Overview

The Nigeria Data Protection Regulation 2019 is a legal framework issued by the National Information Technology Development Agency (NITDA) to govern the processing of personal data of natural persons in Nigeria. The regulation aims to safeguard data privacy rights, ensure safe conduct for transactions involving personal data, prevent data manipulation, and enhance the competitiveness of Nigerian businesses in international trade by adhering to best practices. It applies to all transactions involving the processing of personal data within Nigeria, as well as to Nigerian citizens residing abroad. The regulation outlines lawful processing principles, consent requirements, data security obligations, third-party contracts, data subject rights, and penalties for non-compliance, including fines and potential imprisonment for severe breaches. It also addresses data transfer to foreign countries, with exceptions under certain conditions. Implementation mechanisms include an Administrative Redress Panel and cooperation at local and international levels.

Download