Hello.cv is a promoter of Cape Verde country code top level Domain (Cape Verde ccTLD) under the 3 Million Technical Talent programme.

It will be recalled that FMCIDE under the leadership of Dr. Bosun Tijani, recently announced a $10 million partnership agreement with Hello.cv.

According to the Minister, the deal will see Hello.cv providing 20,000 3MTT fellows access to the company’s profile package valued at $500 per fellow, comprising a personal .cv domain, an AI-powered job search agent, and a professional CV writer.

But stakeholders in the industry argue that mandating the 3MTT fellows to acquire a foreign domain (.cv) contravenes the provisions of the “Nigeria First Policy” and relegates the Nigeria’s country code Top Level Domain (CcTLD) and identity, .ng.

While applauding the initiative to partner with a foreign company to join the indigenous trainers and train 20,000 3MTT fellows, some of the stakeholders, suggested that the Federal Government should have agreed on the other provisions of the partnership, but give Nigeria Internet Registration Association (NiRA), the Registry for the .ng domain, the right to host the 3MTT fellows on .ng domain, in adherence to the “Nigeria Firs” policy.

Others say Hello.cv could be mandated to host the fellows on .ng with .cv as a secondary domain host, such as hello.cv.ng.

Speaking on the issue, Chief Executive Officer, DNS Africa Media and Communications, Dr. Adebunmi Adeola Akinbo said: “Okay, the first thing we want to understand is this, the number of people that will be onboarded to the .cv ccTLD is huge. Does .cv ccTLD have the policy to protect the privacy of Nigerian’s data? Even if they have, it is it proper, when we are talking about a government that says, “Nigeria First” as its priority? it is very improper, very, very improper.”

He further noted that the .ng domain name is a domain name that can easily accommodate such a huge number of proposed job seekers. “If they say their brand is a Hello.cv, no problem, they should come and buy a hello.cv.ng if the branding is a priority for them. If they decide that this becomes like a business opportunity, an entrepreneurial ground for them to grow upon, they can send a mail and propose that, and we can onboard three million Nigerians or five million Nigerians to the .ng domain name.”

Approved by the Federal Executive Council (FEC) on the May 5, 2025, the “Nigeria-First Policy Agenda” is an economic initiative that mandates all Federal Ministries, Departments, and Agencies (MDAs) to prioritize locally produced goods and services in government procurement.

Its primary goal is to reduce import dependency on foreign goods and services, stimulate domestic industries, and boost job creation.

Pundits note that the $10 million Agreement package with Hello.cv (the Cape Verde ccTLD) by FMCIDE which includes a .cv domain, an AI-powered job search agent, and professional CV writing assistance for each of the 20,000 3MTT fellows, will only cede these fellows to utilize a foreign country’s domain, rather than Nigeria’s indigenous domain thereby promoting another country’s digital identity.

They argue that providing a domain name, which is a country’s identity on the internet space, shouldn’t have been part of the agreement, especially since Nigeria has the Nigeria Internet Registration Association (NiRA), the custodian of .ng CcTLD.

NiRA is the registry for .ng Internet Domain Names and maintains the database of names registered in the .ng country code Top Level Domain.

Speaking on the partnership, Emmanuel Amos, CEO, Programos and Innovationbed-AI Academy boss,  noted that the activities of government has made Nigerians gradually loose trust in its policies, as there is no stability in execution and compliance by the same MDAs responsible for driving the goals and objectives of government.

“Nigeria seems to have lost the collective-will to allow any technology deliver real value for the ecosystem. We plan elections, invest in technology, and yet we often lack the institutional resolve to let that technology work effectively for us. We do not have that system-will for us to envision solutions and implement something right for our system.”

Dr. Akinbo had reiterated also:

“Don’t forget that recently, the FMCIDE held a conference on cybersecurity. Now, when we’re talking about cybersecurity, these are the things that we should always put at the front burner, to ensure that the .ng is always at the forefront, and every other domain is at the back end in order to protect Nigeria’s data.

He concluded by stating that as good as it may sound, leaving the .ng domain name out of this circle of engagement is wrong.

“Taking information or data outside the .ng domain name and outside the domain of the Federal Republic of Nigeria is also wrong, where Nigeria has neither control nor significant influence to control how and where the data is used. I hope that the people in charge will hear this and make amends. All these, just started going out last month, so there’s room for amendments, there’s room to make the change, and ensure Nigeria retains its digital value”

According to Ugonma Egwuatu of ECAM Global Services, an ICT and Data Protection firm, if a government Ministry has given the trainees the permission to use a foreign domain, then the attention of the Nigeria Data Protection Commission (NDPC) should be drawn to it.

The NDPC has subscription to .ng as requirement for its Data Protection Compliance Organisations (DPCOs).

The concern, she notes, is about the security of the data.

“We are talking about 20,000 data sources here, so NDPC should be concerned.”

“There should be explanations regarding the backend: what are they doing with the data of the people that visit the sites? What is the reason behind the use of foreign domain as against the .ng that we know about? Are they trying to phish data? Are they trying to sell data? These are questions that need to be asked to know the reason why the ministry insists on the trainees using a foreign domain.”

She suggested that there should be a third-party agreement.

“I want to believe that as a ministry, they have done their due diligence, because the security of people’s data is involved”, she said.

He stated during a keynote remarks at the maiden edition of NDPC breakfast meeting with Data Protection Compliance Organizations (DPCOs) and other stakeholders, held in Lagos recently.

The NDPC Boss noted that the data ecosystem “is a global phenomenon, attracting global attention at all level of governance, and at the international level. So, what we have is a huge market and all us must work together to achieve the purpose and manage these opportunities. As earlier mentioned, ours is a sector that is recognized by the government and the international community.

Why commenting on the levels of successes, and tractions the organization has gotten in the recent time, Dr. Olatunji said “I will tell you that level of attention that we attracted from outside Nigeria is far more than what we have in Nigeria.

“Every day we keep getting requests from the international community on what we are doing as a commission and how we are doing it. Even countries that started before us are coming to ask questions about what we are doing in Nigeria.

“This speaks to the fact that we have adopted a model that is unique to us; the beautiful thing about Nigeria is if we adopt anything from anywhere we have the capacity to transform it to a better form”.

According to him, “the meeting is essentially focused on collecting information, data and to further engage stakeholders in the industry. One thing that has really worked for us as a Commission is that we engage with our stakeholders, we listen to their comments and advise. Even critical feedbacks from them are welcome and our doors are always open to anybody that is willing, because this will make us get better and all of this is to the benefits of this great country.

He noted that the breakfast meeting which was the first of its kind was borne out of the ideas shared by stakeholders in the industry.

“I think this is this is the first time we are meeting with you as an organization, although before now we have been engaging with you on individual basis and virtually”, he said.

This was made possible by some of you, because earlier in March a consortium of law firms made up of largely DPCOs visited our Commission and brought some wonderful and insightful suggestions, one of the suggestions birthed the meeting of today.

“So, any suggestion you have to improve this ecosystem is welcome, because I would say that this ecosystem is providing solution to the challenges that everyone can benefit from, ranging from the government, private organizations, business-owners amongst others.

He however, charged the Data Protection Compliance Organisations, to be up and doing, by working hard to benefit from the data ecosystem.

“It is not going to be business as usual. We need to revoke some license from the DPCOs that are not really working. So, all of us should buckle up, work and contribute to what we are trying to do”, he said.

Meanwhile, Adamma Isamade, the acting head of Legal, Enforcement and Regulation Department atthe Commission, emphasized that the Commission is open to constructive suggestion that will advance the course of NDPC.

According to her, the DPCOs are the second ‘P’ project in the ‘PPP’ Project signifying the Private sector.

“We recognize what you are doing and what you would to ensure that the ecosystem (Data Protection and Privacy Ecosystem System) develop and grow to international standard”, she said.

Many DPCOs at the breakfast session applauded NDPC for its resilience and far-reaching decisions to move the industry forward.

This decision comes as part of NDPC’s commitment to fostering a culture of accountability and transparency in data processing practices across Nigeria, according to a statement endorsed by Adamma Isamade, acting head, Legal, Enforcement & Regulations at NDPC.

The registration portal, which was previously closed in 2023, has been revamped to accommodate new DPCO applicants.

Through a robust Public-Private Partnership model, NDPC licenses private organizations to monitor, audit and report on compliance by Data Controllers and Data Processors in accordance with Section 33 of the Nigeria Data Protection Act, 2023.

This unique model, exclusive to Nigeria, has garnered attention from Data Protection Authorities worldwide.

With an estimated 500,000 Data Controllers operating in Nigeria, the demand for DPCOs has never been higher.

Currently, NDPC has licensed approximately 183 DPCOs, leaving significant room for additional partnerships.

Beyond regulatory compliance, NDPC envisions the registration of new DPCOs will act as a catalyst for nurturing a robust data protection culture in Nigeria.

By promoting awareness, conducting audits, ensuring compliance, and enhancing capacity-building initiatives, DPCOs contribute to safeguarding individuals’ privacy rights, foster trust and confidence in the digital space, and uphold legal and ethical standards in the data protection and privacy ecosystem.

Prospective DPCOs are encouraged to visit services.ndpc.gov.ng to commence the registration process.

Whilst addressing the meeting of the Commission with the DPCOs, Dr. Vincent Olatunji, the National Commissioner, urged DPCOs to see their role in the implementation of the Nigeria Data Protection Act (NDPA) 2023 as a public trust which must be guarded with utmost sense of responsibility.

Dr. Olatunji noted the opportunities presented by the Act particularly the lawful use of data and job creation in data processing value chain.

It will be recalled that NDPA 2023 under section 33 vests the Commission with the power to license persons having a requisite level of expertise, in relation to data protection and the Act, to monitor, audit and report on compliance by data controllers and data processors.

According to a statement signed by Itunu Dosekun, Head Media, NDPC, this is a unique Public Private Partnership model which is designed to promote trust and confidence in Nigeria’s digital economy which – like other economies around the world – thrives on data processing.

In line with the Code of Conduct, the compliance services that may be offered by DPCOs include but are not limited to the following:

a) Awareness and capacity building?

b) Registration of the data controller or a data processor with the Commission;

c) Development of compliance schedules;

d) Implementation of compliance schedules;

e) NDPA Compliance Audit and filing of Compliance Audit Returns with the Commission;

f) Data Privacy Impact Assessment; and

g) Facilitating and Vetting Data Privacy Agreement;

For a firm to operate as a DPCO and carry out compliance services, it must, among others, be duly licensed by the Commission and it must have a verifiably certified Data Protection Officer. As of November, 2023 163 DPCOs have been licensed by the Commission.

Whilst presenting the Code of Conduct to the DPCOs, Babatunde Bamigboye, the Commission’s Head of Legal, Enforcement and Regulations, X-rayed the target objectives and the principles, particularly: Privacy Consciousness, Capacity Building, Accountability, Data Ethics and Corporate Social Responsibility.

All DPCOs will be held accountable in line with the provisions of the NDPA, the Code of Conduct and other regulatory instruments that be issued by the Commission going forward.

Mr. Ivan Anya, the Chairman of ALDAPCON, in a press conference, said the Data Protection bill when passed into law will address the data privacy and confidentiality of Nigerians, enable secure dataflow, economic development, and improve national security, job creation and better global positioning.

He said this will also enable data processors and data controllers to have significant clarification of duties and responsibility for the protection of rights of data subjects (citizens).

“From inception of our work in the industry we actually face a whole lot of this level of resistance, some of them are still there, some are still waiting for sectoral regulators to advise them as to what direction they should take, not understanding by themselves why they should ensure compliance. We also have the issue of technicality that is prevalent within the ecosystem; instances where you have businesses hosting Nigerians’ data outside of the country. You need to ensure that such hosts of Nigerians data are hosted in full compliance with the Nigerian data protection regulation.

“The big issue is the aspect of the law. We are hopeful that as soon as the data protection bill is passed, it will address a whole lot of the technical and procedural issues we face now in terms of compliance.

“The bill is expected to contribute to the legal foundations of the digital economy of Nigeria and its participation in the regional and global economies through the beneficial, trusted use of personal data to help mitigate issues on data leakage, and ensure confidentiality and privacy of data.”

Speaking on the objectives of the association, Mr. Anya said Data Protection Compliance Organisations (DPCOs)  under the  umbrella body ALDAPCON as the privacy overseers in the country,  focuses   on driving  data compliance in the industry which  include to provide credible and authoritative data protection advisory to government, private and public organisations in Nigeria

“So we are currently running our second year since inception and we have been working with the Nigeria Data Protection Bureau (NDPB) in championing what should help guide data protection practice in Nigeria.

“The data protection compliance model is the only one of its type globally and no other country currently practices what we do. It is called the Public Private Partnership (PPP) arrangement where the supervising authority in this case, the NDPB has delegated some of its functions to the DPCOs to go to business organisations and assist them achieve compliance, this is what exactly we do,”

He said the association is helping create awareness on the importance of data protection and cyber security as well as the provision of data protection regulation in Nigeria.

“[This is] in addition to being the body of knowledge for data subjects on the Nigerian data protection legislation and its execution; as well as working with stakeholders to influence and assess the impact of data protection in Nigeria.”

He added that ALDAPCON has also provided certification training in data protection as well as the implementation and filling of gaps that may arise in the course of an audit assessment of how an organisation is compliant to the data protection regulations or the laws.

Assessment in areas of default and ensuring that at every point in time businesses are in full compliant with the requirements of the regulations

He noted that the data privacy sector has recorded significant achievements.  Between 2020 and 2021, compliance recorded 68% improvement. “We are hopeful that by the time the 2022 report comes out during the data privacy week of 2023; we’ll see exactly what has happened or what level of progress has been achieved.”

He added that the need assessment audit report published early this year for 2021 shows that there has been a significant improvement in terms of compliance within the fintech sector which has been quite remarkable.

Mr. Abdullaziz Ari, the Secretary of the Association, disclosed that the Association is coming up with standards to guide compliance in the industry, developing capacity within the ecosystem  and most importantly, to create awareness on how to assist the ecosystem comply with the requirements of the regulation.

“Well, for now we try to focus mostly on the public and private sectors. The memos will help bridge the gap in the public sector as the private sector has been more responsive in terms of compliance” Ari added.

Mr. Tunde Balogun, CEO of DSPL, in a statement today in Lagos, said both the creation of the Nigeria Data Protection Bureau (NDPB) to manage Nigeria’s burgeoning data protection industry and the appointment of Olatunji, a veteran public sector administrator, will help to positively accelerate required development of the nascent data sector.

“Government has initiated profound, practical steps to administer the steady growth of the data industry while the march towards legislation through an Act of Parliament is still progressively on course. This is highly commendable on the part of President Buhari and the Minister of Communications and Digital Economy, Prof Isa Ali Ibrahim Pantami.

“We expect operators and other stakeholders to critically look at how to leverage the new window for opportunities and collaborations,” said Balogun.

Earlier today, the ministry in statement released in the Abuja announced that, “the NDPB has been established in line with global best practice and will focus on data protection and privacy for the country, among others.

The statement further reads: “The successful implementation of the National Digital Economy Policy and Strategy (NDEPS) for a Digital Nigeria has significantly increased the adoption of data platforms and accelerated the datafication of our society. This has increased the importance of having an institution that focuses on data protection and privacy.

“Furthermore, the issuance of the Nigeria Data Protection Regulation (NDPR) in January 2019, as a subsidiary legislation to the National Information Technology Development Agency (NITDA) Act 2007, has increased awareness about the need for data protection and privacy. The Bureau will be responsible for consolidating the gains of the NDPR and supporting the process for the development of a primary legislation for data protection and privacy.”

“President Buhari also approves the recommendation of the Minister of Communications and Digital Economy, Professor Pantami, for Dr. Vincent Olatunji to serve as the National Commissioner/Chief Executive Officer of the Bureau. Dr. Olatunji hails from Ekiti State and, at the time of his appointment, was the Director of the eGovernment Development and Regulations Department at NITDA. The appointment takes effect immediately.”

Olatunji hails from Ekiti State and, at the time of his appointment, was the Director of the e-Government Development and Regulations Department at National Information Technology Development Agency (NITDA). The department was responsible for NDPR related issues and the had oversight responsibilities over all DCPOs.

DSPL is one of  Nigeria’s top DPCOs with a firm grip in both public and private sectors. DSPL has provided NDPR compliant services and trainings for Oyo and Plateau governments.

In Plateau,, central Nigeria, it has helped to guide the Plateau State Internal Revenue Service (PSIRS) to meet the NDPR compliance requirements and has offered extensive training suites for about eight ministries, departments and agencies (MDAs) in Oyo state.

It currently has the intellectual proprietary right on the NDPR Compliant Visitors’ Book which was recently unveiled in Abuja by the NITDA.