FIGHT CYBER CRIMES AFRICA: Over the years, a surge in technological innovations has led to a remarkable rise in novel crimes. Admittedly, the internet, as a “wild west”-a kind of frontier without borders, promotes social relationships, thereby aiding businesses and encourages innovations due to ease of access to information. The dissemination of information has been made much faster since the advent of the internet, particularly via social media forums like Facebook, Twitter, Instagram not forgetting Nairaland amongst others which influence public opinion.
However, it also exacerbates the tension already seen offline between freedom of expression and other interests such as cyber crime, and the rights to reputation and privacy, traditionally protected by defamation law. Hence, for a variety of reasons, such as dissemination of child pornography, government will not simply accept the notion that the Internet should be free from direct regulation. For instance, Article 5(2) of the German Basic Law, which serves as Germany’s Constitution, provides that free expression rights find ‘their limits in the provisions of the general statutes, in statutory provisions for the protection of youth, and in the right to respect for personal honor’.
This no doubt has also influenced liability for wrongs committed employing the instrumentality of the internet under myriad of local laws. Some germane questions crop up as to the confines of liability for the limitless borders of internet orchestrated crimes. Moreover, it resurrects the trite postulate that a key component of democratic dispensations includes the corollary rights of access to information and dissemination of information, ideas and opinions as enshrined in s. 39 (1) of the Constitution of the Federal Republic of Nigeria (CFRN) 1999 (as amended) which places premium on the right to freedom of expression. But as observed by Bernard Lenin, this is not without limit, since your fist’s freedom ends where my nose begins.
Of note, with respect to defamation, being publication of a statement which tends to lower a person in the estimation of right-thinking members of society generally, this has two distinct kinds based solely on the form in which it is published. While oral defamation is slander, written defamation on the other hand is libel. Hence, libel could be committed over the internet. But this is not to say that there could not be publication of defamatory statements through audio/video downloads or live streams; and same fall under internet slander.
However, for both forms, the acid test in determining liability is that the actual statement must be defamatory as specifically targeted at the victim. In addition, a basic ingredient of defamation, whether it is libel or slander, is publication of words complained of to at least one person other than the victim and not merely hate writing as wrongly assumed by culprits. And the onus of proof of defamation rests on the victim. Though in all cases of defamation, truth is a defence.
As noted by Gatley, On Libel and Slander at page 134 paragraph 6.9 and cited with approval by the Nigerian Court of Appeal in GWOM & ANOR v. OROKOYO (2015) LPELR-24823(CA) (Pp. 38-39, paras. E-C), it is not necessary in every case for the plaintiff to prove directly that the words complained of were brought to the actual attention of some third person in this sense. So far as he can prove facts from which it can be inferred that the words were brought to the attention of some third person, he will establish a prima facie case. This is particularly obviously so where the matter is contained in a book or distributed in the news media or on the internet, where in practice it would be impossible to rebut the inference, and in such a case it seem that the presumption of publication would be impossible to displace.
Data Protection In Age of Cyber Crime
In similar vein, Nigeria’s Cybercrimes (Prohibition, Prevention, Etc) Act, 2015 prohibits identity theft, with the punishment of imprisonment for a term of not less than 3 years or a fine of not less than N 7 million or to both fine and imprisonment.
Generally, the protection of trademarks and domain names through the World Intellectual Property Organization (WIPO) potentially provides a good model for the protection of reputation on the Internet. Consequently, there is need for an accord amongst all the nations of the world which is missing with respect to the United Nations Telecommunications Treaty signed on December 14 2012 which has failed to gain global ratification.
Succinctly, at the home front, we recollect the emergence of the aborted “Frivolous Petition Bill”, in 2016 in the face of a robust body of international law protecting the right to freedom of expression, which seeks inter alia to criminalize maliciously made statements on social media sites, dubbed “Anti-Social Media Bill” by opinionators and suffering similar fate as the United Nations Telecommunications Treaty. This is not to say that there is no legal order to checkmate dubious transactions and malicious publications over the internet. However, there is no regional legal framework in Africa as is the case in Europe, the most malware-impacted continent, which on 14th of April 2016, precisely at the plenary session of the European Parliament completed the legislative process for the General Data Protection Regulation, by which the European Parliament, the Council of the European Union and the European Commission strengthened and unified data protection for all individuals within the European Union (EU).
Of note, the General Data Protection Regulation (GDPR) will come into force on the 25th of May 2018, replacing the existing data protection framework under the EU Data Protection Directive. Also, the European Court of Justice has in time past ruled that people may request removal from search engines in exercise of their “Right to be Forgotten”. Furthermore, the European Court of Justice has over the years entrenched the principle that an injured party can file a suit in the Court with jurisdiction where the publisher resides or carries on his trade or in all jurisdictions where publication was distributed or better still institute an action in the state where the injured party’s aggregate interest lies.
Moreso, in Europe, the litmus test in determining liability for the defamatory statements published on the internet by some other persons is “Notice and Take-down” which specifies that ISPs, web hosts and other “intermediaries” cannot be held liable for the content created by their users save when such intermediary has adopted the content as its own or has refused a Court order calling for removal. In the Da Cunha case, decided by the Argentine Appeals Court, Google and Yahoo! were exempted from liability for including sex-related sites in their results for searches on an entertainer.
Basically, the difficulty in reaching the particular user or person who published the offensive material, led to the position that liability can fall on the Internet Service Provider (ISP) upon failure of same to expunge the offensive material after being notified accordingly. This can be gleaned from Section 230 of the Communications and Decency Act 1996 of the United States of America, which allows for service providers to be able to remove contents which in their opinion are abusive and obscene. This is not to suggest that a civil claim cannot lie against the website owner or the actual culprit. But there is still a challenge of multiple nations asserting jurisdiction over the same occurrences.
-Cybercrimes (Prohibition, Prevention, Etc) Act, 2015
Though Nigeria has a landmark legislation, the Cybercrimes (Prohibition, Prevention, Etc) Act, 2015, implementation of same has left much to be desired despite the creation of a National Cyber-Security Fund by s.44 of the Act. Remarkably, the provisions of the Act (Section 38 and 39 of the Act) conferring on the Nigerian Communications Commission (NCC) and security agencies the unrestricted powers to access private communications of Nigerians such as telephone calls, email messages and such other electronic exchange of information like short messaging service (SMS) and multimedia applications from service providers is already yielding results as can be gleaned from high profile criminal cases currently being prosecuted by the Economic and Financial Crimes Commission. This does not infringe on the right to privacy in view of reasonable derogation clause, in the interest of the public and for the purpose of protecting the rights and freedoms of others, as contained in section 45 of the 1999 Constitution (as amended).
The Act also prohibits inter alia- offence committed against a system or network that has been designated critical national infrastructure of Nigeria, cyber squatting, distribution of racist and xenophobic material to the public through a computer system or network, Internet fraud, identity theft , child pornography offences, hacking, Cyber-stalking and Cyber-bullying. The Act in seeking to combat cyber crime creates several duties for financial institutions and service providers, the same entities most directly affected by cyber crime.
Interestingly, with respect to cyber security, the global cyber attack that seized hundreds of thousands of computer systems in the month of May cannot be forgotten in a hurry. While we await a transnational solution involving a WIPO-like framework, Africa definitely needs to brace up to confront internet fanned crime and spread of malware by being futuristic in her outlook as is the case with the General Data Protection Regulation (GDPR) of the European Union especially since experts have reported that copycat variants of the malicious software behind the attacks have begun to proliferate.
And as reported by New York Times, among the organizations hit were FedEx in the United States, the Spanish telecom giant Telefónica, the French automaker Renault, universities in China, Germany’s federal railway system and Russia’s Interior Ministry. An African robust legal framework on cyber security will be in tandem with the spirit of Article 27 of the African Charter on Human and Peoplesʼ Rights which provides that rights should be exercised “with due regard to the rights of others, collective security, morality and the common interest.”
Finally, all actors in the digital environment and the various arms of government have to dutifully perform their roles in curtailing the novel challenges emanating from the use of technology for information dissemination to curb internet defamation. Raising awareness among organizations and the general public is desirable.
By Michael O. Ogunjobi Esq – writes from Jireh & Greys Attorneys in Lagos.