Under the dubious guise of security concerns, Nigerians face the grim prospects of unwarranted assaults on their privacy from the authorities, courtesy of an executive bill currently in the works at the National Assembly. Although intended to curb the high rate of computer and Internet-related crimes in the country, the latitude granted to security agencies in the Cybercrime Bill to monitor and seize hold of individuals’ personal mails makes it a piece of legislation capable of being grossly abused.
Coming at a time when the whole world is being inundated with numerous innovative ideas in media technology and electronic communications, it is one bill that, if passed into law, will set Nigerians back compared with their counterparts elsewhere. In a world increasingly exposed to openness and free interaction, not encumbered by space and time, Nigerians will be the eventual losers under a law that shackles the freedom of expression.
Among other things, the bill seeks to empower security agencies to intercept and record personal electronic communications between individuals. Such agencies are also empowered to seize data from internet service providers and mobile telecommunications networks while, at the same time, asking the companies to conduct surveillance on individuals and hand over user data to authorities.
The bill, which was unanimously endorsed by members and has already gone through a second reading at the floor of the House of Representatives, identifies items that can be intercepted electronically as emails, voice mails, short message service, multimedia message, instant message, fax and pager.
Cybercrime, a borderless problem, consists of criminal acts that are committed online by using electronic communications networks and information systems. In his address to the International Telecommunications Union in 2013, the then Deputy Governor of the Central Bank of Nigeria, Tunde Lemo, said, “Cybercrime has surpassed illicit drug trade as global top revenue earner for organised crimes. The cybercrime network has become a highly organised ecosystem with its own value chain, including researchers of stronger attack methods (and) hackers, who compromise account data and make them available to dump vendors.”
In addition to many other costs, the Centre for Strategic and International Studies, a US think tank, in June 2014, described cybercrime as an industry with a tremendous growth rate. It said, “The returns are great and the risks are low. We estimate that the likely annual cost to the global economy from cybercrime is more than $400 billion. A conservative estimate would be $375 billion in losses, while the maximum could be as much as $575 billion.”
In Nigeria, cybercrime has done incalculable damage to the country’s image as criminals take advantage of a lax legal environment to commit a lot of bank frauds. Although Internet penetration in Nigeria is still relatively limited, the country has earned notoriety for what, in local parlance, has come to be known as yahoo yahoo business. This has marked Nigeria out as an outcast, denied participation in many aspects of the digital economy.
In the prevailing circumstances, it is obvious that Nigeria, just like other countries of the world, needs a legal framework, not only to deter intending offenders, but to fish out and punish fraudulent elements that continue to tarnish the country’s image. But what is the price that Nigerians should pay in the name of curbing internet crime? Should the search for solutions to cybercrime then mean surrendering one’s privacy completely?
Uncontrolled government authority may diminish privacy and hinder economic development. Privacy is a basic human right. Article XII of the Universal Declaration of Human Rights states, “No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence…” So balancing privacy and public safety by placing limits on law enforcement investigative authority is crucial. In the United States, for instance, where similar laws exist, security agencies are not allowed unbridled access to people’s personal Internet communications data. In fact, a court-approved warrant is needed for that purpose, except in cases where George Bush, out of concern after the 9/11 attacks, reportedly authorised the National Security Agency to carry out spying externally. But for domestic communications, warrants are still required.
Coming out with a much tougher stance, a district high court in The Hague, the Netherlands, on Wednesday last week, struck down a similar law requiring telephone companies and Internet providers to store information on activities of their clients, insisting that it “infringes on the individual’s right to privacy and the protection of personal data.”
It is therefore obvious that Nigerian lawmakers have gone too far in passing the law without any safeguards to protect the rights of individuals. This is the kind of law that should be drafted with utmost care and with sufficient checks against abuse. In a political environment such as ours, where government’s level of intolerance towards opposing views is usually very high, this law has a high potential for abuse, especially by prying into private mails of political opponents and using the contents to persecute them. Even the legislators who are today working on the bill could themselves become victims tomorrow, since they are certainly not going to remain in power for ever.
In a democratic setting, under no circumstances should security operatives be given the kind of sweeping powers that are contained in the Cybercrime Bill. This is indeed a throwback to the jackboot era, where opinions were held but not meant to be expressed. Depending on what the authorities want to achieve, that section, for instance, could be manipulated against a targeted victim. It is therefore obvious that this bill is too dangerous to be left the way it is. It should be drastically reviewed and the offensive sections expunged.
