Companies who have failed to comply with the Nigerian Data Protection Regulations (NDPR) directive on data protection are soon to be sanctioned.
The Nigerian Information Technology Development Agency (NITDA) has communicated its plans to impose sanctions of N2 million on any Data Protection Compliance Organizations (DPCOs) in breach of the directive.
Apart from that, the defaulting companies also face the prospect of two per cent of their gross earnings for the previous year forfeited.
A memo, which emanated from NITDA to the DPCOs, has directed them to forward a list of companies who have audited their data protection practices before October 25, 2019.
NITDA had earlier set the date as the deadline for the submission of the list.
The Nigerian Tribune learnt on Thursday in Abuja that the objective of the data protection regulation is to safeguard the rights of natural persons to data privacy; to foster safe conduct of transactions involving the exchange of personal data; prevent manipulation of data; and ensure that Nigerian businesses remain competitive in international trade, through the safeguards afforded by a just and equitable legal regulatory framework on data protection.
NITDA’s memo to the DPCOs signed by NITDA’s Lead- Regulations Monitoring and Compliance, Olufemi Daniel, read in part: “I am directed to write in respect of your recent Data Audit filings to NITDA. Kindly update NITDA with a table indicating the following:
“1. Name of Organisation, 2. Amount paid and 3. Remita Retrieval Reference. For every organisation you have filed data audit report for. This information is required for NITDA to be able to generate a comprehensive receipt for your payments and to ensure transparency of the process.
“You also kindly requested to give us a list of every organisation you are currently working with and an estimated time to file the audit report.
“Kindly ensure this report reaches us on or before Tuesday 5th November, 2019.”
It was gathered that the NITDA’s memo to the DPCOs became necessary to ensure that the objectives of data protection and regulations are complied within the interest of individuals, businesses and the country.
A source close to the agency asserted: “The memo is in preparation for moves to investigate and sanction non-compliant companies. Sanctions for failure to comply with the NDPR include a penalty of up to 2 Million Naira or 2% of a company’s gross earnings for the previous year.”
NITDA has recently disclosed its intention to probe the privacy practices of popular phone application, Truecaller, in Nigeria.Read Full Story