MultiChoice and the Silent Betrayal of Nigerian Viewers
By Hanniel Noboh,
The Nigeria Data Protection Commission (NDPC) has slammed MultiChoice Nigeria with a hefty fine of ₦766,242,500 for violating the Nigeria Data Protection Act (NDPA) — the largest sanction yet under the relatively new law.
What makes this even more shocking is not the amount, but the betrayal. Millions of Nigerians, knowingly or not, had placed a quiet, almost implicit trust in this South African-owned entertainment giant — not just for the TV shows and football matches, but for the security of the personal data they shared in return.
From DStv to GOtv and the streaming service Showmax, MultiChoice has for decades dominated the continent’s airwaves, packaging African storytelling into homes and hearts. For many Nigerians, their platform has been part of birthdays, weddings, Sunday rests, and rainy evenings.
So, to find out that the very company they welcomed into their homes may have been unlawfully sharing or transferring their data across borders is not just unsettling. It’s a violation.
According to Mr. Babatunde Bamigboye, Head of Legal, Enforcement and Regulations at the NDPC, the agency launched an investigation in the second quarter of 2024 following concerns over the possible breach of subscribers’ privacy rights.
It wasn’t just about MultiChoice customers, but also people linked to them whose data may have been swept into the company’s massive database — and possibly sent outside Nigeria without the NDPC’s authorization.
In their words, the depth of data processing by MultiChoice is patently intrusive, unfair, unnecessary, and disproportionate. Before imposing the fine, the Commission had directed MultiChoice to implement remediation measures.
But the company reportedly failed to cooperate or respond adequately. Thus came the sanction. This brings up urgent questions. What was MultiChoice really doing with our data? How long had it been going on?
What exactly were they transferring, and to whom? So far, the company has not issued any public statement. But legally, the damage is clear. MultiChoice has been found guilty of violating Section 37 of Nigeria’s 1999 Constitution, which guarantees the right to privacy for every citizen, as well as the Nigeria Data Protection Act.
This is not just a legal offense; it’s a moral failure. The irony is glaring. For years, Nigeria had no solid laws to protect citizens from this kind of corporate misconduct. Yes, NITDA once fined Soko Loans in 2021 for a similar breach.
But the NDPA, signed into law just two years ago, was supposed to change the game — offering Nigerians a framework of rights and remedies. Yet even now, the protections are still weak.
Unlike Europe’s General Data Protection Regulation (GDPR), which includes provisions for direct victim compensation, Nigeria’s system allows fines to be paid to regulators — not to the individuals whose data was violated.
So, while NDPC celebrates the success of the penalty, millions of MultiChoice users are left with no closure, no compensation, and no real guarantees against a repeat.
A loyal DStv subscriber for almost a decade expressed it perfectly: I feel betrayed. To think my personal information might have been mishandled by a company I trusted for so long… I don’t know if I can ever trust them again.
And that’s the real loss. Not just the ₦766 million fine. But trust — eroded, perhaps beyond repair. In today’s hyper-connected world, data is gold. Your name, your phone number, your viewing habits, your payment history — these are not just lines of code.
They are you. And while we click “Agree” on every Terms and Conditions pop-up without reading a single line, companies like MultiChoice are quietly taking notes. The least they owe us is honesty and lawful conduct.
Cybersecurity experts like McAfee recommend simple habits: use strong and unique passwords, and update them regularly. But these are only personal precautions. Without strong institutional safeguards, even the most cautious consumer remains vulnerable.
At the end of the day, the NDPC’s fine is a start. But it’s not justice. Not yet. Until data privacy violators are held accountable not just with fines but with enforceable consequences that center the victim, these violations will continue.
Nigerians deserve more than token penalties. We deserve protection — and restitution. Let’s hope this case is not just the tip of the iceberg, but the turning point.
