The National Information Technology Development Agency (NITDA), an agency of the Federal Government of Nigeria, in line with its mandate of promoting and regulating information technology in Nigeria, has announced its preparation to commence compliance enforcement with the Framework and Guidelines for Public Internet Access (PIA) Regulation, issued on 25th January 2019 pursuant to Section 6 of the NITDA Act 2007. The PIA Regulation is a regulatory framework for the provision of internet services in public areas or locations where members of the public have unfettered access. The Regulation provides minimum requirements and processes for providing public internet access service and mandates compliance by service providers with reporting obligations.
In a recent press release, NITDA noted that the Federal Government is concerned about the management and use of the personal information of Nigerians and that the provision of internet service can be misused with great detriment to development of Information Technology and national security, in a manner that may be injurious to the citizens. It is on the heels of the foregoing that all service providers of public internet service such as IT companies, Restaurants, Hotels and Event Centres are directed to comply with the Nigerian Data Protection Regulation of the NITDA 2019, issued pursuant to Section 6 of the NITDA 2007.
What Providers of Public Internet Access Services Must Do
According to the PIA Regulation, only registered, verified and vetted providers can provide public internet access service in any part of Nigeria. Current and prospecting providers are therefore required to register with the Agency in line with the provisions of the Public Internet Access Regulation, 2019.
Also, providers of public internet access services must:
– Verify and authenticate users through their mobile numbers (Login IDs) as provided during registration;
– Make its AUP, FUP and Terms and Conditions available and conspicuous on the login portal which must be prerequisite to registration process and login;
– Ensure every online communication is encrypted; VI. Inhibit access to every illegal and inappropriate site;
– Guarantee a minimum of 256 kbps as CIR at each connection to the internet;
– Ensure data of users are protected and user privacy is adhered to in line with Data Protection Guidelines 2018;
– Retain and account for users’ data in its database for minimum of three years;
– Be responsible for providing identity of users who commit cybercrime.
In addition to the above, the providers of public internet access service are required to comply with reporting obligations by submitting and publishing online, on a bi-annual basis (every 6 months), completed compliance reporting forms in the manner prescribed by NITDA. The Public Internet Access (PIA) Registration form and the Public Internet Access Compliance forms are available on the Agency’s website: www.nitda.gov.ng.
The foregoing adds to a long list of statutory returns and filings required of companies in telecommunication technology business in Nigeria. It should be noted that violation of the Regulatory Guidelines of NITDA, including failure to file statutory reports, is a criminal offence and punishable with a fine, imprisonment or both.
For more information about any aspect of the above or how to register with NITDA and comply with other regulatory requirements, send email to admin@koriatlaw.com