Kenya

HomeKenya

Kenya: The Computer Misuse and CyberCrimes Act, 2018

The Computer Misuse and CyberCrimes Act was signed into law in Kenya in May 2018. The Act addresses the growing cybercrime threat in the country and provides stiff penalties for offences such as hacking, cyberbullying, cyberstalking, and spreading false information. The Act also added new crimes, such as cyber espionage and identity theft, not previously covered under Kenyan law.

The Act provides for establishing a National Computer and Cybercrimes Coordination Committee to oversee the implementation of the Act and ensure that cybercrimes are dealt with effectively. The committee is also responsible for developing policies and strategies to prevent and combat cybercrime in Kenya. The Act also establishes the Cybercrime Investigation Unit, which is responsible for investigating cyber crimes and bringing offenders to justice.

The Act has been criticized by some groups, including journalists and human rights activists, who argue that it could be used to stifle free speech and limit access to information. They point out that the Act criminalizes the publication of false information and gives authorities broad powers to monitor and intercept communications. However, supporters of the Act argue that it is necessary to combat the growing threat of cybercrime and provide a framework for protecting Kenya’s citizens and businesses from online threats.

Download Law
ARRANGEMENT OF SECTIONS

PART I – PRELIMINARY
Section
1 – Short title.
2 – Interpretation.
3 – Objects of the Act.

PART II – THE NATIONAL COMPUTER AND CYBERCRIMES CO-ORDINATION COMMITTEE
4 – Establishment of Committee.
5 – Composition of the Committee.
6 – Functions of the Committee.
7 – Secretariat of the Committee.
8 – Reports by the Committee etc.
9 – Critical information infrastructure.
10 – Protection of critical information infrastructure.
11 – Reports on critical information infrastructure.
12 – Information sharing agreements.
13 – Auditing of critical information infrastructures to ensure compliance.

PART III – OFFENCES
14 – Unauthorised access.
15 – Access with intent to commit further offence.
16 – Unauthorised interference.
17 – Unauthorised interception.
18 – Illegal devices and access codes.
19 – Unauthorised disclosure of password or access code.
20 – Enhanced penalty for offences involving protected computer system.
21 – Cyber espionage.
22 – False publications.
23 – Publication of false information.
24 – Child pornography.
25 – Computer forgery.
26 – Computer fraud.
27 – Cyber harassment.
28 – Cybersquatting.
29 – Identity theft and impersonation.
30 – Phishing.
31 – Interception of electronic messages or money transfers.
32 – Willful misdirection of electronic messages.
33 – Cyber terrorism.
34 – Inducement to deliver electronic message.
35 – Intentionally withholding message delivered erroneously.
36 – Unlawful destruction of electronic messages.
37 – Wrongful distribution of obscene or intimate images.
38 – Fraudulent use of electronic data.
39 – Issuance of false e-instructions.
40 – Reporting of cyber threat.
41 – Employee responsibility to relinquish access codes.
42 – Aiding or abetting in the commission of an offence.
43 – Offences by a body corporate and limitation of liability.
44 – Confiscation or forfeiture of assets.
45 – Compensation order.
46 – Additional penalty for other offences committed through use of a computer system.

PART IV – INVESTIGATION PROCEDURES
47 – Scope of procedural provisions.
48 – Search and seizure of stored computer data.
49 – Record of and access to seized data.
50 – Production order.
51 – Expedited preservation and partial disclosure of traffic data.
52 – Real-time collection of traffic data.
53 – Interception of content data.
54 – Obstruction and misuse of power.
55 – Appeal.
56 – Confidentiality and limitation of liability.

PART V – INTERNATIONAL CO-OPERATION
57 – General principles relating to international cooperation.
58 – Spontaneous information.
59 – Expedited preservation of stored computer data.
60 – Expedited disclosure of preserved traffic data.
61 – Mutual assistance regarding accessing of stored computer data.
62 – Trans-border access to stored computer data with consent or where publicly available.
63 – Mutual assistance in the real-time collection of traffic data.
64 – Mutual assistance regarding the interception of content data.
65 – Point of contact.

PART VI – GENERAL PROVISIONS
66 – Territorial jurisdiction.
67 – Forfeiture.
68 – Prevailing Clause.
69 – Consequential Amendments.

PART VII – PROVISIONS ON DELEGATED POWERS
70 – Regulations.

SCHEDULE

Download Law

Comments are closed.

Close
About Decybr

Decybr is a technology platform offering an extensive database of international legal resources including laws, case laws and legal literature on cybercrimes. Branded as Decybrary, this database aggregation will be classified and searched by professionals using AI technology.

In addition to providing access to a comprehensive database of legal resources to professionals, Decybr will also offer online training to professionals on the legal and IT aspects of the laws, case laws and legal literature within cybercrime.

Archives