Draft implementation framework released for Nigerian regulation
New guidance on implementation issued, as well as draft Data Protection Bill 2020 for public comment. By Yimika Ketiku of Nouvelle Legal in Nigeria.
In January 2019, the National Information Technology Development Agency (NITDA) released the Nigerian Data Protection Regulation (NDPR) (see PL&B International Report, April 2019, p.23). Later that year, on the recommendations of stakeholders, NITDA released the NDPR: Draft Implementation Framework (Draft Framework) as a guide to assist data controllers and administrators to understand the controls and measures they need to introduce into their environments to comply with the NDPR. The Draft Framework is a general strategic approach to enforcement of the NDPR, and not yet in force.
The Draft Framework adopted by the NDPR considers the Nigerian context and seeks to implement a non-obstructive and compliance-promoting approach. The NDPR uses a triangular compliance model. This model provides for the NITDA to appoint Data Protection Compliance Organisations which will provide auditing and compliance services for Data Controllers.