Curtailing telecoms sector challenges with Cybercrime Act

THE development of Internet and broad access to computer technology has created new opportunities for work and business activities, as well as those who engage in illegal activities. The rise of technology and online communication has not only produced a dramatic increase in the incidence of criminal activities, but has also resulted in the emergence of what appears to be a new variety of criminality.

While this has become a global challenge, the robustness of Nigeria’s technology and telecommunications sector, estimated at over $32 billion, has also aided criminals in this heinous act. In fact, the sector has been held hostage by different criminal activities, making it highly vulnerable to challenges. These include sales of pre-registered SIM cards, unlawful access to computer systems, Cyber-Terrorism, Cyber attacks, vandalism, and clampdown on telecommunications sites by government agencies and even the citizens, among others.

Though vandalism on telecommunications infrastructure appears to have reduced lately. As at 2013, MTN Nigeria alone claimed it recorded an average of 70 cases of vandalism to its infrastructure on a monthly basis.

In 2012 also, at a forum in Lagos, Vice President, Corporate Communications at Airtel Nigeria, Emeka Oparah, said vandalisation of the telecommunications service equipment are regular occurrences. He cited the example of a base station in Abia state where Airtel Nigeria lost four generators to the vandals.

He lamented that the state has, over the years, gained notoriety for incessant attacks on telecommunications infrastructure. He said it took a more dangerous dimension later in the year when six hapless telecommunications maintenance workers were killed in Aba, the commercial hub of the state. Other telecommunications operators in the country as well as Internet Service Providers (ISP) also report similar cases.

The attendant impact of this has resulted in poor quality of service offered by the operators, including MTN Nigeria, Globacom, Airtel, Etisalat and Visafone.

While that lingers, cybercriminals have also continued to explore what appeared to be a pourous Nigeria online space to wreak havoc on unsuspecting Internet users within the country and outside.

Today, the country, estimated to have about 180 million population, can confidently lay claim to having about 145 million active telephone lines, with 98 per cent on mobile platforms. While teledensity has crossed the 100 per cent mark, Internet users are closer to 85 million, mostly on the narrow band, making vulnerability of Internet users high in the country.

The sector is also plaqued with piracy and Intellectual Property Theft, which are on the increase lately.

A recent report indicated that Nigeria is losing about $80 million yearly to software piracy. The report was the finding of a study conducted by Institute of Digital Communication, a market research organisation based in South Africa.

Also, the American national Fraud Information Centre reported Nigerian money offers as the fastest online scam, up to 90 per cent in 2001. The centre also ranked Nigeria, cybercrime impact per capita as being exceptionally high.

According to it, email scams and spam are the most repulsive phenomena among the cybercrimes, these are ways used to present false financial investment. Nigeria’s image is in question and has been tarnished as a result of her citizens’ involvement in cybercrime.

The criminals send emails that the victim is the named beneficiary to a will of estranged relative and stands to benefit the estate or the trust fund. Sometimes they use online charity; the criminals send email to the victims soliciting for funds and assistance to charitable organizations that do not exist.

These challenges persisted for long in Nigeria, because there were no punitive measures taken because of lack of enabling laws to punish offenders.

However, just some few days before his exit as the President of Nigeria, Goodluck Jonathan, assented to the Cybercrime Bill, making it a law in the country, after over four years of tussle around it.

Indeed, the Cybercrime Act prescribed that henceforth, any crime or injury on critical national information infrastructure, sales of pre-registered SIM cards, and unlawful access to computer systems, Cyber-Terrorism, among others will now be punishable.

The bill, which went through the rigorous process of 6th Chambers of the National Assembly before it was passed into an Act, listed offences and penalties including unlawful access to computers, unlawful operation of cybercafés, system interference, intercepting electronic messages, emails, e-money transfer, tampering with critical infrastructure, computer-related forgery, among others are punishable offences.

The Act prescribed punishments, which included N10 million fine and imprisonment of between 10 to 15 years and even life jail.

The Act, which got Jonathan’s assent on May 15, 2015, noted that theft of electronic devices, electronic signature, child pornography and related offences, racism and xenophobic offences are also punishable.

According to the Director of Public Affairs at the Nigerian Communications Commission (NCC), Dr. Tony Ojobo, the objectives of this Act are to-provide an effective and unified legal, regulatory and institutional framework for the prohibition, prevention, detection, prosecution and punishment of cybercrimes in Nigeria; ensure the protection of critical national information infrastructure and promote cyber security and the protection of computer systems and networks electronic communications, data and computer programs intellectual property and privacy rights.

The provisions of this Act shall apply throughout the Federal Republic of Nigeria.

Protection of Critical National Information Infrastructure
The Act prescribed that the President may, on the recommendation of the National Security Adviser, by Order published in the Federal Gazette, designate certain computer systems or networks, whether physical or virtual, the computer programs, computer data or traffic data vital to this country that incapacitate or destruction of or interference with such systems and assets would have a debilitating impact on security, national or economic security, national public health and safety or any combination of those matters as constituting Critical National Information Infrastructure.

The Presidential Order made under subsection (1) of this section may prescribe minimum standards, guidelines, rules or procedure in respect of-
. The protection or preservation of critical information infrastructure;
. The general management of critical information infrastructure;
. Access to transfer and control of data in any critical information infrastructure;
. Infrastructural or procedural rules and requirements for securing the integrity and authenticity of data or information contained in any designated critical national information infrastructure;
. The storage or archiving of data or information designated as critical national information infrastructure;
. Recovery plans in the event if disaster, breach or loss of critical national information infrastructure or any part of it;
. Any other matter required for the adequate protection, management and control of data and other resources in any critical national information infrastructure.

The Act on Cyber activities
The Act also seeks to create some level of sanity in the business of café operators.

According to the Act, henceforth, “all operators of cybercafé shall register as a business concern with Computer Professionals Registration Council in addition to a business name registration with the Corporate Affairs Commission and maintain a register of users through a sign-in register and the register shall be available to law enforcement personnel whenever needed.”

Also, “a person, who perpetrates electronic or online fraud using a cyber café, commits an offence and is liable on conviction to imprisonment for a term of three years, a fine of N1 million or both.

In the event of proven connivance by the owner of the cybercafé, such owners are guilty of an offence and are liable to a fine N2 million or imprisonment for a term of three years or both, according to the Act. The Act, however, stipulates that the burden of proving connivance shall be on the prosecutor.

Section 8 of the Act also emphasizes the punishment for tampering with ICT equipment, as “a person, who, without lawful authority, intentionally or for fraudulent purposes, does an act, which causes directly or indirectly the serious hindering of the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data or any other form of interference with the computer system, which prevents the computer system or any part thereof, from functioning in accordance with its intended purpose, commits an offence and is liable on conviction to imprisonment for a term of not more than two years or to a fine of not more than N5 million or both.”

Beyond these, there are other aspects of the Act that address some other areas of ICT-related or computer-mediated criminal activities especially within the government circles and the prescribed penalties for such illegal acts.

Other offences and Penalties
The Act also stipulates that a person who, with intent commits any offence punishable under it against any critical national information infrastructure designated under section 3, is liable on conviction to imprisonment for a term of not more than 10 years without option of fine; where the offence committed under subsection (1) of this section results in grievous bodily harm to any person, the offender is liable on conviction to imprisonment for a term of not more than 15 years without option of fine; where the offence committed under subsection (1) of this section results in the death of a person, the offender is liable on conviction to life imprisonment; a person who, without authorization, intentionally access in whole or in part a computer system or network for fraudulent purposes and obtains data that are vital to national security, commits an offence and is liable on conviction to imprisonment for a term of not more than five years or a fine of not more than N5,000,000.00 or both.