-
Compliance revenue grows by 361.54%
From Adanna Nnamani, Abuja
The Nigerian data protection sector recorded remarkable growth in 2024, generating N12 billion in cumulative revenue—nearly double the N6.2 billion recorded in 2023.
This growth reflects the sector’s increasing economic impact and the widespread adoption of data protection practices nationwide.
According to the Nigeria Data Protection Commission’s (NDPC) Annual Audits, compliance revenue surged by 361.54%, rising from N325 million in 2023 to N1.5 billion in 2024. The increase is attributed to intensified compliance audits, enforcement of data protection laws, and heightened stakeholder awareness.
The report also revealed that 213 data breach investigations were conducted in 2024, compared to 177 cases in 2023. Public engagement efforts saw significant progress, with 121 awareness programmes held in 2024, up from 70 in 2023.
The number of verified Data Protection Officers (DPOs) rose by 47.68%, from 1,955 in 2023 to 2,888 in 2024. Similarly, licensed Data Protection Compliance Organisations (DPCOs) increased by 50.92%, from 163 in 2023 to 246 in 2024.
Additionally, employment opportunities within the sector grew significantly, with 23,000 jobs created in 2024 compared to 10,123 in 2023, marking a 127.20% increase.
Speaking at the official unveiling of the report in Abuja on Tuesday, the National Commissioner of the NDPC, Dr Vincent Olatunji, stated that the organisation plans to prioritise enforcement of the data protection law in 2025.
Dr Olatunji highlighted that, since its inception, the Commission has focused on creating awareness among data controllers and processors about their responsibilities and obligations under the law.
He noted that significant progress has been made in raising awareness over the past 18 months and emphasised that the focus will now shift to strict enforcement.
Drawing parallels with the European Union’s General Data Protection Regulation (EU GDPR), Olatunji explained that a two-year awareness period was allowed between its release in 2016 and enforcement in 2018. Similarly, Nigeria has provided ample time for entities to understand their obligations.
“What we have been doing since the law was signed by President Bola Tinubu has been to create awareness for data controllers and processors to do their duty of care and to know their obligations to data controllers and processors.
“And for those that we have actually investigated, we found non-conformities. We have always taken them through compliance. They paid their remuneration fee and monitored them for six months to ensure that they do the right thing.
“And I think, in the area of awareness, we have done a lot for almost one and a half years now.And we are going to full enforcement going forward. Even for EU GDPR, it was actually released in 2016, but the COP referred to it in 2018. They allowed two years for awareness and for people to fully understand.
“So, I think we have done a lot of that in Nigeria. So it will be very hard on data controllers and processors that are not willing to obey the provisions of the law. So we will have more penalties, fines in this new year,” he stated.