At the United Nations Summit of the Future held in New York from September 20-23, world leaders reached a significant milestone by agreeing on the final text of the Global Digital Compact (GDC). The document annexed to the Pact for the Future, represents a major step forward in addressing global challenges posed by emerging technologies.
The GDC is a comprehensive framework aimed at creating a safe, inclusive, and equitable digital future for all. It emphasises international cooperation on critical issues like cybersecurity, data protection, and artificial intelligence (AI) governance.
For Nigeria, a developing nation where the digital economy is rapidly expanding, the Compact holds particular relevance.
First, because it aims to close digital divides, recognising the transformation technology is creating. Second, because digital tools are increasingly becoming integral to everyday life in Nigeria—whether for mobile banking, business operations, or communication, so the GDC’s focus on securing digital infrastructure is some sort of enhanced protection.
From small business owners relying on mobile payments to individuals navigating social media, the GDC aims to provide a safer digital environment.
Key points from the Global Digital Compact:
Key Area | Details |
Objective | The GDC aims to create a safe, inclusive, and equitable digital future through global cooperation, tackling issues such as cybersecurity, data governance, and digital inclusion. |
Cybersecurity | Global cooperation is essential to address digital risks like cyber threats, data breaches, and AI-driven attacks. Emphasises secure and reliable internet infrastructure. |
Digital inclusion | Aims to close digital divides by ensuring that people from all regions, including developing nations, have access to the benefits of digital technology. |
AI and emerging technologies | Calls for responsible governance of artificial intelligence to prevent misuse and ensure technologies benefit humanity. |
Human rights | The GDC emphasises that digital technologies should respect and protect human rights, ensuring privacy and freedom of expression in the digital space. |
International cooperation | Encourages collaboration between governments, private sector, and civil society to ensure digital innovations are globally inclusive and secure. |
Data privacy | Advocates for robust data protection measures to ensure individuals’ privacy and secure cross-border data flows. |
Environmental sustainability | Highlights the importance of minimising the negative environmental impact of digital technologies while promoting sustainability through digital innovations. |
Cybersecurity in everyday life
Cybersecurity threats have become a part of daily life for tens of millions of people. From online fraud to hacking of bank accounts, Nigerians – just like the rest of the world – are frequently targeted by cybercriminals.
Phishing attacks, where scammers pose as legitimate entities to trick individuals into revealing sensitive information are particularly rampant.
Nigerian banks were among the top targets for phishing attacks worldwide, according to a report published in 2023 by cybersecurity firm Check Point Research, with over 1.3 million phishing attempts detected in the first half of the year alone.
Many Nigerians still fall victim to fraudulent schemes, often receiving emails or text messages designed to steal their banking details or personal data.
Mobile banking, becoming a popular tool for many Nigerians, is another area of concern. Hackers have targeted mobile banking platforms, exploiting vulnerabilities to gain access to user accounts. These threats not only jeopardise individuals’ financial security but also erode trust in digital systems, which are crucial for both personal and business transactions, especially in rural areas.
The GDC, which promotes international cooperation on cybersecurity, is designed to address these very challenges. It would set global standards for digital security, and create a safer online environment for everyday users.
For Nigerians, the implications are significant. Adeboye Adegoke, Senior Manager, Grants and Programmes Strategy, Paradigm Initiative, tags it a global norm. He says:
“It (the GDC) promotes the establishment of safeguards that address violations like financial fraud and data breaches. By aligning Nigeria’s cybersecurity policies with the GDC’s standards, everyday Nigerians, especially in sectors vulnerable to financial fraud, could see enhanced protection through strengthened legal frameworks, human rights safeguards, and international collaboration.”
However, he argues that it is not binding on individual states. Member states will adopt according to their local realities. But, the “government should look at the document and draw inspiration from it.”
Nigeria’s current cybersecurity and the GDC
Nigeria’s cybersecurity landscape has been evolving steadily, driven by an increase in digital adoption across sectors such as banking, e-commerce, and government services.
Key policies like the National Cybersecurity Policy and Strategy (NCPS) aim to safeguard citizens’ digital activities, particularly financial transactions and personal data. However, the efficacy of these policies has been mixed, revealing several critical vulnerabilities that put ordinary citizens at risk.
How existing cybersecurity policies impact everyone
Nigeria’s cybersecurity policies are designed to protect critical infrastructure, financial systems, and citizens’ data. The most significant areas of protection include:
Financial transactions: With digital banking and fintech booming, policies ensure that financial institutions comply with secure transaction protocols like encryption, two-factor authentication (2FA), and fraud monitoring. Institutions regulated by the Central Bank of Nigeria (CBN) must follow these strict cybersecurity guidelines, reducing fraud risks and bolstering consumer confidence in online banking.
Personal data security: The Nigeria Data Protection Regulation (NDPR) aims to secure personal information, particularly in sectors like finance, telecom, healthcare, and e-commerce. This is critical as Nigeria grapples with rising identity theft, fraud, and unauthorised data sharing. The NDPR is supposed to enforce guidelines for collecting, processing, and storing personal data, offering citizens some level of privacy protection.
Despite these initiatives, enforcement, infrastructure, and awareness gaps still exist.
The gaps:
Lack of awareness and digital literacy: Many Nigerians, especially in rural areas, lack basic knowledge of cyber hygiene, making them easy targets for phishing, scams, and social engineering attacks. While urban areas benefit from stronger internet infrastructures and educational outreach, the digital divide exacerbates the issue.
But, according to Adeboye, “The GDC commits to closing digital divides and emphasises digital literacy as a critical goal for developing countries. For underserved areas in Nigeria, the GDC proposes the development of national digital skills strategies, teacher training programs, and adult learning opportunities.
“By focusing on tailored capacity-building and the inclusion of local content, these measures could significantly improve digital literacy in Nigeria’s rural areas, thus reducing cybercrime and online scams, which disproportionately affect vulnerable populations.”
Weak enforcement of cyber laws: Despite having regulatory frameworks, enforcement is inconsistent. Cybercriminals often exploit loopholes due to the lack of an integrated legal framework across states, weak monitoring mechanisms, and corruption. Consequently, cybercrime, especially fraud and identity theft, continues to rise.
Underfunded cybersecurity infrastructure: Public and private institutions, especially small businesses and local government offices, often lack the budget for adequate cybersecurity measures, leaving networks unprotected and vulnerable to attacks. The absence of up-to-date security infrastructure (e.g., firewalls, encryption) makes these entities easy targets for hackers.
Inadequate protection of personal data: We would recall the data breach that happened at NIMC, particularly how a Minister’s details were sold for 100 naira. While the NDPR provides a framework for data protection, compliance among businesses, especially in informal and smaller enterprises, is low. Nigerians are frequently exposed to risks such as data breaches, where sensitive information can be stolen or sold.
How the Global Digital Compact can close the gaps
One of the key benefits of the GDC is its ability to enhance Nigeria’s cybersecurity infrastructure.
Through partnerships, the GDC can offer access to global best practices, funding, and technology transfer, equipping institutions with the latest tools to defend against cyber threats. Besides, the GDC encourages cross-border cooperation, enabling Nigerian cybersecurity agencies to collaborate with international organisations to track, investigate, and prosecute cybercriminals operating both within and outside Nigeria’s borders. This is particularly important given the increasing number of cyberattacks originating from foreign networks.
Adeboye agrees that the adoption of the GDC could “lead to improved access to secure and reliable digital services by promoting policies that support the development of local digital infrastructure.”
He adds that the “GDC recognises Digital Public Infrastructure (DPI) as critical for delivering services at scale and increasing social and economic opportunities for all. It describes DPI as resilient, safe, inclusive, and interoperable, and emphasises its potential to empower societies by enabling public trust in digital systems. This can directly benefit small business owners, students, and ordinary citizens by providing them with a safer online environment, access to affordable internet, and better protection of their data. The GDC’s emphasis on building digital public goods like open-source platforms can help small businesses thrive in Nigeria’s digital economy.”
Another significant advantage of the GDC is its potential to strengthen Nigeria’s legal frameworks. By aligning Nigeria’s cyber laws with international standards, the GDC can help tighten legal loopholes and improve enforcement. This would lead to more robust cybercrime laws, better data protection, and increased accountability for breaches and fraud.
Also, the GDC can support national efforts to promote cybersecurity education, focusing on digital literacy for ordinary citizens. Campaigns on secure online behaviour, fraud detection, and personal data protection would reduce the impact of social engineering attacks on the most vulnerable populations.
In addition to these, the GDC can also provide resources and training specifically targeting Nigeria’s SMEs and informal sector. These businesses are often left out of cybersecurity initiatives due to their limited resources and expertise. By providing accessible tools and training, the GDC can help these businesses better protect their operations and customer data, closing one of the largest gaps in Nigeria’s current cybersecurity framework.
International cooperation for local benefits?
By collaborating with international organisations and countries through initiatives like the Global Digital Compact, Nigeria can significantly enhance its local cybersecurity measures, benefiting both businesses and individual internet users.
How?
Access to advanced technologies. By partnering with countries that have more advanced cybersecurity frameworks, Nigeria can gain access to cutting-edge technology and expertise. This includes sophisticated threat detection systems, AI-driven security tools, and encrypted communication channels, which are essential for defending businesses and users from increasingly complex cyberattacks.
Another significant advantage is the opportunity for capacity building and training. Global cooperation under the GDC provides Nigerian cybersecurity professionals with training and capacity-building opportunities, improving local expertise in areas like cyber threat monitoring, data protection, and incident response. Foreign partnerships often include knowledge exchange programs, where Nigerian professionals are exposed to international best practices, strengthening the country’s overall cybersecurity infrastructure.
Also, working with other countries through the GDC allows Nigeria align its cybersecurity regulations with international standards. This helps local businesses adopt globally recognized security practices, making them more resilient to attacks. It also boosts the confidence of foreign investors, knowing that Nigerian companies meet international data protection and security requirements.
Meanwhile, cyber threats are often transnational, so cooperation among countries to effectively track, investigate, and prosecute cyber criminals is indispensable. Through the GDC, Nigeria can collaborate with international law enforcement agencies, sharing data and resources to tackle cybercrime networks that target Nigerians. This has a direct benefit for local internet users.
In terms of investment, several Nigerian cybersecurity firms have attracted international investment and expertise, leading to stronger local solutions. One is Platview Technologies unveiling its cyber security partnership agreement with U.S. security company LinkShadow.
In a statement, Dapo Salami, director of business development at Platview Technologies, said, “Strategic partnership is always a driver to delivering value to customers; our partnership with LinkShadow is a choice, commitment to our customers and the ecosystem, to experience the endless possibilities and value of machine learning, artificial intelligence and further reduce the attack/threat landscape while prioritising ROI for cyber security.”
This kind of partnership can upgrade Nigeria’s digital defence, protecting both businesses and individuals.
In that same light, Adeboye says, “The GDC stresses the importance of international collaboration and encourages the exchange of best practices between global and local institutions to foster safe and secure digital environments.
“For Nigeria, this means leveraging partnerships with international bodies to enhance local cybersecurity frameworks, particularly in the informal economy where data governance is weak. The GDC’s promotion of interoperable data governance frameworks can foster better protection of personal data for everyday Nigerians, ensuring that local institutions adhere to global best practices for data security.”
What’s at stake with emerging threats?
Nigeria’s digital ecosystem will keep growing, so the country faces increasingly sophisticated cyber threats, particularly from advancements in technologies like Artificial Intelligence (AI) and the Internet of Things (IoT). These emerging threats are not limited to large institutions—they directly affect everyday Nigerians who rely on mobile banking, smart home devices, and other online services.
To be clear, AI-driven attacks pose a major risk by enabling cybercriminals launch highly convincing phishing scams, crack passwords, and execute large-scale attacks such as Distributed Denial of Service (DDoS).
For ordinary Nigerians, this means a higher likelihood of falling victim to scams, particularly in mobile banking, where AI-enhanced fraud can lead to financial losses.
IoT vulnerabilities add another layer of risk, as devices like smartphones, smart TVs, and home security systems are often weakly secured. If exploited, these vulnerabilities can lead to data breaches, privacy violations, and even physical security risks, such as unauthorised access to home security systems.
These threats affect both tech-savvy users and regular internet users. While advanced users might be targeted by more sophisticated malware or ransomware, less experienced users are vulnerable to phishing scams or compromised devices, often without realising it.
The Global Digital Compact promotes international standards for AI and IoT security, through better regulations and improving the security of IoT devices.
Collaborations with global partners under the GDC can enhance mobile banking security through stronger encryption and fraud detection systems. Also, public awareness and training campaigns backed by the GDC can help inform citizens about cyber risks and safe online practices.
The GDC enables Nigeria to tap into global threat intelligence.
We would recall in 2023, when Flutterwave, a prominent Nigerian fintech company, fell victim to a cyberattack that compromised a significant amount of customer data, including sensitive personal identification information. It also lost over $6 million.
In response, Flutterwave quickly collaborated with cybersecurity experts to investigate the breach and implemented immediate measures to mitigate damage and enhance security.
This incident not only raised concerns regarding user safety but also highlighted the challenges fintech companies face in safeguarding sensitive data.
Had the Global Digital Compact been effectively integrated into Flutterwave’s cybersecurity practices, it could have provided essential frameworks and guidelines for secure digital operations, promoting best practices in data protection and fostering collaboration among international stakeholders to bolster resilience against such attacks.
The incident underscored the urgent need for robust cybersecurity protocols in the fintech sector and propelled efforts to improve public trust as users were advised to reset their passwords and monitor accounts for suspicious activity.
Why this should matter to you
The Global Digital Compact isn’t just another global policy—it directly impacts the daily lives of ordinary Nigerians. Whether you’re banking, working remotely, shopping online, or simply chatting with friends on social media, the GDC’s aim is to ensure that you can do so safely.
Now, cyber threats like AI-driven attacks and IoT vulnerabilities are growing more complex, but the Global Digital Compact offers a framework that helps protect your personal data, finances, and digital experiences.
Will Nigeria’s government be proactive or wait until the threats grow bolder?