Nigeria's NDPC and Mastercard Partner to Boost Data Privacy Through Virtual Academy

Strategic Partnership for Data Protection

The Nigeria Data Protection Commission (NDPC), the nation's primary data protection regulator, has announced a significant collaboration with global technology company Mastercard. This partnership aims to bolster data privacy standards within Nigeria's financial industry and the broader digital economy. As part of the initiative, Mastercard has successfully onboarded all its employees in Nigeria onto the NDPC's flagship training platform, the Virtual Privacy Academy (VPA).

The VPA is designed to equip professionals with essential knowledge in personal data governance, lawful processing, cybersecurity hygiene, and emerging regulatory obligations. The curriculum distills key principles from the Nigeria Data Protection Act (NDPA) 2023 and the General Application and Implementation Directive (GAID) 2025 into practical, locally relevant content.

Addressing Rising Data Breach Concerns

The collaboration comes at a critical time for Nigeria, which has seen a notable increase in data privacy incidents. Data breach incidents in the country surged by 64% in the first quarter of 2023 alone. Furthermore, the NDPC investigated 213 privacy breaches between 2023 and 2024, underscoring the urgent need for enhanced data protection awareness and compliance training.

Dr. Vincent Olatunji, National Commissioner and CEO of the NDPC, emphasized the importance of the partnership, stating, 'We are proud to work with Mastercard to deliver real-world solutions that strengthen Nigeria's data protection ecosystem. The Virtual Privacy Academy will play a critical role in empowering professionals with the knowledge and confidence to uphold ethical data practices in a rapidly evolving digital world.'

Mastercard's Commitment to Digital Trust

Mastercard's involvement highlights its commitment to privacy, data responsibility, and regulatory compliance. Mark Elliott, Division President for Africa at Mastercard, commented, 'Privacy is not just a compliance requirement; it's a core pillar of digital trust. By enrolling all our Nigerian staff in the NDPC Virtual Privacy Academy, we are embedding privacy awareness into the fabric of our operations and supporting Nigeria's digital rights agenda.'

Derek Ho, Deputy Chief Privacy, AI and Data Responsibility Officer at Mastercard, added that the collaboration 'is equipping professionals with the tools to make ethical, informed decisions that protect individuals while enabling innovation.' Following the successful onboarding of its employees, Mastercard plans to extend access to the VPA to its vendors and suppliers, aligning with NDPC guidelines and aiming to foster a holistic culture of data protection within the wider digital payments ecosystem.

The Role of the NDPC

The NDPC was established under the Nigeria Data Protection Act 2023, signed into law on June 12, 2023, formalizing its mandate to regulate and oversee data protection principles in Nigeria. The Commission's objectives include safeguarding the rights of natural persons to data privacy, promoting secure data processing practices, and strengthening the legal foundations of the national digital economy. The NDPC replaced the Nigeria Data Protection Bureau (NDPB), which was created in February 2022.