The Cybercrimes (Prohibition, Prevention, etc.) Act needs to be revisited to rectify provisions that cause controversy in the implementation of the law. It was enacted in 2015 with the intention of using the piece of legislation as a veritable tool to “protect critical national information infrastructure, and protection of computer systems and networks, electronic communications, data and computer programmes, intellectual property and privacy rights.”
 
The Act was designed to provide an effective, unified, and comprehensive legal, regulatory, and institutional framework for the prohibition, prevention, detection, prosecution, and punishment of cybercrimes in Nigeria. However, it is observed that law enforcers, leveraging the inelegant drafting style, have weaponised certain provisions of the cybersecurity law to clamp down on free speech.
 
In 2024, the National Human Rights Commission (NHRC) warned that the Act, and the amendments made to it, “have potential for abuse, particularly with respect to arrests and prosecutions of activists, journalists, bloggers, and ordinary social media users.” This fear was subsequently echoed by the heads of missions of the United States (U.S.), the United Kingdom (UK), Canada, Finland, and Norway.

Expressing concerns over the misuse of the cybercrimes law by security operatives, the diplomats lamented that the broad language of the law has left room for confusion and potential abuse, especially its vague definitions of ‘false information’, ‘cyberstalking’, ‘harassment’, and ‘insult’.
They submitted that the misuse of the law “undermines democratic advancement and civic participation, and also jeopardises investor confidence and risks deterring the innovation needed for economic growth.”
 
According to the envoys, healthy democracies are formed of many important ingredients, such as diverse perspectives and viewpoints. Therefore, the distortion of the original intent of the anti-cybercrime law “can lead to citizens becoming hesitant to speak out, weakening democratic accountability and potentially fuelling distrust in government.”
 
The kernel of the argument is mainly premised on the contentious provisions of Section 24 of the Act. This section is perceived as a deliberate attempt by the State to control online information, stifle free speech, repress dissenting views, and arbitrarily penalise critics. Many tagged it ‘a systemic criminalisation of the right to freedom of expression.’ 
 
Prior to its recent amendment, Section 24 of the Cybercrimes Act criminalised cyberstalking, and the transmission of messages, via a computer system or network, that are either “grossly offensive, pornographic or of an indecent, obscene or menacing character”, or are false for the purpose of “causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred, ill will or needless anxiety to another.” 
 
Ensuing developments reveal that relevant government authorities have grossly exploited and abused this portion of the law due to its broad scope, vagueness, and ambiguity. The Act failed to distinctly define or prescribe the elements of the offence of cyberstalking. Similarly, it did not stipulate the parameters for determining actions that can cause anxiety, or are of ‘menacing character’; thereby leaving the interpretation of these terms open-ended.  
 
The constitutionality or otherwise of the instant provision was tested in the Nigerian courts, up to the apex level; however, no concrete results emanated from the process. The trial and appeal courts struck out the suit, while the Supreme Court never assigned a hearing date to the matter.
 
Fortuitously, the Economic Community of West African States Court of Justice provided the requisite succour in 2020. Delivering a landmark judgment, the regional court boldly declared that Section 24(1) of the Cybercrimes Act violates the right of freedom of expression and information. Consequently, it ordered that the controversial sub-section be repealed or amended.
 
Complying with this order, the Nigerian Government vide Section 5 of the Cybercrimes (Prohibition, Prevention, etc.) (Amendment) Act, 2024, significantly varied the provisions of Section 24(1). The amended law purports to cure the mischief in the old law by solely criminalising the electronic dissemination of messages that are either pornographic or false with the intent of causing a breakdown of law and order, posing a threat to life, or causing such a message to be sent.
 
Although the legislative intervention is well-intended, the new law is still partly tainted by ambiguity and uncertainty. For instance, the interpretation of the phrase “for the purpose of causing a breakdown of law and order” is problematic. The amendment does not furnish the ingredients of publications that can cause a breakdown of law and order.
 
Again, this lacuna is being leveraged by state actors to target activists, journalists, civil rights advocates, and other citizens for ventilating their perspectives on issues of national or public concern. The recent legal battle (albeit now amicably resolved) between Dele Farotimi and Afe Babalola, SAN, aptly illustrates this point.
 
The cybercrime charges (which were subsequently dropped) filed against Farotimi, following the complaint of alleged criminal defamation lodged by Babalola, included knowingly and intentionally transmitting false information for the purpose of causing breakdown of law and order contrary to and punishable under Section 24(1) (b) of the Cybercrimes (Prohibition, Prevention, etc) Act 2015 as amended.
 
Farotimi claimed he was mistreated, denigrated, and dehumanised by the Police even though he was merely accused of committing a misdemeanour with a maximum jail term of three (3) years. Ngozi Okoli was alleged to have been similarly ill-treated by the Police over her critical review of Erisco Foods’ tomato paste.

More worrisome is that some law enforcers seem oblivious to the alterations made to Section 24(1).  Very recently, the Police charged two men, Saheed Jamiu Osama and Uyime Godwin Udoekwere, for allegedly making libelous statements and menacing the character of Mrs. Omowunmi Cynthia Aloba despite the repeal of the offence of ‘‘menacing character”.
 
Admittedly, cybercrime is a serious offence that could undermine political stability and economic development if not proactively and frontally curtailed. Nonetheless, the extant cybersecurity instrument is porous and nebulous. It is unpardonable for a criminal statute not to contain proper definitions, interpretations, or descriptions of fundamental terms. In addition, it is an aberration for such pieces of legislation to be devoid of the ingredients or elements constituting all prescribed offences.
 
“A law should not be vague or ambiguous, to ensure clarity, fairness, and to uphold the rule of law. Vague or ambiguous language can lead to uncertainty, misinterpretation, and inconsistent application by individuals and the courts, potentially resulting in injustice and a lack of public trust in the legal system. Clarity in statutes allows citizens to understand their rights and obligations, enabling them to conduct themselves accordingly and avoid violating the law.”

Undoubtedly, the Cybercrimes Act should be further revised to bring it into conformity with clarity, certainty, logic, equity, and justice. Insofar as it partially forayed into the realm of the fundamental right of freedom of expression, the constitutionality of some of its provisions will remain in issue. In the same vein, the raging controversy over the impunity exhibited by law enforcement agents in the course of (purportedly) giving effect to the Act will not abate.
 
Further, the circulation of misleading or false information against persons should not be criminalised unless it threatens the territorial integrity of the country. The civil law of tort sufficiently covers the field of defamation. 
 
Considering the enormous resources and time expended in making constitutional amendments, it would be expected that the Nigerian judiciary would rise to the occasion in deserving cases. Bottom line, the Cybercrime Act should be clinically reviewed and refocused to reflect its original intentions.