Annual Data Audit Report; NITDA Set To Punish Non-filing Organizations

The National Information Technology Development Agency (NITDA) has reminded all data controllers and processors that the deadline for the filing of their annual data audit report is 15th March, 2021 as Non-filing is a punishable offence and the agency is set to fully enforce the provision of the Law.

Speaking virtually on Monday, 25th January, 2020 to the media at the National Privacy Week 2021 and unveiling of the week activities, the Director General of NITDA, Kashifu Inuwa Abdullahi said that enforcement has been the sour point for the agency.

“Our current efforts at enforcement is salutary but not nearly enough. We are considering all options to ensure we do not kill businesses, while also ensuring businesses do not kill Nigerians through wanton abuse of their data, Abdullahi said.

He highlighted that NITDA has taken a number of steps in line with its implementation strategy.

He listed the steps as follow;
Sustained Public Awareness by embarking on series of public awareness campaigns.

“We achieved massive media awareness between May and October 2019. So far, we are the first country in Africa to dedicate a whole week to public awareness on data privacy protection, Abdullahi said.

Another step is implementation Structure. Unlike the GDPR and other laws, NDPR has created a set of licensees who have proven expertise in data protection implementation. These DPCOs are licensed to provide data protection compliance, audit, training and related services to all Data Controllers and Processors.

The DG said, “So far, we have licensed seventy DPCOs and have received many more applications which are currently being treated.
This strategy has recorded compliance from many organizations than could be imagined.

“For instance, our audit reports for the period 2019-2020 shows the percentage of compliance among the number of filing entities. These sectors includes: Financial Services – 35%, Fast Moving Consumer Goods – 14%, Energy – 10%
Consultancy – 9%, ICT – 8%, Transport and logistics – 5% and Others – 19%.

“We have also inaugurated the Data Breach Investigation Team (DBIT). This team is made up of IT Professionals, Lawyers and the Police Force. Their assignment is to investigate allegations of breach and make recommendations of actions to be taken on each case, through the Implementation Committee, the DG reiterated.

Another step is the Legal and Political Structure for Sustainability.

“NITDA, through the support of its parent Ministry, has done a lot to give legal and political credence to the NDPR. Section 6(c) of the NITDA Act 2007 mandates the Agency to develop guidelines for electronic governance and monitor the use of electronic data interchange and other forms of electronic communication transactions as an alternative to paper-based methods in government, commerce, education, the private and public sectors, labour, and other fields, where the use of electronic communication may improve the exchange of data and information, the DG emphasized.

He further said that NITDA’s strategy is to create a workable, credible implementation process that would assist the National Assembly in its quest to pass a Data Protection Bill.

“We are proud to say the NDPR implementation has the most robust consultative process in our recent history as a nation. This autochthonous approach has deepened the NDPR more than we could have imagined.

On some strategic steps being taken by NITDA to continue the strengthening of the NDPR implementation in Nigeria, the DG said that in March 2020, NITDA, on the recommendation of the Honourable Minister of Communications and Digital Economy was selected as a member of the Technical Working Group on Data Protection Laws Harmonization and Localization in Africa hosted by the African Union Commission with support from the European Union Commission. Nigeria was appointed as the Vice Chair of this very important group.

“The confidence reposed in us by the African and European Unions has been justified by our experiential, collegial and intellectual inputs to the process which has endeared us to our sister countries. The import of this is that, NITDA has begun to open the doors for our private sector players to venture to other countries to replicate the moderate success we have achieved thus far.

“One of our DPCOs organized the 1st Africa Data Protection Conclave that had speakers and attendees from all over Africa and beyond.

“In December 2020, NITDA was appointed as full member of the Common Thread Network (CTN). CTN is a network of Commonwealth nations’ data protection authorities. The CTN is hosted by the UK Information Commissioner’s Office. This strategic alliance would provide needed support in capacity development, mentoring, and cross border enforcement. The impact of this development will be amazingly limitless.

“While we await the passage of the Data Protection Bill, NITDA will continue to lay necessary structures to deepen data protection implementation in Nigeria, Abdullahi said.

He highlighted the activities lined up for the Data Privacy Week to imclude: Privacy Tech Expo slated for Tuesday 26th January 2021.

Abdullahi said this first of its kind program is conceptualized to promote Nigerian innovations around privacy and data protection.

“NITDA as an information technology regulator has a duty to ensure all regulatory efforts are infused with requisite technological support.

“We will have pitch sessions and our selected panel of experts will provide guidance on how to improve on the solutions provided.

The Privacy and Public Health Management; Lessons from COVID-19 webinar is crafted to discuss the privacy issues arising from COVID-19 induced processes such as contact tracing, temperature capturing, vaccine trials etc.

The webinar is expected to dissect the issues and proffer solutions for the consideration of government and other stakeholders.

The National Virtual Class on Data Protection (for Secondary Schools) will take place on Wednesday 27th January 2021.

“NITDA places so much value on the young Nigerians. We always craft the privacy week with youths and students in mind. This year, we are organizing a virtual class to teach secondary school students on data protection. This class will offer them requisite knowledge on the basics of data protection and privacy and help them learn how to protect their data online,the DG said.

A webinar on “NIN: Preserving Privacy; Promoting the Digital Economy” is designed to discuss the issues around the issuance of the National Identity Number (NIN) and its implications on privacy and the digital economy.

The panelists are expected to draw out lessons learned and what we as a nation can do better to achieve our objectives.

Thursday 28th January 2021 been grand finale of the Privacy Week, the Minister of Communications and Digital Economy Dr Isa Pantami would be the Chief Host and Special Guest of Honour to give a keynote address on government’s vision on data protection and the digital economy while Goodwill messages would also be taken from within and outside Nigeria.

The National Quiz Competition final would also hold and the students will be assessed on data protection, digital economy, information technology and general knowledge. We are hoping to showcase Africa’s next data privacy champions.

The event will round up with an Executive Roundtable themed: “Big Tech and Privacy: Evolving an African Data Strategy”.

This session would comprise of representatives of Africa’s big tech, the African Union, international law firm and the government. This top level session would help Africa begin a process of decolonialising technology and help us achieve some level of control over our data.

Related Articles


Please enter your comment!
Please enter your name here

Stay Connected

- Advertisement -

Latest Articles