The issuance of the General Application and Implementation Directive (GAID) 2025 by the Nigeria Data Protection Commission (NDPC) is a significant milestone in the operationalisation of the Nigeria Data Protection Act (NDPA) 2023. As the second key regulatory instrument under the NDPA, GAID provides essential interpretive guidance that shapes the compliance landscape for data controllers and processors across Nigeria. Scheduled to take effect on 19th September 2025, the GAID builds upon the foundational principles of the NDPA while introducing innovative measures aimed at strengthening Nigeria's data protection framework. This article examines the key provisions of GAID 2025, highlighting its transformative features, the challenges anticipated during implementation, and actionable strategies for compliance. It serves as a comprehensive guide for data protection stakeholders seeking to navigate and align with Nigeria's evolving regulatory landscape.
Open PDF to continue reading >>
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
