News
Data Protection: NITDA approves NCC’s regulation on telecom companies
The National Information Technology Development Agency (NITDA) says it has approved the regulation of the Nigeria Communications Commission (NCC) on telecommunications companies, line with the Nigerian Data Protection Regulation (NDPR).
Mr Inuwa Kashifu, the Director-General of NITDA, said this on Tuesday in a statement in Abuja while reacting to a publication on ‘New NCC Directive will push telecoms to violate the NDPR’ on Oct. 18.
It was reported that NDPR was established in January 2019 to ensure privacy data protection and avoid violations by data providers, among other requirements.
According to the director-general, NCC’s directive to telecommunication companies is to ensure they store and make available, recordings of communications carried out over their network is in line with the provisions of the NDPR.
According to him, the regulation is to ensure that government provides adequate information to relevant regulators and make them aware of the benefits accrued for national security.
Kashifu said “The right to privacy, which the NDPR seeks to protect, is established by Section 37 of the 1999 Constitution as amended.”
“It emphasises that in a democratic society, there is right to privacy protection subject to justifiable law for public safety and order.
“The provisions of the NDPR are in agreement with the European Union General Data Protection Regulation (GDPR) which focuses on prevention of threats to public security.
“NDPR provides multiple bases for processing of personal data, while all data processing must be founded on legitimate interest, consent of data subject, legal interest, and contract of parties, public interest and vital interest of the data subject.
“The NCC’s directive is predicated on legitimacy and public interest,” he said.
Kashifu emphasised that the Federal Government, under the leadership of the current Minister of Communications Dr Isa Pantami, is committed to protecting citizens’ data, increase opportunities and improve the ease of doing businesses in the IT sector.
He also said that NCC among other relevant stakeholders was working hard to implement the NDPR directive.
The director-general said the move was because “there is an ongoing ‘consensus that the regulation is the country’s most comprehensive law on data protection.”