NDPC Fines MultiChoice ₦766m for Data Protection Breach in Nigeria
The Nigeria Data Protection Commission (NDPC) has imposed a hefty fine of ₦766,242,500 on MultiChoice Nigeria for violating the Nigeria Data Protection Act (NDPA). The penalty comes after an investigation revealed breaches of subscribers’ privacy rights and unlawful cross-border data transfers.
The fine was disclosed in a statement on Sunday by Babatunde Bamigboye, NDPC’s Head of Legal, Enforcement and Regulations. The commission launched its investigation in the second quarter of 2024, prompted by suspected violations of subscriber privacy and the illicit transfer of Nigerian citizens’ personal data outside the country.
“NDPC found, among other things, that MultiChoice violated the data privacy rights of its subscribers and individuals associated with them who are not necessarily subscribers,” Bamigboye stated. He added that the company also engaged in the “illegal cross-border transfer of personal data belonging to Nigerian data subjects.”
Read Also:
Bamigboye described MultiChoice’s data processing as “patently intrusive, unfair, unnecessary and disproportionate,” calling it “a grave affront to fundamental right to privacy as enshrined in section 37 of the 1999 Constitution of the Federal Republic of Nigeria.” He emphasized Nigeria’s right to protect its citizens and data sovereignty, citing its implications for the rule of law, national security, and economic growth.
During the investigation, the NDPC directed MultiChoice to implement remedial measures in line with the NDPA’s standard remediation procedures.
However, the commission found these measures unsatisfactory. “For want of cooperation, the commission has directed MultiChoice to pay ₦766,242,500 for violating the Nigeria Data Protection Act,” Bamigboye confirmed.
Dr. Vincent Olatunji, the NDPC’s National Commissioner, has also reportedly ordered an investigation into all channels through which MultiChoice collects the personal data of Nigerian citizens to ensure compliance. He warned that “any outlet that processes personal data in violation of the NDPA is liable to penalty under the Act.”
The NDPC operates as Nigeria’s data protection authority, processing data based on recognized lawful grounds such as consent, legal obligation, and contract.
What do you think of this version?
By PRNigeria
