Nigeria: The CyberCrimes (Prohibition, Prevention, etc.) Act, 2015
The Cybercrimes Act criminalizes cyber activities that are designed to defraud individuals or organizations, such as phishing and online scams, as well as activities that infringe on intellectual property rights, such as software piracy. The law also includes provisions for the protection of critical national infrastructure, including the prohibition of cyber activities that pose a threat to national security.
Despite criticisms of the law’s vague provisions and potential for abuse, the Cybercrimes Act remains an essential tool for addressing cybercrime in Nigeria. It provides a legal framework for prosecuting cybercriminals, as well as a mechanism for the prevention and investigation of cyber offenses. The act is an essential component of Nigeria’s cybersecurity strategy and is continuously evolving to keep up with the changing cyber threat landscape.
Section: PART I – OBJECT AND APPLICATION
1. Objectives.
2. Application.
PART II – PROTECTION OF CRITICAL NATIONAL INFORMATION INFRASTRUCTURE
3. Designation of certain computer systems or networks as critical national information infrastructure.
4. Audit and Inspection of critical national information infrastructure.
PART III – OFFENCES AND PENALTIES
5. Offences against critical national information infrastructure.
6. Unlawful access to a computer.
7. Registration of cybercafé.
8. System interference.
9. Interception of electronic messages, email, electronic money transfers.
10. Tampering with critical infrastructure.
11. Willful misdirection of electronic messages.
12. Unlawful interceptions.
13. Computer related forgery.
14. Computer related fraud.
15. Theft of Electronic Devices.
16. Unauthorised modification of computer systems, network data and system interference.
17. Electronic Signature.
18. Cyber terrorism.
19. Exceptions to financial institutions posting and authorised options.
20. Fraudulent issuance of e-instructions.
21. Reporting of cyber threats.
22. Identity theft and impersonation.
23. Child pornography and related offences.
24. Cyberstalking.
25. Cybersquatting.
26. Racist and xenophobic offences.
27. Attempt, conspiracy, aiding and abetting.
28. Importation and fabrication of e-tools.
29. Breach of confidence by service providers.
30. Manipulation of ATM/POS Terminals.
31. Employees Responsibility.
32. Phishing, spamming, spreading of computer virus,
33. Electronic cards related fraud.
34. Dealing in card of another.
35. Purchase or sale of card of another.
36. Use of fraudulent device or attached e-mails and websites.
PART IV – DUTIES OF FINANCIAL INSTUTUTIONS
37. Duties of financial institutions.
38. Records retention and protection of data.
39. Interception of electronic communications.
40. Failure of service provider to perform certain duties.
PART V – ADMINISTRATION AND ENFORCEMENT
41. Co-ordination and enforcement.
42. Establishment of Cybercrime Advisory Council.
43. Functions and powers of the Council.
44. Establishment of National Cyber Security Fund.
PART VI – ARREST, SEARCH, SEIZURE AND PROSECUTION
45. Power of arrest, search and seizure
46. Obstruction and refusal to release information.
47. Prosecution of offences.
48. Order of forfeiture of assets.
49. Order for payment of compensation or restitution.
PART VII – JURISDICTION AND INTERNATIONAL CO-OPERATION
50. Jurisdiction.
51. Extradition.
52. Request for mutual assistance
53. Evidence pursuant to a request.
54. Form of request from a foreign state.
55. Expedited Preservation of computer data.
56. Designation of contact point.
PART VIII – MISCELLANEOUS
57. Regulations.
58. Interpretations.
59. Citation.
SCHEDULES
