The Nigeria Data Protection Regulation

The Nigeria Data Protection Regulation

The National Information Technology Development Agency (NITDA) is statutorily mandated by the NITDA Act of 2007 to develop regulations for electronic governance and monitoring of the use of information technology and electronic data.


Partner & Head, Cyber

KPMG in Nigeria

The Nigeria Data Protection Regulation

Consciousof the concerns around privacy and protection of Personal Data and the grave consequences of leaving Personal Data processing unregulated, NITDA has issued the Nigeria Data Protection Regulation (NDPR). The objectives of the regulation are as follows:

  • to safeguard the rights of natural persons to data privacy;
  • to foster safe conduct for transactions involving the exchange of Personal Data;
  • to prevent manipulation of Personal Data; and
  • to ensure that Nigerian businesses remain competitive in international trade through the safe-guards afforded by a sound data protection regulation.

The regulation applies to all storage and processing of Personal Data conducted in respect of Nigerian citizens and residents.

Click to download and read more on the "NDPR - Journey to compliance" article.

© 2022 KPMG Professional Services, a partnership registered in Nigeria and a member firm of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the KPMG global organization please visit

Connect with us