1. Gives the President the power to designate certain computer systems, networks and information infrastructure vital to the national security of Nigeria or the economic and social well-being of its citizens, as constituting Critical National Information Infrastructure, and to implement procedures, guidelines, and conduct audits in furtherance of that. Examples of systems, which could be designated as such, include transport, communication, banking etc. To find out more about what such a plan should look like, you can check the USA’s National Infrastructure Protection Plan here, or the European Union’s here.
2. Prescribes the death penalty for an offence committed against a system or network that has been designated critical national infrastructure of Nigeria that results in the death of an individual (amongst other punishments for lesser crimes).
3. Hackers, if found guilty, of unlawfully accessing a computer system or network, are liable to a fine of up to N10 million or a term of imprisonment of 5 years (depending on the purpose of the hack). The same punishment is also meted out to Internet fraudsters who perpetuate their acts either by sending electronic messages, or accessing and using data stored on computer systems.
4. Makes provision for identity theft, with the punishment of imprisonment for a term of not less than 3 years or a fine of not less than N7 million or to both fine and imprisonment. An example of identity fraud would be the individual who impersonated Chief Bola Tinubu on Facebook and was apprehended recently by the police.
5. Specifically creates child P0rnography offences, with punishments of imprisonment for a term of 10 years or a fine of not less than N20 million or to both fine and imprisonment, depending on the nature of the offence and the act carried out by the accused persons. Offences include, amongst others: producing, procuring, distributing, and possession of child P0rnography.
6. Outlaws Cyber-stalking and Cyber-bullying and prescribes punishment ranging from a fine of not less than N2 million or imprisonment for a term of not less than 1 year or to both fine and imprisonment, up to a term of not less than 10 years or a fine of not less than N25 million or to both fine and imprisonment; depending on the severity of the offence.
7. Prohibits cybersquatting, which is registering or using an Internet domain name with bad faith intent to profit from the goodwill of a trademark belonging to someone else, or to profit by selling to its rightful owner. Individuals who engage in this are liable on conviction to imprisonment for a term of not less than 2 years or a fine of not less thanN5 million or to both fine and imprisonment.
8. Forbids the distribution of racist and xenophobic material to the public through a computer system or network (e.g. Facebook and Twitter), it also prohibits the use of threats of violence and insulting statements to persons based on race, religion, colour, descent or national or ethnic origin. Persons found guilty of this are liable on conviction to imprisonment for a term of not less than 5 years or to a fine of not less thanN10million or to both fine and imprisonment.
9. Mandates that service providers shall keep all traffic data and subscriber informationhaving due regard to the individual’s constitutional Right to privacy, and shall take appropriate measures to safeguard the confidentiality of the data retained, processed or retrieved.
10. Allows for the interception of electronic communication, by way of a court order by a Judge, where there are reasonable grounds to suspect that the content of any electronic communication is reasonably required for the purposes of a criminal investigation or proceedings.
The above is just a high-level overview of certain interesting provisions in the newly passed legislation. The Act itself contains 43 sections, and is a very important piece of legislation to foster the development of the nascent ICT sector in Nigeria. You can read the full provisions of the Act here – CyberCrime (Prohibition, Prevention, etc) Act 2015