On 27th February, 2026, Spaces for Change | S4C hosted a private sector consultative dialogue in Lagos, bringing together government regulators, private sector actors, telecommunication companies, legal practitioners, and civil society organizations to discuss ways of increasing respect for human rights while achieving business and security objectives. The convening examined the intersection between surveillance technology proliferation and the shrinking of civic space in Nigeria and across West Africa, exploring the role of the private sector in improving the operating environment for civil society. The convening comprised representatives from the Nigeria Data Protection Commission (NDPC), National Information Technology Development Agency (NITDA), National Identity Management Commission (NIMC), National Communications Commission (NCC), major telecommunication operators, legal practitioners, data protection experts, academics and civil society organizations.
Discussions at the dialogue were anchored on findings from two research reports. First, the 2nd edition of the “Civic Space in Africa: Trends, Threats and Futures“ tracked 801 incidents of civic space violations across 16 West African countries between 2022 and 2024, a sharp increase from 639 incidents documented within the period of the first edition. The second report, “The Proliferation of Dual-Use Surveillance Technology in Nigeria,“ examined how surveillance technologies enter the country, who profits from them, and what safeguards exist. Both reports revealed a troubling pattern: surveillance infrastructure is increasingly being deployed in ways that affect activists, journalists, and protesters, with the private sector, telecommunication companies, technology vendors, and platform operators playing a central role in the ecosystem. Against this backdrop, the dialogue was convened to foster honest conversations about accountability gaps, regulatory challenges, and the collective responsibility of state and non-state actors in safeguarding civic freedoms in an increasingly digitalized environment.
The first panel, comprising legal practitioners, academics, regulators, and civil society representatives, focused on the impact of surveillance deployments documented in the civic space report. The conversations examined how legal frameworks interact with surveillance practices, particularly the Lawful Interception of Communication Regulations 2019 and the Terrorism Prevention Act 2022. Beyond legislative frameworks, systemic accountability gaps were identified as a critical challenge. Civil society was encouraged to complement advocacy efforts with concrete legal action by filing public interest litigation, petitioning the National Assembly’s Human Rights Committee, and working with lawyers to pursue cases through the courts.
The conversations revealed that surveillance technology purchases often lack transparency, making it difficult for oversight bodies or the public to track procurement. Existing regulatory frameworks, while designed for digital transformation projects, were not specifically structured to conduct human rights impact assessments on surveillance technologies. Government agencies rarely bring surveillance technology through standard clearance processes because of the sensitive nature of these procurements. Urgent needs were identified, including building local surveillance capacity to reduce dependence on foreign technologies, creating public procurement registers, requiring human rights assessments before procurement, and fostering closer collaboration between regulators and civil society for independent oversight. One striking statistic emerged: the 2020 internet shutdown during the #EndSARS protests had high economic costs, estimated at approximately $1.6 billion.
The panel also addressed the role of the judiciary in surveillance oversight. Many judges face challenges in understanding surveillance technologies because these issues emerged long after their formal legal education. As a result, even when warrants are issued, there may be gaps in understanding the technical implications of what is being authorized. The need for better legal education for judges, more robust public interest litigation, and continued advocacy to strengthen judicial capacity in this area was emphasized.
The second panel, featuring another regulator, civil society representatives, legal practitioners, and the mobile network operators discussed how surveillance infrastructure operates in Nigeria. The session offered unprecedented transparency into technical operations and regulatory frameworks. Data protection legislation grants investigative powers over technologies deployed in Nigeria and requires organizations to conduct Data Protection Impact Assessments (DPIAs) for high-risk technologies. However, implementation challenges remain, particularly in ensuring consistent oversight across both government agencies and private companies.
The panel also addressed how international export control regimes face challenges in the age of artificial intelligence. Certain software categories, particularly those “available to the masses”, fall outside traditional oversight frameworks. Advanced AI tools are are publicly available and now accessible for various purposes, including intelligence gathering, yet they operate with limited regulatory oversight. The conversation emphasized that regulatory frameworks need significant updating to keep pace with technological advancements.
One of the most revealing parts of the dialogue came when mobile telecommunications operators explained how lawful interception works in practice. All mobile network operators are required by law to deploy lawful intercept technology on their networks as a licensing condition. Only authorized security agencies can connect directly to these systems. For other law enforcement data requests, strict protocols exist: requests must be in writing, signed by senior officers of appropriate rank, and specify the necessary details for investigation. Telecommunications operators must also obtain approval from the NCC before sharing subscriber data with any third party, even government agencies. However, an important gap was highlighted: Over-The-Top (OTT) services like WhatsApp, Telegram, and Signal are not currently regulated in Nigeria. Their communications are encrypted, meaning surveillance can potentially bypass telecommunications infrastructure through these unregulated platforms.
The dialogue also examined why the country’s increased procurement of technologies with surveillance capabilities don’t always translate into improved security outcomes. Technology exists to track individuals and devices with remarkable precision, demonstrated by how personalized advertising already uses location data to target users based on their exact position. The challenge lies not in technical capability but in how these tools are deployed and for what purposes. Jurisdictional challenges in regulating technology companies were also explored. The difficulty of holding foreign companies supplying surveillance tools accountable was noted, given varying international legal frameworks and enforcement capacities. This reality highlights Nigeria’s challenge: the country relies heavily on foreign surveillance technologies it cannot fully regulate, procured through processes that may lack sufficient transparency, and deployed by agencies that operate with limited civilian oversight.
Five key areas requiring attention emerged from the dialogue. First, Nigeria’s legal frameworks need updating to better balance security imperatives with civil liberties, including clearer oversight mechanisms and time limits for security-related detentions. Second, regulatory coordination across NITDA, NDPC, NOTAP, and the NCC needs strengthening, with clearer lines of responsibility for surveillance technology oversight. Third, the private sector, telecommunications companies, technology vendors, and platform operators play a critical role in the surveillance ecosystem and need clearer guidance on balancing legal obligations with human rights responsibilities. Fourth, technology is advancing faster than regulatory frameworks can adapt, particularly regarding AI-driven tools that fall outside traditional oversight categories. Finally, economic incentives and institutional interests can sometimes work against transparency and accountability, requiring deliberate policy interventions to align these interests with public good.
Concrete interventions were identified for moving forward. These include building local surveillance technology capacity to reduce dependence on foreign vendors and increase Nigerian oversight capabilities; creating mandatory public procurement registers that document surveillance technologies purchased by government agencies; requiring human rights impact assessments before surveillance technology is procured or deployed; developing transparency obligations for telecommunications operators and technology platforms regarding government data requests and compliance; and strengthening institutional accountability mechanisms that operate independently of political leadership changes.
Achieving these reforms will require sustained collaboration between government regulators, private sector actors, and civil society organizations. The willingness of all sectors to engage honestly and constructively about these challenges demonstrates the potential for meaningful progress. There is growing recognition that digital technologies must serve both security objectives and democratic values, and that achieving this balance requires ongoing dialogue, mutual accountability, and commitment to continuous improvement. The path forward demands partnership rather than confrontation, transparency rather than secrecy, and a shared commitment to building a digital ecosystem that protects both national security and fundamental rights.
