In May, outgoing Nigerian president Goodluck Jonathan signed
the Cybercrime Prohibition and Prevention Act into law. The much-awaited legislation was passed by the Senate and House of Representatives in 2014, lacking only
presidential approval.
The Act establishes clear punishments for offenses including
unlawful access to a computer, unlawful interception of communications, unauthorized
modifications of computer data, system interference, misuse of devices,
computer-related forgery and fraud, and identity theft and impersonation, as
well as child pornography, cyberstalking, cybersquatting, cyberterrorism,
racism and xenophobia. It is expected to curb Nigeria’s current practice of
losing $2.5 billion a year to cybercrime.
A July 7 conversation on CNBC Africa brought together Niyi Ajao, Executive Director of Technology at
the Nigeria Inter-Bank Settlement System (NIBSS); Ayotunde Coker, Managing
Director of Rack Centre; and Yemi Saka, Partner of Advisory Service at Ernst
& Young West Africa to praise the benefits of the Cybercrime Act for the financial sector. Ajao
argued that “the Act we have now has come at the right time.” Saka applauded
the legislation as a “right first step to take;" he and Coker advocated that
the next step is an education and awareness campaign, to better inform users of
how passwords and personal devices can be compromised, and also to let
cybercriminals know that their actions will no longer go unnoticed.
The Information Security Society of Africa-Nigeria (ISSAN) responded
favorably as well: “We are delighted that Nigeria has joined the few countries
in Africa and indeed, the world at large, to have a law which provides
effective, unified and comprehensive legal, regulatory and institutional
framework for the prohibition, detection, prosecution and punishment of
cyber-crime in the country, while also ensuring the protection of computer
systems and networks, electronic communications, data and computer programs,
intellectual property and piracy rights.
“For sure, it is no longer business as usual for cyber
criminals. From the petty criminals operating in cybercafés to the big time
hackers, email scammers and other computer-based fraudsters, the law stipulates
heavy penalties which the criminals should be made aware of before they embark
on their ‘suicide’ mission.”
The endless stream of praise, however, has overlooked the
Cybercrime Act’s undeniable willingness to compromise freedom of expression and
privacy. While there remains some uncertainty as to the final iteration of the
law, key clauses in the 2014 legislation include:
- A service provider shall, at the request of the relevant authority referred to in subsection (1) of this section or any law enforcement agency:
(a)
Preserve, hold or retain any traffic data, subscriber
information or related content, or
(b)
Release
any information required to be kept under subsection (1) of this section
(21).
- The right to “order a service provider, through the application of technical means to collect, record, permit, or assist competent authorities with the collection or recording of content data associated with specified communications transmitted by means of a computer system” (22).
- The Attorney-General of the Federation will “provide appropriate legal framework, guidelines and mechanism for the blocking of offensive or inappropriate web-sites” (24).
- The Act applies “outside Nigeria, where the victim of the offence is a citizen or resident of Nigeria” (33).
The digital age has frequently posited that Africa is unique
in its capacity to leapfrog into the technological future; Nigeria’s Cybercrime
Act, however, exposes the limitations of this notion. If the solution to
unfettered cybercrime is to eliminate human rights, there are clearly some
steps that have been overlooked.
No comments:
Post a Comment