Ibrahim Pantami), has shown that NDPR met the need of the Nigerian environment; indicating that 76% of Data Protection Compliance Organisations (DPCOs) has helped the country in their compliance with the regulation.
Dr Pantami expressed his satisfaction on how NITDA provided requisite support for industry adoption of the NDPR, adding that “I have reviewed the report and I am proud to see that we have through the NDPR, 2,686 job roles, thereby creating massive opportunities for young Nigerians to be recruited as Data Protection Officers, Data Protection Compliance Organisations, Compliance officers among others.
In the Numbers:
- 790 issues
A total of 790 issues were resolved under NDPR.
- 70 DPCOs
During the period under review, a total of 70 Data Protection Compliance Organisations (DPCOs) were licensed.
- 635 audit filings
Number of audit filings received by NITDA
- N12.6m paid to FG
N12, 650,000 was paid to the Federal Government for filing of NDPR audit report
- 13 sectors
The number of sectors represented in the NDPR reporting is thirteen.
- N2.2Billion market value
N2,295,240,000 is the value of the NDPE audit market
- 2686 jobs
Jobs created through the NDPR implementation
- 93 events
NITDA facilitated 93 events that are NDPR related
- 7 data controllers
NITDA has scheduled seven (7) data controllers for immediate enforcement
- 15 investigations
Under NDPR, the Agency has conducted 15 investigations on alleged data breaches with one (1) investigations concluded.
- N1m fine
A fine of one million naira (N1m) was issued and collected. The affected agency is the Lagos State Internal Revenue Service (LIRS).
- 230 compliance notice
During the period under review, a total of 230 compliance & enforcement notices were issued.
- 1230 Phone calls
The Agency interchanged 1230 calls in 15 months that are NDPR related.
While making a remark, the Director General of NITDA, Mallam Kashifu Inuwa Abdullahi, stated that the goal of the report is to give all stakeholders the opportunity to understand how the Agency has fared in the implementation of the NDPR, adding that understanding between industry players would generate further research and provide guidance to other regulators, partners, data controllers, data processors and other stakeholders.
He said NITDA made a compilation of all the organisations who filed their annual audit report for the year 2019.
“Submission of an audit report does not conclusively indicate compliance with all tenets of data protection, this list shows organisations who have complied with the audit filing requirement of the NDPR, which is a key milestone towards compliance. It is important to note that non-filing of the NDPR audit report is a breach of the Regulation,” he said.
Mallam Kashifu added that, “the Report, being the first of its kind is aimed at highlighting key initiatives, successes and challenges of implementing the Regulation. The NDPR being a flagship of the NDEPS, is expected to be used as a learning curve for Nigeria and Africa on how to effectively implement global laws with due consideration of local peculiarities and opportunities.”
The NDPR was issued on 25th January, 2019 pursuant to Section 6(a,c) of the NITDA Act, 2007.
The Regulation covers every person subject to the laws of Nigeria, whether resident in Nigeria or not.
It is aimed at safeguarding the rights of persons to privacy; fostering safe conduct for the transactions involving the exchange of personal data; preventing manipulation of personal data; and ensuring that Nigerian businesses remain competitive in international trade through the safeguards afforded by a just and equitable legal regulatory framework.
Since the issuance of the NDPR, Nigeria has turned a significant corner in her drive towards the maturation of the Digital Economy.
The level of compliance is growing as shown in a key compliance indicator which requires the filing of a data audit report by every data controller and processor.
Article 4.1(5) of the Regulation requires the filing of an initial data audit report and a subsequent annual audit report by every data controller and processor.
This process has helped NITDA to have an overview of the state of data governance in the reporting entity while also helping government understand requisite intervention points to improve data governance, cyber-security and privacy protection.