NATIONAL ASSEMBLY MOVES TO REVIEW DATA PROTECTION LAW OVER RISING CYBER THREATS, AI RISKS
Read Time:3 Minute, 7 Second
By Aishat Momoh. O.
The National Assembly has commenced moves to review Nigeria’s National Data Protection Act (2023) amid growing concerns over cybercrime, digital privacy breaches and the rapid advancement of Artificial Intelligence technologies.
The Chairman of the Senate Committee on ICT and Cyber Security, Afolabi Salisu, disclosed this on Tuesday during the opening of a three-day Data Protection Awareness Workshop held in Abuja for members of the Joint National Assembly Committee on ICT.
The workshop was organised by the Nigeria Data Protection Commission in collaboration with Ampersand Development Partners.
According to Salisu, the planned amendment of the law became necessary due to evolving global realities, including the increasing sophistication of Artificial Intelligence systems, rising cross-border cyber threats and emerging international legal frameworks such as the United Nations Convention on Cybercrime.
“There is a nexus between data governance and cybercrime, hence the need to review the Act and strengthen it where necessary to protect our national interest,” he said.
The senator noted that cybercriminals now exploit AI tools, digital platforms and weak data governance systems to target individuals, businesses and governments across the world.
Nigeria has witnessed a steady rise in cyber-related crimes in recent years, including identity theft, ransomware attacks, financial fraud, data breaches and digital espionage. Banks, telecom operators, government institutions and private citizens have all reportedly been affected by cyber attacks.
Concerns have also intensified over the misuse of Nigerians’ personal data by digital platforms, mobile applications and online service providers, many of which allegedly collect user information without sufficient safeguards or informed consent.
Security experts have repeatedly warned that Nigeria’s expanding digital economy and increasing internet penetration make the country more vulnerable to cyber threats if regulatory and enforcement systems are not strengthened.
Salisu stressed the importance of lawmakers understanding the digital ecosystem to enable effective legislation in the sector.
“As legislators, we need to understand data privacy and protection. You cannot legislate in an area you are not sufficiently knowledgeable about,” he said.
He explained that the workshop would provide lawmakers with an opportunity to assess the implementation of the National Data Protection Act since its enactment in 2023 and identify areas requiring improvement in line with international best practices.
According to him, discussions from the workshop are expected to shape the roadmap and timeline for the amendment of the law.
The senator also warned Nigerians about the hidden risks associated with digital platforms, public WiFi networks and free online services, noting that many applications harvest and process users’ personal data without them fully understanding the implications.
Also speaking at the event, the Chairman of the House Committee on ICT and Cyber Security, Stanley Olajide, described data as one of the most valuable assets in the global digital economy.
“Data is gold. Nigeria’s next prosperity will not be oil but data,” Olajide said.
He stressed the need for stronger legal and institutional frameworks capable of protecting Nigeria’s digital assets and ensuring accountability in cases involving data breaches.
Olajide noted that developed countries already operate strict data governance systems designed to protect national interests, especially in areas such as cloud storage, digital transactions and cross-border information flows.
“Anything that resides in Nigeria and is generated here must be protected by our laws. That is why we must strengthen our legal frameworks,” he added.
Nigeria enacted the National Data Protection Act in 2023 to regulate the processing of personal data, safeguard citizens’ privacy rights and establish the Nigeria Data Protection Commission as the country’s primary data protection regulator.
However, stakeholders in the technology and cybersecurity sectors have continued to advocate stronger enforcement mechanisms, improved institutional capacity and regular updates to the law to keep pace with emerging technologies and increasingly complex cyber threats.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0