Cameroon

PART I – General provisions
Section 1 – This law governs the security framework of electronic communication networks
and information systems …
Section 2 – This law shall not cover the specific applications used in national defense and
security.
Section 3 – The electronic communication networks targeted by this law shall include …
Section 4 – Within the meaning of this law and its implementing instruments, the following
definitions shall be accepted …
Section 5 – The terms and expressions not defined under this law shall maintain their
definitions or meanings as provided for in international legal instruments.

PART II 
CHAPTER 1: Electronic security and general security cybersecurity
Section 6 – The Administration in charge of Telecommunications shall formulate and
implement the electronic communication’s …

CHAPTER II: Regulation and monitoring of electronic security activities
Section 7 – The National Agency for Information and Communication Technologies …

CHAPTER III: Legal regime of certification activities
Section 10 – Electronic certification activities shall be subject to prior approval. It shall be
carried out by Certification Authorities.
Section 11 – The following activities may be subject to authorization …
Section 12 – The conditions and terms for granting the authorization referred to in Section 10 above shall be laid down by regulation.

CHAPTER IV: Security activities
Section 13 – Electronic communication networks and information systems of operators,
certification authorities …
Section 14 – The staff of the Agency and experts recruited to carry out audit operations shall be required to maintain professional secrecy.

CHAPTER V: Electronic certification
Section 15 – Qualified electronic certificates shall be valid only for the objects for which they were issued.
Section 16 – Certification Authorities shall be responsible for prejudice caused to people
who relied on the certificates they presented as qualified in the case where …

CHAPTER VI: Electronic signature
Section 17 – The advanced electronic signature shall have the same legal value as that
handwritten signature and produce the same effects as the latter.
Section 18 – An advanced electronic signature must meet the following conditions …

CHAPTER VII: Electronic certificates and signatures issued by certification authorities
Section 19 – The certification authority that validated an electronic certificate may not retract.
Section 20 – An electronic certificate issued outside the national territory shall produce the
same legal effects …

CHAPTER VIII: Electronic document
Section 21 – Any person wishing to affix his electronic signature to a document can create the signature …
Section 22 – Any person using an electronic signature device must …
Section 23 – In the event of failure to honor the commitments under Section 22 above, the
holder of the signature shall be responsible for the injury caused to others.

CHAPTER IX: Protection of electronic communication networks, information systems and personal privacy

I – protection of electronic communication networks
Section 24 – Electronic communication networks operators and electronic communication service providers …
Section 25 – Network operators and electronic communication service providers shall be bound to conserve traffic connection data for a period of 10 (ten) years.

II – Protection of information systems
Section 26 – Operators of information systems shall take every technical and administrative
measure to ensure the security of services offered.
Section 27 – Corporate bodies whose activity is to provide access to information systems shall be bound to inform users of …
Section 28 – Operators of information systems shall inform users of the prohibition to use
electronic communication networks …
Section 29 – Operators of information systems shall be bound to conserve the connection
and traffic data of their information systems for a period of 10 (ten) years.
Section 30 – Operators of information systems shall assess and revise their security
systems …
Section 31 – Electronic communication networks and information systems content
providers shall be …
Section 32 – Electronic communication networks and information systems shall be subject
to a regime of …

III – Obligations of access, service and content providers
Section 33 – Persons whose activity consists in providing access to electronic communication services …
Section 34 – The persons in charge, even gratuitously, of the storage of signals, written
material, images, sound or messages of any nature supplied by the users of such services may be liable.
Section 35 – The persons referred to in Sections 33 and 34 above shall be bound to preserve, for a period of 10 (ten) years…
Section 36 – The competent court referred to shall rule, within a maximum time-limit of 30 (thirty) days …
Section 37 – Persons engaged in editing electronic communication services shall inform the
public of …
Section 38 – Persons editing an electronic communication’s service may place at the disposal of the public only the name, company or corporate name and the address of the provider.
Section 39 – Any person who is victim of defamation by means of an electronic communication’s service …
Section 40. (1) Any person engaged in transmitting electronic communication networks content …

IV – Protection of privacy
Section 41 – Every individual shall have the right to the protection of their privacy. Judges may take any protective measures …
Section 42 – The confidentiality of information channelled through electronic communication and information systems networks …
Section 43 – Content providers shall be responsible for data transmitted through their information system notably…
Section 44 – It shall be forbidden for any natural person or corporate body to listen, intercept and store communications …
Section 45 – The recording of communications and traffic data related thereto in a professional setting …
Section 46 – Electronic communication networks and information systems content providers shall be bound …
Section 47 – The use of electronic communication networks and information systems for the purpose of storing information …
Section 48 – The sending of electronic messages for prospecting purposes by dissimilating the sender identity …

V – Interception of electronic communication
Section 49 – Notwithstanding the provisions of the Criminal Procedure Code, in case of crimes or offences …
Section 50 – In the event of encoding, compressing or ciphering of data transmitted by electronic communication networks …
Section 51 – The personnel of electronic communication network operators or electronic communication service providers …

PART III – Cybercriminality
CHAPTER 1: Procedural law provisions
Section 52 – In case of any cyber offence, Criminal Investigation Officers with general jurisdiction …
Section 53 – Cybercriminal-related searches may concern data. Such data may be physical material or copies …
Section 54 – Searches and seizures shall be carried out in accordance with the provisions of the Criminal Procedure Code …
Section 55 – When it appears that data seized or obtained in the course of an investigation or inquiry has been the subject of transformation
Section 56 – The request provided for in Section 50 above may be made to any expert. In such case …
Section 57 – Cameroonian judicial authorities may set up a rogatory commission at, both
the national and international level
Section 58 – Natural persons or corporate bodies that provide cryptographic services aimed at …
Section 59 – For purposes of investigation or examination, the hearing or interrogation of a person …

CHAPTER II: Offences and penalties
Section 60 – When a Certification Authority is non-compliant, the Agency may, after serving a warning …
Section 61 – Agency personnel and experts of corporate bodies in charge of security audits who without any authorization …
Section 62 – Whoever presents the content or activity to the person referred to in Sections 33 and 34 …
Section 63 – The de jure or de facto manager of a corporate body exercising the activity defined in Sections 33 and 34 …
Section 64 – Corporate bodies shall be criminally liable for offences committed on their account by their management structures.
Section 65 – Whoever, without any right or authorization, proceeds by electronic means to intercept …
Section 66 – Whoever causes disturbance or disruption of the functioning of an electronic communication network …
Section 67 – Causing serious disturbance or disruption of the functioning of an electronic communication network …
Section 68 – Whoever fraudulently gains access or remains in all or part of an electronic communication network …
Section 69 – Whoever accesses all or part of an electronic communication network, an information system …
Section 70 – Whoever causes through saturation, the attack of an electronic communication network device …
Section 71 – Whoever without permission, introduces data into an information system or an electronic communication network …
Section 72 – Whoever without authorization and for financial gain, uses any means to introduce, alter, erase or delete electronic data …
Section 73 – Whoever uses an information system or a counterfeit communication network to falsify payment, credit or cash withdrawal card …
Section 74 – Whoever uses any device to receive the privacy of another person by attaching, recording or transmitting private or confidential electronic data …
Section 75 – Whoever for financial gain, records or publishes images that undermine the bodily integrity of another person …
Section 76 – Whoever uses electronic communications or an information system to design, carry or publish a child pornography message …
Section 77 – Whoever uses electronic communication or an information system to act in contempt of race or religion …
Section 78 – Whoever uses electronic communications or an information system to design, to publish or propagate a piece of information …
Section 79 – Penalties against private acts of indecency set forth in Section 295 of the Penal Code shall be punished …
Section 80 – Whoever for consideration or free of charge, uses electronic communications or an information system to publish, attach, record or transmit …
Section 81 – The following offences shall be punishable with the penalties provided for in …
Section 82 – below where they are committed using an electronic communication network or an information system …
Section 82 – The penalties provided for in Section 79 above shall be doubled for whoever uses electronic communication devices …
Section 83 – Whoever uses electronic communication devices to make sexual proposal to a person of the same sex shall be punished …
Section 84 – Whoever fraudulently becomes acquainted with, delays access to or deletes electronic messages …
Section 85 – The penalties provided for in section 84 above shall apply against whoever, being responsible for a public service mission …
Section 86 – The penalties provided for in section 71 above shall apply against whoever imports, keeps, offers, transfers, sells …
Section 87 – Authors of the offences provided for in Section 86 above shall be punishable with the following additional penalties …
Section 88 – Whoever, knowing about the secret decoding convention, a cryptographic means likely to have been used to prepare, facilitate or commit …
Section 89 – There shall be no suspended sentence for the offences provided for in this law.

PART IV: International cooperation and mutual judicial assistance
CHAPTER I: International cooperation
Section 90 – In the discharge of their duties, Cameroonian Certification Authorities may, under the control of the Agency …

CHAPTER II: International and mutual judicial assistance
Section 91 – Unless otherwise provided for by an international convention to which Cameroon is signatory, requests for judicial assistance …
Section 94 – Where the enforcement of a request for judicial assistance from a foreign judicial authority …

PART V – Transitional and final provisions
Section 95 – The conditions of applications of this law shall, and as when necessary, be laid
down by implementation instruments.
Section 96 – Authorizations and declarations for the supply, import and export of
cryptographic devices …
Section 97 – This law shall be registered, published according to the procedure of urgency and inserted in the Official Gazette in English and French.