The telecoms regulator has beamed its spotlight on 10 key provisions of the Nigeria Cybercrime Act 2015, one of the major enabling laws for fighting cybercrime and other technology-aided criminal activities.
The Nigerian Communications Commission (NCC) was interested in knowing how cybercrime activities impact the flow of investments into the economy, so it commissioned a study that culminated in the “Final Report on: Effects of Cyber Crime on Foreign Direct Investment and National Development.”
The study reviewed the Nigeria Cybercrime Act 2015, which comprises 59 Sections, 8 parts and two Schedules that has the 1st Schedule listing the Cybercrime Advisory Council.
The Second Schedule lists businesses to be levied for the purpose of the Cybersecurity Fund under S.44(2)(a) to include GSM service providers and all telecoms companies; Internet service providers, banks and other financial institutions, insurance companies and Nigerian Stock Exchange, the study reports.
Nigeria Cybercrime Act 2015: The 10 key highlights
Authors of the NCC study that also reviewed the cybercrime policy and legal landscape in Nigeria, refocused among others, the Nigeria Cybercrime Act 2015, pointing out 10 key highlights of one of the nation’s vital legal instrument enacted for combating crime committed using the internet and other information and communication technology (ICTs) tools:
1) Gives the President the power to designate certain computer systems, networks and information infrastructure vital to the national security of Nigeria or the economic and social well-being of its citizens, as constituting Critical National Information Infrastructure and to implement procedures, guidelines and conduct audits in furtherance of that. Examples of systems which could be designated as such include transport, communication, banking, etc.
2) Prescribes the death penalty for an offence committed against a system or network that has been designated critical national infrastructure of Nigeria that results in the death of an individual or/and loss in financial transaction.
Hackers’ fine/jail term
3) Hackers, if found guilty of unlawfully accessing a computer system or network, are liable to a fine of up to N10 million or a term of imprisonment of 5 years (depending on the purpose of the hack). The same punishment is also meted out to Internet fraudsters who perpetuate their acts either by sending electronic messages or accessing and using data stored on computer systems.
4) Makes provision for identity theft, with the punishment of imprisonment for a term of not less than 3 years or a fine of not less than N7 million or to both fine and imprisonment.
5) Specifically creates child pornography offences, with punishments of imprisonment for a term of 10 years or a fine of not less than N20 million or to both fine and imprisonment, depending on the nature of the offence and the act carried out by the accused persons. Offences include, amongst others: producing, procuring, distributing, and possession of child pornography.
Cyber-stalking and Cyber-bullying
6) Outlaws Cyber-stalking and Cyber-bullying and prescribes punishment ranging from a fine of not less than N2 million or imprisonment for a term of not less than 1 year or to both fine and imprisonment, up to a term of not less than 10 years or a fine of not less than N25 million or to both fine and imprisonment; depending on the severity of the offence.
7) Prohibits cybersquatting, which is registering or using an Internet domain name with bad faith intent to profit from the goodwill of a trademark belonging to someone else or to profit by selling to its rightful owner. Individuals who engage in this are liable on conviction to imprisonment for a term of not less than 2 years or a fine of not less than N5 million or to both fine and imprisonment.
8) Forbids the distribution of racist and xenophobic material to the public through a computer system or network (e.g. Facebook and Twitter). It also prohibits the use of threats of violence and insulting statements to persons based on race, religion, colour, descent or national or ethnic origin. Persons found guilty of this are liable on conviction to imprisonment for a term of not less than 5 years or to a fine of not less than N10million or to both fine and imprisonment.
9) Mandates that service providers shall keep all traffic data and subscriber information having due regard to the individual’s constitutional Right to privacy and shall take appropriate measures to safeguard the confidentiality of the data retained, processed or retrieved.
Interception of electronic communication
10) Allows for the interception of electronic communication by way of a court order by a Judge, where there are reasonable grounds to suspect that the content of any electronic communication is reasonably required for the purposes of a criminal investigation or proceedings.