As Nigeria continue to record success in Data Protection Regulation, the Director General, National Information Technology Agency (NITDA), Kashifu Inuwa Abdullahi said that, the country has recorded impressive growth in data protection compliance with a verifiable database of statutory audit reports filed by 588 entities.
The DG stated this at the closing ceremony of 3-day Virtual Conference on “COVID-19 and Securing the Financial Services Industry” organised by Committee of Chief Information Security Officers of Nigeria Financial Institutions (CCISONFI).
Speaking on Nigeria’s journey towards implementing Data Protection Regulation (NDPR), Abdullahi noted that despite low level of awareness and various challenges faced by stakeholders, the level of compliance is growing at a fast rate, and Nigeria is leading in Africa.
He said, “Before the introduction of the NDPR, no Nigerian entity could boast of compliance with data protection laws. Selected multinationals had some level of compliance imposed on them by their parent companies. However, it changed drastically within one year. From near zero compliance, the country has recorded impressive growth in data protection compliance.”
Abdullahi added that banking sector is a primary target for data breach due to the perceived value of data. He commended banks for their pro-activeness in compliance with NDPR and information technology standards and regulation.
“Your industry, the banking sector, is a primary target for data breach, and your level of compliance is building trust in your customers. Compared with other industries, you are fantastically doing well, but still, there is room for improvement for you to get to the Promised Land,” he said.
The NITDA DG revealed that, initially there were some resistance from various quarters as to NITDA’s statutory powers and capacity to implement the NDPR. He said that, “The resistance helped to stimulate and focus the Agency on delivering valid results. Critical stakeholders represented by Data Protection Officers (DPO) have validated our innovative approach to NDPR implementation. And our role in pioneering data protection in Nigeria is also critical as the experiences garnered so far would be of immense benefit to the country.”
He further explained that in a survey conducted last month, July, 2020, 74% of the respondents opined that the NDPR met the need of the Nigerian environment; 76% said the unique introduction of Data Protection Compliance Organisations (DPCO) helped in their compliance with the NDPR. 72% noted that NITDA had provided the necessary support for industry adoption of the NDPR. The respondents put the rate of public awareness at 54%, which is the lowest score. But, 85.3% of the respondents stated that the NDPR compliance enhances good perception about their business.
While recalling some achievements, Abdullahi said, “We have licensed 70 Data Protection Compliance Organisations (DPCO), which also created over 2,700 new jobs. The Data Protection sector is valued at N1,860,000,000, using median value of audit implementation cost. In addition to this, The African Union – Working Group on Data Protection Harmonisation and Localisation on (Policy and Regulatory Initiative for Digital Africa- PRIDA) has appointed NITDA as Vice-Chair of the working group.”