Analyst Insight

There have been ongoing debates about what a data protection officer must have to carry out her job appropriately. Especially in Nigeria, stakeholders are asking what a DPO possesses to be efficient in her role. In this piece, I highlight eight critical features of a DPO. Knowledge of the regulation. You can’t teach what you […]

When you go to some websites, you will find this gentle pop-up that seeks consent. Usually, it is the cookie consent or directions to read privacy notices. But most of the time, people don’t read these things because they are long and inaccessible. However, when you dig deeper into some consent forms, you would find […]

After a company identifies the data privacy framework that works for them, the next step is to consider the right privacy strategy. In simple terms, a privacy strategy covers the company’s approach in communicating and obtaining support for the privacy program within the organisation. Remember, to drive the privacy program is a team sport, and […]

Most Nigerian non-governmental organisations (NGOs), charities and religious houses overlook the Nigerian Data Protection Regulation. However, NGOs that cannot endure the medicine of the regulation because it is too strong must be content with inefficiency, bungling of data and steadily violating existing local data privacy regulation. Let us put the reason into perspective. A particular […]

What might seem like an ‘innocent’ act by an employer in the name of employee monitoring can be viewed as an excessive intrusion when placed under data privacy regulations lens. I relate a practical story for readers’ further comprehension.   The chief executive officer of a particular furniture shop in Lagos, Nigeria, places four cameras […]

In a meeting with some information security personnel, the chief executive officer (CEO) of a bicycle company in Lagos quipped that, “We only sell bicycles. Why should we be spending so much on Information Technology (IT) Governance?” With that statement, he cut the budget for IT governance and proceeded to pour more money on the […]

In any data protection or information security management framework, consent management or the lack thereof springs many things. The existence of a solid consent management framework plays a critical role in a company’s data protection strategy, and the absence can lead to infringement of the freedoms and rights of data subjects. The problem arises when […]

It’s easy to assume that the data protection principles’ especially transparency relies on or ends at publishing privacy notices on websites. Proper transparency methodology, carefully mapped into the data protection framework, can vault a company ahead of its competition into a position of increasing its reputation and increasing their customer loyalty. Those with well-defined transparency, […]