The Nigeria Data Protection Commission (NDPC) has refused to release details of the data and privacy rights violation for which it fined MultiChoice Nigeria, despite receiving a Freedom of Information (FOI) request from FIJ.
In its announcement on July 6, the NDPC said it had fined MultiChoice Nigeria N766,242,500 for breaching the data and privacy rights of subscribers and even those who are not necessarily subscribers.
FIJ emailed the data protection commission an FOI request on July 9. The commission acknowledged the receipt of the email that same day and added: “It has been forwarded to the relevant department and we would respond soon.”
Fifteen days later, FIJ got no other response from the NDPC.
READ ALSO: 3 Weeks After Receiving FOI Request, NIPOST Has Not Responded
In Nigeria, FOI requests have a seven-day timeframe, and it starts counting as soon as a public institution receives a request for public information. FIJ understands that holidays, which include a Sunday and a public holiday, are to be excluded in the computation of the timeframe.
The receiving institution is mandated, within those seven days, to either provide the requested information or explain in detail why it is unable to do so based on the provisions of the FOI Act.
Established under the Nigeria Data Protection Act 2023, the NDPC’s tasks include safeguarding data privacy, enforcing regulations and promoting responsible data handling in the country.
When the Commission announced the N766.2 million fine against MultiChoice Nigeria, it said the company had violated the privacy rights of subscribers and allowed the illegal cross-border transfer of personal data of Nigerians.
MultiChoice Nigeria operates through various subsidiaries, such as DStv and GOtv. The NDPC said it launched an investigation into the company in the second quarter of 2024.
“NDPC found, among others, that Multichoice violated the data privacy rights of subscribers and their friends who are not necessarily subscribers,” the statement issued by NDPC read in part.
“The Commission also found that Multichoice carries out illegal cross-border transfer of personal data relating to data subjects in Nigeria. The depth of data processing by Multichoice is patently intrusive, unfair, unnecessary and disproportionate.”
READ ALSO: ‘Not Even a Response’ — How Nigerian Gov’t Is Breaking FoI Law
FIJ’s FOI request aimed to understand the extent of the data and privacy breaches committed by MultiChoice Nigeria, the remedial measures directed by the NDPC and the specific channels through which the company collected the personal data of Nigerians.
Two weeks after the request was submitted, the NDPC has refused to respond.
Section 7, sub-section 4, of the Freedom of Information Act (2011) states, “Where the government or public institution fails to give access to information or record applied for under this Act or part thereof within the time limit set out in this Act, the institution shall, for the purposes of this Act, be deemed to have refused to give access.”
According to the Act, where a case of wrongful denial of access is established, the defaulting officer or institution commits an offence and is liable on conviction to pay a N500,000 fine.
At the time of this report, there was no publicly documented case of the NDPC granting an FOI request to share more details after an investigation.
In 2023, FIJ detailed how the Nigerian government often violated the FOI Act. Journalists at top newspapers in the country noted that government agencies had a habit of disregarding FOI requests, despite being legally obligated to respond.
The post NDPC Hides MultiChoice Privacy Violation Details Despite FOI Request appeared first on Foundation For Investigative Journalism.