Library of Congress

Law Library of Congress

The Library of Congress > Law Library > News & Events > Global Legal Monitor

Nigeria: Cybercrime Bill Proposed

(Feb. 5, 2014) Nigeria’s President Goodluck Jonathan recently introduced the Cybercrime Bill, 2013 in the National Assembly. (Nuruddeen M. Abdallah & Musa Abdullahi Krishi, Cybercrime Bill: FG Seeks Powers to Intercept SMS, Emails, BBMS, Fax, DAILYTRUST (Jan. 28, 2014).) The objectives of the legislation include, among other goals, protecting the country’s national information structure and establishing an integrated legal, regulatory, and institutional framework to deal with cybercrimes. (Cybercrime Bill, 2013, § 1, Paradigm Initiative Nigeria (PIN) website.)

The legislation would criminalize various cyber activities. Among the most notable crimes under the legislation are:

  • offenses against what the legislation calls the “critical national information structure.” Critical national information structure includes any and all computer systems, networks, and information infrastructure designated as such by the country’s president on the recommendation of the national security advisor. (Id. § 3.) A person who commits any offense under the legislation (including the offenses stipulated below) involving a critical national information structure would, on conviction, receive a sentence ranging from 15 years to the death penalty, depending on the gravity of the offense. (Id. § 5.)
  • cyberterrorism. A person who “accesses or causes to be accessed” any computer system or network for the purpose of committing a terrorist act (as defined under the Terrorism (Prevention) Act, 2011, as amended, Nigerian Financial Intelligence Unit website) would commit a cyberterrorism offense. (Id. § 17.) A person convicted of this charge would be subject to a sentence of life imprisonment. (Id.)
  • child pornography. The legislation creates two classes of offenses under this category. The first involves the use of a computer network for the purpose of, among other activities, the possession, production, and/or distribution of materials depicting a minor, a person appearing to be a minor, or images representing a minor engaged in sexually explicit conduct. (Id. § 14.) The second involves the use of “information and communication technologies” to engage in such acts as luring and meeting (here the crime requires two elements to exist: communicating with a child online followed by an in person meeting) with a child for the purpose of engaging in sexual activities or recruiting a child to participate in a pornographic performance. (Id.) The penalties for the offenses would range from a five- to ten-year prison term or fines ranging from N10 to N20 million (about US$61,470-$122,940), or both, depending on the particular offense. (Id.)
  • racism or xenophobia, which includes the use of any material that “advocates, promotes or incites hatred, discrimination or violence, against any individual or group of individuals, based on race, colour, descent or national or ethnic origin, as well as religion if used as a pretext for any of these factors.” (Id. § 18.) The use of a computer system or network to distribute racist or xenophobic materials, materials that deny, approve, or justify acts that constitute genocide or crimes against humanity, or the use of a computer system or network for racist or xenophobic insults, would constitute an offense under this provision. (Id.) Upon conviction, the offender would be subject to a sentence of at least five years in prison and/or a minimum N10 million fine. (Id.)

In addition, the legislation would establish numerous other crimes, including: obtaining unlawful access to a computer, unlawful interception of communications, unauthorized modification of a computer program or data, system interference, misuse of devices, computer-related forgery, computer- related fraud, identity theft or impersonation, cyberstalking, and cybersquatting. (Id. §§ 6-19.)

Another notable provision in the legislation would require Internet and phone service providers to retain and make available to government agencies customer information, including traffic data as well as subscriber information. (Id. § 21.) If a service provider fails to cooperate with government agencies in this regard, it would be subject to a fine of at least N10 million, and its director/manager/officer would be prosecuted and, on conviction, be subject to at least three years in prison and/or an N7 million fine. (Id. § 23.)

The legislation would also afford law enforcement officers broad search, arrest, and seizure powers, including some that do not require judicial oversight. This occurs when there is what the legislation calls a “verifiable urgency” that a cybercrime is about to be committed or that there is an “urgent need to prevent the commission of an offence,” and obtaining a warrant would take time and be prejudicial to public safety or order. (Id. § 28.) In such a circumstance, a law enforcement officer would have the authority to enter any premises or vehicle that he reasonably suspects is being used or is likely to be used for the commission of a crime or that contains evidence of the commission of a crime. (Id.) Once in control of the premises or vehicle, the officer need not wait to obtain a warrant; he may conduct searches, seize items, or arrest persons he “reasonably suspects” to be connected to the crime. (Id.)

Cybercrime appears to be pervasive in Nigeria. A recent survey, conducted in four locations in the country and involving 2,980 respondents, found that 30% of the respondents were victims of a cybercrime and had suffered together around US$1.4 million in monetary losses. (‘GBENGA SESAN et al., ECONOMIC COST OF CYBERCRIME IN NIGERIA 5, 7, & 8 (2013), PIN website.) The survey, which noted that the country enjoyed a 30% Internet penetration in 2012, estimated Nigeria’s 2012 total economic loss as a result of cybercrimes to be over US$13.5 billion. (Id. at 11.)