The Nigeria Data Protection Commission (NDPC) has issued the Nigeria Data Protection Act – General Application and Implementation Directive (NDP Act GAID) to help every individual and organisation covered by the Nigeria Data Protection Act (NDP Act) understand the provisions of the Act.
At a press conference to unveil the NDP Act GAID, the National Commissioner/CEO, NDPC, Dr Vincent Olatunji, commended the GAID committee members, made up of stakeholders from different sectors, for their efforts in producing the document. He noted that the NDP Act GAID addresses technical and organisational measures in the areas of data protection principles, lawful basis of data processing, NDP Act Compliance Audit, and data subject rights, among others. He also pointed out that emerging technologies were covered in the document.
He stated that data subjects do not have to be physically present at the Commission before demanding remediation when necessary. He said, “We have fully democratised the privacy breach remediation process for data subjects. We achieved this by introducing the Data Subjects’ Standard Notice to Address Grievance (SNAG), which empowers data subjects to use the instrumentality of the Commission to demand remedial action from data controllers and processors without first writing to the Commission.”
With the introduction of the NDP Act GAID, everyone can clearly understand the contents of the Nigeria Data Protection Act. It is expected that this will help data controllers and processors clearly understand their duties to their data subjects, while data subjects also understand their rights.