The Federal Government is set to implement stringent penalties for data breaches in Nigeria, as revealed by the National Commissioner and CEO of the National Data Protection Commission (NDPC), Dr. Vincent Olatunji. In a video outlining the Commission’s 2025 agenda, shared on its social media platforms over the weekend, Olatunji emphasized the need for robust enforcement of data protection laws.
“For data controllers and processors, there is going to be massive enforcement. We have never really issued any fines, but going forward, you’ll hear us giving heavy penalties,” Olatunji stated. He assured Nigerians that their data rights, as protected under the Nigeria Data Protection Act (NDPA), would be fully upheld, with violators facing significant consequences.
The NDPC has been actively engaging stakeholders across both public and private sectors to raise awareness and ensure compliance with its mandate. These collaborations have led to the signing of Memorandums of Understanding (MOUs) with key organizations such as the National Insurance Commission (NAICOM), the National Lottery Regulatory Commission (NLRC), the Data Privacy Office of Canada, and the Dubai International Financial Centre Authority (DIFC), among others.
As part of its roadmap, the NDPC will advance to the second phase of its Strategic Roadmap and Action Plan (NDP-SRAP 2023–2027) in 2025. This phase aims to create job opportunities within Nigeria’s growing data protection and privacy ecosystem, particularly for young professionals.
Olatunji highlighted the Commission’s efforts to train Nigerians in data protection and privacy, thereby building a pool of globally competitive experts. “There are a lot of data controllers and processors looking for people to work with them. Those we trained and certified in 2024 will be launched into the job market this year, where they can work with data controllers and processors,” he explained.
Additionally, the NDPC plans to continue its nationwide campaign to promote data protection awareness. This initiative aims to educate citizens about their rights and emphasize the responsibilities of data controllers and processors under the NDPA.
“These initiatives are part of a broader goal to embed a culture of data protection and privacy in Nigeria,” Olatunji stated. He added that the Commission’s efforts would help build trust, enhance the digital landscape, and foster economic growth in the country.
As part of its international engagement strategy, Nigeria will host the “Network of African Data Protection Authorities Conference” in May 2025. Over 40 countries with established data protection laws are expected to participate in the event. Olatunji noted that this conference would position Nigeria as a leader in the data protection ecosystem and bring substantial economic benefits.
The NDPC remains committed to making data protection and privacy a cornerstone of Nigeria’s digital transformation journey, ensuring that these principles contribute to the nation’s development and global competitiveness.
Stay updated with more news on our WhatsApp Channel.