Abuja, Nigeria – Nigeria’s Data Protection Commission (NDPC) has announced it is launching a sector-by-sector investigation into organizations suspected of failing to comply with the country’s data protection laws. The move is part of a broader effort to strengthen the legal foundation of Nigeria’s digital economy.
In a press release signed by Babatunde Bamigboye, Head, Legal, Enforcement and Regulations at the NDPC, the Commission stated that it has issued formal compliance notices to a number of organizations, including banks, insurance firms, and gaming companies. The full list of these companies is set to be published in major Nigerian newspapers on Monday.
Under the new regulations, these organizations have 21 days to provide evidence of compliance with the Nigeria Data Protection Act (NDP Act), 2023. This includes showing proof of their 2024 compliance audits, confirming the appointment of a Data Protection Officer, outlining their security measures, and providing evidence of their registration as a Data Controller or Processor.
The NDP Act, which came into effect in 2023, is designed to safeguard the fundamental rights and freedoms of data subjects and to ensure Nigeria’s trusted participation in the global digital economy. The commission warned that failure to comply with the notice could lead to enforcement actions, including administrative fines and criminal prosecution.
Add Comment