The National Commissioner/CEO, Nigeria Data Protection Commission (NDPC), Dr Vincent Olatunji said commercial banks, telecommunications companies, and other organisations may be fined up to two percent of their annual revenue for data breaches.
Olatunji stated this on Monday in Abuja during a news conference on the implementation of the recently signed Nigeria Data Protection Act 2023.
The NC said, depending on the impact on the victim and other factors, the sanctions could be more or less severe.
The NDPC boss stated that the Act will ensure a sustainable digital economy and that the commission was putting plans in place to create 500 000 jobs in order to close the capacity gap in the subsector and help the President achieve his goal of creating one million jobs.
He also explained that the Commission, aims to increase public awareness campaigns, develop a standardized framework for implementation to ensure consistency and clarity across all sectors and improve capacity-building for Data Protection Officers (DPOs) within the next two quarters of the year.
Olatunji also revealed plans to upscale registration process for data controllers and data processors, introduce a definite calendar forfiling annual Compliance Audit Returns and strengthen its regulatory frameworks for DPCOs as well as issue sector-specific guidelines particularly for financial and telecom sectors.
“At the core of the NDPR is the essence of respect – respect for the personal data of our citizens, respect for privacy, and respect for digital rights. This respect is now solidly etched in the NDPA.
“The change in legislation is not merely an addendum to the nation law books but a transformative stride towards shaping a culture where the protection of personal data is a cherished principle and an inviolable obligation.
“The move to make data protection a statutory requirement means every organization, big or small, must cooperate with government and also ‘walk the talk’ in the interest of our dear nation.
“This development should not be seen as a burden; rather, let us view it as an exciting journey towards gaining trust, building robust data protection structures, and strengthening our standing in the global digital economy landscape”, he added.