Team Europe and Nigeria collaborate to enhance data protection awareness

In June 2023, the Nigerian president signed into law, the Data Protection Act of 2023. The objective of the Act, among others, is to safeguard the fundamental rights and freedoms, as well as the interests of data subjects, as guaranteed under the 1999 Constitution of Nigeria. The Act establishes the Nigeria Data Protection Commission (NDPC), also referred to as the “Commission”, to replace the Nigeria Data Protection Bureau (NDPB) established by the former President.

In partnership with the NDPC, the African Union - European Union (AU-EU) Digital for Development (D4D) Hub Project and the GIZ Digital Transformation Center (DTC) Nigeria are jointly organising a data protection training to foster a comprehensive understanding of the principles, regulations, and best practices associated with safeguarding sensitive information. The training’s core objective is to empower individuals with the knowledge and skills necessary to collect, process, and store personal and confidential data securely and in full compliance with the law.

By educating data processors and controllers, organisations seek to minimize the risks associated with data breaches, legal violations, and reputational damage. The ultimate goal is to instill a culture of data protection and privacy awareness, wherein every member of an organisation contributes to upholding the integrity and security of data, while adhering to legal requirements.

The training is specifically tailored to two distinct audiences: Data Protection Officers (DPOs) and management level staff of Data Protection Processors and Controllers, including private sector companies, civil society organisations, and government entities. DPOs will undergo a 2-day training, while Data Protection Processors and Controllers will receive a 1-day training, with sessions replicated in both Lagos and Abuja.

The European Union, a pioneer in data protection and privacy regulation through the implementation of the General Data Protection Regulation (GDPR) in 2018, has greatly inspired the Nigerian act. This training combines European Union expertise with insights from local experts. Training materials will be made widely available for future use by Nigerian stakeholders. The activity aims to deepen the cooperation between the EU and Nigeria on this subject, laying the foundation for further projects that support the digital economy.

The training will support the digital ecosystem and advance the digital transformation of Nigeria by instilling a culture of responsible data handling. It equips individuals and organisations with the knowledge and skills required to navigate evolving data privacy regulations, and safeguard sensitive information, thus building trust among consumers and business partners. As Nigeria continues to embrace digital transformation, organisations will be well-prepared to leverage data-driven innovations while ensuring the security and privacy of personal and corporate data, ultimately contributing to a sustainable digital environment that fosters economic growth and innovation.

“The Nigeria Data Protection Commission (NDPC) in line with the key pillars of its Strategic Roadmap and Action Plan (SRAP), aims to develop globally competitive human capital. This pool of experts is expected to bridge the knowledge gap and deepen Data Privacy and Protection within the ecosystem. Accordingly, the Commission has partnered with the AU-EU-D4D Hub to provide this capacity building for relevant stakeholders," said Dr Vincent Olatunji, National Commissioner of the Nigerian Data Protection Commission

Inga Stefanowicz, Head of the Green and Digital Economy Section of the Delegation of the European Union to the Federal Republic of Nigeria & Ecowas highlighted that "this training is an important milestone in the introduction of data protection standards in Nigeria. The European Union has supported the Nigerian efforts in this direction from the outset, especially as the system being introduced is inspired by the European laws and standards. We were very happy to see the Data Protection Act signed into law, as one of the first legislative acts by the new President, H.E. Bola Tinubu. Given the efforts of the previous administration, the Data Protection Commission had by then been established and ready to enforce the new rules protecting Nigerian citizens and businesses from data breaches. In the ever expanding digital economy, solid data protection rules create a safe and enabling ecosystem."

About AU-EU D4D Hub Project

The AU-EU D4D Hub is a flagship Team Europe project, co-funded by the European Union and jointly implemented by eight European organisations. It is part of the D4D Hub, an EU-led platform that creates and leverages partnerships to shape a sustainable digital future worldwide. This activity is implemented by GIZ, one of the implementing agencies, through its Digital Transformation Centre in Lagos. The project supports African institutions to create an enabling environment for an inclusive and sustainable digital transformation. It provides demand-driven technical assistance, promotes knowledge sharing, and facilitates multi-stakeholder dialogues.

About NDPC

The Nigeria Data Protection Commission (NDPC or “the Commission”) is responsible for the implementation and enforcement of rules and regulations set out in the Act, regulate the processing of personal information and other related matters, while being charged with formulation and provision of overall policy direction.

For more information on the training, write to oladipo.olurishe@giz.de