The issuance of the General Application and Implementation Directive (GAID) 2025 by the Nigeria Data Protection Commission (NDPC) is a significant milestone in the operationalisation of the Nigeria Data Protection Act (NDPA) 2023. As the second key regulatory instrument under the NDPA, GAID provides essential interpretive guidance that shapes the compliance landscape for data controllers and processors across Nigeria. Scheduled to take effect on 19th September 2025, the GAID builds upon the foundational principles of the NDPA while introducing innovative measures aimed at strengthening Nigeria’s data protection framework. This article examines the key provisions of GAID 2025, highlighting its transformative features, the challenges anticipated during implementation, and actionable strategies for compliance. It serves as a comprehensive guide for data protection stakeholders seeking to navigate and align with Nigeria’s evolving regulatory landscape.
UNDERSTANDING THE GENERAL APPLICATION AND IMPLEMENTATION DIRECTIVE (GAID) 2025: KEY INNOVATIONS AND COMPLIANCE STRATEGIES FOR DATA CONTROLLERS AND PROCESSORS.
