An Information security expert has advised the civil society to embrace Nigeria Data Protection Regulation (NDPR) Act to ensure the safety of data rights and freedom of information.

Dr. Abiola Abimbola, Information Security Consultant, Net host Nigeria Ltd., gave the advice on Monday during a virtual conference held in Lagos.

The virtual conference, with the theme, “Nigeria Data Protection Regulation Act 2019- Benefit and Compliance Process,”  was organized by the Association of Telecommunications Companies of Nigeria (ATCON).

The Newsmen reports that NetHost is licensed by National Information Technology Development Agency (NITDA) as a Data Protection Compliance Organisation (DPCO) to provide capacity building, training, implement and assess companies against Nigeria Data Protection Regulation (NDPR) Act 2019.

Abimbola said citizens have the right to ask about the safety of his or her data and information from any company, as the usage of the NDPR really depends on the civil society adopting this regulation and using it to empower themselves.

“As a Nigerian national, if you observe that your personal details have been exposed or information about you is misused in any way by a Nigerian company, you have the right to contact NITDA who will investigate and fine applicable companies under the NDPR,’’ he said.

Abimbola, however, said that NDPR Act 2019 empowers Nigerians that reside anywhere in the world to ask companies that they believe have their personal data some basic questions about the safety of their personal data and prevention from hackers and information theft.

“All companies have to reply to your questions about your data information at no cost to you in most cases. However, the response to your questions may be that they cannot answer but they still have to tell you why they cannot respond.

“ If you believe their response is not satisfactory, you have the right to contact NITDA to investigate.

The data expert advised that the usage of the NDPR really depended on the civil society adopting the regulation and using it to empower themselves.

“Any person subject to this regulation, who is found to be in breach of the data privacy rights of any Data Subject shall be liable to the case of a Data Controller dealing with more than 10,000 Data Subjects, payment of the fine of two percent of Annual Gross Revenue of the preceding year or payment of the sum of N10 million whichever is greater

“Case of a Data Controller dealing with less than 10,000 Data Subjects, payment of the fine of one percent of the Annual Gross Revenue of the preceding year or payment of the sum of N2 million, whichever is greater,’’ he said.