i. Multi-Country Data Governance Study Tour: The Nigeria Data Protection Commission hosted delegates from six African countries: Botswana, Eswatini, Mozambique, Sierra Leone, The Gambia, and Tanzania on a data governance study tour - a part of the Data Governance in Africa Initiative under the Digital for Development (D4D) Hub, jointly funded by the European Union and the German Federal Ministry for Economic Cooperation and Development (BMZ) and implemented by GIZ in partnership with the African Union Commission, AUDA-NEPAD
This initiative was aimed at strengthening cooperation among Data Protection Authorities (DPAs) across the continent and fostering peer-to-peer exchanges that support institutional development and regulatory capacity.
Over the course of the week-long tour, delegates engaged in sessions focused on the legal framework underpinning the establishment of the Commission, licensing and registration of data controllers and processors, public awareness strategies, and roadmap development for effective data governance. The program also addressed enforcement mechanisms, data breach and complaint handling, data privacy impact assessments, and the role of local and international cooperation. A key highlight was a visit to Nigeria’s National Assembly, where delegates explored legislative processes and the critical role of lawmakers in the data protection and privacy ecosystem.
This study tour reinforced the commitment of participating countries to the African Union Data Policy Framework and emphasized the importance of building strong, independent, and collaborative data protection authorities across Africa.
i. Partnership with National Orientation Agency: In a significant move to enhance public awareness and education, the Nigeria Data Protection Commission is partnering with the National Orientation Agency (NOA), the government agency mandated to inform and engage citizens through civic education and advocacy. This partnership is aimed at promoting widespread sensitization on data protection and privacy using NOA’s extensive communication platforms.
This includes collaboration with over 255 radio stations broadcasting in 72 Nigerian languages, as well as television stations, print media, social media, and direct engagement with NOA staff across its 818 offices nationwide.
The initiative is designed to ensure that citizens across all regions understand their privacy rights and are empowered to make informed decisions about their personal data.
ii. Memorandum of Understanding with Bauchi State Government: The Commission signed a Memorandum of Understanding (MOU) with the Bauchi State Government to strengthen data governance and ensure compliance with the Nigeria Data Protection Act (NDP Act) 2023. This partnership marks a major step in the nationwide implementation of the NDP Act and sets a strong example for collaboration between federal
and sub-national governments in advancing digital rights and privacy protections.
Under this agreement, Bauchi State has committed to implementing mandatory data protection compliance measures across all its Ministries, Departments, and Agencies, establishment of Data Protection Service Unit within the state’s public service to coordinate and monitor these efforts, thereby reinforcing public trust and institutional accountability in the handling of personal data.
iii. Launch of the Virtual Privacy Academy: In pursuit of its mandate to promote data protection awareness and capacity development across Nigeria, the Nigeria Data Protection Commission (NDPC) has launched the Virtual Privacy Academy (VPA) - a flagship digital learning initiative designed to democratise access to data protection education and foster a culture of privacy consciousness in Nigeria’s digital ecosystem.
The Academy represents a paradigm shift from conventional online learning approaches. It adopts a storytelling and experiential learning model, immersing participants in real-life digital scenarios that mirror common data privacy challenges encountered in personal, professional, and institutional contexts. Learners are guided to make decisions, observe outcomes, and derive lessons within a movie-style, interactive environment.
This approach simplifies complex data protection concepts, making them accessible, relatable, and actionable for a diverse audience — from students and civil servants to entrepreneurs and data professionals. The launch of the Virtual Privacy Academy signals a major step toward building a data-literate population and strengthening national digital resilience through continuous learning and awareness.
The strategic objectives are to enhance data protection literacy through accessible and contextual learning, promote behavioural change in data handling by illustrating real-world implications, strengthen national capacity through workforce development, and foster a sustainable culture of privacy that supports safer digital interactions and trust in data-driven services.
The target is to reach and train at least 500,000 learners within the first 12 months of deployment — cutting across the public sector, private organisations, SMEs, and educational institutions thereby contributing to measurable national progress in data protection literacy and compliance