Business Regulations, Law & Practice | |
Business Regulations, Law & Practice | |
5200 VIEWS | |
![]() |
Monday, 29 April 2019 / 02:56PM / By
Oserogho & Associates / Header Image Credit: TechEconomy.ng
Introduction
The value, benefits, significance and risks associated with Data
Information and Privacy, to modern daily activities, is no longer under-rated.
The National Information Technology Development Agency (“NITDA”) is
statutorily obligated to develop Regulations which protects all electronic data
information.
In compliance with the above-mentioned statutory obligations of NITDA,
NITDA has published the Nigeria Data Protection Regulations (“NDPR”) to protect
all electronic data Information.
Objectives of Data Protection Regulations
The fundamental objective of the NDPR or the Data Protection Regulations
is the safeguard and the protection of the data rights, privileges and privacy
of individuals who are of Nigerian descent, irrespective of their country of
residence.
All public and private organisations who exercise any form of control
over the data of individuals are required to, as from the commencement of the
NDPR, circulate publicly their respective Data Protection Policies.
Summaries of all the Data collected and processed are to be delivered to
NITDA.
Data User/Subject Consent
The Data Information of a Person can only be collected and or processed
in accordance with the specific, legitimate and lawful consent of a Data User
or Subject. Such consent must not be obtained by fraud, misrepresentation,
coercion or undue influence.
No consent is to be sought, given or accepted in any circumstances that
may engender directly or indirectly the propagation of the violation of any
children’s rights, hate and other anti-social norms.
Any Data consent given must also be freely and easily withdrawn at any
time by the Data User or Subject without any explanation for the withdrawal
proffered. Similarly, the Data User has the right to the portability of his
data where such portability is technically feasible.
A recognised key exception to the above consent rule is the processing
and use of the personal data of an individual for scientific, historical,
public interest research or other statistical purposes. Where however such Data
is to be transferred to a third party, the prior consent of the Data Subject or
User must again be obtained.
Data User Additional Rights
All Data Users or Subjects have a constitutional right to the protection
of the privacy to their personal Data. Where the Data User gives his or her
consent to the processing and use of the User or Subject’s Personal Data, all
the data collected must be protected from all foreseeable breaches or hazards
like the theft of such Data, cyber-attacks, viral attacks, hacking or the manipulation
of any kind of such Data, etc.
Data Controllers, Processors and Custodians also owe a Duty of Care to
all Data Users and Subjects.
Administrative Redress
Without prejudice to the right of the Data User or Subject to seek
redress in a Court of Law, NITDA is required by the NDPR to establish a
Administrative Redress Panel to among other things investigate and determine
allegations of data breaches with appropriate redresses proffered by this Panel
for any Data breach.
The Administrative Redress Panel is also empowered to during the course
of its investigation, make administrative orders or directives which protects
the Data Information which is under the NDPR investigation.
Additional Penalties for Data Breaches
In addition to the above-mentioned Administrative Reliefs, and any
Criminal Liabilities arising from any Data Breach, other Reliefs and or
Penalties for any Data Breach or for any non-compliance with any of the above
Data Regulations is in the case of a Data Controller with more than 10,000 Data
Subjects or Users the payment of a fine, the greater of 2% of the Data
Controller’s Annual Gross Revenue for its preceding financial year-end or the
sum of N10,000,000 (Ten Million Naira); whichever of the latter two that is
greater.
For a Data Controller with less than 100,000 Data Subjects, the
additional fine is the greater of 1% of the Data Controller’s Annual Gross
Revenue for the preceding financial year end or the payment of N2Million as the
fine for any Data Breach.
Conclusion
It is of practical concern that the Data Protection Regulations only
protects individuals who are of Nigerian descent. Foreigners and corporate
bodies Data do not appear to be protected under the NDPR.
It is also of great concern that unlike the more robust European Data
Protection Regulations, manpower proficiency on the part of the Data Protection
Regulator, Data Processors and Controllers among others may not be in tandem
with the spirit of the provisions of the NDPR. A good example is the reality
that many government establishments do not have functioning, up to date online
presence and information.
The registration and licencing of external Data Protection Compliance
Organisations by NITDA is likely to be inimical to the supervisory and manpower
building capacities of NITDA itself.
It is of further concern that the office of the Attorney General of the
Federation (“AGF”) has some supervisory roles where a person’s data is to be
transferred to a foreign country or organisation. Does the AGF have the
required information technology surveillance personnel and equipment to monitor
any such Data transfers? This is especially as most Data these days are
transferred and processed online, in real time, from various countries.
Disclaimer:
This is a free educational material. It does not serve as a
source of solicitation, advertisement or the offering of legal services or
advice of any kind. No Client/Attorney relationship is therefore
created. Readers are strongly advised to always seek from qualified Legal
Practitioners, competent legal counseling to their specific factual situation.
Intellectual Property Protected!
This material is protected by International Intellectual Property Laws and Regulations. This material can therefore only be reproduced or re-distributed for non-profit educational purposes under the strict condition that our Authorship of this material is explicitly acknowledged, and our above Disclaimer Notice is prominently displayed. [ contactus@oseroghoassociates.com ]
Related Posts on Corporate Governance
1.
Stakeholders
X-Ray Nigerian 2018 Corporate Governance Code at IOD and FRCN Forum
2.
Nigeria:
Procedure For Recognition And Enforcement Of Arbitral Awards
3.
Nigeria:
Grounds Upon Which A Nigerian Court Will Set Aside Execution Of A Judgment
4.
SEC
Nigeria Clarifies and Establishes Fiduciary Standard For Investment Advisers in
Nigeria
5.
The
EU Copyright Directive Is Likely To Stifle Competition And innovation
6.
The
FRCN Nigerian Code of Corporate Governance 2018 – Jan 18, 2019
7.
Implementation
of Code of Corporate Governance Will Minimize Wastage, Corruption – Osinbajo
8.
Executive
Summary of Changes to CAMA – May 16, 2018
9.
The
Un-Enforceability of the Nigerian FRC’s Code of Corporate Governance – Nov
08, 2016
10. CBN
Requests for Inputs on National Code of Corporate Governance Issued by FRCN
– Mar 21, 2016
11.
S.
306 of ISA 2007 and Whistleblowers in Nigeria – Jan 21, 2014
12. How
to run a Whistleblower Program - US SEC Awards More Than $5 M to Whistleblower -
May 18, 2016
13. Reps
Pass Companies and Allied Matters Act Re-enactment Bill
14. Stakeholders
explore the Role of IST in Nigerian Capital Market Dispute Resolution
15.
Regulatory
Conversations – A Public-Private Dialogue Holds On Sept 18, 2018
16. Buhari
Signs Law Separating NFIU from EFCC
17.
Unconstitutional,
Null And Void - Legal Opinion On Preservation Of Suspicious Assets Order
18. The
Draft Nigerian Code of Corporate Governance 2018 For Your Input
19. 2018
Nigerian Code of Corporate Governance: Sectorial Codes to Serve as Guidelines -
FRC
20. Landmark
FHC Judgment On The Information Rights of Investors In The Nigerian Capital
Market
21. Executive
Summary of Changes to CAMA
22. Senate
Passes New CAMA Bill into Law; Lists Seven Benefits
23. Corporate
Governance As A Strategy For Investment Drive – August 2018
24. Nigerian
Patient’s Bill of Rights: 5 Things to Note
25. IFRS 15 Implementation Efforts of 2018 Interim Reporters in the Oil and Gas Industry
Related
Legal Alerts and Business Regulations
1.
New
Harmonised Code of Corporate Governance – Legal Alert – Mar 2019
2.
European
General Data Protection Regulations - Highlights – Feb 26, 2019
3.
FBNQuest
Proposed Transfer of FBNQuest Trustees Limited to FBN Holdings Plc
4.
Income
Tax Country-by-Country Reporting Regulations, 2018 - Legal Alert
5.
UUBO
Hosts Groundbreaking Thought Leadership Forum on ICE, December 6, 2018, in
Lagos
6.
The
Finance Function Of The Future: Using IFRS 17 To Build A Competitive Advantage
7.
IFRS
16 to Fuel Use of JVs to Avoid Lease Capitalisation
8.
How
Government And Its Agencies Can Be More Efficiently Run – The BOI Example
9.
Finance
and Accounting Outsourcing
10. Judgment
Delivered Against Plaintiff In First Nigerian Case on ATM Dispense Error
11.
Communique
of the 58th Annual General Conference of the NBA
12. IFRS
Reporting – Matters Arising On Derivatives
13. New
Transfer Pricing Regulations, Guidelines and Circular - Legal Alert
14. Copyright
Collective Societies'' Regulations Revisited - Legal Alert
16. Sales
Tax versus VAT: Supremacy - Case Law Review
17.
Fire
Safety Compliances and Regulations
18. Admissibility
Of Evidence As It Relates To Electronic Devises, Social Media And Forensic
Science
19. New
Requirements For Registration Of Charges (Form CAC8) Takes Effect April 3, 2018
20. FIRS
issues Public notice on Implementation of the Revised 2018 Transfer Pricing
Regulations Oct 22, 2018
21. Senate
Passes Resolution Mandating CBN To Suspend Bank ATM Charges
22. NASSBER
Bills – A Status Update On Market Related Legislation
23. Senate
Passes Resolution Mandating CBN To Suspend Bank ATM Charges
24. ADR
- Alternate Dispute Resolution Multi-Door Court House – Legal Alert
25. Stakeholders
explore the Role of IST in Nigerian Capital Market Dispute Resolution
26. The
Finance Function Of The Future: Using IFRS 17 To Build A Competitive Advantage
27. IFRS
16 to Fuel Use of JVs to Avoid Lease Capitalisation
28. How
Government And Its Agencies Can Be More Efficiently Run – The BOI Example
29. Court
Approves Website Seizure and Anton Piller Order Against Online Copyright Piracy
Platform
30. Hotels
and Restaurants Consumption (Fiscalisation) Regulations
31. Court
Grants Injunction Restraining Lagos State From Enforcing New Consumption Tax
Law
33. Police
Powers of Arrest and Civil Contracts
34. Stakeholders
harp on robust PPP, at 2017 BusinessDay Education Summit
37. Stamp
Duties on Bank Deposits and Transfers: Are There Unresolved Issues?
38. IFRS
9 Standard Implementation: Building Organisational Capacity for Implementation
Success
39. Bank
Charges: Role, Responsibilities and Rights
40. Bank
Charges & Recent Regulatory Guidelines
41. Legal
Update On The Implementation Of The Stamp Duties Act And The Rights Of Bank
Customers
42. How
Recent Environmental, Waste and Effluent Law & Regulations Affect You
43. Indonesia
Issues New Regulation Regarding PLCs' Shareholding Reporting Obligations
44. Contracts
- Time Is Of The Essence
45. Nigeria's
new Immigration Regulations 2017
46. The
Law, The Environment And Permissible Noise Levels
47. Advancing
the Role and Effectiveness of Audit Committees
48. House
Passes Federal Competition Commission Bill
49. Registering
a Business in Nigeria: Preliminary Considerations
50. PEBEC
approves 60-day action plan on Doing Business in Nigeria
51.
Annual
Minimum Corporate Compliances
52. You've
Registered Your Trademark, What Now? Tips on Maintaining Trademark Protection
53. Why
FGs Ban of Vehicle Imports Through Land Borders Makes Sense
54. While
Nigeria Dithers, 3 in 4 African Countries Improve Business Environment
55. The
Un-Enforceability of the Nigerian FRC’s Code of Corporate Governance