NDPC issues general application and implementation directive to clarify Data Protection Act provisions

The Nigeria Data Protection Commission (NDPC) has unveiled the Nigeria Data Protection Act - General Application and Implementation Directive (NDP Act GAID), a comprehensive guide designed to elucidate the provisions of the Nigeria Data Protection Act (NDP Act) for individuals and organizations.

Dr. Vincent Olatunji, National Commissioner and CEO of NDPC

During a press conference, Dr. Vincent Olatunji, National Commissioner and CEO of NDPC, commended the committee responsible for developing the GAID. He highlighted that the directive addresses both technical and organizational measures, covering areas such as data protection principles, lawful bases for data processing, compliance audits, and data subject rights. Additionally, the GAID encompasses considerations for emerging technologies, ensuring its relevance in the evolving digital landscape.

A notable feature introduced by the NDPC is the Data Subjects’ Standard Notice to Address Grievance (SNAG). This mechanism empowers individuals to seek remediation directly from data controllers and processors without the necessity of first approaching the Commission. Dr. Olatunji emphasized, "We have fully democratized the privacy breach remediation process for data subjects."

The introduction of the NDP Act GAID aims to provide clarity on the NDP Act's contents, enabling data controllers and processors to understand their obligations while ensuring that data subjects are aware of their rights. This initiative is expected to foster a more transparent and accountable data protection environment in Nigeria.

By:  Kanto Kai Okanta