Professional Documents
Culture Documents
AND CYBERCRIME
Introduction
Law is a set of rules that are created and are enforceable by social or governmental
institutions to regulate behaviour, with its precise definition a matter of longstanding debate. 1
It has been variously described as the art of justice. 2 State-enforced laws can be made by a
decrees and regulations; or established by judges through precedent, usually in common law
jurisdictions. Private individuals may create legally binding contracts, including arbitration
agreements that adopt alternative ways of resolving disputes to standard court litigation. The
creation of laws themselves may be influenced by a constitution, written or tacit, and the
rights encoded therein. The law shapes politics, technology, economics, history and society in
Cybercrime is any criminal activity that involves a computer, network or networked device.
While most cybercriminals use cybercrimes to generate a profit, some cybercrimes are
carried out against computers or devices to directly damage or disable them. 3 Others use
Some cybercrimes do both -- i.e., target computers to infect them with a computer virus,
1
Gibbs Jack, P. “Definitions of Law and Empirical Questions” Law & Society Review (1986) (2)(3) 429-446;
Akers Ronald, L. “Towards a Comparative Definition of Law” Journal of Criminal Law and Criminology
(1965) (56)(3) 301-306
2
Rubin Basha, “Is Law an Art or a Science? A Bit of Both” Forbes,
<https://www.forbes.com/sites/basharubin/2015/01/13/is-law-an-art-or-a-science-a-bit-of-both/> accessed 13
January 2024
3
Brush Kate and Michael Cobb “Cybercrime”
<https://www.techtarget.com/searchsecurity/definition/cybercrime> accessed 15 January 2024
4
Ibid
A primary effect of cybercrime is financial. Cybercrime can include many different types of
profit-driven criminal activity, including ransomware attacks, email and internet fraud, and
identity fraud, as well as attempts to steal financial account, credit card or other payment card
information.
The role of technology in our world today as well as its relevance to societal advancement
cannot be overemphasized. The era of globalization has introduced a myriad of concerns and
development in the growth of modern and sophisticated technologies. Almost all facets of the
society have been greatly affected by this new wave in technological advancement and
pervasive machines.5 With its advent, it has knitted a change or globalized world, with a
significant impact cutting across all professions and works of life, of which the legal
The unprecedented growth of computers and these high technologies have plethora of
advantages, it has also prevalent setbacks and a menace that has eaten deep into the fabrics of
the society, to a few, it represents a threat to the accustomed way of doing business, to others,
quantitative change in the way people conduct business, legitimate and illicit, but they also
represent a qualitative change.7 The global use of these high technologies and computers has
made the term “computer” to be on the lips of every household globally. It is even made more
popular because of the inestimable consequences it has also brought. For instance, it has
brought about new forms of crimes in the sphere of high technologies where computers and
computer networks serve as the object of criminal acts as well as the means and methods of
5
Felix E. Eboibi, Handbook on Nigerian Cybercrime Law: Introduction to Law and Cybercrime (Chenglo
Limited, 2023)
6
Ibid
7
Ibid
In providing the nexus between both terms, cybercrime law identifies standards of acceptable
behaviour for information and communication technology (ICT) users; establishes socio-legal
sanctions for cybercrime; protects ICT users, in general, and mitigates and/or prevents harm
to people, data, systems, services, and infrastructure, in particular; protects human rights;
enables the investigation and prosecution of crimes committed online (outside of traditional
Cybercrime law provides rules of conduct and standards of behaviour for the use of the
Internet, computers, and related digital technologies, and the actions of the public,
government, and private organizations; rules of evidence and criminal procedure, and other
criminal justice matters in cyberspace; and regulation to reduce risk and/or mitigate the harm
This paper seeks to examine the meaning and development of law and cybercrime. It focuses
on the development of cybercrime law and its effectiveness overtime, with particular
Meaning of Cybercrime
There have been different definitions by various authors regarding cybercrime. Shannon 10,
split the words “Cyber” and “Crime”, defining cyber as a prefix used to describe an idea as
part of the computer and information age, and “crime” as any activity that contravenes legal
Halder and Jaishanker also defined cybercrime as offences that are committed against
indirectly, using modern telecommunications networks such as internet and mobile phones. 11
Saul, on the other hand, defined cybercrime as conduct that entails the use of digital
technologies or involves the use of computers with respect to the commission of other
crimes.12
In view of the above definition, this research defines cybercrime as a crime in which a
computer is the object of the crime (hacking, phishing, spamming) or is used as a tool to
information, business trade secrets or use the internet for exploitive or malicious purposes.
alter data (hacking) and tricking someone into revealing their personal information
(phishing), making Internet services unavailable for users (Denial of service –DOS),
advanced free fraud 419 (aka Yahoo-yahoo), credit card fraud (ATM), plagiarism and
attacks) and virus dissemination etc.So many crimes are committed every day in the
Nigerian cyberspace. A recent report in the Daily Trust, by the Internet Crime Complaint
Centre, which is a partnership between the Federal Bureau of Investigation (FBI) and
America’s National White Collar Crime Centre, revealed that Nigeria is now ranked third
among the list of top ten sources of cybercrime in the world with 8% behind the US (65%)
and the UK (9.9%).Criminals that indulge in the advance fee fraud schemes (419) are now
11
D.C. Halder, and Jaishanker, K. “Cybercrime in Nigeria” http://9jalegal.com.ng/news/an-assessment-of-
nigerias-cybercrimes-prohibition-prevention-etc-act-2015/ accessed 14th January, 2024
12
H. Saul, “The Legal Response to the League of Crimes” http://www.blog.fortnet.com/author/guillane
accessed 14th January 2024
popularly called „Yahoo Boys‟ in Nigeria. 13 The country has therefore carved a niche for
herself as the source of what is now popularly called 419-mails, named after Section 419 of
the Nigerian Criminal Code (Capp 777 of 1990) that forbid advance fee fraud. For instance,
Nigeria is ranked first in the African region as the target and origin of malicious cyber
activities; and this is spreading across the West African sub-region. 14 What Nigerian
government, corporate organizations and the society at large do not know is that the heavy
economic impact on the country, (either in financial terms or otherwise), will have an adverse
commit crime. Cyber terrorism, identity theft and spam are identified as types of cybercrimes.
organizations, the society and the country in general include reducing the competitive edge of
organizations, waste of production time and damage to the image of the country.
According to Isaiah16, cyberattacks against financial services institutions are becoming more
attacks against financial institutions generate the most headlines, community and regional
banks, credit unions, money transmitters, and third-party service providers (such as credit
card and payment processors) have experienced attempted breaches. Following the
documentation which affirms that “the adoption by all countries of appropriate legislation
against the misuse of information and communication technology, for criminal or other
13
Longe, O., Omoruyi, I., and Longe, F. “Implications of the Nigerian Copyright Law for Software Protection”
The Nigerian Academic Forum Multidisciplinary Journal, (2005), Vol.5, No.1, pp.7-10
14
Ribadu, N. “Cybercrime and Commercial Fraud: A Nigerian Perspective” Modern Law for Global
Commerce, UNCITRAL Vienna, 9-12 July 2007
15
Anah, B.H. “Cybercrimes in Nigeria: Causes, Effects and Wayout, Journal of Science and Technology,
(2012) Vol.2, No.7, 626-631
16
Isaiah, P. “Literature Review on Cybercrime” https://www.scribd.com/document/336561864/Literature-
Review-on-cyber-crime accessed 16 January 2024
purposes, including activities intended to affect the integrity of national critical information
infrastructures, is central to achieving global cyber security. This paper agrees with the view
of Isaiah, and notes that pressure could inaugurate from anywhere around the world, the
In line with the above, Odinma noted that cybercrime is any illegal acts perpetrated in, on or
through the internet with the intent to cheat, defraud or cause the malfunction of a network
device, which may include a computer, a phones, e.t.c. 17 Ifeanyi and Itodo in accordance with
Odinma noted that crime as at this dispensation is perceived as a quiet perception, also a
fundamental part of the peril we face as we go through life daily. In both intellectual and
communal judgement, crime is concomitant with destruction and carnage. 18 This paper agrees
with the view of Odinma as cybercrime works through the internet, with an intention to
Until a few years ago, cybercriminal activity was not a concern within the legal system of
Nigeria. In the 1980s, fraudsters in Nigeria began engaging in advance fee fraud using
methods such as fax, handwritten letters, and the postal service to target victims. 19
fraudulent acts. As internet services became more accessible in Nigeria in the late 1980s and
early 1990s, fraudsters shifted their operations online, even though internet access was
17
Odinma, A. “Cybercrie in Nigeria: Causes, Effect and the Way Out”
http://www.catalog.ihsn.org/home/citations accessed 13th January 2024
18
Ifanyi, O.C., and Itodo, S.M. “Cybercrime and Nigerian Business Environment” National Journal of
Advanced Research, (2016) (2) (2) 28-38
19
Fboibi, F.E., “Enforcement of Cybercrime in Nigeria: Are we Still Having Teething Problems?” Being a
paper presented in a Certificate Training Course/Conference, Cybersecurity, Sovereignty and Democratic
Governance in Africa, organized by the Council for the Development of Social Science in Africa, Democratic
Governance Institute, Dakar, Senegal, 27 July 2015 – 7 August 2015, 1-2
expensive and limited to certain individuals. 20 The deregulation of the telecommunications
sector in the late 1990s led to increased availability of internet services through private
Internet Service Providers (ISPs) and cybercafes. This expansion of access and availability
National Policy on Information Technology (NPFIT). 21 This policy facilitated the growth of
mobile phone services, a liberalized telecommunications sector, and the internet service
across the country coincided with criminals utilizing the internet for various types of fraud.
stock scams, work at home scams and online (email) advance fee fraud scams, web cloning,
piracy, phishing, online lottery fraud, job scams, identity theft, credit card fraud,
impersonation, fraudulent loan scams, romance scams and hacking. 23 The advance fee e-mail
scheme is the most costly form of internet fraud from the Nigerian perspective. The message
are often referred to as “Nigerian” or “419” cyber scams because the emails often come from
individuals who purport to reside in a foreign country – Nigeria. Human weakness and greed
to succeed together with the use of sophisticated technological applications grossly impacted
20
Ibid
21
Roseline Obada Moses-Oke, “Cyber Capacity without Cyber Security: A Case Study of Nigeria’s National
Policy for Information Technology (NPFIT)” Journal of Philosophy Science and Law (2012) (30) (12)
<http://www.miam.edu/ethics/jpsl> accessed 15 January 2024
22
Ibid
23
Orji, U.J. Cybersecurity Law and Regulation (Netherlands: Wolf Leg\al Publishers, 2012) 488-489
Thus, this period heralded Nigeria being nicknamed in domestic and international
Internet Crime Complaint Center ranked Nigeria third (3 rd) in the world top ten countries and
first in Africa in cybercrime perpetration with a rating 2.9 percent, while USA and Canada
This accusation galvanized Nigeria into reacting against such an embarrassing domestic and
international reputation. The Nigerian government became alarmed with the misuse of
cyberspace by the fraudsters. On 26 November 2003, the President in order to curtail the
the Cyberspace.26 Consequently, the Committee in March 2004 submitted her final report to
the then President of Nigeria, specifically recommending the establishment of a legal and
In this vein, the Presidential Committee initiated the National Cybersecurity Initiative (NCI)
with the following objectives: public enlightenment of the Nigerian populace on the nature
and danger of cybercrime, criminalization through new legislation of all online vices,
institutional capacity building across law enforcement agencies to extend statutory functions
computer systems and networks, and protect critical information infrastructure for the
and standards for cybersecurity in Nigeria and building international law enforcement
24
Woldpack & Digital Jewels, “The Nigerian Cyber Threat Barometer Report”
<http://www.digitaljewels.net/index.php/resource-center-djilnews/129-the-2014-nigerian-cyber-threat-
barometer> accessed 10 January 2024
25
National White Collar Crime Center and the Federal Bureau of Investigation, “Internet Fraud Report”
<http://www.ic3.gov/media/annualreport/2003_IC3Report.pdf> accessed 12 January 2024
26
B. Udotai, “The Growth and Challenges of Information Technology in Law Practice in Nigeria” in N.K.
Nwosu, Legal Practice Skills and Ethics in Nigeria (Lagos: DCON Consulting, 2004) 243
27
Ibid
cooperation and collaboration with other agencies worldwide to enable Nigeria tackle the
menace of cybercrimes.
In order to realize the above objectives, the Nigerian Government established the Nigerian
Cybercrime Working Group (NCWG) in 2004 with a two-year mandate. Considering the end
of the two years mandate given to NCWG, the Directorate for Cybersecurity (DFC) was
instituted to sustain the goodwork of the NCWG in December 2006 with a further mandate to
implement the aforementioned NCI objectives. One of the activities of the DFC was the
sponsoring of the Nigerian Computer Security and Critical Information Infrastructure Bill
2005 which was presented to the National Assembly before the expiration of the legislative
term that ended in 2007. However, the Bill did not receive any significant attention arguably
as a result of legislative lethargy. The Bill sought to establish a legal framework for
cybersecurity. It prohibited cybercrime and establishes a legal basis for the protection of
computer systems and networks and critical infrastructures in Nigeria and also for the legal
In 2008, another bill was presented titled the Nigerian Cybersecurity and Data Protection
Protection Agency which ordinarily would have been responsible for the protection of
computer systems and networks and also for the enforcement of the provisions of the Bill.
Unfortunately, in March 2011, the House of Representatives overruled the bill, as it coincided
with the tasks of the Economic and Financial Crimes Commission and that it was competing
Between 2009 – 2010, more than 10 different bills were introduced seeking unsuccessfuly to
provide a legal framework for cybercrime in Nigeria. However, the various Bills were
harmonized by the Office of the National Security Adviser (ONSA) which subsequently
28
culminated in the Cybersecurity Bill 2011 and between 2012-2015 the Attorney General of
the Federation initiated processes that resulted in the Nigerian Cybercrimes (Prohibition,
Thus, Nigeria moved from a country with zero legislation on cyber security to a country with
an extensive law with the enactment of the Cybercrime (Prohibition, Prevention, Etc.) Act
The Act prescribes punishment for specific actions such as cybersquatting, cyberstalking,
identity theft, unlawful access to a computer (popularly called hacking), cyber terrorism,
racism and xenophobic crimes. The Act also establishes the Cybercrime Advisory Council
which is constituted by representatives of almost all the law enforcement agencies in Nigeria.
The Cybercrime Advisory Council is responsible for policy formulation, while the Office of
the National Security Adviser (ONSA) is responsible for the enforcement of the Act.
This is an Act that provides for the prohibition, prevention, detection, response and
prosecution of cybercrimes and other related matters. The Act is divided into eight parts. Part
I provides for the objectives and application of the Act, Part II provides for the protection of
critical national infrastructure, part III provides for offences and penalties, Part IV provides
for duties of service providers, Part V provides for administration and enforcement, Part VI
of the Act provides for search, arrest and prosecution, Part VII provides for jurisdiction and
i. Provide an effective and unified legal, regulatory and institutional framework for the
iii. Promote cybersecurity and the protection of computer systems and networks, electronic
communications; data and computer programs, intellectual property and privacy rights.
Before the enactment of this Act, the legal and institutional framework regulating cybercrime
in Nigeria was not unified. But through this Act, the legal, regulatory and institutional
framework for the combating of cybercrime would be unified. The application of the
provisions of the Act would also apply throughout the Federal Republic of Nigeria.29
The Act looks into the position of the nation with reference to information and
The president may on the recommendation of the National Security Adviser, by Order
published in the Federal Gazette, designate certain computer systems, networks and
information infrastructure vital to the national security of Nigeria or the economic and social
The presidential order made under subsection (1) of this Section may prescribe minimum
access to, transfer and control of data in any critical information infrastructure, infrastructural
or procedural rules and requirements for securing the integrity and authenticity of data or
recovery plans in the event of disaster or loss of the critical national information
29
Section 2 of the Cybercrime Act, 2015
30
Section 3 of the Cybercrime Act, 2015
31
Ibid
infrastructure or any part of it; and any other matter required for the adequate protection,
management and control of data and other resources in any critical information infrastructure.
Through this aforementioned provision of the Act, national security is secured and enhanced
Part III of the Act discuss the offences and penalties in relation to cybercrimes. Through these
provisions, crimes committed through computer and computer networks are codified and thus
punishable under Nigerian law. Before the enactment of these provisions, only internet
related fraud was actually a punishable cybercrimes. But this Part of the Act provides for
offences and penalties in relation to cybercrimes. These include: offences against criminal
cybercrimes in Nigeria, the Act is punitive in nature. It provides a legal, regulatory and
institutional framework for the prohibition and punishment of cybercrimes and other related
matters. Precisely, the Act offers an avenue for cybersecurity and consequently, fortifies the
protection of computer systems and networks, electronic communications, data and computer
programs, intellectual property, privacy rights as well as preservation and protection of the
32
F.E. Eboibi, “A Review of the Legal and Regulatory Frameworks of the Nigerian Cybercrimes Act 2015”
Computer Law & Security Review (2017) (33) 700-717