Bahrain: Law on Combating Cybercrime
The Law on Combating Cybercrime is legislation enacted in Bahrain to address the growing threat of cybercrime in the country. The law criminalizes various cyber offences, including hacking, identity theft, cyberstalking, and disseminating malicious software. It also imposes harsh penalties for those convicted of these crimes, including imprisonment and fines.
The law also establishes the Bahrain National CERT, a government agency responsible for responding to cyber incidents and promoting cybersecurity awareness. The agency works with other government agencies, private organizations, and international partners to enhance Bahrain’s cybersecurity capabilities.
Overall, the Law on Combating Cybercrime represents Bahrain’s commitment to protecting its citizens from the harms of cybercrime. The law takes a comprehensive approach to address cybercrime, with prevention, prosecution, and incident response provisions. Its emphasis on partnership and collaboration also underscores the importance of a coordinated and cooperative approach to cybersecurity in today’s interconnected world.
Introductory chapter
Article 1 – In the application of the provisions of this Law, the following words and expressions shall have the meanings assigned to each of them unless the context otherwise requires.
Chapter I: Penalties for IT crimes
First branch Crimes against IT systems and data
Article 2 – A penalty of imprisonment for a period not exceeding one year and a fine not exceeding thirty thousand dinars or one of these two penalties shall be imposed without legal justification for entering into the IT system or part of it.
Article 3 – It is punishable by imprisonment and a fine not exceeding fifty thousand dinars or one of these two penalties, which is the most recent damage to the data of the means of information technology or IT system.
Article 4 – Without prejudice to any more severe penalty in any other law, imprisonment with a fine not exceeding one hundred thousand Dinars or one of these penalties shall be punishable by wiretapping, intercepting or intercepting without legal
Article 5 – Without prejudice to any stricter penalty in any other law, a person who sends the data of an information technology device containing a threat of causing damage to the carrying of another shall be punished
Article 6 – Whoever commits any of the offenses set forth in Articles 2, 3, 4 and 5 of this Law to produce, import, buy or sell, shall be punished by imprisonment for a period not exceeding one year
Section II: Crimes related to the means of information technology
Article 7 – Shall be liable to imprisonment for a term of not more than ten years from the introduction, adaptation, suspension, cancellation, deletion, destruction, alteration, modification, alteration or omission of the data
Article 8 – A person who unlawfully obtains possession of property owned by third parties or receives any benefit for himself or others or to sign, cancel, destroy or modify a bond by means of a false name
Article 9 – Any person who uses encryption in order to commit or conceal any of the crimes provided for in this Law or any other law shall be punished
Section III: Crimes related to content
Article 10 – Without prejudice to any more severe penalty in any other law:
Chapter II: Procedures for IT crimes
Article 11 – The provisions of this Chapter shall apply to:
Article 12 – The Public Prosecution may order any person to expeditiously maintain the integrity of certain data for the means of information technology, including the route data stored within the IT system
Article 13 – The Public Prosecution may order any person possessing or under its control certain data to transmit information promptly, including data stored within an information technology system
Article 14 – The judge of the lower court may, at the request of the Public Prosecution, after having examined the papers, order the following:
Article 15 – The Public Prosecution may issue an injunction to enter and inspect the following:
Article 16 – The Public Prosecution Authority shall have the authority to control and preserve the data of the means of information technology accessed pursuant to the provisions of Article (15) of this law, including the following:
Article 17 – The judge of the lower court shall, at the request of the Public Prosecution, and upon examination of the papers, order any person who is competent or familiar with the functioning of the IT system
Article 18 – Subject to the provisions of section (b) of Article (14) of this Law, the Public
Prosecution may, after obtaining the permission of the lower court judge:
Article 19 – A person who has not complied with an order or order issued in accordance with the provisions of any of the following paragraphs shall be punished by imprisonment
Chapter III: Miscellaneous provisions
Article 20 – The initiation of the offenses provided for in this Law shall be punishable by half of the prescribed penalty for the full offense.
Article 21 – Without prejudice to the criminal liability of the natural person, the legal person shall be liable to the fine prescribed for the offense if any of the offenses
Article 22 – Except as provided in Chapter Two of this Law, the provisions of the Code of Criminal Procedure shall apply to the offenses provided for in this Law, to the extent permitted by the nature and the means of storing the data.
Article 23 – Except as provided for in this law, whoever commits an offense stipulated in any other law by means of a system or any technical means of information shall be punished by the prescribed penalty for that crime.
Article 24 – The Prime Minister and the Ministers, each within his own jurisdiction, shall implement the provisions of this Law and shall come into force one month after the date of its publication in the Official Gazette.
