Things you Need to Know About Nigeria Cybercrime Prohibition Act 2015
1. Introduction
As the digital economy continues to grow globally and in Nigeria, cybercrime has emerged as one of the greatest threats to national security, personal privacy, financial systems, and business integrity. In response to the surge in cyber threats, the Nigerian government enacted the Cybercrime (Prohibition, Prevention, etc.) Act in 2015—a landmark legislation designed to tackle the challenges posed by cybercriminals.
This article provides an in-depth, comprehensive review of the Cybercrime Act 2015, explaining its provisions, scope, implications, enforcement, and how citizens and businesses can stay compliant and protected.
2. Background and Objectives of the Cybercrime Act 2015
The Act was enacted to:
Criminalize and penalize various forms of cybercrime
Protect critical national information infrastructure
Promote cybersecurity awareness and culture
Establish legal mechanisms for investigation, arrest, and prosecution of cyber offenders
Provide for international cooperation
3. Key Offences and Provisions under the Act
The Act outlines a wide range of cyber offences and penalties. These include:
a. Unauthorized Access to Computers or Networks (Section 6)
Gaining access without permission to a computer system is an offence punishable by fine and/or imprisonment.
b. System Interference and Data Interference (Sections 5 & 7)
Intentional alteration, deletion, or suppression of computer data or systems is criminalized.
c. Cyberstalking and Cyberbullying (Section 24)
Sending offensive or threatening messages via digital platforms attracts fines and up to 10 years’ imprisonment.
d. Identity Theft and Phishing (Section 22)
Unauthorized use of another person’s identity or login credentials is an offence.
e. Internet Fraud and Online Scams (Section 14)
Includes online deception, financial fraud, and ‘Yahoo-Yahoo’ activities.
f. Child Pornography and Exploitation (Section 23)
Possession, distribution, or access to child pornography via digital means is severely punished.
g. Cyber Terrorism (Section 18)
Use of cyberspace to intimidate, attack, or threaten national security is categorized as terrorism.
h. Electronic Card Fraud (Section 33)
Tampering with ATM cards, credit cards, and POS systems for fraudulent purposes is criminal.
i. Spamming and Spreading Malware (Sections 11 & 12)
Sending unsolicited bulk messages and deploying harmful programs like viruses and spyware are prohibited.
4. Investigation and Prosecution Powers
The Act empowers law enforcement agencies, especially:
Nigeria Police Force (NPF)
Economic and Financial Crimes Commission (EFCC)
National Security Agencies
National Information Technology Development Agency (NITDA)
They are authorized to:
Obtain search warrants for digital devices
Monitor communications with court approval
Arrest and prosecute suspected cybercriminals
5. The Role of the Office of the National Security Adviser (ONSA)
ONSA is tasked with:
Coordinating national cybersecurity policy
Establishing a National Computer Emergency Response Team (ngCERT)
Setting up cybersecurity centers and public-private collaboration hubs
6. Data Protection and User Privacy
The Act supports the safeguarding of data, including:
Protection against unlawful interception and data disclosure
Requirements for ISPs and telecom providers to retain metadata (Section 38)
Obligations to preserve traffic data and cooperate with law enforcement
7. Jurisdiction and Extraterritorial Application
The Act applies to:
Any person within Nigeria
Nigerians committing cybercrimes outside Nigeria
Foreign nationals targeting Nigerian networks, citizens, or infrastructure
This ensures international cybercriminals can be prosecuted under Nigerian law.
8. Corporate Liability and Responsibilities
Companies, especially in banking, fintech, telecom, and IT sectors, are required to:
Maintain security protocols
Report breaches to authorities
Cooperate with investigation
Implement internal controls to prevent data loss or compromise
Failure to comply may result in criminal and civil penalties.
9. International Cooperation and Mutual Legal Assistance
The Act encourages cooperation with:
INTERPOL
ECOWAS and African Union bodies
UN and global cybercrime enforcement efforts
Foreign governments for extradition and data exchange
This reflects Nigeria’s commitment to global cybersecurity standards.
10. Cybercrime Reporting and Whistleblower Provisions
The Act encourages individuals to report cybercrimes to:
Nigeria Police Cybercrime Unit
EFCC
NITDA or CERT
It also protects whistleblowers and encourages safe reporting channels.
11. Penalties and Sentencing Guidelines
The Act stipulates various penalties ranging from:
Fines (₦2,000,000 – ₦20,000,000)
Imprisonment (1 year to life)
Asset seizure and forfeiture
Severity depends on:
Type of offence
Number of victims
Economic losses
Use of national infrastructure
12. Public Awareness and Cybersecurity Education
The Act promotes digital literacy and security awareness campaigns targeting:
Schools
Government workers
Private companies
The general public
This ensures a whole-of-society approach to cybersecurity.
13. Limitations, Criticisms, and the Need for Reform
Critics of the Act have raised issues such as:
Broad and vague definitions (e.g., cyberstalking)
Potential for abuse by authorities
Gaps in digital evidence handling
Overlap with data protection laws
Reforms are needed to harmonize the Act with Nigeria Data Protection Act 2023 and global best practices.
Conclusion
The Cybercrime (Prohibition, Prevention, etc.) Act 2015 is a foundational law for securing Nigeria’s digital environment. It establishes a framework for criminalizing, investigating, and prosecuting cybercrimes while promoting public awareness and international collaboration.
As cybercrime evolves, so too must the legal framework. Stakeholders—including businesses, individuals, regulators, and the courts—must work together to uphold the integrity of Nigeria’s cyberspace.
🔐 Are You Cyber-Safe and Legally Compliant in Nigeria’s Digital Space?
Cybercrime laws in Nigeria are strict — ignorance is no excuse. Whether you’re a business owner, tech entrepreneur, corporate executive, or internet user, understanding the Cybercrime (Prohibition, Prevention, etc.) Act 2015 is crucial to avoid legal risks, fines, and reputational damage.
At Chaman Law Firm, we provide expert legal guidance on:
Cybercrime defence
Corporate cybersecurity compliance
Digital rights protection
Cyber fraud investigation support
Online data protection and legal risk audits
📞Phone: 08065553671, 08096888818
✉ Email: chamanlawfirm@gmail.com
📍 Address: 115, Obafemi Awolowo Way, Allen Junction, Ikeja, Lagos, Nigeria
🌍Click here to learn more about Chaman Law Firm
Stay informed. Stay protected. Stay ahead.
Chaman Law Firm – Your Right, We Protect.