Tekedia author, Ademola Adeyoju, has written the most comprehensive review of the recent Nigeria Data Protection Regulation (DPR) released by NITDA (Nigeria Information Technology Development Agency). I think his works will be of interest to any entity or person working in the broad digital economy. Make time to read the review; he has spared us the legalistic boring stuffs for we non-learned citizens in the law. For me, this is the main part (the emphasis is from me):
The DPR covers transactions intended for the processing of personal data and to actual processing of personal data and person(s) residing in Nigeria or residing outside Nigeria but of Nigerian descent. But unlike the exceptional EU’s General Data Protection Regulation (the “GDPR”), for instance, it appears that the DPR does not apply to persons and entities outside Nigeria that collect, store, or process data of persons in Nigeria.
Simply, do not expect Nigeria to challenge Google, Facebook and Amazon on what they do with our data. The strategy makes sense because there is an asymmetric power dimension here: unlike EU which Google desperately needs its market (and will do all to comply with GDPR), if we make life hard for Google, it will shut down the Nigerian server. So, by technically exempting them, focusing on local firms, it shows Nigeria is still emerging, at global arenas, when it comes to shaping standards and policies on technology and other areas.
I asked Barrister to help break this regulation; he just did that. I thank him for assisting the community.