A Review of the 2015 Cybercrimes Act

images (63)
Photo Credit: Huffington Post

Following the advent of telecommunication companies in Nigeria and gadgets of like nature, cyber crimes have gradually become a source of worry and embarrassment to Nigerians and Nigeria as a nation. While the technological advancements can be said to have contributed to the development of this nation, Cyber Crimes have affected various economic and diplomatic relations between Nigeria, Nigerian companies and the world at large.

Cyber Crime which may also be referred to as Computer Crime is defined as a crime in which a computer is the object of the crime (hacking, phishing, spamming) or is used as a tool to commit an offense (child pornography, hate crimes). Cybercriminals may use computer technology to access personal information, business trade secrets, or use the Internet for exploitive or malicious purposes. Criminals can also use computers for communication and document or data storage[1].

Cyber Crime in Nigeria

Cybercrime in Nigeria may be classified under three broad umbrellas: cybercrimes against persons, cybercrimes against property and cybercrimes against the government. Most of the common cybercrimes committed in Nigeria would fall under the category of the cybercrimes against persons. Cybercrimes against Property would involve computer vandalism either by introducing harmful software and viruses or by defacing websites while cybercrimes against the government would include acts of cyber warfare or terrorism.

In Nigeria, rampant cybercrimes include Internet fraud, e-mail scams, hacking and distribution of hostile software (viruses and worms), theft of data, extortion, fraud and impersonation. Most common is the” Yahoo boys” menace. These individuals take advantage of cyberspace transactions available on the internet to defraud the unsuspecting victims of large sums of money. They usually represent themselves as having particular goods to sell or that they are involved in shipping or in a loan scheme.

Some of these persons even begin online love affairs with women in other countries promising them marriage and making them send large sums of money claiming that they need such monies to process their travel documents to enable them meet the unsuspecting individuals for marriage.  Some other persons claim to be online charities dedicated to a noble cause and asking unsuspecting persons to send money to help such causes.

Hacking of websites to deface them or to make otherwise unavailable information available to the general public is also beginning to gain ground, we are all familiar with the recent Ashley Madison scandal where the identities of persons who have used the site was made available to all and sundry. Emails of public figures have also been hacked and these criminals have sent messages posing as the owner of the email requesting for money to treat a sick loved one or to meet an important need. In fact, on social media platforms, various well-known figures have claimed that their twitter or Facebook accounts were hacked and impolite messages were written therefrom.

Money laundering by the means of making online transfers of illicitly obtained wealth has also become another means of committing cybercrimes in Nigeria.

Another notable cybercrime in Nigeria is the ATM and E Banking Frauds. Unsuspecting individuals are robbed of their exclusive online banking information and such information is used to make withdrawals from the accounts of such persons.

Internet Pornography and Prostitution is also a cybercrime that is fast making waves in Nigeria. Based on the strictly conservative Nigerian society, prostitution is frowned at and Section 223 and 225 of the Criminal Code which deals with prostitution does not take a clear position against prostitution as it only criminalizes the act of keeping brothels, prostituting children and making profits from prostitution.

E Lotteries are another means of commission of cybercrime, it is not uncommon that messages which claims that one has won a certain sum of money or gift has been won pop up on our screens while surfing the net, clicking of such information may expose our social media accounts and systems to the activities of these hackers. The hackers are granted access to vital information which is in turn used to defraud such individuals.  In recent times, the trend is to also send messages to cell phones claiming that the phone number has won cash prices in a promo and asking such individual to send his details or call a certain number to redeem such prizes.

Overview of the Cyber crimes Act

Prior to 2015, the only Law that was used to tackle cybercrime was the Advance Fee Fraud Act of 2006, the Money Laundering Act of 2004 section 12(1) (c) -(d) and  the Economic and Financial Crime Commission Act of 2005. These laws were inadequate and as such limited the efforts of the law enforcement officers to combat the crime. However, on the 15th of May, 2015, the National Assembly passed the harmonized Cybercrime (Prohibition, Prevention, etc.) Bill 2015 (S.B. 438) into law.

Worthy of note is the fact that the journey to get the bill passed into law started as far back as 2011. The act has 59 sections and legislates on various issues dealing with the prohibition of various cybercrimes. Divided into eight parts, it contains provision on the objectives and application of the act, protection of critical national information infrastructure, offences and penalties, duties of financial institution, administration and enforcements, arrest, search, seizure and prosecution, jurisdiction and international co operations.

Objectives of the Act.

The explanatory memorandum of the act discusses that the Act provides an effective, unified and comprehensive legal, regulatory and institutional framework for the prohibition, prevention, detection, prosecution and punishment of cybercrimes in Nigeria. The act also ensures the protection of critical national information infrastructure, and promotes cybersecurity and the protection of computer systems and networks, electronic communications, data and computer programs, intellectual property and privacy rights.

Part 1 which has Section 1 and 2 being discussed therein mentions the Objectives and Application of the act. The objectives are essentially as mentioned in the explanatory memorandum and. The act shall furthermore be applicable throughout Nigeria.

Part 2 which houses section 3 and 4 vests the powers of designation of selected computer systems or network as critical national information infrastructure based on the recommendation of the National Security adviser. Also, the office of the National Security Adviser is empowered to inspect and audit any critical national information infrastructure.

Part 3 which contains Sections 5 to 36 provides for offences under the act and attendant penalties. In this part, issues such as Offences against critical national information infrastructure, Unlawful access to a computer, Registration of cybercafé, System interference, Interception of electronic messages, email, electronic money transfers, Tampering with critical infrastructure, Willful misdirection of electronic messages, Unlawful interceptions, Computer related forgery, Computer related fraud, Theft of Electronic Devices, Unauthorized modification of computer systems, network data and system interference, Electronic Signature, Cyber terrorism, Exceptions to financial institutions posting and authorised options, Fraudulent issuance of e-instructions, Reporting of cyber threats, Identity theft and impersonation. 23. Child pornography and related offences, Cyberstalking, Cybersquatting, Racist and xenophobic offences, Attempt, conspiracy, aiding and abetting, Importation and fabrication of e-tools, Breach of confidence by service providers, Manipulation of ATM/POS Terminals, Employees Responsibility. Phishing, spamming, spreading of computer virus, Electronic cards related fraud, Dealing in card of another, Purchase or sale of card of another, Use of fraudulent device or attached e-mails and websites are legislated upon and appropriate sanctions of imprisonment and or fines are stated.

Part 4 covers the duties of financial institution. Section 37 to 40 discusses the Duties of financial institutions, Records retention and protection of data, Interception of electronic communications and the Failure of service provider to perform certain duties. Sanctions in form of jail terms and fines are also provided for.

Part 5 discusses the administration and enforcement of the act. Sections 41 to 44 make declaratory legislation on issues such as Co-ordination and enforcement, Establishment of Cybercrime Advisory Council, Functions and powers of the Council and the Establishment of National Cyber Security Funds

Part 6 makes legislative declaration on issues of arrest, search, seizure and prosecution. Section 45 to 49 contains the means of obtaining the Power of arrest, search and seizure, Obstruction and refusal to release information, mode of Prosecution of offences, Order of forfeiture of assets and Order for payment of compensation or restitution.

Part 7 provides for jurisdiction and international co-operation and Section 50 to 56 of this act legislates on issues of jurisdiction, extradition, request for mutual assistance, evidence pursuant to a request, form of request from a foreign state, expedited Preservation of computer data and designation of contact point.

Part 8 makes miscellaneous provisions with its Sections 57 to 59 addressing the issues of regulations, interpretations and citation and the act ends with the schedules.


The importance of an act of this nature cannot be overemphasized and it must be stated this act will go a long way in showing the world that Nigeria is ready to handle the issue of cybercrimes with seriousness. The act also foresees future crimes such as cyber terrorism and genocide and this must be commended.

The act however does not focus on the prevention of cybercrimes, it only makes legislation relating to punishment. Section 8 for example criminalizes the act of unlawfully interfering with a computer System in order prevent the proper workings of such a system by any means and fixes punishment upon conviction at a jail term of not more than 2 years and or a fine of not more than 5 million.

While this section adequately provides punishment for persons who are fond of introducing viruses into computer systems, it does not criminalize the manufacturing of such viruses and when there is a product, a market will materialize. The law ought to have criminalized the generation of such data that may be harmful to computer systems.

Also, Section 7 provides that all cybercafés in Nigeria must be registered with the CAC and the Computer Professionals Registration Council. Cybercafés are also required by law to maintain a register of their users and make such available at the request of law enforcement agents when needed. Also, the section criminalizes electronic and online frauds which in common parlance is called “Yahoo Yahoo” and fixes punishment at 3 years imprisonment and or 1 million naira. Furthermore, if connivance on the part of the owners of the cyber café is proven by the prosecutors, they shall be liable to a fine of 2 million naira and or 3 years jail term

In relation to the provision for the crime of connivance however, the position of the law may be considered confusing. Often, the owners of the cybercafés are not usually the operators of the café. Punishing erring operations under this act may pose a challenge. Shall believe that is an honest mistake on the part of the drafters of this section or is the law providing for a criminal form of vicarious liability? This may prove to be a means by which some lawyers will exploit the weakness of the law to the advantage of offenders.

Section 50 which legislates on the issue of jurisdiction may also pose various challenges in interpretation as it may be hard to convict cyber criminals due to the nature of the “location” where the offence was committed.

[1]Technopedia,http://www.techopedia.com/definition/2387/cybercrime, accessed on 17th August, 2015.

BY: Banke Illori


One thought on “A Review of the 2015 Cybercrimes Act

Leave a comment!

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s