By 
The Nigeria Data Protection Commission (NDPC) has announced an increase in the licence fee for Data Protection Compliance Organizations (DPCOs) from N50,000 to N2 million. This hike aims to ensure that only committed and serious organizations apply for the licence.
Dr. Vincent Olatunji, the National Commissioner of the NDPC, disclosed this during a meeting with licensed DPCOs in Lagos on Wednesday.
DPCOs are entities licensed to guide organizations, referred to as data processors and controllers, in complying with the Nigeria Data Protection Act (NDPA). Nigeria currently has over 500,000 data controllers and processors.
Licence Revocation
Dr. Olatunji highlighted that many DPCOs, which acquired licences at the former fee of N50,000, have not been performing adequately, resulting in low registration of data controllers. Last year, this led to the revocation of 19 licences, and more may follow this year based on ongoing performance evaluations. Currently, there are 291 licensed DPCOs.
“Last year, we revoked 19 licences and we may revoke more this year as we evaluate their performance. With the increment in the licence fee, we are signaling that only those serious about operating in this sector should apply. By raising the fee to N2 million, we ensure that applicants are genuinely ready to do business,” Olatunji explained.
Compliance with Data Protection Law
Despite improvements, compliance with the data protection law in Nigeria remains low. In the first year, the NDPC received only 622 audit reports from data controllers. This number has now risen to over 3,000. However, given that there are over 500,000 data controllers, the expected number of registered controllers should be around 100,000, representing only about 20% compliance.
“Our mission is to cultivate a culture of data protection compliance in Nigeria, where organizations proactively comply without enforcement pressure,” Dr. Olatunji stated.
Industry Challenges and Awareness
Dr. Oyedokun Oyewole, President of the Institute of Information Management (IIM), also spoke at the meeting, noting that the data protection industry in Nigeria is still emerging. The IIM, recently licensed by the NDPC to certify data protection professionals, highlighted a lack of adequate awareness as a major challenge. Many stakeholders are yet to grasp the importance of robust data protection measures.
“The NDPC needs to intensify efforts to raise awareness about data privacy, especially in our increasingly digitized world,” Oyewole added.
The NDPC’s annual data protection report for 2023 revealed that the data protection industry created 10,123 jobs in 2023, a 5.7% increase from 9,577 jobs in 2022. Compliance revenue also rose significantly to N325 million from N94.4 million in 2022. The number of verified Data Protection Officers increased from 1,928 in 2022 to 1,955 in 2023. Additionally, the number of investigations grew from 117 in 2022 to 177 in 2023.
Overall, the 2023 data protection cumulative revenue reached N6.2 billion, up from N5.5 billion in 2022. The Compliance Audit Report saw an increase, with 3,451 reports in 2023 compared to 1,864 in the previous period from 2020 to 2021.
Comments