Like several countries around the world, the Nigerian government, after years of stale debates and regulatory inactivity, took the issue of data protection and privacy very seriously in 2019 through the issuance of the Nigerian Data Protection Regulation (NDPR) 2019 by the National Information Technology Development Agency (NITDA). The NDPR laid down the legal structure for the collection, processing, storage, use, transfer, protection and disclosure of personal data. It is said that the NDPR was influenced by the EU GDPR and that nearly all the provisions of the two regulatory instruments are identical. The NDPR is a significant advancement for the Nigerian economy and Nigerians’ privacy rights, considering its territorial implementation. It may also be Nigeria’s strictest and most far-reaching data protection law, placing strict requirements on entities and stringent penalties if there is a default in compliance.