Close button
The Guardian
Email YouTube Facebook Instagram Twitter WhatsApp

‘NCC regulation not in conflict with the NDPR’


Cyber secutity

The National Information Technology Development Agency (NITDA) has said that regulation from the Nigerian Communications Commission’s (NCC) is not in conflict with the country’s data protection plan.

The agency said the communications sector under the Minister of Communications, Dr Isa Ali Ibrahim Pantami, is working in symmetry to protect Nigerians, increase opportunities and improve ease of doing business in the sector.

NITDA said this in response to an online publication titled “New NCC directive will push telcos to violate Nigeria Data Protection Regulation (NDPR)” on October 18, 2019.


In a statement signed by NITDA’s Director-General, Kashifu Abdallahi Inuwa, he said the writer was of the opinion that the NCC’s directive to telecommunication companies to store and make available recordings of communications carried out over their network is antithetical to the provisions of the NDPR.

On the bands of privacy and national security, the agency stressed that the right to privacy, which the NDPR seeks to protect is established by Section 37 of the 1999 Constitution (as amended), and Article 2 of the European Union General Data Protection Regulation (GDPR).

“The right is however limited by Section 45. (1) which provides: Nothing in sections 37, 38, 39, 40 and 41 of this Constitution shall invalidate any law that is reasonably justifiable in a democratic society (a) in the interest of defence, public safety, public order, public morality or public health; The right to privacy protection is subject to reasonably, justifiable law for public safety and order.

“This Regulation does not apply to the processing of personal data:
(d) by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security.

“Furthermore, Article 2.2 of the NDPR provides multiple basis for processing of personal data. While all data processing must be founded on legitimate interest, the other basis for processing include- consent of data subject, legal interest, contract of parties, public interest and vital interest of the data subject. The NCC’s directive is predicated on legitimacy and public interest,” he said.

Inuwa added that the NCC, like every other government agency is working assiduously to implement the NDPR as there is a consensus that the Regulation, is at the moment the country’s most comprehensive law on data protection.

However, NITDA appreciated increasing level of civil discuss and interrogation of the NDPR by many Nigerians and believed that such engagement would increase development of robust and effective regulatory regimes that works for all.

Receive News Alerts on Whatsapp: +2348136370421

No comments yet