ALDAPCON Advocates for Data Protection Legislation in Nigeria

The Association of Licensed Data Protection Organisations of Nigeria (ALDAPCON) has advocated the need for the principal data protection legislation law to be put in place as the country pursues its digital transformation agenda.

Mr. Ivan Anya, the Chairman of ALDAPCON, in a press conference, said the Data Protection bill when passed into law will address the data privacy and confidentiality of Nigerians, enable secure dataflow, economic development, and improve national security, job creation and better global positioning.

He said this will also enable data processors and data controllers to have significant clarification of duties and responsibility for the protection of rights of data subjects (citizens).

“From inception of our work in the industry we actually face a whole lot of this level of resistance, some of them are still there, some are still waiting for sectoral regulators to advise them as to what direction they should take, not understanding by themselves why they should ensure compliance. We also have the issue of technicality that is prevalent within the ecosystem; instances where you have businesses hosting Nigerians’ data outside of the country. You need to ensure that such hosts of Nigerians data are hosted in full compliance with the Nigerian data protection regulation.

“The big issue is the aspect of the law. We are hopeful that as soon as the data protection bill is passed, it will address a whole lot of the technical and procedural issues we face now in terms of compliance.

“The bill is expected to contribute to the legal foundations of the digital economy of Nigeria and its participation in the regional and global economies through the beneficial, trusted use of personal data to help mitigate issues on data leakage, and ensure confidentiality and privacy of data.”

Speaking on the objectives of the association, Mr. Anya said Data Protection Compliance Organisations (DPCOs)  under the  umbrella body ALDAPCON as the privacy overseers in the country,  focuses   on driving  data compliance in the industry which  include to provide credible and authoritative data protection advisory to government, private and public organisations in Nigeria

“So we are currently running our second year since inception and we have been working with the Nigeria Data Protection Bureau (NDPB) in championing what should help guide data protection practice in Nigeria.

“The data protection compliance model is the only one of its type globally and no other country currently practices what we do. It is called the Public Private Partnership (PPP) arrangement where the supervising authority in this case, the NDPB has delegated some of its functions to the DPCOs to go to business organisations and assist them achieve compliance, this is what exactly we do,”

He said the association is helping create awareness on the importance of data protection and cyber security as well as the provision of data protection regulation in Nigeria.

“[This is] in addition to being the body of knowledge for data subjects on the Nigerian data protection legislation and its execution; as well as working with stakeholders to influence and assess the impact of data protection in Nigeria.”

He added that ALDAPCON has also provided certification training in data protection as well as the implementation and filling of gaps that may arise in the course of an audit assessment of how an organisation is compliant to the data protection regulations or the laws.

Assessment in areas of default and ensuring that at every point in time businesses are in full compliant with the requirements of the regulations

He noted that the data privacy sector has recorded significant achievements.  Between 2020 and 2021, compliance recorded 68% improvement. “We are hopeful that by the time the 2022 report comes out during the data privacy week of 2023; we’ll see exactly what has happened or what level of progress has been achieved.”

He added that the need assessment audit report published early this year for 2021 shows that there has been a significant improvement in terms of compliance within the fintech sector which has been quite remarkable.

Mr. Abdullaziz Ari, the Secretary of the Association, disclosed that the Association is coming up with standards to guide compliance in the industry, developing capacity within the ecosystem  and most importantly, to create awareness on how to assist the ecosystem comply with the requirements of the regulation.

“Well, for now we try to focus mostly on the public and private sectors. The memos will help bridge the gap in the public sector as the private sector has been more responsive in terms of compliance” Ari added.