MTN’s Marketing Fiasco
As a discipline, economics suggests that we have limited resources and unlimited wants. Since we are incapable of satisfying all those wants, they have to compete for the limited resources available. Nowhere is this competition fiercer than open-air markets in Nigeria, where sellers of several wares ranging from fruits to good conscience holler at you in a way that leaves you violated and slightly pissed. The constant harassment by traders of different sorts is one of the many reasons I’d rather not go to open-air markets in Nigeria.
I digress. The main focus of this piece is MTN, who seems to have learnt a thing or two from Nigerian traders in open-air markets. In fact, what drew my attention to MTN’s not-so-subtle harassment, all in the name of marketing, was an incident where I received messages back to back from different MTN entities. Before this, I had noticed MTN messages littering my messaging app. So I decided to conduct a little investigation, cue Sherlock Holmes.
Scrolling down my messaging app, I noticed that various MTN entities like MTN_eShop, MTNShare, MTN4ME, DATA4ME, MTNOnDemand, YelloSunday, and many others were barraging me with messages marketing various products and services. From the 1st of January 2024 to the 25th of May 2024, barely five months, I had been bombarded by countless messages from nineteen (19) different MTN entities. Hand over mouth, I realized I just discovered a harassment scandal involving the biggest telecoms company in Africa, MTN.
Nineteen “messengers” may not seem like much, but there is a multiplier effect when considering that each of the nineteen MTN entities can send numerous messages daily. This realization leaves one bugged by certain questions.
Does MTN need multiple channels to market its products and services to its customers? Isn’t it tantamount to harassment to send so many unsolicited marketing messages to its customers via different channels? Lastly, what does Nigerian law say about the acts of MTN in this instance?
On the first question of whether MTN needs multiple channels to market its products and services to its customers, this writer thinks not. It’s a fact that the average person in the digital era is inundated by mindboggling amounts of information. If every business were to follow MTN’s approach to marketing, consumers, that’s you and I, would know no peace. Moreover, it behooves MTN to streamline its marketing.
Whether it is tantamount to harassment to send so many marketing messages to customers, this writer answers in the affirmative. MTN constantly bombards its customers with unsolicited marketing messages, which is, in essence, the same as open-air market traders hollering at potential customers. That’s in itself harassment and an invasion of the privacy of the customers.
As a business, just because you have a customer’s data doesn’t mean you should reach out to them to market your new offerings; you need a valid basis to do so. This brings us to what the law says about MTN’s badgering of customers with unsolicited promotional messages. First, Nigerian law prohibits the use of practices that could be considered harassment in marketing. According to Section 124 (1) (a) of the Federal Competition and Consumer Protection Act:
(l) An undertaking or any person acting on its behalf shall not use physical force, coercion, undue influence or pressure, harassment, unfair tactics or any other similar conduct against any person in connection with —
(a) marketing of any goods or services…
Ultimately, it’s up to the Nigerian court to determine whether the disturbance occasioned by MTN’s incessant marketing through various channels constitutes harassment of the customers. Faced with this poser, the court would be in a difficult situation as its decision would have a defining impact on the limits of personal privacy in Nigeria.
In Nigeria, personal privacy is in a new era as the country’s first-ever data protection law, the Nigeria Data Protection Act (NDPA), was signed into law by Bola Ahmed Tinubu on the 12th of June, 2023. So far, few reports of violations have been made, and even fewer lawsuits have been initiated following the new data protection law. This is especially appalling given the serious levels of data privacy breaches involving big businesses like MTN, who refuse to adapt to the realities of the new data protection law, which, despite its flaws, tries to give Nigerians more control over their data.
As I mentioned earlier, businesses need to justify using customer’s data within their possession. In more technical terms, data controllers and data processors, that’s, businesses, need a lawful basis to process (use) the personal data of a data subject, that’s, the customer. According to Section 25 (1) (a) and (b) of the NDPA:
(1) Without prejudice to the principles set out in this Act, data processing shall be lawful, where —
(a) the data subject has given and not withdrawn consent for the specific purpose or purposes for which personal data is to be processed; or
(b) the processing is necessary —
(i) for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract,
(ii) for compliance with a legal obligation to which the data controller or data processor is subject,
(iii) to protect the vital interest of the data subject or another person,
(iv) for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller or data processor, or
(v) for the purposes of the legitimate interests pursued by the data controller or data processor, or by a third party to whom the data is disclosed…
This doesn’t mean that only businesses are bound to show good reason for using citizens’ data in Nigeria; the NDPA also serves as a guardrail for various government agencies working with the personal data of Nigerian citizens. Nevertheless, this piece focuses on MTN, an agbaya in the Nigerian business scene.
Really, I’m just as pissed at the misuse of my personal data by MTN as I am shocked at the corporate governance failure in a behemoth like MTN. Clearly, the marketing department at MTN doesn’t liaise with the company’s legal department. How else can a corporate giant like MTN justify its illegal marketing tactics that infringe the rights of thousands, if not millions? Good corporate governance really does mitigate compliance risks.
I tagged MTN’s marketing “illegal” because it’s arguably not justified by any of the six (6) lawful basis upon which a data controller can process a data subject’s personal data under Nigerian law. The first lawful basis is consent, and I can say for a fact that I would never knowingly give MTN consent to barrage my telephone number with products I would never buy. Moreover, if this were to go to court, MTN would have to prove that I gave my consent “freely and intentionally.”
The second lawful basis is legal obligation, and MTN sure as hell did not send me marketing messages to comply with a legal obligation to which it is subject. On the third lawful basis — vital interest — MTN sure as hell did not market to me to protect my vital interest. If anything, it’s in MTN’s vital interest to attract patronage through marketing.
Furthermore, personal data is permitted to be processed if the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller or data processor. This justification applies to the government, not MTN, as marketing by MTN is neither in the public interest nor is MTN exercising official authority marketing to millions of others and me.
Poser: Given the level of insecurity in Nigeria, especially the terrorism carried out by groups like Boko Haram, do you think government intelligence agencies like the DSS and NIA can come under the fourth lawful basis for processing personal data to justify surveilling citizens?
Finally, the lawful basis that stands the chance of exculpating MTN’s brute marketing tactics is legitimate interest. MTN can argue that in pursuit of its legitimate interest of increasing the patronage of its goods and services, it sent out direct marketing messages to its customers like yours truly. Nevertheless, the law, in a bid to prevent the misuse of legitimate interest as a lawful basis by data controllers, data processors or third parties, imposed certain limitations — one of which being that the legitimate interest of a data controller, data processor or third party cannot trump the fundamental rights of a data subject. In this context, MTN’s legitimate interest in growing its revenue cannot override my constitutionally guaranteed right to privacy.
Whatever the outcome, one thing is sure — it would be a nice sparring session in court if MTN’s lawyer knew their onions.
Aside from MTN’s incessant marketing messages being harassment and a breach of my constitutionally guaranteed right to privacy, it also violates my right to object as provided for by the NDPA. The NDPA provides that I have the right to object to the processing of my personal data at any time. To avoid offending this right, the body of MTN’s marketing message should have, just like those from other businesses like Domino’s, contained a link through which I could have discontinued sending the messages to my phone number. Alas, MTN did not make any provision for millions of other people and me to opt out of the harassment they call marketing.
Unfortunately, the position millions of other people and I find ourselves in with MTN is commonplace in the digital era where privacy is a myth. Nevertheless, on a much lighter note, there’s hope. The passing of the NDPA signifies a new era in data protection and privacy in Nigeria; however, to fully materialize, there is a need for collaboration between all stakeholders, such as businesses, regulators, and citizens. First of all, businesses need to be better societal actors by realizing it’s no longer business as usual with people’s personal data.
On the part of the government, more particularly the Nigeria Data Protection Commission, the body vested with overseeing data protection and privacy in Nigeria, there’s a need to create awareness among the citizens about their rights and to develop capacity to ensure full compliance with the law.
As for the citizens, we all need to get ourselves educated on our rights, and we need to be vigilant in defending and guarding those rights, especially in a digital age where information is pervasive.
In conclusion, maintaining a healthy data protection and privacy ecosystem that caters to innovation would signify to the world Nigeria’s readiness to participate in the global digital economy, fostering investment, economic development, and employment in the country’s technology and services sectors.
