Dr. Vincent Olatunji, CEO/ National Commissioner of Nigeria Data Protection Commission has approved the extension of deadline for the registration of Data Controllers and Data Processors of Major Importance (DCPMIs).
Ravenewsonline reports that the commission in a statement issued on Friday by Babatunde Bamigboye, Head, Legal, Enforcement & Regulations, said that the new deadline for registration without penalty is the 31st of October, 2024.
The statement reads, “In order to ensure accountability and in line with sections 24(3), 29(1)(a) and 44 of the Nigeria Data Protection Act, 2024 (NDP Act), DCPMIs shall only engage agents and contractors who are duly registered with the Commission (as at 15th October, 2024) for the processing of personal data.
Read Also: BREAKING: NDPC Orders Immediate Probe of Optasia over Alleged Data Breach – Ravenewsonline
For ease of reference, section 29(1)(a) of the NDP Act provides: “Where a data controller engages the services of a data processor, or a data processor engages the services of another data processor, the data controller or data processor engaging another shall ensure that the engaged data processor —
(a) complies with the principles and obligations set out in this Act as applicable to the data controller;
“Furthermore, Section 65 of the NDP Act defines a data processor “as an individual, private entity, public authority, or any other body, who processes personal data on behalf of or at the direction of a data controller or another data processor.”
Read Also: Privacy Protection is Now Right of Citizens —Olatunji, NDPC Boss
The Commission enjoins data controllers and data processors of major importance to immediately ensure that those who process personal data on their behalf fulfill the obligation to register as required by law. Engaging an agent or contractor who does not comply with the principles and obligations (set out in the NDP Act) that are applicable to the data controller is a contravention of the NDP Act.
