Abuja, Nigeria – The Nigeria Data Protection Commission (NDPC) has fined Multichoice Nigeria ₦766,242,500 (approximately $515,000 USD) for violating the Nigeria Data Protection Act (NDP Act).
The penalty follows an investigation initiated in the second quarter of 2024, triggered by suspected breaches of subscriber privacy rights and alleged illegal cross-border transfers of Nigerians’ personal data, according to a statement signed by Babatunde Bamigboye Head of Legal, Enforcement & Regulations at the NDPC.
The NDPC found that Multichoice had violated the data privacy rights of its subscribers and even their friends who were not necessarily subscribers. The commission also determined that Multichoice was involved in the “illegal cross-border transfer of personal data relating to data subjects in Nigeria.”
The NDPC deemed the depth of data processing by Multichoice to be “patently intrusive, unfair, unnecessary and disproportionate,” describing it as a “grave affront to fundamental right to privacy as enshrined in section 37 of the 1999 Constitution of the Federal Republic of Nigeria.”
The Commission emphasized Nigeria’s right to protect its citizens and data sovereignty under both international and domestic laws, citing the far-reaching implications for the rule of law, national security, and economic growth.
While the NDPC had initially directed Multichoice to implement appropriate corrective measures, the Commission found these measures unsatisfactory. Citing a lack of cooperation, the NDPC then imposed the substantial penalty.
Following this ruling, NDPC National Commissioner, Vincent Olatunji, has ordered an investigation into all outlets through which Multichoice collects personal data from Nigerian citizens to ensure compliance with the Act. Any outlet found to be processing personal data in violation of the NDP Act could face further penalties.
Add Comment