Media Organizations 
Civil Society 
Vulnerable Groups 
Businesses 
Cyber Security Enthusiasts 
Threat Intelligence 
Introduction
Nigeria is Africa’s most populous country and one of its most connected internet users. According to Wikipedia, the internet in Nigeria has grown rapidly in recent years, reaching 109.2 million users as of January 2022. It has become a hub of online activism, cultural innovation, and digital entrepreneurship – Nigerians are asserting their voices online more than ever. But alongside this vibrancy lies a growing battleground over cybersecurity, surveillance, and digital rights.
Digital Rights are a set of rules and protections that ensure one’s safety and privacy online. A breach occurs when your personal data is accessed or used by an unauthorized party or for unlawful purposes, for instance, when a loan company calls you to report about a contact who accessed a loan facility, or you start receiving unsolicited ads when you sign up for a newsletter or unrelated program. In both examples provided, you can enforce claims against the offending parties in court or by reporting them to the Nigerian Data Protection Commission. Understanding the scope of privacy regulations empowers individuals to recognize and assert their rights in an increasingly connected world.
The Push and Pull of Policy
From the well-known 2021 Twitter ban to the controversial Code of Practice for Interactive Computer Service Platforms published by NITDA, the Nigerian government has made repeated attempts to regulate digital expression. While framed as efforts to combat misinformation and improve online safety, many of these policies have been criticized for their vague language and punitive approach to dissent.
Section 24(1)(a,b) of the Cybercrimes Act of 2015 criminalises sending messages that are ‘grossly offensive,’ ‘false,’ or ‘causing annoyance, inconvenience, danger, insult.’ These words are vague and broad, which gives individuals/authorities room to interpret them unfairly against citizens. Since its enactment in 2015, Nigeria’s Cybercrime Act, which was supposed to address fraud, digital threats, legal and institutional framework to prosecute cybercrimes in the country, has been weaponised to intimidate and detain social media critics, journalists and activists on occasion.
Technology-Facilitated Online Violence
Digital spaces in Nigeria can be especially hostile for women and gender-diverse people. They face doxxing, cyberstalking, harassment or being threatened with physical or sexual violence. The Nigerian culture like most african culture is rooted in patriarchy and this presents often online. During the COVID-19 pandemic isolation measures forced people to spend even more time online revealing just how much of the population believe patriarchal rhetorics about gender roles, and the discourse online often resulted in online harassment of individuals with dissenting views.
What should we do? The lack of a clear and globally agreed definition of what constitutes online violence makes it difficult for digital platforms to monitor potentially harmful content efficiently. This ambiguity gives too much space for interpretation, allowing abusive behaviors, particularly those aimed at women, to go beneath the radar of enforcement policies.
This gap is even more pronounced in the Global South, where underfunded moderation teams, poor language coverage, and inconsistent policy enforcement make users, particularly women and marginalised groups, more vulnerable to digital damage. Big Tech must accept responsibility by investing in context-sensitive, localized content management and more explicit, rights-based community standards. Platform owners must be held accountable when users feel unsafe or silenced online. Law enforcement officers and the judiciary also need sensitivity training to respond effectively to technology-facilitated online violence.
Feminist collectives, such as Stand to End Rape (STER) and TechHer, have stepped up to provide support, resources, and digital safety training, filling a critical gap left by policy inaction.
Cybersecurity vs. Safeguarding Rights
While cybersecurity is essential for protecting digital infrastructure and national interests, its implementation must respect citizens’ digital rights, notably their freedom of expression and privacy. Cyber fraud, phishing, and data breaches are all significant dangers in Nigeria. However, the focus on containment frequently overshadows civil liberties. There is no transparency around state surveillance, and citizens have few options when their data is misused or communications are monitored.
The transition from the Nigeria Data Protection Regulation (NDPR) to the Nigeria Data Protection Act (NDPA), which is governed by the General Application and Implementation Directive (GAID), shows ongoing enforcement issues. The GAID, released by the Nigeria Data Protection Commission on March 20, 2025, formalizes the transition by repealing the NDPR and incorporating the NDPA into a more robust legal framework.
This directive requires registration, audits, subnational compliance, and a grievance procedure for data subjects; yet, enforcement is poor due to insufficient regulatory resources and low private-sector awareness.
To align cybersecurity with digital rights, Nigeria must strictly enforce the NDPA and GAID, ensuring openness, accountability, and citizen empowerment, while also developing strong cybersecurity defenses. Only a balanced strategy can effectively safeguard Nigerian residents in the digital age.
What’s Next: Reclaiming the Digital Space
To truly advance digital rights in Nigeria, we must move beyond criminalization and control toward a rights-based approach. This includes:
- To reform the digital spaces, Nigeria’s digital policies must move from ambition to execution.
- Supporting grassroots and community-led digital safety efforts with the help of funding initiatives, capacity building and fostering partnerships between communities and organizations.
- Ensuring the inclusion of marginalized groups in policymaking and tech development.
- Building public awareness of digital rights and responsibilities.
Conclusion
Nigeria’s digital space is dynamic and full of potential. Digital rights can be ensured by digital platforms operating responsibly, ethically and in accordance with Nigeria’s legal and social norms. This can be backed by sustained collaboration with civil society, government agencies and the general public.
We therefore call for continued efforts to strengthen Nigeria’s digital regulatory environment to not only safeguard the rights of individuals, but also to foster trust in the digital spaces. As we reflect on digital rights and risks, we must center those who have always known that digital safety and freedom are worth fighting for.
