Telecoms sector mulls data regulation as defaulters risk N10m fine
TECHDIGEST – The Nigerian Communications Commission (NCC) has mulled introducing data regulation for the telecommunications sector. Though, currently at a draft stage, NCC said the regulation would provide a regulatory framework for the protection and privacy of data in the Nigerian Communications Sector.
In the 25-page document, titled, ‘Data Protection (Communications Services) Regulations, 2023’, the Commission said it was coming up with the regulation based on the powers conferred upon it by section 70 of the Nigerian Communications Act, 2003 and all other powers enabling it in that behalf.
According to the NCC, any licensee that fails to comply with the provisions of the regulations shall be liable to an administrative fine of N10, 000,000.00 and where such an infraction is allowed to continue, such licensee shall be liable to a daily default penalty of N1, 000,000.00 until the infraction is either remedied or discontinued.
In the regulation, which is divided into 10 parts, the Commission said according to the provisions of the Enforcement Processes, Regulations, it shall exercise its powers to enforce any sanction imposed in the regulations.
The 10 parts include the objective, scope and application of these regulations; Processing of Communication Data; Safety of Communications Data; Consent; Calling and Called Line Identification; Use of Communications Services for Direct Marketing Purposes; Transfer of Communications Data; Sanctions, Enforcement and Compensation and Miscellaneous Provisions.
Read Also:
Meanwhile, NCC disclosed that the provisions of these Regulations shall apply to –licensees; subscribers; users other third parties directly or indirectly engaged with any of the above in respect of processing of communications data.
In processing communications data, the telecoms regulator said the basis for processing such data must be provided for under the Regulation, the Act, subsidiary legislations issued by it, or other relevant laws enacted by the National Assembly about communications services.
READ ALSO: IoT Revolution: NITDA Boss Urges Collaboration to Unlock Nigeria’s Potential
It added that the purpose for collecting such data must be specified, explicit and legitimate, provided that any further processing of such data must not be incompatible with the initial purpose, apart from the provision of Regulation 36(2), which shall be considered compatible with the initial purposes stipulated under the regulation.
NCC noted that without prejudice to the provisions of the Registration of Communications Subscribers Regulations, the processing of Biometrics Information to uniquely identify data subjects is prohibited, unless –(a) the processing is necessary and proportionate for security or authorisation purposes to serve a compelling public interest; and (b) the Data Subject has given consent, having been provided with a real choice and an alternative. (2) Notwithstanding sub-regulation (1), the transfer of Biometrics Information of data subjects outside the territorial jurisdiction of Nigeria is prohibited.
Guardian
 has mulled introducing data regulation for the telecommunications sector. Though,){kind=link}