4 days ago
27
The sharp rise in telecom tariffs by major telecom providers such as has sparked widespread concerns in Nigeria. While these hikes are justified by telecom companies as necessary for operational costs and service improvements, they also raise critical questions about consumer rights, particularly regarding data privacy and protection. As Nigerians are compelled to subscribe to larger data packages to cope with rising costs, there is growing anxiety over how telecom companies collect, store, and use their personal information.
This issue is not just an economic challenge but also a legal one.
The Nigerian Data Protection Act (NDPA), signed into law in June 2023, alongside other data protection regulations, provides a framework for ensuring that consumer data is handled responsibly.
However, with reports of increasing data breaches and concerns about unauthorised data sharing, the effectiveness of these legal protections is now under scrutiny.
Legal Framework For Data Privacy In Nigeria
Nigeria has made strides in data protection through several legislative measures, including:
”The 1999 Constitution (Section 37) – Guarantees the privacy of citizens, including their communications and personal data.
”The Nigerian Data Protection Act (NDPA) 2023, establishes a comprehensive framework for data privacy, ensuring that personal data is collected and processed transparently.”
The Nigerian Data Protection Regulation (NDPR) 2019 introduced by the National Information Technology Development Agency (NITDA), it outlines principles of data collection, consumer rights, and company obligations.
Despite these legal safeguards, enforcement remains weak, and many Nigerians remain unaware of their rights regarding data privacy. This lack of awareness creates an environment where telecom companies may exploit consumer data with little accountability.
According to an article by “Banwo & Ighodalo” who played a pivotal role in the emergence of the Data Protection Act, through the provision of advisory, consultative and advocacy services to the NID4D, with the support of the World Bank, the Act essentially, applies to companies or entities incorporated and established under Nigerian law to carry on business in Nigeria, and those which, though not incorporated under Nigerian law or established in the country, have operations that extensively utilise the personal data of Nigerian residents and citizens in their day-to-day business.
“It should be noted that the Act does not cover the processing of personal data carried out solely for personal or household purposes. However, this exemption applies only where such processing does not constitute a violation of a data subject’s fundamental right to privacy.
The Act takes priority over any other law or enactment relating directly or indirectly to the processing of personal data of data subjects in Nigeria, and the provisions of the Act shall prevail over any inconsistent provisions in any other law or enactment on personal data processing.
However , the recent telecom price hikes are unprecedented, with some data plans increasing by over 100%. A 15GB package that once cost N2,500 now exceeds N6,000. This price surge disproportionately affects students, small business owners, and low-income earners who rely on mobile data for essential activities.
As telecom companies push for larger data plans, they collect more personal information from consumers—often without explicit consent. Many users unknowingly agree to broad data-sharing policies hidden in complex terms and conditions. These policies may allow telecom firms to share or sell consumer data to third-party advertisers, leading to unsolicited messages, targeted ads, and potential data breaches.
Legal Concerns: Are Telecom Companies Violating Data Protection Laws?
Under the NDPA and NDPR, telecom operators must obtain explicit consent before collecting or using consumer data. However, many Nigerians report receiving unsolicited marketing messages and calls, suggesting that their data may be shared without proper authorisation.
Legal experts argue that telecom companies may be violating the consent principle outlined in the NDPR, which mandates that consumers must be fully informed about how their data will be used and given the choice to opt out. Additionally, consumers have the right to be forgotten, meaning they should be able to request that their data be deleted when they discontinue services. However, enforcement of these rights remains weak.
In response to growing public outcry, Nigerian lawmakers have begun addressing the issue. Some members of the House of Representatives have raised concerns that telecom operators may be engaging in data exploitation, selling user information without consent.
There have been calls for: a stronger regulatory framework – Ensuring that telecom companies comply with existing data protection laws.
“Greater transparency which includes mandating that telecom providers disclose how they collect and use consumer data.
Regulatory agencies must increase monitoring and impose stricter penalties on companies found violating data protection laws.
Some lawmakers have also proposed creating a national consumer protection commission to provide Nigerians with legal recourse against telecom companies that misuse personal data.
Consumer Rights and Legal Remedies
Nigerians affected by potential data breaches or unauthorised data sharing have legal avenues to seek redress, including:
1. Filing complaints with NITDA – The agency oversees compliance with the NDPR and can investigate data privacy violations.
2. Legal action under the NDPA and Consumer Protection Act – Consumers can sue telecom providers for unauthorised data use, particularly if personal information is shared without consent.
3. Class-action lawsuits – Affected consumers may collectively take legal action against telecom companies for widespread privacy violations
The Path Forward: Strengthening Data Privacy Protections
To ensure that consumer rights are protected amid rising telecom costs, Nigeria must take decisive steps to enhance data privacy enforcement. This includes:
* Public awareness campaigns – Educating Nigerians on their data privacy rights and how to protect their personal information.
* Stricter penalties for data breaches – Imposing heavy fines on telecom companies that fail to secure consumer data.
* Independent oversight bodies – Establishing a consumer protection agency with the authority to regulate telecom data practices.
As Nigeria navigates this digital era, it is critical that policymakers and regulatory bodies uphold the principles of data privacy. The rising cost of telecom services should not come at the expense of consumer rights. By enforcing legal protections and holding telecom companies accountable, Nigeria can create a more transparent and secure digital landscape for all citizens.
English (US) ·