Key Points

• In the past two decades, the unprecedented incursion of technology into the economic and socio-cultural activities in Nigeria increasingly posed many unanswered questions on data protection and privacy. Consequently, this led to the country’s numerous attempts to enact a principal data protection legislation in addition to the existing sectoral laws on the subject.
• Despite its ratification of the Economic Community of West African States (ECOWAS) Supplementary Act on data protection in 2010, Nigeria carried on without a general data protection legislation until nine years later when the National Information Technology Development Agency (NITDA), in a face-saving regulatory move, issued the Nigeria Data Protection Regulation (NDPR) as Nigeria’s first all-encompassing and comprehensive, albeit subsidiary legislation on data protection.
• This article provides an analytical synopsis of Nigeria’s current legal framework on data protection touching its brief history, the general and sectoral enactments on data protection, the enforcement mechanism created under the NDPR as well as the Implementation Framework issued in the mould of guidance notes.

中文翻译：

---

尼日利亚的数据保护法律和制度模式：概述

关键点

• 在过去的二十年里，技术前所未有地侵入尼日利亚的经济和社会文化活动，越来越多地提出了许多关于数据保护和隐私的悬而未决的问题。因此，这导致该国多次尝试制定除有关该主题的现有部门法律之外的主要数据保护立法。
• 尽管尼日利亚于 2010 年批准了西非国家经济共同体 (ECOWAS) 关于数据保护的补充法案，但直到九年后国家信息技术发展署 (NITDA) 面对-为节省监管举措，发布了尼日利亚数据保护条例 (NDPR)，作为尼日利亚首个包罗万象且全面的数据保护附属立法。
• 本文提供了尼日利亚当前数据保护法律框架的分析概要，涉及其简要历史、数据保护的一般和部门法规、根据 NDPR 创建的执行机制以及以指导说明形式发布的实施框架。