The Nation Newspaper

Tag: Cybercrime

  • How to make Cybercrime Bill work, by lawyers

    How to make Cybercrime Bill work, by lawyers

    The Federal Government has presented to the National Assembly a Bill for a law to, among others, punish cyber criminals. Lawyers are seeking what they call a critical scrutiny of the bill to ensure that adequate measures are taken to prevent rights abuses. ERIC IKHILAE reports.

    As a measure against growing insecurity, the Fed eral Government has presented to the National Assembly a Bill for an Act to prohibit cybercrimes.

    The Bill, titled: Cybercrime Bill 2013, was approved by the Executive Council last August. It seeks a law to empower security agencies to intercept and record electronic communications between individuals and seize data from internet service providers and mobile networks.

    It also seeks to allow security agencies to request telecommunication companies to conduct surveillance on individuals and release user data to authorities.

    A key provision in the bill is that, where there is no urgency, but reasonable suspicion, an ex-parte order must first be obtained from the court before a law enforcement officer conducts a cybercrime investigation.

    Section 22 of the Bill provides: “Where there are reasonable grounds to suspect that the content of any electronic communication is reasonably required for the purposes of a criminal investigation or proceedings, a judge may on the basis of information on oath:

    “(a) order a service provider, through the application of technical means to collect, record, permit or assist competent authorities with the collection or recording of content data associated with specified communications transmitted by means of a computer system; or

    “(b) authorise a law enforcement officer to collect or record such data through application of technical means.”

    The Bill, however, provides that such requirement could be sidestepped where there is “verifiable urgency” to intercept and record electronic communications.

    Section 21 empowers security agencies to order internet service providers or telecom companies to “preserve, hold or retain any traffic data, subscriber information or related content.”

    The Bill also seeks to prohibit the transmission of false electronic messages, child pornography, pedophilia and cyber-terrorism.

    It has also suggested punishments to be attached to any breach of its provisions. For instance, it provides that where a service provider refuses to release its subscriber’s data, as requested by the security agencies, such service provider will be liable to N10million fine, while each of its directors, managers or officers shall be liable for three years jail term or N7 million fine or both.

    In Section 15 (1) it provides for a jail term of not less than one year or a fine of N2 million for “any person who, by means of a public electronic communications network persistently sends a message or other matter that (a) is grossly offensive or of an indecent, obscene or menacing character or causes any such message or matter to be so sent; or (b) he knows to be false, the purpose of causing annoyance, inconvenience or needless anxiety to another or cause.”

    The Bill further prescribes death sentence for a person, who commits crime against “critical national information infrastructure,” defined as “certain computer systems, networks and information infrastructure vital to the national security of Nigeria or the economy and social well-being of its citizens.”

    It provides that if the offence did not result in death, but led to “grievous bodily injury,” the offender shall be liable to imprisonment for a minimum term of 15 years.

    As it relates to terrorism, the Bill prescribes life imprisonment for “any person that accesses or causes to be accessed any computer or computer system or network for purposes of terrorism.” It adopted the definition of terrorism as contained the Terrorism (Prevention) Act, 2011 (as amended).

    The Bill suggests a minimum jail term of 10 years or a N20 million fine for any person convicted for producing and distributing child pornography. It specifies 10 years in jail, N15million fine or both for act of pedophilia.

    Information Minister Labaran Maku said after the Executive Council meeting in August, last year, that the Bill seeks to provide an effective, unified and comprehensive legal, regulatory and institutional framework for the prohibition, prevention, detection, prosecution and punishment of cybercrimes in the country, as well as promote cyber security and ensure the protection of critical national information infrastructure.

    Justifying the necessity for such a law, Maku noted that terrorists and other criminals have been using our cyber space to commit crimes. He argued that all democratic countries of the world have cyber control laws and that there is no nation whose cyber space is not monitored.

    The minister said the Bill is in conformity with existing Nigerian laws, the Budapest Convention on Cybercrime, which reflects Nigeria’s obligations under the soon-to-be finalised African Union Convention on the subject matter.

    The Budapest Convention, better known as the Convention on Cybercrime (which influenced the new Bill), is the first international treaty seeking to address Internet and computer crime by harmonising national laws, improving investigative techniques, and increasing cooperation among nations.

    It was drawn up by the Council of Europe in Strasbourg, France, with the active participation of the Council of Europe’s observer states of Canada and Japan. It was adopted by the Committee of Ministers of the Council of Europe at its 109th Session on November 8, 2001. It was opened for signature in Budapest, on November 23, 2001 and it entered into force on July 1, 2004.

    On March 1, 2006 the Additional Protocol to the Convention on Cybercrime came into force. Those states that have ratified the additional protocol are required to criminalise the dissemination of racist and xenophobic material through computer systems, as well as threats and insults motivated by racism or xenophobia. As of November 2013, 41 states have ratified it, while 11 others have signed, but yet to ratify the convention.

    Proponents of this initiative have applauded the government and argued that it is a step in the right direction, particularly in view of the current security situation in the country; the bad reputation 419 and related cybercrimes have attracted to the country and the requirement by every country to effectively man and police its cyberspace.

    They also observed that the law, when enacted, will further aid the government in discharging its constitutional responsibilities under Section 14(2)(b), where it is provided: “The security and welfare of the people shall be the primary purpose of government.”

    Critics are, however, of the view that it is coming late in the day – years after the coming into force of the Budapest Convention.

    To them, effort by the country to domesticate this international provision, must take into account local peculiarities by criminalising for instance, undue promotion of ethnicity, tribalism, among others in the nation’s cyberspace, in view of their negative implication for the nation’s unity and growth.

    They argued that in view of the inherent weakness in the nation’s criminal justice process, great efforts must be made by the National Assembly to create measures against abuses. They suggested the inclusion of specific provisions for conditions and safeguards, to prevent abuses, as it is the case with Article 15 of the Budapest Convention.

    Article 15(1) of the Convention provides: “Each party shall ensure that the establishment, implementation and application of the powers and procedures provided for in this section are subject to conditions and safeguards provided for under its domestic law, which shall provide for the adequate protection of human rights and liberties, including rights arising pursuant to obligations it has undertaken under the 1950 Council of Europe Convention for the Protection of Human Rights and Fundamental Freedoms, the 1966 United Nations International Covenant on Civil and Political Rights, and other applicable international human rights instruments, and which shall incorporate the principle of proportionality.’’

    Lawyers, including Alex Iziyon (SAN), Yusuf Ali (SAN), Dr. Abdulazeez Ahmed and Solomon Tumba, said much as it is too early in the day to doubt the government’s intention in initiating the Bill, the National Assembly should subject it to critical scrutiny and ensure that provisions are made to guard against abuses and provide sufficient redress mechanisms.

    They suggest that, if passed into law, those saddled with its application should always be guided by the need to always draw distinction between private rights, public interest and national security.

    Iziyon argued that there is the need for the balancing of the private rights – the constitutional rights of the citizens and that of the state – as it concerns national security. He said there has to be a balance, because such law exists all over the world.

    “The issue is that where the private rights is important. But, even the constitution says, your private rights stop if what you are doing is going to affect national interest. For example, you cannot say you have a right to kill somebody because you have a right to carry gun. So, there is a limitation, and that is also there in the Constitution – limitation of the rights.

    “So, with this Cybercrimes Bill, there has to be a balancing. The balancing will have to be that where state’s interest is involved, and there is suspicion of the commission of a crime, and such crime can be tracked, the right of the private individual stops there. You cannot then say there is an invasion of your privacy.

    “But, where the law seeks to go into the bedroom of people that are innocent, and starts monitoring their private e-mails and text messages, then you can now say there an invasion of privacy. I do not think that is what the intention of the Cybercrimes Bill is.”

    Ali said: “Well, I do not think we should bother ourselves much about the intention behind the Bill. We should wait for it to be passed into law first. Provided it is not deployed to witch hunt anybody, particularly those seen as opponents of the state.

    “The beauty of it is that if the law turns out to be unconstitutional, the courts are there. There is no reason for anyone to be apprehensive about the provisions of the Bill. It is only when it becomes law that it can be challenged in court. So, we should wait for it to be passed first.”

    Ahmed said: “I think there is actually nothing bad in the move for a law against cybercrimes in the country. What one should be particular about is its application. You know the problem with this country is not the paucity of laws. We have enough laws, the problem is enforcement and abuses.

    ‘’While the state is seeking to have more laws, the mechanism for criminal justice administration should equally be strengthened to enable it cope.’’

    “What I am saying in effect is that the security personnel, the court officials and those in charge of the prisons should be subjected to periodic training and provided with enhanced remuneration. This is because the cyberspace and the criminals that operate there are highly skilled and exposed to huge funds.”

    Tumba noted: “As is stands today, it is still a Bill to be subjected to the legislative mills. We hope the legislature will do a thorough job, organise public hearing where experts’ opinion will be sought and provided.

    ‘’Many countries have this kind of law. Some have even expanded on their cybercrimes laws.

    “Countries, such as the United States and the United Kingdom, are examples of countries that have greatly expanded on the law. With the growing sophistication in terrorism and other grievous crimes, it is wise for any country to deploy what it has to protect itself. What we should only guard against is abuse and misapplication.”

    It is, however, expected that the National Assembly will cast aside political considerations and diligently consider this Bill in view of its importance to national security, which many argued, is greatly threatened with the relentless attack by the Boko Haram sect, rising incidents of oil theft, kidnapping, among others.

     

  • Wanted! A law against cybercrime

    Wanted! A law against cybercrime

    Before the telecoms revolution, it was unthinkable to transact business with mobile phones from home some 10 years ago. Today, this is the practice, but it is at a price. e-business brought with it cybercrime, reports LUCAS AJANAKU .

    Cybercrimes are committted through the internet and the telephone. The advent of the internet and mobile phone gave birth to such crimes. Hitherto, it was almost impossible for the crimes to thrive. Cybercrimes have become a threat to most economies and many countries have laws to fight the menace. But the same cannot be said of Nigeria, which is lagging behind in laws to tackle the hydraheaded problem.

    It is against this backdrop that the Director, National Information Technology Development Agency (NITDA), Prof Cleopas Angaye, is pushing for such a law.

    On why the agency is championing the bill, Angaye said it was because Nigeria is in the same league with “super powers” on a negative pedestal. Cybercrimes have given the county a bad image and are posing a threat to e-commerce.

    “Nigeria is rated as one of the worst cybercime nations in the world. If you go to the internet (and click) cybercrime Nigeria, you will see that Nigeria is either one of the four (leading cybercrime countries of the world). It becomes of utmost concern when you count the United States and, maybe China and the United Kingdom, and Nigeria is there. We shouldn’t be there. Nigeria is not as advanced as these other countries. We want to be advanced in other areas, but certainly not in crime. So, we are concerned. We want our cyberspace to be free,” he told The Nation.

    Angaye said the Cybercrime Bill was borne out of necessity. According to him, there are two strands to the bill: cybercrime and cybersecurity.

    “There are the cybercrime and the cybersecurity issues. The cybersecurity part of the bill spells out penalties for those who contravene the bill. Security is about how we prepare ourselves and ensure that we secure our cyberspace against crime,” he said.

    He wondered if e-commerce, especially online retailing, was possible in the country.

    “The question that comes to mind is: “Is it realistic for a country like Nigeria where crime rate is high?”

    But in the last few years, cynics have been proved wrong. At the last count, no fewer than a dozen online retailing outlets have registered their presence in the country. But the issue is how to sustain the growth in the face of obvious challenges.

    Though there is no data to that effect, but the number of sites doing online retailing is a sign that it is gaining traction in the country. There are www.konga.com, www.gloo.ng, www.jumia.com.ng, www.kaymu.com.ng www.mybidmonster.com.ng, www.shopkolo.com, www.ozyet.com, www.buyright.biz and others.

    The former Chief Executive Officer, sunglasses.com.ng, Jaime Moreno, said the future of e-commerce in Nigeria is bright considering the population of the country and the number of internet users. “In the UK, e-commerce accounts for around 10 per cent of the Gross Domestic Product (GDP ) implying over $200 billion. And by 2016, it is expected to contribute more than construction, healthcare or education.

    “Now, obviously Nigeria is at infancy stage compared to UK in terms of e-commerce, but this shows the potential the country has and where it could be heading soon.

    “And if some people think UK is a far example, UK has 52 million internet users. Nigeria has 48 million, and most likely will overpass UK by the end of 2013,” he said.

    He added that lack of education about e-commerce and lack of trust between the customers and service providers remain challenges too. “In Nigeria, there is a large amount of internet users, but most do not yet know they can actually buy products online,” he added.

    On its impact on the labour market, he said, Nigeria has a very large young population (over 50 per cent below 20). The wave of e-commerce will bring many new start-ups and along with them job creation for that young population. Entrepreneurs, self-employed and freelancers will have the key to become the engine of growth and innovation for Nigeria.”

    Given that online retailing holds huge prospect for the economy in terms of opportunities, how could it be developed to boost the nation’s GDP?

    Moreno said the government has a major role to play. “With the potential that Nigeria has in terms of demographics and internet dynamics, the government could power Nigeria to become the African hub for e-commerce. Allowing intensive benefits to technology startups in the country will definitely attract foreign investment and will help Nigerian and international entrepreneurs to grow and create successful companies,” he said. Other thing government needs to fix are:

    Insist on quality telecoms

    service

    Many Nigerians access the Internet via their mobile phones. This implies that the Nigerian Communications Commission (NCC) should step-up its regulatory role so that seamless internet services could be guaranteed.

    Improved products’ delivery times

    In a country where the major highways have graduated to highways to the graves and where the rail and other alternative means of transportation remain a luxury, delivery time could be a challenge. The government could fix the raods and open up alternative means of transportation. Moneyweb reported that according to Jana, 38 per cent of South Africans report that the biggest obstacle to online shopping is delivery times. This is in large part a reflection on the parlous state of South Africa’s road and postal infrastructure, and beyond the control of online retailers.

    Tackling online insecurity

    Nigerians are still anxious about the security of their online information, especially without an enabling law to punish people who breach the cyberspace. The Vice-chairman WiniGroup Incorporation, Tim Akano, said IT security has always been taken with levity in the country, arguing that this will make breach an easy task by the large pool of unemployed smart graduates.

    “IT security is already a major concern globally. IT security threat will become more serious in 2013 and beyond. In Nigeria, where IT security is usually handled with levity, with more young people acquiring IT skills and with little opportunity to earn a decent income due to poor infrastructure that will make them transit to technopreneure, these youths will turn to vulnerable banks, universities, government agencies and other corporate organisations to earn huge income by hacking into their database and sell it for handsome fees in the online booming black market,” Akano who is also the managing director of New Horizons Nigeria, warned.

    He, however, advised organisations to embrace encryption, adding that organisations that will go unscathed are those that have what he described as the sven-layer-IT security sweater.

    “The way out of this pending hacking- earthquake is for organisation to embrace encryption. Organisation that will go unhurt, un-embarrassed and stand protected this year and beyond will need what I call: “7-Layer IT-Security Sweater’’ to cover its origination’s body. Fortunately, this 7-Layer IT-Security Sweater’’ already exists in Nigeria,” he said.

  • Cybercrime bill scales second reading

    Cybercrime bill scales second reading

    The House of Representatives has given its backing to curbing crimes perpetrated through the Internet.

    The bill seeking to provide for offences and penalties relating to computer misuse and cybercrimes in Nigeria’s criminal and penal codes passed the second reading yesterday.

    Aisha Ahmed Dahiru (PDP, Adamawa), who sponsored the bill, regretted the killing of Cynthia Osokogu who was lured to Lagos, raped, robbed and strangled by her friend in a BlackBerry chat room.

    According to her, the absence of cybercrime laws portrays Nigeria as a very porous nation for cybercrime.

    While she described cybercrime as a well organised and coordinated enterprise, the lawmaker noted that the absence of cybercrime legislation has exposed sensitive economic, intelligence and security and sundry government outfits to hacking by cybercrime syndicates.

    According to her, the Economic and Financial Crimes Commission (EFCC) has made 288 cybercrime-related arrests.

    She said due to lack of cybercrime legislation to prosecute the cases, 234 of them are pending in courts.

    House Minority Leader, Femi Gbajabiamila (ACN Lagos), who also spoke in support of the bill, said: “This issue (cybercrime and computer misuse) has become a menace to the society that needs to be dealt with frontally.”

    The bill was referred to the House Committee on Justice for further legislative action by the presiding officer, Deputy Speaker Emeka Ihedioha, after it was put to voice vote and passed.