NDPC harps on compliance as it unveils Code of Conduct

In a significant move towards fortifying data protection measures, the Nigeria Data Protection Commission (NDPC) has introduced a Code of Conduct for Data Protection Compliance Organizations (DPCOs) operating in the country.

The announcement came from the National Commissioner of NDPC, Dr Vincent Olatunji, who emphasised the importance of upholding professionalism among organisations licensed to provide compliance services.

Dr Olatunji, addressing a meeting between the Commission and DPCOs on Tuesday, highlighted the commission’s enforcement drive in 2024.

He urged compliance organisations to consider their role in implementing the Nigeria Data Protection Act (NDPA) 2023 as a public trust, emphasising the need for a heightened sense of responsibility in their operations.

The NDPA, enacted in 2023, outlines stringent requirements for firms seeking to operate as DPCOs and engage in compliance services. Among these requirements is the necessity for firms to be duly licensed by the NDPC and to have a certified Data Protection Officer.

Dr Olatunji pointed out the vast opportunities presented by the NDPA, emphasising the lawful use of data and the potential for job creation within the data processing value chain. As of November 2023, the NDPC has licensed at least 163 Data Protection Compliance Organizations, signifying a growing recognition and adherence to the regulatory framework.

The introduction of the Code of Conduct aligns with the broader goal of fostering a secure and responsible data environment in Nigeria. As DPCOs play a crucial role in ensuring compliance with data protection regulations, the NDPC aims to create a framework that not only strengthens enforcement but also promotes ethical standards in data handling. This development marks a pivotal step in safeguarding individuals’ privacy and maintaining the integrity of data processing practices in the country.