The recent Federal Government compliance directive issued to all Federal institutions is a positive development in Nigeria’s data protection journey, Mr. Olufemi Ogundere, Managing Partner/CEO, Marier Consulting says.

In a circular dated November 7, 2022, with Ref No. SGF/OP/l/S.3/Xll/186, Mr. Boss Mustapha, Secretary to the Government of the Federation, had instructed all Government Ministries, Departments, and Agencies (MDAs) to comply with the provisions of the Nigeria Data Protection Regulation (NDPR), the nation’s data privacy and protection rules.

Reacting to this development, Mr. Ogundere of Marier Consulting, one of the Data Protection Compliance Organisations (DPCOs) licensed by the Federal Government to offer compliance services says that data compliance has become valuable in today’s business world because it saves time and money.

The SGF’s directive, Ogudere says in an interview with Technology Times, “is a positive development; much of the progress in data protection over the last four years has been made by the private sector. This pronouncement by the SGF will ensure that the public sector begins standardising its processes involving the use of personal data in accordance with the requirements of the NDPR. This will be solidified if the Government can pass the Data Protection Bill so that things can be taken more seriously.”

The Federal Government’s directive has continued to receive positive reactions and commendations across the data protection business ecosystem, among others stakeholders, including the Nigeria Data Protection Bureau (NDPB), the newly-formed data protection watchdog agency for the country.

Nigeria, the Marier Consulting CEO says, has made relative progress within a shorter time frame in the area of data protection considering that the local regulation, NDPR was modeled after the EU’s General Data Protection Regulation (GDPR).

“We have made tremendous progress, considering that the NDPR has been greatly influenced by the GDPR which happens to be a regulation that evolved from a work of over five decades, “ Ogundere says.

Marier CEO: Every organisation needs Data Protection compliance  

“A lot of companies are compliant with the regulation and have actually started implementing the necessary tools to ensure they are not in breach of the regulation. The awareness is spreading by the day and this is becoming a part of the system, its evolving and has come to stay. “

For the Marier Consulting CEO, there is now need to drive massive awareness across public and private institutions to make citizens become more aware of their rights as data subjects.

“Although it may appear that the public sector lags the private sector at times,” Ogundere says, “it should be noted that data protection as a concept in Nigeria, and even as a requirement for organisations, is still in its infancy, and thus remains an area in which both sectors can improve. 

“For example, in the area of training and awareness, the public sector should devote more resources to raising awareness among staff members on the impact and benefits of data protection on the organisation, as well as sensitising the general public (who are typically the customer here) about their rights in terms of how the organisation uses their personal data. The Government agencies with proper training, awareness, and enforcements carried out will know the importance in meeting their obligations,” he says.

We have made tremendous progress, considering that the NDPR been greatly influenced by the GDPR which happens to be a regulation that evolved from a work of over five decades.

– Mr. Olufemi Ogundere, Managing Partner/CEO, Marier Consulting.

For the newly-formed NDPB, Ogundere recommends that the data privacy watchdog in partnership with the IT agency, the National Information Technology Development Agency (NITDA), should take the next steps in complementing the SGF’s directives to ensure sustainable compliance across board.

According to him, “a lot of sensitization and awareness programs targeted towards this specific audience is needed, the NDPB/NITDA needs to educate key stakeholders and be ready to hold their hands through the process, of course, the bureau could leverage on the Data Protection Compliance Organizations to drive this, but much of the initiative needs to come from their end.”

He also says that data protection compliance has become a valuable tool for businesses serving customers in today’s connected world if they must remain competitive and productive. 

“The gains are numerous. One major economic benefit of Data Protection is that it saves time and money. It is also a way of showing people you care about them, and it helps to position your brand in favourable light.”

For the Nigerian business community, Ogundere says that “because compliance with a Data Protection Regulation has recently become a requirement for doing business internationally, compliance with the NDPR has ensured that Nigerian organisations can continue to compete fairly on a global scale.”

According to the Marier Consulting CEO, his firm, one of the DPCOs in Nigeria, “have been working with the public sector before now. We have partnered Federal Government MDAs and even states on various levels of Data Protection related services from Audit compliance, training, to advisory and even carrying out specialized services such as DPIA, more than anytime else we are poised to partnering government institutions the more in their compliance journey.