ARTICLE
26 November 2018

The Changing Landscape In Data Protection Guidelines: GDPR And The NITDA Guidelines

AO
Aluko & Oyebode

Contributor

Aluko & Oyebode logo

Aluko & Oyebode, a leading and full service international practice, provides timely and solution driven services to its clients across key markets in Europe, Asia, Sub-Saharan Africa, North and South America.

Our practice areas encompass the full range of corporate & commercial legal services, including banking & finance, dispute resolution, telecommunication, intellectual property, energy & natural resources, project finance, real property, taxation and privatization. The firm complements its corporate and commercial legal services with a robust litigation and Alternative Dispute Resolution (ADR) practice.

Our offices are located in the key commercial centres of Nigeria, namely Lagos, Abuja and Port Harcourt. The firm is made up of 24 partners and over 150 Senior Associates and Associates.

Explore Firm Details
Companies in the European Union (the "EU") have been preparing for 25 May 2018, the much anticipated date when the EU's General Data Protection Regulation ("GDPR") became effective.
Nigeria Privacy
Naomi Amobi and Sumbo Akintola

Introduction

Companies in the European Union (the "EU") have been preparing for 25 May 2018, the much anticipated date when the EU's General Data Protection Regulation ("GDPR") became effective. The purpose of the GDPR is to regulate how personal data is processed, wholly or partly, by automated means and regulating those persons that collect and process such data. This means that any personal data or information relating to an identified or identifiable person (such as their name, background, employment history, identification number, localization, income, cultural profile and other information) cannot be collected, recorded, organized, structured, stored, used, transferred, adapted or altered, or otherwise processed unless such processing is in line with the GDPR. The GDPR applies to Nigerian companies that are processing the personal data of individuals within the EU. As such, Nigerian data controllers and processors must seek the consent of individuals within the EU in an intelligible and easily accessible form, clearly specifying the purpose for the collection of their personal data.

The effect of the GDPR is exceptional in terms of data protection laws and companies could face a fine of up to €20 million or 4% of total worldwide annual turnover (whichever is higher) for breaches of the GDPR.

Key Players Affected

The GDPR outlines the role of the following key players that are within the scope of the GDPR:

  1. Controllers: A controller can be a natural or legal person, public authority, agency or other body, which alone or jointly with others, determines the purposes and means of the processing of personal data. The specific criteria for controllers may be determined by EU law or the law of a member state. Nonetheless, a controller has certain key responsibilities pursuant to the GDPR.

Click here to read more.

First published in Aluko & Oyebode Insights, June 2018.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Naomi Amobi
Naomi Amobi
Photo of Sumbo Akintola
Sumbo Akintola
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More