File Name: current legal framework of nigeria related to information security and computer crime .zip
Download Download. As the world marches deeper into the unknown passageway of digital revolution, it is becoming apparent that the tremendous benefits of the internet age are being challenged by the formidable menace of cyber-crime, not the least in the African region. While African States vary in the degree to which their economies and peoples are affected by cyber-crime, there is no gainsaying the fact that the collective ability of African States to track and trace the source s of any criminal use of the internet or cyber-attacks on infrastructures, economies or individuals is central to the deterrence of such attacks as well as to long-term survival of these States.
An acknowledged and concerted ability to respond to cyber-crimes, to track, trace and apprehend domestic and international cyber-criminals can forestall future attacks through fear of severe penalties. This paper highlights the general weakness or inertia of African States in curbing the menace of cyber-crimes and particularly draws attention to the inherent limitations and failures in current domestic legal responses to cyber-crime.
Acknowledging the complex and often extra-territorial nature of cyber-crimes, this paper makes a case for a redefinition of the notion of sovereignty and its implications for the recurring decimal of cyber-crime against African economies and societies.
Extrapolating from learned experiences around the world, this paper explores the trajectory of a regional normative initiative that would streamline and synergise the efforts of African States in responding to the phenomenon of cyber-crimes. Citation: Olowu, D. In the world of the twenty-first century, economic and political barriers are being lowered and technological advancements in communications and commerce are on the increase, affirming that ours is indeed a globalised world. The globalisation phenomenon is increasingly producing immense opportunities for students, researchers, tourists, and business people, and at the same time fuelling economic growth and development.
However, among those taking advantage of opening up societies and borders are criminals who engage in the human trafficking and drug trade, arms smuggling, fraud, counterfeiting, and other financial crimes, and increasingly in computer crimes Bequai, , p.
Cyber-crime has indeed reached epidemic proportions. In a relatively recent survey, more than 90 percent of the respondent corporations and government agencies reported computer security breaches at one time or the other. It is commonplace for disgruntled employees and hackers to commit many cyber-crimes while others are committed by crooks using the Web to perpetrate auction fraud, identity theft and other scams.
Hardly any organisation or anyone is immune to the possibility of cyber-crime. What more? Numerous writers, policymakers and law enforcers have called for stringent and innovative laws to prevent and punish computer crimes. Others fear that such initiatives will compromise human rights. Yet, others want legislation to make computer software companies liable for damages caused by their software-security failures. Responding to the challenges of cyber-crime has indeed engendered a cacophony of ideas.
What exactly is cyber-crime? Can cyber-crime also engender civil liability? In light of the transnational implications of cyber-crime, how are states responding to the problem and what practical implications do such responses portend for African states?
An attempt is made to tackle the foregoing plethora of questions relating to the problems arising out of efforts at formulating appropriate legal responses to cyber-crime. While the focus is on the African region, this paper nonetheless draws on the experiences and existing frameworks of other world regions as much as necessary. While scholarly consensus on a single definition of the terminology is yet to be achieved, it would appear that writers and law drafters are more comfortable with describing various elements constituting cyber-crime than in defining it.
Other authors have resorted to simply describing the role of computers and the internet in the promotion of crime Collier, , pp. Yet, there have been debates about whether unlawful activities involving computers and the internet should be classified as crimes or civil wrongs Barton, and Nissanka, , p.
These theoretical problems are further complicated by the emergence of new terminologies, novel dimensions and innovative tools. The threat landscape once dominated by the worms and viruses unleashed by irresponsible hackers and script-kiddies is now ruled by a new breed of cyber-criminals.
The tools driving their attacks and fuelling the black market are crimeware - bots, Trojan horses, and spyware Lininger, and Dean, , p. Phishing and pharming are two popular forms of fraud that aim to dupe victims into believing they are at a trusted Web site such as their banks, when in fact they have been enticed to a bogus Web site that intends to steal their identity and drain their financial resources Brenner, , p. The price tag of crimeware is often based on their ability to steal sensitive data such as bank and credit cards while remaining undetected by the victim.
Whatever the case, it is obvious that cyber-crime may be targeted against natural persons, property, or institutions. Who is in charge of that territory? As our experience shows, while numerous states have put in place wide ranging legislation to stem the tide of cyber-crimes within their territories, applying such domestic legislation abroad has proven to be a cumbersome act where there is no reciprocity among States. This is where this paper makes its entry point: the increasing recognition among judges, policymakers, and scholars in many countries around the world to reconstruct territorial jurisdiction in a way that tackles the cross-border and complex nature of cyber-crimes, and the profound implications of these normative trends for the African region.
Cyber-crimes indeed constitute a worldwide problem and no State is beyond vulnerability. However, to understand why cyber-criminality in Africa differs from other areas in the world, one should understand the state of information security in this region which is affected by factors such as the growth of user base, poor security awareness, lack of training for law enforcements, lack of regulations and weak cross-border collaboration.
Africa has seen a phenomenal growth in Internet connectivity in recent years. With the increasing availability of broadband connections and the decrease in subscription fees, the number of new online users in Africa is outpacing the rest of the world.
This high number of users in Africa has made the Internet a popular means of communication as well as opening new opportunities for online enterprise, and likewise, a similar increase in cyber-criminal activities requiring an increased effort across the region to strengthen the information infrastructure, educate users in security awareness, and develop cyber-crime regulations. The potential for internet abuse is even greater in and for Africa.
Due to the lack of security awareness programmes or specialised training for the law enforcement agencies, many online users are becoming victims of cyber-crime attacks and the incidence of successful attacks is increasing with impunity. So much has been written about staggering incidents of cyber-based fraud emanating from African states and it serves no useful purpose revisiting the wealth of literature on the subject. Further complicating the incidence of cyber-crimes is under-reporting.
Whereas Hale , pp. It will suffice to mention, however, that while the cocaine cartels and other criminal organisations in Europe and Latin America may be better known, criminal organisations are becoming big business in Africa too. However, it will be foolhardy to assert that criminal enterprises in Africa are limited to Nigeria. The South African Police estimate that their country is home to more than criminal organisations, many of which are sophisticated and international in scope.
Various African states are fast becoming safe havens for drug traffickers, for gun runners and for cyber-criminals Mutume, , p. The investment in ICT infrastructure in Africa is becoming extensive, especially in the richer States but there is more to network infrastructure security than the initial implementation of the system — upgrades and ongoing maintenance must be taken into account. Additionally, most banks in the region are vulnerable to phishing attacks, which should send a strong warning signal to allocate more investments to ICT security systems and awareness.
Investments in information infrastructure have increased the value of e-commerce and e-governments and have created great opportunities for small businesses in the region, thus helping with the unemployment problem. However, not all investments are directed toward including and implementing security solutions while developing the infrastructure.
The prevailing wisdom would seem to be business first, security later. Furthermore, internet service providers ISPs in the region have been rapidly deploying broadband Internet connections without implementing security solutions — a major problem in the region.
Without sufficient security policy to protect their businesses against spammers, most ISPs in the region are blacklisted and marked as sources of spam by the vigilant regime of cyber security in the US and the UK Leyden, A culture of information security must therefore become foremost in Africa as no African State is immune to cyber-crimes: the Zambian government sites have been attacked by hackers, an incident that cost it some loss of public confidence Ojedokun, , pp.
Information security awareness is crucial for combating cyber-crimes. In Africa, there is a significant lack of security awareness among users, whether the general public or organisations and enterprises. Comparing security awareness in Africa to Europe or the US, one would see far less effort being made to raise awareness among users. One of the major factors that make information security awareness programmes ineffective in the region is that most ICT security awareness programmes available are in English, making them difficult to implement in a region where the overwhelming majority are French, Arabic, or Portuguese speakers.
This lack of security awareness is also a big problem inside ICT companies in the region as most ICT decision makers in Africa are not aware of the cyber-crime problem, thinking Africa is still immune.
Besides, they do not have good security policies. Poor security awareness means that investments to fight cyber-crimes are minimal, leaving businesses across Africa vulnerable to cyber-crimes or online attacks. The African continent is in dire need of strong ICT security awareness training, targeting native speakers to educate users, employees and law enforcers to understand the risks and prevent attacks.
Many watchers are warning that Africa is becoming a major source of cyber-crimes; for example, Nigeria is ranked as the leading State in the region as the target and source of malicious internet activities; and this is spreading across the West African sub-region Ribadu, ; Mazzitelli, , p. Egypt is also reputed to be one of the most phishedcountries in the world with about phishing incidents, followed closely by other countries in the region such as South Africa Ojedokun, , p.
Another important factor making Africa a source and target of much cyber-criminal activity is the growth of international banking and money-laundering. The unique opportunities of a quickly developed financial infrastructure allowing anyone to transfer monetary fund to any State, anonymously and through tangled routes have caught the attention of cyber-criminals.
Electronic transfers are an efficient tool for concealing sources of money intakes and laundering illegally earned money. There are many well-known online money laundering cases involving victims in Africa who were tricked in order to steal their identity or transfer money from their real accounts using phishing and scams Ojedokun,, , p. Cyber-criminals also attack popular sites in the region like many social networking websites.
Many corporate employees and home-based internet users are into social networks. Studies have now revealed that social networking can open a backdoor into corporate ICT platforms, putting businesses and individuals at risk of information compromise, identity theft and other malicious attacks. Cyber-criminals are looking for sites that have many users with poor security awareness to infect, and social networking sites are an excellent place to hunt Bazelon, Choi, and Conaty, , p.
One frequently hears reports of new cyber-crimes in Africa that happened to someone using social networking. Users in Africa also utilise international social networks such as Facebook and Myspace for communications, friendships, blogging and other activities that, if not taken with caution, can lead to identity theft and malicious activities against home users and employees in both private and public sectors as long as there is no policy.
The risk is very high not only in social networks but also in peer-to-peer networks, Web 2. Again, the need for security awareness training in Africa is great. What is driving the menace of cyber-crimes in Africa? Most African countries are contending with high unemployment problems; the numbers are increasing daily and will promote the growth of cyber-crimes in the region if not comprehensively addressed.
Statistics reveal that the unemployment rate is very high among youth in the region, most of whom are university graduates with computer and Internet competency. All these factors combine to create a new generation of local hackers and cyber-criminals. Most of these people are script kiddies working for financial motives. They do not have deep programming knowledge like experienced hackers who can create their own malware or viruses, but they take advantage of many websites available for free that help them understand the basics behind hacking techniques with links to underground hacking sites and even free tools to use.
Added to the above is the reality that most African States do not have Internet-specific laws, although some are beginning to adopt these laws. A few countries in the region are trying to shape new legislation and legal definitions for cyber-crime, such as Botswana, Egypt, Lesotho, Mauritius and South Africa, but there is still need for more specific laws for cyber-crime activities.
In many of the few countries with specific legal framework against cyber-crimes, the existing laws lack the potential to tackle the transnational aspects of the phenomenon. Due to the style of criminal justice and law enforcement techniques in Africa, most countries in the region, including Burkina-Faso, the Gambia, Ghana, Kenya, Senegal, and Zimbabwe are using emergency laws and ad hoc approaches instead of establishing ascertainable cyber-crime laws and policies against the phenomenon.
Other countries in the region are trying to prevent such activities by blocking access to certain websites. Regular laws and emergency laws in Africa are not designed specifically to deal with cyber-crimes, and there is no definition for such activity inside the statute books. Nigeria comes into view as the manifestation of one of the most extra-legal approaches to cyber-criminality.
However, both actions are neither effective nor sustainable. Also, that sort of action may put innocent people in jail with cyber-criminals. Lack of regulation invariably equals lack of law enforcement training, tools and techniques used to investigate cyber-crimes.
Most African countries also do not have specific laws for cyber-based intellectual property violation. According to an empirical study, several African States rank high in virus infection Symantec Threat Report,
Cybercrime , or computer-oriented crime , is a crime that involves a computer and a network. There are many privacy concerns surrounding cybercrime when confidential information is intercepted or disclosed, lawfully or otherwise. Internationally, both governmental and non-state actors engage in cybercrimes, including espionage , financial theft , and other cross-border crimes. Cybercrimes crossing international borders and involving the actions of at least one nation-state is sometimes referred to as cyberwarfare. Computer crime encompasses a broad range of activities. Computer fraud is any dishonest misrepresentation of fact intended to let another to do or refrain from doing something which causes loss. In this context, the fraud will result in obtaining a benefit by:.
Box , Kumasi, Ghana. Cybercrime incidents continue to plague economic development in the African region. Prior research indicates that millions of dollars are lost annually due to this menace. The prospects of Digital Forensics Investigation DFI as evident in developed countries provide hope for defeating cybercriminals. The paper assesses the effectiveness of legal infrastructure, technical mechanisms, the availability of capacity building programs, organisational infrastructure as well as the existence of cooperation mechanisms among relevant institutions in Ghana. The paper contends to the existence of legislation and mandated institutions. It concludes that, though the sector has recorded advancements over the years, the progress has been very slow leaving DFI still at an infant stage.
The role of cybercrime law
The arrest, conducted by the Spanish National Police, involved the support of the US Federal Bureau of Investigation, law enforcement agencies in Romania, Moldova, Belarus, Taiwan, and a number of private cybersecurity companies. They were charged with deploying the Carbanak malware to target more than US companies and stealing more than 15 million customer card records. Bringing to justice just some of the perpetrators of these cybercrimes involved the cooperation of numerous law enforcement agencies each requiring the capacity and capability to contribute to a multi-agency, transnational investigation.
Accordingly, cybercrime law includes substantive, procedural and preventive law. An illegal act needs to be clearly described in and prohibited by law. Pursuant to the moral principle of nullum crimen sine lege Latin for "no crime without law" a person cannot be punished for an act that was not proscribed by law at the time the person committed the act UNODC, , p. Sources of substantive law include statutes and ordinances enacted by city, state, and federal legislatures statutory law , federal and state constitutions, and court decisions. Some countries, instead of developing new special laws against cybercrime, amended their national legislation or codes, adding specific paragraphs to address cybercrime.
JILS is intended to be the journal for publishing of results of research on law both empirical and normative study, especially in contemporary legal issues. The various topics but not limited to, criminal law, constitutional law, private law, economic law, human rights law, international law, tax law, Islamic law, customary law, commercial business law, environmental law, street law, legal education, maritime law, trade law, in the framework of Indonesian legal systems and Indonesian legal studies. Various legal issues develop and become very interesting to discuss and study, both issues at the national and global levels. In this edition, the papers presented come from several countries, namely Indonesia, Thailand, Russia, Malaysia, and Nigeria. This edition is avalilable online since November 24, for the 5 2 November edition. Regarding the paperless policy at our institution, since , we do not provide printed journals and or any documents in print.
ICLG - Cybersecurity Laws and Regulations - covers common issues in cybersecurity laws and regulations, including cybercrime, applicable laws, preventing attacks, specific sectors, corporate governance, litigation, insurance, and investigatory and police powers — in 26 jurisdictions. Send us an E-mail here to find out more about contributing the Nigeria chapter to this guide.
Производственное управление АНБ под руководством заместителя оперативного директора коммандера Тревора Дж. Стратмора торжествовало победу. ТРАНСТЕКСТ себя оправдал.