IGF 2023 Open Forum #67 Internet Data Governance and Trust in Nigeria

Time
Wednesday, 11th October, 2023 (07:00 UTC) - Wednesday, 11th October, 2023 (08:00 UTC)
Room
WS 6 – Room E
Join the Session Online

https://intgovforum.zoom.us/meeting/register/tJAude-hrTsuHNMz6_LDSbcQw-rf9iNIgful

Organization's Website
https://www.nitda.gov.ng
Subtheme

Data Governance & Trust

Issue(s)

Data Localization, Data Residency, and Data Sovereignty
Data Privacy and Protection

Round Table - 60 Min

Description

Objectives: To improve data governance and trust in the Nigeria Internet governance space, the following recommendations are proposed: The massive number of active Internet users in Nigeria generate volumes of data which raises further concerns about the privacy and safety of citizens and society. Therefore, there is a need to develop a comprehensive National Internet Data governance policy and framework that incorporates international best practices and addresses the unique challenges in Nigeria. This policy should be developed through a multi-stakeholder approach that involves government, civil society, and the private sector. Increase awareness and capacity-building programs for stakeholders on data governance principles, including the responsible use and protection of data, and the importance of trust in the digital economy. Strengthen regulatory bodies responsible for data governance, such as the National Information Technology Development Agency (NITDA), by providing adequate funding, technical capacity, and enforcement mechanisms. Encourage public-private partnerships to promote the responsible use of data and the development of innovative solutions for data governance and trust. Increase transparency and accountability in data governance practices by promoting the disclosure of data practices and engaging stakeholders in decision-making processes. Challenges to Data Governance and Trust in Nigeria The following challenges have been identified for conversation during the proposed Open Forum/ Town Hall Meeting at the 2023 IGF meeting. The issues identified for discussion underscore the need for appropriate data governance in Nigeria despite the development that have been witnessed in the ecosystem in the past couple of years. There are a number of challenges to data governance and trust in Nigeria. These challenges are: a. Inadequate awareness of data governance and privacy issues among individuals and organizations b. Inadequate legal and regulatory frameworks for data protection c. Low capacity for data governance and privacy enforcement c. Inadequate cooperation between the stakeholders i.e. government, businesses, and civil society on data governance and privacy issues among others. Opportunities for Addressing Challenges to Data Governance and Trust in Nigeria There are a number of opportunities for addressing the challenges to data governance and trust in Nigeria. These opportunities include: i. The establishment of Nigeria Data protection Bureau in Nigeria has changed the landscape and the dynamics of Data Governance and Trust in Nigeria. The Bureau was created in February 2022 by the Federal Government of Nigeria [4]. The Bureau is mandated to collaborate with stakeholders in achieving the objectives of the NDPR, namely, to: a) Safeguard the rights of natural persons to data privacy; b) Foster safe conduct of transactions involving the exchange of Personal Data; c) Prevent manipulation of Personal Data; and d) Ensure that Nigerian businesses remain competitive in international trade through the safe-guards afforded by a just and equitable legal regulatory framework on data protection and which is in tune with best practice [5]. ii. Raising awareness of data governance and privacy issues among individuals and organizations iii. Developing and implementing comprehensive legal and regulatory frameworks for data protection. This process is ongoing at the National Assembly where the Data Privacy Bill is being considered. iv. Building capacity for data governance and privacy enforcement v. Promoting cooperation between government, businesses, and civil society on data governance and privacy issues

The online moderator will take the following steps to ensure the active involvement of online participants - 1), Enable questions and comments to be contributed during the session 2), During the session, the online moderator will read out questions or comments from online participants to speakers to respond . 3), We will provide a link for online participants.(Microsoft Teams)

Organizers

National Information Technology Development Agency
Nigeria Internet Governance Forum MAG Nigerian Communications Commission National Information Technology Development Agency Nigeria Internet Registration Association Nigeria Data Protection Bureau

Speakers

Organiser/Coordinator: Mary Uduma and Engr. Kunle Olorundare Moderator 1: Engr. Kunle Olorundare ( VP-ISOC-NG); Moderator 2; Sen. Shuaibu Afolabi - Chairman Senate Committee on ICT and Cybersecurity - Chair of Session. Rapporteur 1: Igonor Oshoke (NIGF Program Manager) Speakers1: Lead paper Presenter, Representative of NITDA (Bernard Ewah); Speaker 2: Civil Society -Mrs Nnena Nwakamma - World Wide Web Foundation Speaker 3: Private Sector -Dr. Jimson Olufuye – Konteporary Konsulting Limited, Business Community Speaker 4: Regulator- Dr. Chidi Ugwu- Nigerian Communication Commission Speaker 5: Government - Hon. Adedeji Stanley Olajide, Chairman House Committee on ICT and Cybersecurity

Onsite Moderator

Moderator 1: Engr. Kunle Olorundare ( VP-ISOC-NG)

Online Moderator

Mary Uduma

Rapporteur

Rapporteur 1: Igonor Oshoke (NIGF Program Manager)

SDGs

1. No Poverty
4. Quality Education
5. Gender Equality
11. Sustainable Cities and Communities
16. Peace, Justice and Strong Institutions

Targets: Our theme relates with virtually all the SDGs because we need data to track for instance poverty, Sustainable Smart City, Quality Education, Gender Equality etc. However, SDG 16, "Peace, Justice, and Strong Institutions," aligns well with data governance and trust as it emphasizes the need for transparent, accountable, and inclusive institutions. Data governance frameworks and trustworthy data are essential for effective decision-making, public access to information, and the overall strengthening of institutions to achieve sustainable development.

Background Paper

Session Report (* deadline 26 October) - click on the ? symbol for instructions

NIGERIA OPEN FORUM AT THE UNITED NATIONS IGF 2023.

Wednesday, 11th October, 2023.

KYOTO, JAPAN.

Organized by:

  • National Information Technology Development Agency
  • Nigeria Internet Governance Forum MAG (NIGF MAG)
  • Nigerian Communications Commission (NCC)
  • Nigeria Internet Registration Association (NiRA)
  • Internet Society Nigeria Chapter (ISOC NG)
     

Speakers

  1. Hon. Adedeji Stanley Olajide - Chairman House Committee on ICT and Cybersecurity.
  2. Mr. Bernard Ewah – Lead Paper Presenter, National Information Technology Development Agency.
  3. Mrs Nnena Nwakamma - World Wide Web Foundation.
  4. Dr. Chidi Diugwu - Nigerian Communication Commission.
  5. Dr. Jimson Olufuye – Konteporary Konsulting Limited, Business Community.

Moderators

  1. Sen. Shuaibu Afolabi - Chairman Senate Committee on ICT and Cybersecurity - Chair of Session.
  2. Engr. Kunle Olorundare - Online Moderator, President, Internet Society, Nigeria Chapter (ISOC NG).

 

Onsite Facilitators

  1. Mrs. Mary Uduma – Chair, Africa Internet Governance Forum.
  2. Mr. Igonor Oshoke - Program Manager, Nigeria Internet Governance Forum.

 

Rapporteurs:

  1. Mrs. Uchechi Kalu
  2. Nitabai Prosper Dominic
  3. Zarah Wakil

 

 

 

 

 

 

Internet Data Governance and Trust in Nigeria

Introduction

In the fast-evolving digital landscape of Nigeria, where the internet has woven its way into every facet of life, the topic of Internet Data Governance and Trust has become paramount. With an impressive 156,987,433 active internet subscriptions and a broadband penetration of 48.49% as of February 2023, Nigeria is not just the most populous nation in Africa but also a vast market ripe with immense ICT investment opportunities.

This Open Forum, led by a paper presented by Mr. Bernard Ewah of the National Information Technology Development Agency (NITDA), delves into the intricacies of data governance and trust, emphasizing the shifting dynamics of data in a world where data has transitioned from a mere commodity to a valuable resource. As the custodians of data, regulators must now navigate this transformative landscape, seeking a balance between data extraction and protection, all while navigating the complexities of integrating structured and unstructured data. Infrastructure development, in this context, stands as a pivotal requirement [Lead Presenter].

The lead paper establishes that with a wealth of data comes an abundance of opportunities for all stakeholders, particularly the private sector and other interest groups, to harness this data's potential for economic growth. The task at hand is to create regulatory avenues that incentivize private sector investment in new digital infrastructure. Such governance demands policies that define the responsible use of data and clear mechanisms for execution [Lead Presenter].

The Open Form placed a strong emphasis on the capacity-building of users who stand to benefit from this data-driven revolution, which includes agencies like the Bureau of Public Procurement (BPP) and the Population Commission.

In this Open Forum, civil society, represented here by Mrs. Nnnena Nwakamma from the World Wide Web Foundation, underscores the need for innovation in data regulation and urges the creation of value from data beyond mere population statistics. Governance, in her view, must extend beyond silos, encouraging a dialogue between stakeholders to foster trust, even as regulatory instruments are put in place (Civil Society).

The private sector, represented by Dr. Jimson Olufuye from Konteporary Konsulting Limited, applauded the government for its regulatory efforts, recognizing the inherent value in data. Data's availability for analysis and the subsequent boost in GDP is a testament to the potential harnessed when data flows freely and securely. To unlock the true potential of this resource, the report suggests the need for frameworks for cross-border data and engagement in various programs and agreements like the CCI (Private Sector).

 

Dr. Chidi Ugwu of the Nigerian Communication Commission outlined the different data sources and categories emerging from Nigeria, highlighting the value of metadata and its importance for regulators. The rapid movement of metadata necessitates monitoring and jurisdictional considerations. The robust regulatory instrument, the Nigeria Data Protection Regulation (NDPR), was localized, but attention is needed for data that travels beyond Nigeria's jurisdiction (Regulator).

 

In the government's view, as presented by Hon. Adedeji Stanley Olajide, Chairman House Committee on ICT and Cybersecurity, laws that ensure data usability, security, and flexibility is paramount. The chain of data custody must be protected, and laws must be explicit and rigid to guide the principles of data. Engr. Kunle Olorundare, Online Moderator, Acting President of the Internet Society, Nigeria Chapter, underscores the importance of an open and secure internet, individual data encryption, the right to be forgotten, and the need for data protection (Government, Online Moderator).

 

This Open Forum not only looked at Nigeria but also engages with insights from Ghana, emphasizing the significance of regional cooperation and the importance of legislative enforcement for data protection. It's clear that in this digital age, the spotlight is on the fundamental rights associated with data, with various questions and concerns arising from different quarters (Sam George, Member of Parliament, Parliament of Ghana).

In summary, this session explored the critical dimensions of Internet Data Governance and Trust in Nigeria, addressing the shifting landscape of data and the call for cooperation and vigilance in safeguarding this invaluable resource.

 

Key Outputs:

Lead Presenter- Mr. Bernard Ewah – Lead Paper Presenter, National Information Technology Development Agency

  • The era of data commoditization underscores the importance of recognizing the value of data and its implications for data subjects.
  • Regulators must remain acutely aware of the ever-evolving dynamics of data in the digital landscape.
  • Striking a balance between data extraction, value creation, and the protection of data subjects is of paramount significance.
  • The integration of both structured and unstructured data emphasizes the complexity of managing data in this digital age.
  • The development of robust infrastructure is a fundamental requirement for effectively managing and utilizing data resources.
  • There exist abundant opportunities for all stakeholders, especially the private sector and other interest groups, to leverage data for economic growth.
  • Regulations should be designed to facilitate private sector investment in the development of new digital infrastructure.
  • Effective data governance necessitates the formulation of clear policies for data use and management.
  • Strengthening the capacity of users, including organizations like the Bureau of Public Procurement (BPP) and the Population Commission, is a key factor in enhancing data utilization and governance.

 

Civil Society -Mrs Nnena Nwakamma - World Wide Web Foundation

Question: As civil society, briefly share your thoughts on the current state of Data Governance in Nigeria. What more needs to be done to enhance transparency and accountability in data collection, processing, and sharing practices by both private and public entities operating in Nigeria?

  • Civil society emphasizes the need for a regulatory framework that fosters innovation in Nigeria, underscoring the dynamic nature of data and the necessity to adapt to changing circumstances.
  • The true value of data lies in its application and the creation of value, shifting the focus from mere population statistics to practical utilization.
  • Data governance is a multifaceted endeavor, necessitating a holistic approach that integrates other societal elements.
  • How can regulations be innovatively designed to drive value creation from data beyond demographic statistics?
  • Emphasize the need for holistic governance, ensuring that data management aligns with other societal needs.
  • As responsible citizens, it's essential to consider which data is being generated and made accessible, highlighting the individual's role in data governance.
  • Continued dialogue and collaboration among various stakeholders are central to building trust in data governance, even in the presence of regulatory instruments.

 

Private Sector -Dr. Jimson Olufuye – Konteporary Konsulting Limited, Business Community

Question: Given Nigeria’s population size and the vibrant innovation ecosystem, how is the Private Sector responding to new opportunities from new data sources?

  • The private sector recognizes the immense value that can be derived from data, lauding the government for taking steps to put regulatory instruments in place, which are poised to unlock substantial potential for Nigeria.
  • Data availability for analysis is central to the private sector's response to data opportunities. This, in turn, has contributed to the significant boost in Nigeria's GDP.
  • Acknowledging the importance of cross-border data, the private sector underscores the necessity for a comprehensive framework to facilitate data exchange.
  • Engagement in various programs and the signing of agreements like the CCI are considered essential to harness the full potential of data opportunities.
  • Nigeria's significant population size and ICT potential make it a prime candidate for substantial data-related investments.
  • Comprehensive data governance policies and frameworks are needed to address data misuse, breaches, and the loss of personal information.
  • The enactment of the Nigeria Data Protection Regulation (NDPR) in 2019 marked a step toward data governance and trust but faces challenges in enforcement and awareness.
  • Increasing awareness and capacity-building programs are crucial for stakeholders to understand data governance principles and responsible data use.

 

Regulator- Dr. Chidi Ugwu- Nigerian Communication Commission

Question: What are the likely Data Sources and Categories of Data coming from Nigeria and how is Nigeria giving value to this data especially as an emerging digital economy.

  • In the realm of telecommunications, the annual contribution to Nigeria's GDP stands at a significant 14 percent. This statistic highlights the profound impact of telecommunications on the nation's economic landscape, driven in part by data-related activities.
  • The core focus when addressing data is understanding its essence. Metadata, which represents structured data, has garnered substantial attention from regulators due to its relevance in data governance and security.
  • An essential aspect of data management is examining how data is generated and profiled, especially in the context of email usage. Understanding the intricacies of data usage is vital for effective governance.
  • Metadata, often regarded as "data about data," carries immense significance and requires vigilant monitoring. The pace at which metadata can traverse networks is compared to the speed of light, underscoring its potential for impact and risk.
  • While the Nigeria Data Protection Regulation (NDPR) has been localized to address data governance within Nigeria's borders, questions arise regarding data that transcends the country's jurisdiction. It is crucial to comprehend the extent to which data travels beyond national boundaries.
  • An essential aspect of data governance is the duty of care held by data controllers and processors. They bear the responsibility of safeguarding data and ensuring compliance with regulations.
  • Regulatory bodies such as NCC have introduced robust instruments and safeguards to protect individuals and their data. These instruments play a vital role in ensuring data security and governance.
  • The NDPR has been localised. What about those that data has travelled out of the jurisdiction of Nigeria. We need to understand to what extent our data travel.
  • There is a duty of care from Data Controller and Processor.
  • The Regulator has brought a robust regulatory instrument that protects the individual.

 

 

Government - Hon. Adedeji Stanley Olajide, Chairman House Committee on ICT and Cybersecurity

Question: How is the Nigerian government managing the outcomes of data governance regulations? (institutionalising the implementation, Monitoring, Disclosure,  Prosecution, Outcome and Continuous Evaluation as it regards Data Governance.

Promotion of Data Laws:

  • It is imperative to promote laws that render data not only usable but also secure and flexible. These laws should emphasize the need for data consistency, ensuring that data maintains its integrity and reliability.

Protecting the Chain of Data Custody:

  • The Government now focuses on the safeguarding of the chain of data custody is fundamental in data governance. It is essential to secure and manage data through its entire lifecycle, from creation to disposal.

Clarity and Stringency of Laws:

  • Data governance laws should be characterized by clarity and strict rules, leaving no room for ambiguity. Stringent regulations are necessary to uphold data security and compliance.

Data as a Moving Target:

  • In the dynamic landscape of data governance, data behaves as a "moving target." Understanding and addressing this dynamism is crucial for effective data management and Legislation.

Revamping Laws for Guiding Data Principles:

  • Laws pertaining to data governance need to be continuously revamped to ensure their alignment with the evolving principles of data management and protection.

 

Civil Society: Engr. Kunle Olorundare- Online Moderator, Acting President (Internet Society, Nigeria Chapter)

  • The Internet Society strongly advocates for the open nature of the internet, recognizing it as the primary source of data generation in the digital age. This commitment aligns with the Internet's role in enabling data-driven processes.
  • Ensuring data is kept encrypted and secure reflects a commitment to safeguarding individuals' personal information.
  • The Internet Society places importance on the right to be forgotten, acknowledging individuals' prerogative to have their personal data removed from public visibility. This right is integral to data privacy and protection.
  • The Internet Society underscores the necessity for a secure internet environment. This emphasis aims at preventing unauthorized individuals or entities from accessing an individual's data.

Africa Parliamentary Network: Sam George, Member of Parliament, Parliament of Ghana

What can AFRINIC do to ensure Data Governance?.

  • Thorough examination of the African Union's data policy is crucial. Understanding and aligning with this policy framework can play a vital role in shaping data governance practices in the region.
  • It's essential to be cautious not to confine data governance efforts to mere checkbox compliance. The experience of Ghana in passing the Data Protection Law in 2012 highlights the importance of moving beyond formalities to ensure effective implementation.
  • To bolster data protection efforts, portfolios within government ministries should allocate resources dedicated to the implementation of data protection laws.
  • Governments have increasingly recognized data as a fundamental right. This acknowledgment underscores the importance of safeguarding data and the privacy of individuals in the digital age.

 

Other Key Outputs

  • The internet has become an essential part of life in Nigeria, offering opportunities and challenges in data governance and trust.
  • Nigeria's significant population size and ICT potential make it a prime candidate for substantial data-related investments.
  • Comprehensive data governance policies and frameworks are needed to address data misuse, breaches, and the loss of personal information.
  • The enactment of the Nigeria Data Protection Regulation (NDPR) in 2019 marked a step toward data governance and trust but faces challenges in enforcement and awareness.
  • Multi-stakeholder collaboration is essential to develop effective data governance policies, involving government, civil society, and the private sector.
  • Increasing awareness and capacity-building programs are crucial for stakeholders to understand data governance principles and responsible data use.
  • Transparency and accountability in data governance practices, along with stakeholder engagement in decision-making processes, are vital for building trust.
  • Data sources include Social Media Data, Mobile Phone Data, Scanner or transaction data, Automatic Systems Data, Geo-special Data.
  • The International Telecommunication Union can help in upscaling women in Cybersecurity.