PART ONE

PREAMBLE
WHEREAS, The National Information Technology Development Agency (NITDA,
hereinafter referred to as the Agency) is statutorily mandated by the NITDA Act of 2007
to, inter alia: develop Regulations for electronic governance and monitor the use of
electronic data interchange and other forms of electronic communication transactions as
an alternative to paper-based methods in government, commerce, education, the
private and public sectors, labour and other fields, where the use of electronic
communication may improve the exchange of data and information;
RECOGNIZING that many public and private bodies have migrated their respective
businesses and other information systems online. Information solutions in both the
private and public sectors now drive service delivery in the country through digital
systems.

These

information

systems

have

thus

become

critical

information

infrastructure which must be safeguarded, regulated and protected against atrocious
breaches;
COGNIZANT of emerging data protection regulations within the international community
geared towards security of lives and property and fostering the integrity of commerce
and industry in the volatile data economy;
CONSCIOUS of the concerns and contributions of stakeholders on the issue of privacy
and protection of personal data and upon evaluation of the grave challenges of leaving
personal data processing unregulated;
THE AGENCY hereby issues the Nigeria Data Protection Regulation and shall come
into effect on the date it is approved by the Board of NITDA

3

Select target paragraph3