The National Assembly has said plans are underway to review the National Data Protection Act (2023) in view of emerging threats linked to technological advancement.
The Chairman, Senate Committee on Information and Communication Technology (ICT) and Cyber Security, Senator Afolabi Salisu, disclosed this at the opening of a three-day workshop on Data Protection Awareness Promotion organised for the Joint National Assembly Committee on ICT by the Nigeria Data Protection Commission (NDPC) and Ampersand Development Partners on Tuesday in Abuja.
Salisu explained that there is a link between data governance and cybersecurity; hence, the need to take a further look at the National Data Protection Act and strengthen it where necessary to meet emerging challenges.
The lawmaker, while noting that since the enactment of the Act in 2023, there have been new developments such as artificial intelligence (AI) and the United Nations Convention on Cybercrime, said it is imperative to take steps to protect the country, especially in cyberspace.
According to him, “As legislators, we need to have knowledge on data privacy and protection for us to be able to effectively legislate in that area.
“You cannot legislate in an area that you are not sufficiently knowledgeable in; this workshop affords us the opportunity to build our capacity to understand modern principles of data protection and to be in a position to review the National Data Protection Act.
“It has been three years down the line. How has this law addressed the needs of the nation, particularly given the emerging technologies, and how does it compare with other countries?
“At the end of this exercise, we would be able to come up with a roadmap and a timeline, with a view to reviewing the National Data Protection Act.”
The Chairman, House Committee on ICT and Cyber Security, Stanley Olajide, in his remarks stressed that data is a valuable asset which must be protected in the interest of the country.
Olajide said, “Whatever data that we have is our sovereign wealth, is something that belongs to us. How do we protect it? We have to make sure that the right legal frameworks are put in place, so that once that data is breached, you can actually hold entities, corporations and countries responsible when they breach your data law.
“In the US, they have their data law; if you put anything in their cloud, it is owned by the United States. So we also have to have something here.”
