30th December 2019.
A Brief Review of the Framework and Guidelines for Public Internet Access 2019
The importance of the internet in the 21st century is undeniable. It is the largest and quickest medium of communication and dissemination of information all over the world. The internet enables the quick and easy access of information at the convenience of one’s location. As a vital tool of communication, the internet enhances human interaction and helps to maintain and foster personal and business relationships notwithstanding geographical/physical barriers. The internet can also be used to promote businesses through online marketing and advertisement.
In order to assist the government in encouraging and increasing the participation of more Nigerians in the global digital economy, some private organisations serving as Internet Providers provide free or partially subsidized internet access in certain locations to help more Nigerians connect to the internet in pursuit of social and developmental objectives.
Notwithstanding the many benefits of the internet, there are several ills associated with the use of internet services. These include identity theft, fraud, violation of privacy, financial crimes, illegal and immoral use of social media platforms, among others. There is therefore a need to protect the internet and its users via the enactment and enforcement of applicable laws and regulations.
In view of the above, the National Information Technology Development Agency (“NITDA”) as the National regulator for Informal Technologies in Nigeria recently issued a set of frameworks and guidelines for the regulation of public internet access in Nigeria. Some of the major provisions of the guidelines will be discussed briefly below:
Key Provisions of the Guidelines
The objective of the Framework and Guidelines for Public Internet Access (2019) (“the GUIDELINES”) is to ensure that the provision and use of public internet in Nigeria is properly regulated in order to ensure safe use of public internet by both Nigerians and non-Nigerians and to create and promote a mutually beneficial and friendly environment for public internet access providers and users in Nigeria.
The regulation mandates every Public Internet Access Provider (“INTERNET PROVIDERS” or “PIAPS”) to register with and obtain approval from the National Information Technology Development Agency (“NITDA”) before commencement of its operations. This is to ensure that the activities and operations of the Internet Providers are monitored and regulated. The PIAPs are also to ensure that the internet service provided are of high quality in order to enhance its users connectivity.
The guidelines further provide that all internet users accessing a public internet must be registered with each PIAP after which the user will be granted an access code for login. The verification procedure should be conducted by using the user’s mobile number which will serve as the user’s unique ID login. Upon registration, the PIAP is expected to provide a login portal for its users. Each login must be accompanied with an Acceptable Use Policy (AUP), Fair Use Policy (FUP) and relevant terms and conditions.
Each public internet network is required to be protected with modern and effective security features and to prevent unauthorised access into their network. PIAPs are also required to use the most recent encryption standards to protect user’s data and communication on the internet. Access to illegal and inappropriate websites should also be restricted. Internet Providers must ensure adequate protection of user’s personal data by observing the provisions of the Nigerian Data Protection Guidelines 2019. The data of users as contained in their database must be retained and accounted for by the Internet Providers for at least three (3) years.
PIAPs are required to guarantee a minimum of 256 kbps as Committed Information Rate (CFI) in a shared connection for each connected user at a given time. The number of hours a user is expected to be connected to the internet at login and the maximum number of connections per day per user should be specified upon login by a user. Where the internet access is partly subsidized, the PIAP should specify the amount of data a user can access for free before charges will become applicable.
Mandating the purchase of goods and services by users as a prerequisite to accessing a public internet is an offense under the Guidelines. Furthermore, where a cybercrime is committed on a public Internet, the PIAP is obligated to provide the identity of the offender. An assessment of the internet access must be conducted every six months by Internet Providers to ensure compliance with the provisions of the Guidelines. Also, upon request by NITDA or other relevant government agencies, Internet Providers shall make available access to the database of users on its platform. Failure by the Internet Providers to comply with the Guidelines will attract penalties to be determined by the NITDA.
The users of public internet networks also have the responsibility of ensuring that it protects access devices used and would be liable for damage done to the devices while surfing the internet. The user must also adhere to the AUP, FUP and Terms and Conditions of the PIAP. Failure by a user to fulfil any of these may attract sanctions from the NITDA.
These guidelines outline the necessary requirements for the operation of a public internet access network in Nigeria. It regulates and controls the quality of services offered by internet providers to the public especially in relation to personal data and communications on the public internet. The guideline ensures that adequate security is put in place to protect the database of members of the public. The need to account for users data serves as a form of check on the activities of the internet providers and as a deterrence from misusing the data of its users.
The guideline also serves to checkmate cybercrimes on public internet. Since all users are mandated to be registered on public internet networks, the internet providers will be able to monitor and track illegal activities being conducted on their network and report same to the NITDA for enforcement actions. This appears to be a good mechanism for curbing cybercrime in Nigeria in addition to the provisions of the Cybercrimes (Prohibition, Prevention, Etc.) Act 2015 which is primarily aimed at preventing and punishing cybercrime activities in Nigeria.
For further information on this article and area of law, please contact Funmilayo Mayowa at: S. P. A. Ajibade & Co., Lagos by telephone (+234 1 472 9890), fax (+234 1 4605092), mobile (+234.810.952.8293) or email (firstname.lastname@example.org).
 Oluwafunmilayo Mayowa, NYSC Intern, SPA Ajibade & Co., Lagos, Nigeria.
 Clause 2.1 of the Guidelines.
 Clause 2.2 supra.
 Clause 2.3.
 Clause 2.6. These policies and terms and conditions must be developed in accordance with these guidelines.
 Clause 2.7.
 Clause 2.8.
 Clause 2.9.
 Clause 2.10. It should be noted however that the Nigerian Copyright Commission Internet Service Providers Guidelines (the “NCC ISP Guidelines”) 2009 provides that ISP must retain Internet service related information including user identification, the content of user messages and traffic or routing data for a minimum period of a minimum of 12 months or as otherwise directed by the Nigerian Copyright Commission from time to time.
 Clause 2.11.
 Clause 2.12.
 Clause 3.1.
 Clause 3.2.