About - NDPC

Our Core Values





About Us

In furtherance of numerous municipal and international instruments on the fundamental right to privacy and in recognition of the unprecedented, positive impact of Nigeria Digital Economy and Policy Strategy (NDEPS) on datafication of the nation’s economy, the Federal Government of Nigeria created the Nigeria Data Protection Bureau (NDPB) in February 2022. The Bureau is mandated to, inter alia, oversee the implementation of the Nigeria Data Protection Regulation (NDPR) which was issued by National Information Technology Development Agency (NITDA) in 2019 as a subsidiary legislation of NITDA Act, 2007.

The Bureau complements the work of statutory institutions of government in the common goal of safeguarding the privacy of natural persons. For instance, see Section 37 of the 1999 Constitution of the Federal Republic of Nigeria (CFRN, as amended); Article 12 of the Universal Declaration of Human Rights; Article 17 of the International Covenant on Civil and Political Rights (ICCPR); Section 8 of Child Rights Act; Sections 1 & 38 of Cyber Crime Act 2015; Part IV of Consumer Code of Practice Regulations (Nigerian Communications Commission); and Article 5.4 of Consumer Protection Regulation (Central Bank of Nigeria).

Notably, Article 14 of the ECOWAS Supplementary Act A/SA.1/01/10 on Personal Data Protection within ECOWAS provides inter alia: Within the ECOWAS space, each Member State shall establish its own Data Protection Authority and any State that does not have shall be encouraged to establish one (Thirty-Seventh Session of the Authority of Heads of State and Government). Although the NDPR is a subsidiary legislation under the NITDA Act 2007, courts of competent jurisdiction (up to the Nigeria Court of Appeal) have pronounced positively on its potency as a corollary of Section 37 1999 CFRN - thereby giving every Nigerian citizen and resident binding judicial precedents on data privacy according to the standard prescribed under the NDPR.

The Bureau is mandated to collaborate with stakeholders in achieving the objectives of the NDPR, namely, to:

  • a) Safeguard the rights of natural persons to data privacy;
  • b) Foster safe conduct of transactions involving the exchange of Personal Data;
  • c) Prevent manipulation of Personal Data; and
  • d) Ensure that Nigerian businesses remain competitive in international trade through the safe-guards afforded by a just and equitable legal regulatory framework on data protection and which is in tune with best practice.

We look forward to working with all stakeholders in order to achieve the aims and aspirations of the Bureau.