The recent fine of $290 million imposed on Meta for data protection and consumer rights infractions has sparked a renewed conversation around the issue of platform accountability.
Meta was fined by the Federal Competition and Consumer Protection Commission (FCCPC) for breaches including multiple and repeated violations of Nigerian regulations.
These include denying Nigerians the right to control their data, transferring and sharing Nigerian user data without authorization, discriminating against Nigerian users compared to users in other jurisdictions, and abusing their dominant market position by enforcing unfair privacy policies, according to a statement by the FCCPC.
e-RIGHTS Project Partners Express Concern On Internet Disruptions
For years, many civil society organizations have been demanding accountability from platform owners, ranging from transparent rules on content moderation to equal treatment of individuals and organizations.
Even at the micro level, ordinary users have been victims of opaque rules, with accounts suspended without explanation or clear avenues for appeal.
There have also been concerns that these platforms collect data without the consent of data subjects, store it, trade it, and profit from it, contrary to ethical data collection and protection practices.
While platforms operating in European countries are compelled to abide by the General Data Protection Regulation (GDPR) a continental data protection law platforms operating in many African countries often disregard local laws and operate with impunity.
It is in this context that the action by both the FCCPC and the Nigeria Data Protection Commission which supported the investigation that led to the ruling has jolted Meta, prompting the company to threaten to withdraw from Nigeria. In Europe, Meta would have swiftly filed an appeal in court.
Here, however, it has responded imperiously, with threats of withdrawal an action that smacks of racial arrogance.
In doing so, Meta may have believed it would win the support of digital rights activists, who could interpret its potential withdrawal as an attack on access to digital platforms and, by extension, freedom of expression and digital rights.
To a certain extent, this concern is valid. When companies are subjected to unfair laws, they deserve the support of all justice seekers. However, companies must also not pretend to be innocent when they selectively choose which countries’ laws to respect.
Unsurprisingly, Meta’s threat has triggered a flurry of responses from civil society organizations. While there are legitimate concerns that the government’s action could lead to a rollback of digital rights, many are applauding the move to hold a tech giant accountable.
This applause stems from a widespread perception that tech platforms routinely flout local laws in Africa while strictly complying with similar laws in the United States and Europe.
As commendable as the action might appear, it is important to interrogate the motivations of the Nigerian agencies and the government in imposing the fine.
On one hand, the two agencies may genuinely wish to fulfill their duty of protecting Nigerians. However, it is worth pointing out that many government agencies themselves are guilty of disregarding the rule of law—routinely detaining critics in contravention of legal provisions.
Some have cynically suggested that the agencies may be more interested in the financial windfall the fine represents. Others believe the move is an attempt to punish the platform for giving space to users who criticize or campaign against government policies.
In this sense, the government could be seen as outsourcing its authoritarian tendencies to digital platforms, expecting them to police social media on its behalf.
None of these possibilities is particularly appealing. However, each contains an element of truth that must be acknowledged. The first links directly to the ongoing global debate on digital sovereignty.
Shouldn’t platforms respect the laws of the countries in which they operate and thereby acknowledge national sovereignty?
Digital sovereignty encompasses many dimensions. One of the most commonly understood is data sovereignty, which is at the heart of this case.
Data protection laws, as expressions of national sovereignty, define how the data of citizens should be collected, processed, stored, transmitted, shared, and eventually retired or deleted according to local jurisdiction. Given the porous borders of the digital realm, this is no small challenge.
Nevertheless, there is a place for local laws and regulation which is why the EU has GDPR and the USA has similar laws. In the same vein, many countries have enacted their own data protection laws, and there is a growing movement toward a continent-wide data protection protocol.
In addition to data sovereignty, we must also consider data residency and data localization. Data residency refers to the requirement that data collected from citizens should be stored within the country.
Data localization requires companies to ensure that the data they collect in one country remains stored there. Given the infrastructure challenges and the interconnected nature of the internet, this is not easy but there are practical models that can guide implementation.
Other, less acknowledged dimensions of digital sovereignty include infrastructure sovereignty and the question of platform ownership. As a hardware consuming nation, it is difficult to claim infrastructure sovereignty when we depend heavily on foreign-built infrastructure.
However, infrastructure sovereignty should not be confused with internet fragmentation, which creates geographical islands on the internet—what has come to be known as the “Splinternet.”
Despite the challenges surrounding digital sovereignty, while we applaud the government’s action, we must also recognize the thin line between digital sovereignty and the suppression of digital rights.
This becomes especially suspicious when the government aggressively pursues certain aspects of digital sovereignty while ignoring others. For instance, it is hypocritical to push for data sovereignty without investing in data residency or localization.
Data centers in the U.S. are estimated to consume nearly one-third of the country’s total energy. Nigeria lacks the energy capacity to support robust data localization, and when our data is hosted outside our jurisdiction, our laws become toothless.
Blindly supporting the government’s action could inadvertently give it the space to determine how we access and use digital platforms thus risking the erosion of our digital rights.
In this context, our response as forward-looking and patriotic citizens must be more nuanced. We must recognize both the merits and dangers embedded in this situation and call for a vision of digital sovereignty that is inclusive—not one unilaterally imposed by the government.
e-RIGHTS Project Partners Condemn Bill Targeting Bloggers, Social Media
Such a vision should be rooted in the multi-stakeholder approach that has long characterized internet governance discussions.
These include processes like the World Summit on the Information Society (WSIS) and the Internet Governance Forum (IGF), as well as the work of global institutions such as ICANN and the International Telecommunication Union (ITU), the UN agency responsible for telecommunications standards.
Ultimately, we must learn to think continentally and work toward African digital sovereignty, not just Nigerian sovereignty.
That is the path Europe has taken, and Asia is beginning to follow. There is wisdom in collective effort—not only to challenge tech giants but also to use the strength of a harmonized and unified market as leverage in negotiations.