The Nigeria Data Protection Commission (NDPC) has domesticated the certification of data protection officers (DPOs) to address the widening gap in certified DPOs.
This was disclosed by Victor Olatunji, chief executive officer of the NDPC, during KPMG’s Data Protection Workshop recently, emphasising the significant skill deficit in the country regarding DPOs.
Olatunji noted that while over 500,000 firms in Nigeria require DPOs, fewer than 10,000 individuals possess the necessary certification.
The CEO further explained that the new domesticated certification process is designed to meet global standards while aligning with Nigeria’s data protection laws. “Our aim is to develop a pool of globally competitive DPOs who can operate both locally and internationally,” he stated.
He noted that the programme incorporates a robust training framework, blending global best practices with Nigeria’s specific legal and operational requirements.
“We are not only certifying DPOs but also ensuring they are equipped to practice effectively,” Olatunji said. He highlighted that practical experience is a critical component of the certification process, enabling professionals to enhance their skills continuously and remain relevant in the global market.”
Read also: Our job is to protect your data rights – Olatunji, National Commissioner/CEO, NDPC
The NDPC’s initiative also includes creating career pathways and additional work opportunities for certified DPOs. Olatunji pointed out that the role of a DPO goes beyond data privacy, encompassing advisory, compliance, and operational support functions. “We want to encourage investments in data protection skills because the opportunities are vast,” he added.
He noted that they were starting with an initial batch of 500 DPOs, with plans to scale up efforts to bridge the gap in the sector.
The importance of the DPOs is highlighted in Section 32 of the Nigeria Data Protection Act (2023) which states, “A data controller of major importance shall designate a Data Protection Officer with expert knowledge of data protection law and practices.”
Speaking during the panel session, Samuel Asiyanbola, KPMG West Africa Partner, Cyber and Privacy noted that beyond the skills gap, there was a critical organizational challenge, which is the absence of the right “tone at the top”.
He explained that many organizations struggle to implement effective data privacy measures not because of a lack of intent among personnel in technology, legal, or compliance roles, but due to insufficient prioritization by executive leadership.
“If the board and executive management view privacy as a core priority, it sets the stage for a cultural shift. Without that, even the most skilled DPOs will face hurdles,” Samuel said.
Join BusinessDay whatsapp Channel, to stay up to date
Open In Whatsapp
