Nigeria: Nigeria Data Protection Commission published draft General Application and Implementation Directive 2024 (NDPC/NDPA-GAID/001/2024) including data protection regulation

Nigeria Data Protection Commission published draft General Application and Implementation Directive 2024 (NDPC/NDPA-GAID/001/2024) including data protection regulation

On 31 May 2024, the Nigeria Data Protection Commission (NDPC) published the draft Nigeria Data Protection Act (NDPA) 2023 General Application and Implementation Directive (GAID) 2024 NDPC/NDPA-GAID/001/2024. The draft GAID mandates that data controllers and processors implement robust technical and organisational measures to ensure the confidentiality, integrity, and availability of personal data. Key provisions include the designation of data protection officers, conducting data protection impact assessments, and adhering to principles such as data minimisation, purpose limitation, and accountability. Non-compliance with these stipulations can result in administrative penalties and legal consequences.

Original source

Scope

Policy Area

Data governance

Policy Instrument

Data protection regulation

Regulated Economic Activity

cross-cutting

Implementation Level

national

Government Branch

executive

Government Body

data protection authority

Complete timeline of this policy change

Hide details

2024-05-31

under deliberation

On 31 May 2024, the Nigeria Data Protection Commission (NDPC) published the draft Nigeria Data Prot…

2025-03-20

adopted

On 20 March 2025, the Nigeria Data Protection Commission (NDPC) adopted the Nigeria Data Protection…

2025-09-19

in force

On 19 September 2025, the Nigeria Data Protection Commission’s (NDPC) General Application and Imple…

Description

Nigeria Data Protection Commission published draft General Application and Implementation Directive 2024 (NDPC/NDPA-GAID/001/2024) including data protection regulation

Scope

Complete timeline of this policy change