Nigeria has not joined any free trade agreement committing to open transfers of cross-border data flows.

Nigeria has ratified the World Intellectual Property Organization (WIPO) Performances and Phonograms Treaty.

The Data Protection Act establishes a comprehensive regime for data protection in Nigeria, providing a legal framework for safeguarding personal information and creating the Nigeria Data Protection Commission (NDPC). Aligning with international standards, the Act sets forth principles for the processing of personal data, specifying requirements for handling sensitive information and children's data. Additionally, it mandates data controllers to conduct Data Protection Impact Assessments, appoint data protection officers, notify breaches, and adhere to data security protocols. The Act also imposes restrictions on cross-border data transfers, adopting the concept of adequate protection. Furthermore, it grants data subjects rights such as the right to object, withdraw consent, data portability, and protection from decisions based solely on the automated processing of personal data.
Before the enactment of the Data Protection Act, the Nigerian Data Protection Regulation served as the primary regulation for data protection. Although enforceable, it remains a subsidiary legislation.

In 2013, the National Information Technology Development Agency (NITDA) promulgated guidelines on Nigerian content in information and communications technology, with subsequent amendments in 2019. These guidelines apply to both state entities and private enterprises. The guidelines mandate that multinational companies provide verifiable information and sign affidavits regarding the origin, safety, source, and functioning of software sold and deployed within Nigeria to "ascertain the full security of the product and protect national security." This requirement also aims to ensure the security of source code, though it remains unclear whether this could potentially result in the disclosure of the source code.

Section 38 of the CyberCrime Act requires communication service providers to keep traffic data and subscriber information for two years.

Rule 11.1 of the Lawful Interception of Communications Regulations, 2019 prohibits licensees from providing any communications services that cannot be monitored and intercepted. Further, Rule 9.1 of the same regulations states that where communication intercepted is encrypted, the communications service provider is required by the regulator to provide the key, code or access to the encrypted communication.

Under the Public Procurement Act, 2007 (Section 34-3), margins of preference apply to tenders under international competitive bidding. These preferences include a local content margin, which can reach up to 15%, depending on the project. Additionally, Nigeria grants a preference to majority Nigerian-owned companies if their bid is within 15% of the price offered by a majority foreign-owned company. Section 106 of the Public Procurement Regulations for Goods and Works (2007) further specifies that, when comparing bids from foreign and national contractors, procuring entities may grant a preference to domestic bidders for goods manufactured in Nigeria. The Bureau of Public Procurement (BPP) periodically sets the margins of preference, which can be up to 15% for goods and 7.5% for works, based on the delivered price.

Under Executive Order No. 003 of 2017, the Federal Government of Nigeria established that all Nigerian ministries, departments, and agencies are obliged to grant preferential treatment to locals in the public procurement processes. The Executive Order specifies that 'Made in Nigeria' products are given preferential treatment in all public procurement processes concerning several goods and services, including information and communication technology (ICT). According to the Order, "at least 40% of the procurement expenditure on these items in all [federal ministries] shall be locally manufactured goods or from local service providers".

In 2013, the National Information Technology Development Agency (NITDA) promulgated guidelines on Nigerian content in the information and communications technology sector, with amendments introduced in 2019. These guidelines are applicable to both public sector entities and private enterprises. Section 9.4 (1) stipulates that ministries and government agencies must source and procure 40% of computer hardware and related devices exclusively from Original Design Manufacturers (ODMs) or Original Equipment Manufacturers (OEMs) approved by NITDA.

Section 13.2 of the Guidelines for Nigerian Content Development in Information and Communications Technology (ICT) mandates that all Ministries, Departments, and Agencies (MDAs) ensure that sovereign data is hosted locally on servers within Nigeria. Additionally, MDAs are required to implement system logs and other computer data logging technologies to facilitate effective troubleshooting and forensic investigations within government systems.

It is reported that foreign companies may be subject to local content or other localisation requirement (e.g., partnership with a local partner firm or joining a consortium). Also, companies have expressed concerns about corruption and lack of transparency in procurement processes.

Nigeria mandates that government entities must engage in competitive bidding for procurements exceeding NGN 2.5 million (approximately USD 5,747). For contracts above this threshold but below NGN 100 million (approximately USD 229,885) for goods and NGN 1 billion (approximately USD 2.3 million) for services and works, only Nigerian-owned companies are eligible to bid. For procurements exceeding these amounts, both Nigerian and foreign-owned companies are allowed to participate in the competitive bidding process. However, it's important to note that this specific bidding requirement is not explicitly stated in regulatory texts.

Nigeria is not a party to the World Trade Organization (WTO) Agreement on Government Procurement (GPA), nor does it have observer status.

In 1995, the Nigerian Investment Promotion Commission Act opened all sectors to foreign participation. It allows for full foreign ownership of firms in all but the petroleum sector, where investment is limited to existing joint ventures or new production-sharing agreements.

The main statute that governs patent law in Nigeria is the Patents and Designs Act. Section 3.1 of the Patents and Designs Act requires that foreign applicants have an address for service in Nigeria. It is also reported that foreign applicants must perform patent prosecution through a registered Nigerian Patent Attorney.