NITDA Clarifies Role in Data Protection Regulation
Following a publication by a legal practitioner questioning the propriety of National Information Protection Development Agency,NITDA, licencing law firms as data protection compliance organization, the agency says the Nigerian data protection regulation does not seek to ”inhibit, restrict or curtail the rights of the legal practitioner as provided by the Legal Practitioners Act. The NDPR rather, has opened a new vista of opportunities for lawyers to expand their practice into the area of Data Protection.
A statement signed by Hajia Hadizar Umar ,Head Corporate communication NITDA says “it is factual and legal inaccuracy to equate the right of data privacy or indeed the provision of data privacy-related services, to the right to data protection. Data protection goes beyond protecting personal data privacy; it also involves the processes, systems and rules to ensure the confidentiality, integrity and availability of data”.
According to Umar, NITDA licensed law firms understand that they represent the Agency in the drive to entrench compliance and help data holding entities to bridge the historical and systemic gap in data protection compliance in Nigeria. Unlike the requirements legal practitioners must fulfil before appearing in the courts of law, the criteria for licensing as a DPCO, requires knowledge of data protection compliance and enforcement, which is not part of the residual knowledge of every lawyer.
“The opinion of the author that the DPCO scheme lacks precedent is a testimony to the innovation NITDA is bringing to its regulatory mandate. Moreover, as the evergreen Lord Denning said in the case of Parker v. Parker, “If we never do anything which has not been done before, we shall never get anywhere.” While lawyers retain their privilege to traditional privacy rights advocacy and enforcement in most other jurisdictions, NDPR further recognises and institutionalises the capacity of prepared legal practitioners to participate in the audit, training and compliance services for data controllers and processors. It is encouraging to note that Nigeria’s model has become subject of intense studies for adoption within and outside Africa”.
As the apex regulator of information technology in Nigeria, NITDA expressed joy that ” due to its licensing of DPCOs, training and awareness on data privacy protection has been widely entrenched, jobs are being created, bureaucratic bottlenecks have been eliminated in the bid to comply and the country is fast-tracking its progress towards digital economy maturity.
(News Annex)