Abuja: Nigeria has called for the harmonisation of data protection and privacy laws across Africa to enhance trust, enable secure cross-border data flows, and strengthen the continent’s digital economy. Dr Vincent Olatunji, the National Commissioner of the Nigeria Data Protection Commission (NDPC), made this statement during the Data Protection Cross-Regional Peer Exchange Visit in Abuja.
According to News Agency of Nigeria, the NDPC, in collaboration with the World Bank and Smart Africa, is hosting delegations from nine African countries for the event. These countries include Gambia, Burundi, Sierra Leone, Malawi, Zambia, Kenya, Ethiopia, Liberia, and Somalia. Olatunji highlighted Nigeria’s successful establishment of a functional data protection ecosystem that has garnered global attention, urging African nations to deepen cooperation to achieve similar progress.
He stated that the foundation of digital trade and cooperation, particularly under the African Continental Free Trade Area (AfCFTA), lies in the protection of personal data. There is a pressing need to ensure that the personal data of Africans and legal residents can be securely transferred across borders, with necessary safeguards in place. Olatunji emphasized the importance of countries having enforceable privacy laws, effective data protection authorities, and guaranteed data subject rights to foster trust in cross-border data exchange.
Olatunji also stressed the necessity for African countries to develop indigenous technologies to drive the implementation of data protection laws and build robust systems. He encouraged participants to utilize Smart Africa’s platforms for continuous learning through courses, communities of practice, and knowledge exchange.
Ms Elena Gasol, Senior Counsel for Data and Trade at the World Bank, noted that the initiative aims to help countries transition from data protection laws on paper to effective institutional implementation. Participating countries are at various stages, with some still operationalizing legal frameworks, while others, like Nigeria, are already navigating complex compliance and enforcement issues. The goal is to create a space for peer-to-peer exchange where authorities can share best practices, challenges, and lessons learned, with expectations for concrete outcomes such as 90-day implementation commitments and cooperation offers among participating countries.
Delegates from other countries expressed their intentions to learn from Nigeria’s experience. Mrs Deborah Haddis, Stakeholder Engagement Advisor at the Ethiopian Communication Authority, mentioned that Ethiopia is in the early stages of implementing its data protection framework following the passage of its law in 2024, and they aim to learn particularly about enforcement and implementation. Similarly, Mr John Nje, Vice-chairman of the Information Commission of The Gambia, indicated that their data protection law, passed in September 2025, is still developing, and they are there to exchange ideas and build capacity for effective implementation.
The programme, supported under the World Bank-financed West Africa Regional Digital Integration Project (WARDIP), is designed to promote cross-regional learning and strengthen regulatory capacity across Africa.