NDPC fines MultiChoice Nigeria N766m for data privacy violations, illegal data transfers

Abdullateef Fowewe

The Nigeria Data Protection Commission (NDPC) has imposed a hefty fine of ₦766,242,500 on MultiChoice Nigeria for breaching the Nigeria Data Protection Act (NDP Act).

The investigation, launched by the NDP in Q2 2024, revealed that MultiChoice violated the privacy rights of its subscribers and even non-subscribers by unlawfully processing and transferring personal data across borders.

The NDPC in a statement signed and made available on Sunday by its Head, Legal, Enforcement & Regulations, Babatunde Bamigboye, stated that MultiChoice’s data processing activities were “patently intrusive, unfair, unnecessary and disproportionate, constituting a “grave affront to the fundamental right to privacy as enshrined in section 37 of the 1999 Constitution of the Federal Republic of Nigeria.”

The Commission also highlighted the illegal cross-border transfer of Nigerian citizens’ personal data as a serious violation.

Despite directives to implement remedial measures, MultiChoice’s response was deemed unsatisfactory, prompting the NDPC to enforce the fine.

Dr Vincent Olatunji, NDPC National Commissioner, emphasised that “all outlets through which MultiChoice is collecting personal data of Nigerian citizens should be investigated for non-compliance,” warning that any outlet violating the NDP Act is liable to penalties.

This action underscores Nigeria’s commitment to protecting its citizens’ data sovereignty and privacy rights, with implications for national security and economic growth.

“The depth of data processing by MultiChoice is patently intrusive, unfair, unnecessary and disproportionate,” the Commission declared, reinforcing the seriousness of the violations.

This fine adds to ongoing regulatory challenges MultiChoice faces in Nigeria, including previous fines related to price regulation disputes.