Nigeria: Privacy and Data Protection-related Laws

There are no overarching data protection laws in Nigeria, but a number of laws aim to ensure the privacy of individuals in Nigeria, for example:

  • The Constitution provides for the right to privacy.
  • The Cybercrimes Act requires certain service providers to safeguard the confidentiality of data retained, processed or retrieved for the purpose of law enforcement.

The Data Protection Guidelines issued by the National Information Technology Development Agency (NITDA) prescribe minimum data protection requirements for the dealing with the personal information of Nigerian citizens. However, the Guidelines are not presently being implemented by the NITDA. The Child Rights Act No. 26 of 2003 also protects the privacy of children and seeks to limit access to information relating to children in certain circumstances. The Child Rights Act does the following:

  • Prohibits the publication of any information that will lead to the identification of a child offender.
  • Requires the records of child offenders to be kept strictly confidential and closed to third parties.
  • Requires the records of child offenders to be accessible only to persons directly concerned with the disposition of the case at hand, or any other authorised persons.
  • Prohibits the use of records of child offenders in adult proceedings in subsequent cases involving the same child offender.

Regarding health-related information, unauthorised disclosure of information relating to the HIV status of an individual is an offence under the HIV and AIDS (Anti-Discrimination) Act of 2014. In the telecommunications industry, the Competition Practices Regulations 2007 and the Consumer Code of Practice Regulations 2007 requires all licensees to take reasonable steps to protect customer information and ensure that such information is securely stored.


Previous Section Next Section

Have a comment, edit, or item to add? Share your thoughts by commenting below!

comments powered by Disqus