|
Report Of the Public Inquiry on
ISP
Regulations
INTRODUCTION
The Nigerian
Communications Commission [“the Commission”] pursuant to the powers
conferred on it by Sections 70 (2) of the Nigerian Communications Act,
2003 [“the Act”] developed and issued the Guidelines for the Provision
of Internet Service (ISP).
The draft
guidelines was published on the Commission’s website for comments from
operators, stakeholders and members of the general public.
The notice of the
public inquiry was advertised in two National Daily Newspapers i.e.
Thisday Newspaper, Monday, December 31, 2007 and the Guardian, Thursday
January 3, 2008.
The notice required
interested stakeholders and members of the public to submit their
comments and observations on the draft Guidelines and Regulations to the
Commission before the close of business on January 24, 2008.
By the close of
business on the 24th of January 2008, the Commission received
submissions and comments from:
|
 |
CELTEL
Nigeria Limited
|
|
|
MTN
Nigeria Communications Limited
|
|
|
Starcomms Nigeria Limited
|
THE INQUIRY
The Inquiry took
place on 30th of January 2008 at the Conference Hall,
Nigerian Communications Commission, Abuja at 12pm.
The Executive Vice
Chairman [EVC], Engr. Ernest C. A. Ndukwe welcomed the operators and
stakeholders and thanked them for attending the public Inquiry. He
stated that the public inquiry was a consultative process for members of
the public and stakeholders in the industry in accordance with the
Rule-making process specified in Section 71 of the Nigerian
Communications Act 2003 [the Act].
The EVC further
stated that the general objective of the Guidelines is in line with the
Commission’s function of making and enforcing necessary rules under the
Act to give full force and effect to the provisions of the Act. He also
mentioned that due to the fast growing nature of the Telecommunications
sector in Nigeria, there is the need to provide the necessary regulatory
regime to ensure the continuous growth and development of all sectors of
the Nigerian economy.
The Director of
Legal Services Department, Steven Andzenge, analyzed the draft
Guidelines and answered questions raised by the stakeholders.
Stakeholders were assured that submissions and comments made at the
inquiry would be incorporated into the report of the public inquiry and
published in accordance with the Act.
CONSIDERATION OF
COMMENTS
The Commission hereby
summarizes all the comments received and the Commission’s responses. All
comments received were duly
considered.
|
1. |
Comment
Operator specifies that there is a need to clarify whether the
Guidelines are applicable to the provision of data services of a
nature as to include access to the internet such as provided by
DML, UASL or 2GHz Spectrum licence holders
|
| |
Response
The draft
Guidelines apply to all Internet access or Internet
Protocol services, including those provided through mobile
devices.
|
|
2. |
Comment
Operator urges the Commission to ensure that a schedule defining
these minimum standards as well as those already published by
law enforcement agencies like the Economic and Financial Crimes
Commission (EFCC), the Nigeria Police Force, and other
specialist bodies such as the Nigerian Internet Group (NIG) be
appended to these Guidelines before the final edition is
published. This will ensure that a general code of practice is
available for ease of distribution and wide publication by ISPs
to end users.
|
| |
Response
Noted. The
Commission will look into the possibility of meeting this
requirement.
|
|
3. |
Comment
In providing contact details to enforcement agencies
responsible
for addressing cyber crime issues, ISPs are required to provide
means of contacting the identified representatives of such
agencies “outside of normal business hours” under Guideline 6
(b). Such an obligation may extend beyond that which is lawfully
expected of organizations and individuals and may infringe on
the constitutionally enshrined rights to privacy of the
individual (section 37 Constitution of the Federal Republic of
Nigeria). Accordingly, operator urges the Commission to amend
the provision appropriately.
|
| |
Response
The
required information is not regarding the person in his or her
individual capacity, but solely as an authorized corporate
representative for emergency contact purposes.
|
|
4. |
Comment
Operator notes that the 12 month window for retention of data in
Paragraph 8 may be unduly
burdensome on ISPs as storage capacity for data retention
requires more capital outlay than their core business. Investing
in additional storage capacity may impact on ISPs ability to
deliver effective and qualitative services as funds are diverted
from core activities. Operator recommends a reduction in the
storage time limit from 12 to 6 months.
|
| |
Response
The
Commission is of the considered opinion that 12 months is a
reasonable length of time for this purpose.
|
|
5. |
Comment
Paragraph16
(b) mandates the recipient ISPs to retain internet service
related information including but not limited to the content of
user messages. Refer to the earlier comments on Guidelines 6 (b)
above, and request that the provision be amended to add that
caveat that such obligations are subject to the constitutionally
guaranteed right to privacy.
|
| |
Response
Judicial
notice is taken of the fact that all rules and laws are subject
to the provisions of the Constitution
|
|
6. |
Comment
An ISP
acting as mere conduit or providing hosting services is not
privy to the content of the communication of parties using its
facilities as contained in Paragraph 11. As such an ISP is not
readily in a position to ensure compliance of the sending party
(user) to a number of guidelines pertaining to commercial mail.
As such, the ISP can only use its best efforts to provide
information to its users or business partners and also make them
aware of appropriate practices prescribed by requesting
provisions that they are obliged to uphold.
|
| |
Response
The
Commission is in agreement with operator that ISPs should only
have to use best efforts to provide information regarding
appropriate email practices. Paragraphs 13 and 14 are consistent
with operator’s observation.
|
|
7. |
Comment
Operator
observes that for greater clarity, time-lines indicated in
paragraphs 3, 8 and 16 should be duly qualified with “calendar”
hence, “calendar months” in place of “months”.
|
| |
Response
The
Interpretation Act, Cap 123, Laws of the Federation defines
“month” as “calendar month”.
|
|
8. |
Comment
To avoid
the proliferation of regulatory oversight by various agencies, a
recommendation was made that the clause “and notified to the
ISP through the Commission” be inserted immediately after
the term “any other authority” in Paragraph 5.
|
| |
Response
This may
not be feasible as other relevant authorities may issue
statements on cybercrime prevention or acceptable Internet use
and ISPs are expected to inform users of such statements issued
by that other authority.
|
|
9. |
Comment
Operator is
of the opinion that to avoid undue burden and the proliferation
of a request by the Commission or other legal authority, it is
recommended that the clause “in accordance to protocols
agreed with the Commission or such legal authority” be
inserted immediately after the term “legal authority” in
Paragraph 6 (c).
|
| |
Response
Noted. The
Commission will consider the establishment of a Working group
comprising of members from relevant authorities to agree on the
operating practice or protocols from time to time.
|
|
10. |
Comment
Operator is
of the view that while six (6) months is acceptable for notice
in the case of scheduled upgrade in paragraph 3 (b) there should
be provision for one week notice period in cases of emergency
upgrades which may occur.
|
| |
Response
Noted
|
|
11. |
Comment
Operator is
of the opinion that the term “Use of a computer” in Paragraph 5
(a) should be excluded from the provisions of the paragraph as
it would raise an unduly high responsibility on the ISPs. It
should be limited to internet use for unlawful purposes by means
of a computer.
|
| |
Response
Noted. The Guidelines will be amended as recommended.
|
|
12. |
Comment
Operator is
of the view that the scope of paragraph 6 (c) appears too vague
especially as there is no definition of what constitutes “other
legal authority”. Operator suggests that specific mention be
made of the authorities i.e. Police, EFCC, NDLEA.
|
| |
Response
Limiting
the scope of the legal authority by inserting the names of such
organizations in the Guidelines may create problems as the
dynamics of governance may necessitate the establishment of
other relevant legal authorities in future.
|
|
13. |
Comment
The
production of contents of communications in Paragraph 6 (c) is
onerous as it will result in undue allocation of scarce
infrastructure to provide capacity to manage such database.
Operator suggests that the requirement for supply of contents
should be limited to specific cases where a regulatory or legal
authority requests for details of a user whose activity is being
monitored.
|
| |
Response
The
Commission considers this a reasonable period.
|
|
14. |
Comment
Operator
submits that the responsibility of the ISPs under Paragraph 10
(c) should be limited to provision of advise to parent purchaser
who have disclosed that the services is being procured for
juvenile use. Each purchaser should be responsible for the
procurement of the software that is capable of restricting their
children or ward from gaining access into prohibited sites.
|
| |
Response
The ISP has
an obligation to make available the necessary software on
request by parents or guardians to control access to prohibited
sites.
|
CONCLUSION
The Commission has taken note of all submissions and has carefully
considered the view points made further by stakeholders in this report.
The Guidelines will be amended were necessary prior to the publication.
Dated this --------- day of March, 2008
Engr. E. A. Ndukwe (OFR)
Executive
Vice-Chairman/CEO
|
|