The Regulation on Personal Data Protection and Oath-Taking in Somalia is designed to ensure that personal data is handled responsibly and ethically. In accordance with this regulation, data can only be obtained with the explicit knowledge and consent of the individual it pertains to. The National Identification & Registration Authority (NIRA) of Somalia is responsible for informing individuals about the purpose and scope of data collection and obtaining their explicit consent when necessary.
Furthermore, personal data should only be collected and processed for specific, legitimate purposes that have been clearly communicated to the individuals involved. Under no circumstances should data be used for any other purposes without obtaining additional consent. NIRA will collect and retain only the minimum amount of personal data necessary to fulfill the intended purpose, avoiding unnecessary or excessive data collection. To ensure the security of personal data, adequate measures will be implemented to protect against unauthorized access, loss, or damage. This includes technical safeguards such as encryption, access controls, and secure storage, as well as measures taken by the Authority, such as staff training and regular security audits