Nigeria: Cybersecurity regulation in Data Protection Commission General Application and Implementation Directive 2024 (NDPC/NDP ACT-GAID/01/2025)

Progress

Current status

in force

19 Sep 2025 in force

20 Mar 2025 adopted

Scope

Implementers

Nigeria

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

cross-cutting

Government Branch

executive

Government Body

data protection authority

Implementation Level

national

Timeline of events

19 Sep 2025

in force

Data Protection Commission's General Application and Implementation Directive including cybersecurity regulation (NDPC/NDP ACT-GAID/01/2025) enters into force

On 19 September 2025, the Nigeria Data Protection Commission’s (NDPC) General Application and Implementation Directive (GAID) 2025 (NDPC/NDP ACT-GAID/01/2025) under the Nigeria Data Protection Act (NDP Act) 2023 enters into force. Article 28 and Sch…

Source

Event type order

Action type implementation

Government branch executive

Government body data protection authority

20 Mar 2025

adopted

Data Protection Commission adopted General Application and Implementation Directive (NDPC/NDP ACT-GAID/01/2025) including cybersecurity regulation

On 20 March 2025, the Nigeria Data Protection Commission (NDPC) adopted the Nigeria Data Protection Act (NDP Act) 2023 General Application and Implementation Directive (GAID) 2025 (NDPC/NDP ACT-GAID/01/2025). Article 28 and Schedule 4 require Data P…

Source

Event type order

Action type adoption

Government branch executive

Government body data protection authority

Progress

Scope

Timeline of events

Data Protection Commission's General Application and Implementation Directive including cybersecurity regulation (NDPC/NDP ACT-GAID/01/2025) enters into force

Data Protection Commission adopted General Application and Implementation Directive (NDPC/NDP ACT-GAID/01/2025) including cybersecurity regulation

Related changes

implements/transposes related intervention

Nigeria: Cybersecurity regulation in Nigeria Data Protection Act, 2023 (Act No. 37)

related intervention is part of the same original policy

Nigeria: Data protection authority governance in Data Protection Commission General Application and Implementation Directive 2024 (NDPC/NDP ACT-GAID/01/2025)

Nigeria: Cross-border data transfer regulation in Data Protection Commission General Application and Implementation Directive 2024 (NDPC/NDP ACT-GAID/01/2025)

Nigeria: Registration as a data controller or data processor of major importance requirement in Nigeria Data Protection Act 2023 General Application and Implementation Directive 2025 (NDPC/NDP ACT-GAID/01/2025)

Nigeria: Data protection regulation in Data Protection Commission's General Application and Implementation Directive (NDPC/NDP ACT-GAID/01/2025)