AN EXAMINATION OF THE LEGAL FRAMEWORK FOR COMBATING

CYBERCRIME IN DIGITAL TRANSACTIONSS ACROSS BORDERS.

Abstract
The growth of the internet and digital technologies is a great opportunity for humanity
to transform businesses and provide new communication tools every day. Internet
users are spending more and more time online and engaging in more online and social
media activities. However, like a double-edged sword, the Internet also presents
opportunities for cybercriminals in the information society. The nature of some
“traditional” types of crime has been transformed by the use of computers and other
information and communication technologies (ICTs) in size and scope, with risks
extending to many aspects. aspects of social life, such as financial transactions, sex
violations, harassment and intimidation, and damage and disorderly business.
Cybercrime is a transnational threat in the sense that it crosses borders. The most
important challenges of the information society are the security of digital data and
information systems and the prevention of harmful use of information and
communication technologies by cybercriminals, terrorist group,s or state
organizations. Measures to address these security challenges of the information society
have given rise to a concept known as "cybersecurity". Cybersecurity aims to promote
and ensure the overall security of digital information and information systemtoto
ensure the safety of the information society. The concept therefore has broad relevance
to the social, legal, regulatory and technological measures that will ensure the
integrity, confidentiality, availability and overall security of digital information and
systems. information systems to achieve the high level of trust and security necessary
for the sustainable development of the information cyberspace. This long essay seeks
on the one hand to examine what international law lags in providing adequate scope
for cybercrime, while on the other hand, assess the existing regulations which largely
fail to prevent threats of Cybersecurity threats which are mainly caused by
complications caused by misalignment of cybersecurity laws and regulations. This
long essay will further attempts to discuss the legal and regulatory aspects of
cybersecurity in international law, analysis of international, regional and national
regulatory responses to cybercrime in developed and developing countries. It will
draw attention to the limitations and challenges of these regulatory responses in
promoting cybersecurity and explores a number of regulatory measures to address the
stated challenges in promoting security and global network. The findings of this study
will suggest a number of regulatory measures to strengthen global cybersecurity and
will also highlight the need for collective state responsibility for global cybersecurity
against cybercrimes.
TABLE OF CONTENTS
Pages
Title page
Declaration
Certification
Acknowledgement
Table of Contents
Table of Cases
Table of Statutes
List of Abbreviation
Abstract
CHAPTER ONE: INTRODUCTION
1.1 Background of the Study
1.2 Statement of Problem
1.3 Aim and Objectives of Study
1.4 Significance
1.6 Research methodology
1.7 Scope of Study
1.8 Literature Review
1.9 Organizational Layout
Chapter Two
CONCEPTUAL ANALYSIS
2.1 Introduction
2.2 Meaning and Nature of Cybercrime
2.2.1 Historical Perceptive of Cybercrime
2.2.2 Types of Cybercrimes
2.3 Meaning of Cyberspace
2.4 Meaning of Cyberjurisdiction
2.4.1 Cyberspace and Cyber Jurisdiction
2.4.2 Determinants of Jurisdiction in the United States of America, United Kingdom
and Nigeria
2.4.3 Prescriptive Jurisdiction
2.4.4 Adjudicative Jurisdiction
2.4.5 Enforcement Jurisdiction
2.5 The Concept of Cybersecurity
2.5.1 Meaning of Cybersecurity
2.5.2 Goals of Cyber Security
2.6 Cybercrimes Committed in Nigeria and Criminalized under the Budapest
Convention
2.6.1 Acts carried out by Criminal Minded Individuals against Computers
2.6.2 Acts carried out by Criminal Minded Individuals against Individuals
2.6.3 Cybercrimes Committed against the State
Chapter Three
LEGAL AND INSTITUTIONAL FRAMEWORKS RELEVANT FOR
CURBING CYBERCRIME IN NIGERIA
3.1 Introduction
3.2 The Criminal Code Act
3.3 The Penal Code Act
3.4 Terrorism (prevention) act, 2011 (as amended in 2013) and Regulations 2013
3.5 The Evidence Act
3.6 The Money Laundering (Prohibition) Act, 2011
3.7 The Advance Fee Fraud Act, No. 14, 2006
3.8 The Nigerian Financial Intelligence Unit (NFIU)
3.9 Special Control Unit against Money Laundering
3.10 Economic and Financial Crimes Commission (establishment) Act 2004
Chapter Four
ISSUES AND CHALLENGES IN COMBATING CYBERCRIMES IN DIGITAL
TRANSACTIONS
4.1 Introduction
4.2 International Cooperation in the Fighting Cybercrime
4.3 The Role of Judiciary in the Admissibility of Electronic Evidence in Cyber Crime
Cases
4.4 Challenges of International Cooperation in the Fight against Cybercrime
4.4.1 Lack of Cybercrime Specific Laws
4.4.2 Lack of Adequate Provisions on Collection and use of Electronic Evidence in
Nigeria
4.4.3 Lack of Proper Training of Law Enforcement Agencies on Investigating Acts or
Omissions that Constitute Cybercrimes-
Chapter Five
CONCLUSION AND RECOMMENDATION
5.1 Conclusion
5.2 Recommendation
5.3 Bibliography
 CHAPTER ONE
GENERAL INTRODUCTION
1.0 Introduction
Legislators have struggled to redefine the law to fit crimes committed by cyber

criminals since the advent of the computer age. In many jurisdictions, crime is one of

the newest and most rapidly evolving areas of the law. The advancement of

technology and online communication has resulted in a dramatic increase in the

nature of criminal activities. Criminals use cyberspace to commit a variety of cyber-

crimes. Growing trends in complex distributed and Internet computing raise serious

concerns about data security and privacy.1 The Information and Communication

Technology (ICT) revolution has had an impact on almost every aspect of human

endeavor, from business to industry to government to non-profit organizations; ICT

has simplified business processes such as sorting, coding, editing, and generic report

generation in a real-time proceeding mode. However, ICT has had unintended

consequences such as criminal activity, spamming, credit card fraud, ATM fraud,

phishing, identity theft, and other cyber-crimes. Technology has brought nations

together, and the world has shrunk to the size of a village. The economies of the

majority of the world's countries are accessible via electronic means via the internet.

Because the electronic market is open to all (including eavesdroppers and criminals),

the internet is a borderless regime. The internet is one of the most rapidly developing

areas of technical infrastructure.2

The development and use of the internet over the last few decades have provided

everyone with this opportunity. However, the information technology revolution

1
F.B. Okeshola, and A.K. Adeta, ‘The Nature, Cause and Consequences of Cybercrime in tertiary Institution in Zaria,
Kaduna State’, (2013) (3) (9), American International Journal of Contemporary Research, 1.
2
 associated with the internet has had two significant effects: on the one hand, it has

contributed positive values to the world. On the other hand, it has produced a slew of

maladies that threaten social order, as well as a new wave of crime in the world. The

internet online business services, which are supposed to be a blessing because they

expose one to a plethora of opportunities in various fields of life, are quickly

becoming a source of discomfort and concern due to the atrocities committed through

it. Based on the threat, the Nigerian government developed a cybercrime legal

framework, which is discussed and examined in this work for its effectiveness in

combating cybercrime.

1.1 Background to the Study

Today, there is a high spreading out of Information Technology surrounding most

parts of life in Nigeria. This makes possibilities for businesses running in Nigeria to

compete with others around Africa and beyond. Companies now transact through the

internet; hence different sensitive information are sent through internet during the

transaction and communication3. The technological change everywhere in the world

makes the use of computer and internet as a basic device for communication and the

World a global village. Thus, with the advent of the computer age, legislatures have

been struggling to redefine the law to fit crimes perpetuated by computer criminals. 4

The crime is amongst the newest and most constantly evolving areas of the law in

many jurisdictions. The rise of technology and online communication has not only

3
Company and Allied Matters Act 2020, Ss 101 and 240(2),
4
F. Ibikunle, Approach to Cyber Security Issues in Nigeria: Challenges and Solution, (2013) (1) (1) Publication of
Department of Electrical & Information Engineering, Covenant University Nigeria, 1.
 produced a dramatic increase in the nature of criminal activities. Criminals are using

cyberspace to commit numerous cybercrimes. Growing trends of complex distributed

and Internet computing raise important questions about information security and

privacy.5The Information Communication Technology (ICT) revolution has had

impacts in almost every area of human endeavour, from business, industry,

government to not-for-profit organization; ICT has simplified business process such as

sorting, summarizing, coding, editing customized and generic report generation in a

real-time proceeding mode. However, ICT has also brought unintended consequences

such as criminal activities, spamming, credit card frauds, ATM frauds, phishing,

identify theft and other related cybercrimes. Technology has integrated nations and the

world has become a global village. The economy of most nations in the world is

accessible through the aid of electronic via the internet. Since the electronic market is

opened to everybody (which also includes eavesdroppers and criminals) the internet is

a borderless regime6. In essence the internet is one of the fastest-growing areas of

technical infrastructure development.

Over the past decades, the growth of the internet and its use afforded everyone this

opportunity7. However, information technology revolution associated with the internet

5
H. Chen, and F.Y. Wang, ‘Guest Editors' Introduction: Artificial Intelligence for Homeland Security’, (2005) (20)
(5), IEEE intelligent systems, 12–16.
6
F.B. Okeshola, and A.K. Adeta, ‘The Nature, Cause and Consequences of Cybercrime in tertiary Institution in Zaria,
Kaduna State’, (2013) (3) (9), American International Journal of Contemporary Research, 1.
7
Op Cit at note 2
 has brought about two edge functions: that is on one hand, it has contributed positive

values to the world. While on the other hand, it has produced so many ills that threaten

the order of the society and also producing a new wave of crime to the world. The

internet online business services, which ordinarily supposed to be a blessing as it

exposes one to a lot of opportunities in various field of life is fast becoming a source

of discomfort and worry due to the atrocity being perpetrated through it. Based on the

threatened menace the Nigeria government has come up with a legal framework of

cybercrime which will be discussed and x-rayed in this long essay on it effectiveness

on combating cybercrimes in digital transactions across bothers.

Cyber infrastructures are highly vulnerable to intrusions and other threats. With the

pace and amount of cyber-attacks, human intervention is simply not sufficient for

timely attack analysis and appropriate response. The fact is that the most network-

centric cyber-attacks are carried out by intelligent agents such as computer worms and

viruses; hence, combating them with intelligent semi-autonomous agents that can

detect, evaluate, and respond to cyber-attacks has become a requirement. These so-

called computer-generated forces will have to be able to manage the entire process of

attack response in a timely manner, attack is occurring, what the targets are and what

is the appropriate response, as well as how to prioritize and prevent secondary attacks 8.

8
D. Selma, and others ‘Applications of artificial intelligence techniques to combating cyber crimes: a review’,
(2015) (6) (1) International Journal of Artificial Intelligence & Applications, 2
 Furthermore, cyber intrusions are not localized. They are a global menace that poses

threat to any computer system in the world at a growing rate. There were times when

only educated specialist could commit cybercrimes, but today with the expansion of

the Internet, almost anyone has access to the knowledge and tools for committing

these crimes. Conventional fixed algorithms (hard-wired logic on decision making

level) have become ineffective against combating dynamically evolving cyber-attacks.

It has also resulted in the emergence of what appears to be some new varieties of

criminal activities pose challenges for legal systems, as well as for law enforcement 9.

Cybercrimes are factor that has been a great threat to Information Communication and

Technology, the operation of cyberspace transaction; other cyberspace related

functions are the most wonderful means of communications and transactions in the

field of internet. The Department of Justice („Dos‟) defines computer crimes as any

violations of criminal law that involve knowledge of computer technology for their

perpetration, investigation or prosecutions10. Cybercrime has been eluding factor in the

cyberspace transactions in Nigeria, where cybercrimes and computer related crimes

are endemic. The integration of computer technology as a global issue, with the

opportunity opened to the general public in use for viable objectives, certain high-level

of crimes are committed and some of the perpetrators of these crimes are referred to as
9
A. Laura, ‘Cybercrime and National Security; the role of the penal and procedural Law, (2015), Research Fellow,
Nigerian Institute of Advance Legal Studies, 7 < http://nials-nigeria.org/pub/lauraani.pdf.> Accessed 3 April 2022.
10
The Economic Times: September 11, (2004) 1.
 “hackers” syndrome, they took advantage of cyberspace transactions available on the

internet to defraud the unsuspected victims who are mostly foreign transactions in

thousand and millions of dollars11. These criminally minded individuals will have a

discussion with the victims through the internet and they will pretend to be interesting

and loving, before the victim realized, the criminals would have succeeded in luring

them into sending some dollars to enable them facilitate traveling documents they

falsify documents and tell all sort of lies to get money or that they are beneficiary to a

thousand of dollars in a trust account but they need a little money to secure the

services of a counsel to claim the trust fund12.

Nigeria battles against cybercrime effort have been put in place by directing the

sources and channel through which cybercrimes are perpetrated in Nigeria generally

are targeted at individuals and not directly to computer systems, hence they require

less technical expertise on the part of the criminals 13. Recently, a report indicated that

Nigeria is losing about 89 million dollars yearly to software piracy the report was the

finding of a study conducted by institute of Digital Communication is a market

research based in South Africa. Also, the America national fraud information center

11
O.R. Ehimen and A. Bola, ‘Cybercrimes in Nigeria’, (2010) (3) (1) Business Intelligence Journal, January, 5
12
A.S, Mu‟azu and M.K. Abubakar, ‘Cybercrime in Nigeria: An Overview of Cybercrime Act 2013’, (2014) (32)
Journal of Law, Policy and Globalization, 23
13
Ibid
 reported Nigeria money offers as the fastest online scam up to 90% in 2001. The

centre also ranked Nigeria cybercrime, impact per capita as being exceptionally high 14.

In an attempt to fight the menace of cybercrime in Nigeria, Physical devices such as

sensors and detectors are not sufficient for monitoring and protection of these

infrastructures; hence, there is a need for more sophisticated IT that can model normal

behaviors and detect abnormal ones. These cyber defense systems need to be flexible,

adaptable and robust, and able to detect a wide variety of threats and make intelligent

real-time decisions15. There is need for Cyber law and Cyber security. Cyber laws

prevent or reduce large scale damage from cybercriminal activities by protecting

information access, privacy, communications, intellectual property and freedom of

speech related to the use of the internet, websites, emails computers, cell phones,

software and hardware, such as data storage devices 16. The increase in internet traffic

has led to a higher proportion of legal issues worldwide. Because cyber laws vary by

jurisdiction and country, enforcement is challenging and restitution ranges from fines

to imprisonment.17

14
Ibid
15
D. Dasgupta, ‘Computational Intelligence in Cyber Security’, (2006), IEEE International Conference on
Computational Intelligence for Homeland Security and Personal Safety, 2–3
16
M.T. Ladan, ‘Cyberlaw and Policy on Information and Communications Technology in Nigeria’, (Ahmadu Bello
University Press Limited 2015) 104.
17
Ibid
 The term “Cyber law” has been defined by, the Black’s law dictionary, as the field of

law dealing with the internet, encompassing cases, Statutes, Regulations and disputes

that affect people and businesses interacting through computers cyber law is at the

heart of many legal and policy issues today, including jurisdictional questions,

intellectual property rights, tort actions, privacy rights, e-commerce, cybercrimes,

online speech. Since the internet is fluid and dynamic medium, cyber law is a field of

law that changes rapidly and it is important to stay current with recent trends. In a

related development, cyber law has been defined as the law governing cyber space18.

For Nigeria, a nation in the process of saving her face regarding cybercrimes, efforts

are now being directed at the sources and channels through which cybercrimes are

perpetuated. The task of re-stigmatizing cybercrime and re-dignifying honest is not as

easy as that of institutionalizing a deterrence mechanism and the legal framework in

combating cybercrime in digital transactions. Hence the need to examine the legal

framework for cybercrimes.

1.2 Statement of Problem

Increasing of communication network improve the online business such as electronic

commerce, electronic banking, Mobile Money and sending information through emails

individual and services/products advertisement. The Nigeria current legal framework

18
A. B. Garner, Black’s Law Dictionary, (8th ed, Thomson West, United State of American, 2009), 414.
 dealing with cyber issue seems to be not adequate to regulate cybercrime because the

existing laws and practices dwells more to traditional crimes and evidence. Therefore,

there are legal challenges concerning cybercrime in Nigeria which arise many

problems to the Lawyers, ICT technicians when applying the laws which do not

recognize the new technology when any matter arise.

More so, even in resonance of the laws that deals with cyberspace in Nigeria, it is not

out of place to say that these laws are inadequate to fight well the cybercrime crisis.

Hence, there is a need for a strict statutory law to regulate the activities of criminals is

rising around the world together with protect the true sense of Technology—laws

which will protect the digital areas such as electronic transaction, electronic commerce

e- governance and other activities needing digital technology. Thus, a need for

examination of the legal framework for combatting digital transaction.

1.3 Aim and Objectives of Study

The aim of the study is to examine the legal framework for combating cybercrime in

digital transaction across borders. However, the research seeks to achieve the

following objectives.

i. To examine the laws effective in combating cybercrimes

ii. To examine the challenges faced in combating cybercrime

iii. To assess the efforts taken by Government in improving laws to combat a cybercrime.
1.4 Significance
This research work will be of immense important to all stakeholders involved,

particularly in Nigeria. The knowledge provided in this study will demonstrate the

impact to current realities, global competitiveness and relevance to the Nigerian

economy and sustainable development. It shall also produce legal expert/researchers,

academicians, students of law and users of information, with the necessary

competencies and skills to function effectively in institutions of higher learning and in

both the public private sectors of the Nigerian economy. It would also broaden the

knowledge of the legislature to provide possible amendments of the existing law on

the subject.

Finally, this research work would add to the prevailing knowledge and serve as useful

and reference materials for further study in the area of Information Communication

Technology.

1.5 Research Methodology

The research adopted the doctrinal methodology. It made use of primary and

secondary sources of data; the primary data consists of International and regional

instruments; legislations and policies on fight against cybercrimes, and case laws

related to cybersecurity in Nigeria. The secondary sources consist of textbooks,

literature sourced from the internet, scholarly articles in journals and seminar papers.
 1.6 Scope of Study
The scope of this work is a broad one as it analyzes and examines the national and

international legal framework of cybercrimes and security as bothers on digital

transaction across borders.

1.7 Literature Review

This area of research work is a developing sphere for academic exploitation, though

there are no very many scholars and researchers who delved into various aspects of

computer related offences (cybercrimes). Hence, the works of these authors and

scholars shall be reviewed in the course of this work.

According to Vladimir19, internet is a global network which unites millions of

computers located in different countries and open broad opportunities to obtain and

exchange information, but it is now been used for criminal purposes due to the

economic factors. Nigeria a third world country is faced with so many economic

challenges such as poverty, corruption, unemployment amongst others, thereby

making this crime thrive.20

Ladan M.T.21 an erudite scholar postulated that with the growing sophistication and

use of information, the past decade has seen a major growth in cybercrime. The fight

19
G. Vladimir, ‘International Cooperation in Fighting Cyber crime’, (2005) (5) <www.crimeresearch.org> Accessed 3
April 2022
20
B.O. Folashade and others, ‘The Nature, Causes and Consequence of Cyber Crime in Tertiary institution in Zaria-
Kaduna state’, (2013) (3) (9) American International Journal of Contemporary Research, .98
21
Ladan M.T. ‘Cyberlaw and Policy on Information and Communications Technology in Nigeria and ECOWAS’ (ABU
Press Ltd., Zaria. 2015)
 against cybercrime require a cohesive and coordinated approach, but in African bad

governance, high rate of educated youth unemployment, weak or non-existent legal

and regulatory frameworks on cybercrime and cyber security, poverty

underdevelopment are the major causes for growth of cybercrime in the region. The

potential for internet abuse in Africa is also high, this is due to the lack of security

awareness programmes or specialized training for the law enforcement agencies22.

Ladan, M.T further gives highlights of cyber law in West Africa. Decisions of the

United Nations and other world regional bodies on cybercrime are discussed. The

author further observes that in Nigeria today, numerous internets assisted crimes are

committed daily in various forms such as identify theft, desktop counterfeiting,

internet chat room, cyber harassment fraudulent electronic mails, Automated Teller

Machine spoofing, pornography, piracy, hacking, phishing and spamming. Usually

these crimes are committed in forms like sending of fraudulent and bogus financial

proposals from cybercriminal to innocent internet users 23. Hence, Due to the prevalent

rates of cybercrime, which have become strong threats to Nigeria. The National

Assembly of the Federal Republic of Nigeria enacted an Act known as Cyber Crimes

(Prohibition, Prevention etc.) Act, 2015. The Act provides for the prohibition,

prevention, detection, prosecution and punishment of cybercrimes in Nigeria. This Act

22
Ibid
23
Ibid
 also ensures the protection of critical national information infrastructure and promotes

cyber security and the protection of computer systems and networks, electronic

communications, data and computer programs, intellectual property and privacy

rights.24

According to Sieber, the Internet is not only used for direct attacks, but also as a forum

for soliciting, offers and incitement to commit crimes unlawful sale of products and

providing information and instructions for illegal acts (e.g. how to build explosives).

Many countries have put in place regulations on the trade of certain products.

Different countries apply different national regulations and trade restrictions to various

products such as military equipment. A similar situation exists for medicines –

medicines which are available without restriction in some countries may need

prescription in others. Cross-border trade may make it difficult to ensure that access to

certain products is restricted within a territory. Given the popularity of the Internet,

this problem has grown. Web shops operating in countries with no restrictions can sell

products to customers in other countries with restrictions, undermining these

limitations. Prior to the Internet, it was difficult for most people to access instructions

on how to build weapons. The necessary information was available (e.g. in books

24
Cybercrime (Prohibition, Prevention, etc.) Act, 2015, Explanatory Memorandum <
https://ictpolicyafrica.org/en/document/h52z5b28pjr#:~:text=CYBERCRIMES%20(PROHIBITION%2C
%20PREVENTION%2C%20ETC)%20ACT%2C%202015Explanatory,punishment%20of%20cybercrimes%20in
%20Nigeria.> Accessed 3 April 2022
 dealing with chemical aspects of explosives), but time consuming to find. Today,

information on how to build explosives is available over the Internet and ease of

access to information increases the likelihood of attacks.25

Agba.,26 is of the view that internet is the most technologically advanced medium of

interaction, it is the information revolution that has turned the world into a global

village27. Thus, Igwe posited that the internet is multi-jurisdictional because of it

borderless nature, which makes it easily accessible from any place. The packet-

switching technology and complex weave of digital networks and telecommunication

infrastructure, digitized information may travel through various countries and

jurisdictions, each with its own destinations. 28 The following arise in the context of

private international law; namely jurisdiction to adjudicate dispute, also referred to as

choice of law or conflict of laws, and the recognition and enforcement of judgments in

courts in foreign jurisdictions. There are situations where one or more parties are

involved in commercial activities, internet users, service and content providers,

buyers, sellers, businesses technology systems and computer servers are located in

different countries. In the process, the uncertainties may arise as to where the activities

are taken place. The effect of such activities could be felt all over the world. This
25
Sieber, Council of Europe Organised Crime Report (2004), 140.
26
P.C. Agba, ‘International Communication Principles, Concepts and Issues: In Okunna C.S. (ed) Techniques of Mass
Communication: A multi – Dimensional Approach. (Enugu: New Generation Books 2003), 9
27
Op cit at note 17
28
E.K. Igwe, ‘An Exposition on the Jurisdictional Issues in Cybercrimes in Nigeria’, (2016) (7)(1) Benue State
University Law Journal, 281-282
 result to the question of jurisdiction such as country who has the jurisdiction to

entertain and or address the issue, enforcement and probably resolution through

amicable means. Every country determines its own rules of private international law,

some regions are harmonized by treaty. Jurisdiction has been posing lots of setback in

an attempt to curb the scourge of cybercrimes in our courts system especially when the

parties are located in different countries and the offence is felt in another country and

Nigeria is not an exception.29 Shinder.30 viewed cybercrime as any criminal offences

committed using the internet or another computer network as a component of the

crime.

Akomolede and others, postulated thus, that the growing functionality and ease of

computerized network, perhaps the most important characteristic of the impact of

internet to terrorist is the ubiquity of the internet. This means that internet connectivity

is everywhere and accessible by or to almost everyone. As the internet serves, private

business, governmental and international needs, it also serves criminals. It essentially

allows terrorist organizations to operate on a global basis without the added

requirement for physical infrastructures and personnel. This is actually the biggest

advantage terrorist organizations currently have since it allows them to communicate

their massages to decentralized cells around the world in efforts to ensure terrorist
29
D.R. Rodney, Intellectual Property are the internet, (Butterworths, New Delhi. 2002) 111
30
D.L Shinder, Scene of the Cyber Crime; Computer Forensics handbook, (Syngress Publishing Inc. 88 Hingham
street, USA. 2002)1
 operations are conducted in support of the greater intent. It also allows them to

establish successful information operation campaign against countries on attack and its

allies through the publishing of tightly controlled information on various web pages. It

appears most terrorist organizations are not interested in cyber terrorism. This is

because known terrorist organizations like Al-Qeada are reported to prefer leveraging

cyber technologies such as the internet to enable terrorist operation in the physical

domain. They also opined that there are eight ways to which terrorist use internet viz,

psychological warfare, publicity and propaganda, data mining, fundraising,

recruitment and mobilization, networking, information sharing and planning and

coordination.31

Chiesa.,32 he opined that another cause of cybercrime in Nigeria is the quest for

wealth, there exist a large gap between the rich and the average, as such many strive to

level up using the quickest means possible, since for any business to thrive well, the

rate of return in the investment must be growing at a geometric rate with a minimal

risk. Anahet'al.,33 weak/fragile laws regulating cybercriminals exist in Nigeria unlike

in the real world where criminals, such as armed robbers are treated with maximum

31
T.I. Akomolede, and others, Cybercrime and Cybersecurity as challenges to the fight against Global Terrorism
(2016) Paper Presented at the 47th Conference of the Nigerian Association of Law Teachers 22nd -27th May,
Nasarawa State University, Keffi, Nigeria.
32
R. Chiesa, Auditing the Hacker‟s Mind: The Hacker‟s Profiling Project, (2011) A Presentation by Chiesa Raoul at
WINS International Best Practice Conference, Vienna, Austria.
33
B.H. Anah, D.L. Funmi, and M. Julius, Cyber Crime in Nigeria: Causes, effects and the way out. (2012) (2) (8) ARPN
Journal of Science and Technology, 626, <http:/www.ejournalofscience.org> Accessed 3 April 2022
 penalties. Unfortunately, the nation is not well equipped with sophisticated hardware

to track down the virtual forensic criminals. Meke., 34 in his article, he opined that

urbanization is one of the major causes of cybercrimes in Nigeria and urbanization will

be beneficial if and only if good jobs can be created in the cities where population

growth is increasing, he emphasized that urbanization without crime is really

impossible.

According to Sutherland,35 criminal behavior is learned. Criminal behaviour is learned

in interaction with other persons in a process of communication. This would mean an

individual is influenced to participate in criminal behaviour through watching and

interacting with other individuals who are engaging in the criminal behaviour. The

principal part of the learning of criminal behavior occurs within intimate personal

groups. When criminal behavior is learned, the learning includes techniques of

committing the crime, which are sometimes very complicated, sometimes simple and

they learn the specific direction of motives, drives, rationalizations and attitudes for

committing a crime. This means that an individual will be influenced into believing

that the behavior which they may have previously believed was wrong, into believing

that it is right through rationalization of their action.36

34
E.S.N. Meke, ‘Urbanization and cybercrime in Nigeria: Causes and Consequences: (2012) (2) (8) ARPN Journal of
Science and Technology, 631, <http:/www.ejournalofscience.org.> Accessed 3 April 2022
35
E. Sutherland, Principles of Criminology. (4th edn, Chicago: Philadelphia J.B. Lippincott Company 1939),
36
Ibid
 Furthermore, an individual will be pushed into deviant behaviour depending on their

view of the legal code as being favorable or unfavorable. A person becomes

delinquent because of an excess of definitions favorable to violation of law over

definitions unfavorable to violation of the law. Therefore, an individual will break a

law if they see more reasons to break it than to stay in compliance with it. Differential

Associations may also vary in frequency, duration, priority and intensity. 37 The process

of learning criminal behaviour by association with criminal and anti-criminal patterns

involves all of the mechanisms that are involved in any other learning. This means that

individuals learn criminal actions and legal through the same way. This theory states

that while criminal behavior is an expression of general needs and values, it is not

necessarily the fulfilment of these needs and values which causes deviant behavior

since non-criminal behavior is an expression of these same needs and values.38

From the foregoing, the authors and researchers on this topic made effort to define the

concept cybercrime and also state the cause of cybercrime by relying on economic

perspective without addressing the issue related offences of digital transactions, the

recent trend of the legal, regulatory and institutional framework on cybercrime was not

addressed by the scholars, based on the gap created this work shall fill in the gap by

addressing the above-mentioned issues. The internet creates unlimited opportunities

37
Ibid
38
Ibid
for commercial social and educational activities. However, it has introduced its own

peculiar risk that poses danger to the economy. The danger could affect many sectors

of the society and put the development of the country into peril. Some of these

possible adverse effects could include the destruction of the country’s image both at

home and abroad, insecurity of both life and properties, fear of doing business with

Nigerian citizens, economic loss of spending substantial amount of money on the

prevention and control of cybercrime amongst others.

1.8 Synopsis of the Study

This work is structured into five chapters. Chapter one contains issue such as the

general introduction, the background to the study, aims and objective of the study,

research methodology, the scope of the research, literature review, justification as well

as the organizational layout of the research.

Chapter two deal with the conceptual exploration of the topic.

Chapter three, deals on analysis of legal regime in combating cybercrime.

The fourth chapter analysis issues and challenges in combating cybercrimes, by

identifying the problems associated with cybercrimes in Nigeria.

The last chapter contains summary, conclusion and recommendation of the research.
 CHAPTER TWO
CONCEPTUAL ANALYSIS
2.1 Meaning and Nature of Cybercrime
Cybercrime, is a broad notion, in literature all kind of definition can be found of

computer crime, computer-related crime, internet, etc., including discussions what

about which specific crimes should be considered as such, modern definitions of

cybercrime describe cybercrime as concerning any crime for the commission of which

the use of the internet was essential. This implies that even offences that do not

include an explicit reference to information communications technology (ICT) or to

the electronic environment, can nevertheless be considered as such if the criminal

conduct was directed against other computers or where the facilities of the internet

were used to disseminate or retrieved information “essential” means that ICT or the

electronic environment is an essential element of the criminal conduct A murder in the

computer room would not qualify as such.39 Hence, Cybercrime is a terminology that

crept into the lexicon of our criminal jurisprudence at the advent of the internet as

observed earlier most products and services are now being offered and delivered

across these platforms, the reinvention has created a new form of contactless

transactions. Ironically, it has also witnessed the emergence of the invisible criminal as

the internet has also provided a platform for criminals to ply their trade.40

In order to properly understand the Cybercrime at conceptual level, it is essential to

scrutinize the definitional aspects of the word „Cybercrime‟. Thus, Cybercrime must

39
W.K. Kaspersen Henrik, Cybercrime and internet jurisdiction Vrrje Universiteit Amsterdam, Economic crime
Division, Directorate General of Human Rights and Legal Affairs, Strasbourg, France Version 5 March (2009), 12 <
www.coe.int/cybercrime.> Accessed 14 April 2022
40
O. Eteya, ‘An Analysis of Legal Framework on Combating Cybercrime in Nigeria’, (2017) Master dissertation,
Department of Private Law Faculty of Law Ahmadu Bello University, Zaria Nigeria
 be a terminology that crept into the lexicon of our criminal jurisprudence at the advent

of the internet as observed earlier. However, cybercrimes could mean the terms

“Computer Crimes” and “Cybercrime”41. Computer crime or cybercrime is any crime

that involves a computer and a network. The computer may have been used in the

commission of a crime, or it may be the target net crime of criminal exploitation of the

internet, inherently a cybercrime. Cybercrime uses the unique features of the net–

sending of e-mails in seconds, speedy publications/disseminations of information

through the web to anyone on the planet. Computer attacks can be generated by the

criminals from anywhere in the world, and executed in other areas, irrespective of

geopolitical location. Often, these criminal activities can be faster, easier and more

damaging with the use of internet42.

According to the 10th United Nation Conference on the ‘punishment of offences’,

cybercrime was broken into two categories and thus defined as:

1. in a narrow sense, as any illegal behaviour directed by means of

electronic operations that target the security of computer system and
data processing by them and
2. In a broader sense, as any illegal behaviour committed by means of
or in relation to a computer system or network including such crimes as
illegal possession and offering or distributing information by means of
a computer system or networks43.
Under the notion of cybercrime, all kind of subcategories can be distinguished,

including their refinement and details. The cybercrime Convention 2001, that adopted

41
M.T. Ladan, Cyberlaw and Policy on Information and Communications Technology in Nigeria (Ahmadu Bello
University Press Limited 2015), 104.
42
The communicator Magazine <www.ncc.gov.ng/thecommunicator> Accessed 14 April 2022
43
Crimes related to computer networks, background paper for the workshop on crimes related to computer
networks, 10th UN Conference on the prevention of crimes and to treatment of offenders, 2000, A/CONF/87/10, 5
<www.uncjin.org/documents/confr10/10e.pdf.> Accessed 14 2022
 the notion of cybercrime, does not provide a definition but distinguished in its

substantive law part four categories of the cybercrime:

1) CIA offences: dealing with conduct that is directed against computer

systems (and networks) and the data processed, stored or transferred by
it;
2) Computer-related offences, property crime committed by means of
computer system.
3) Content-related offences, concerning the disclosure or making
available by means of a computer system of illegal content; and as a
separate category.
4) Offences related to intellectual property.44
According to Osborn, cybercrime are crimes committed on the internet using computer

as either a tool or a targeted victim, 45 cybercrimes involves both the computer and the

person behind it as victim, depending on which of the two is the target. Hence, the

computer could be looked at as either a target or a tool. 46 Folashade, defined

cybercrime as follows; “cybercrime is derived from two words “Cyber” and “Crime”

cyber refer to any activities either sales or transaction of services in the cyber space

while crime are unacceptable activities, when join together, it means all fraudulent,

illicit and unacceptable activities related to cyber”47

The OECD Recommendation of 198648 gave a working definition of cybercrime as:

“computer related crime is considered as any illegal, unethical or unauthorized

behaviour relating to the automatic processing and transmission of data.”

44
Op cit at note 38
45
H.Q. Osborn, and others, ‘Fighting Cybercrime in Africa; Computer science and Engineering, (2012) (2) (6),
computer.scientific&Academic, 2 <http://Journalsapub.org/computer.scientific&Academic.> Accessed 14 April
2022
46
The Indian Law Institute, Introduction to the cyber world and Cyber law (2010), 10<
https://www.texilajournal.com/academic-research/article/844-cyber-crime-in> Accessed 16 April 16, 2022
47
B.O. Folashade, The Nature, Causes and Consequence of Cyber Crime in Tertiary institution in Zaria-Kaduna state,
(2013) (3) (9) American International Journal of Contemporary Research, ,98
48
Computer Related Criminality: Analysis of Legal politics in the OECD Area (1986)
 The Commission of the European Union in 2001, define cybercrime or computer

related crime as any crime that in some way or the other involves the use of

information technology.49

According to the website of Crime Investigation Department, Andhra Pradesh State

Police, who said "Cybercrime means unlawful acts wherein the computer is either a

tool or a target or both." According to the definition, Cybercrime consist crimes:

a. Where the computer is a tool for an unlawful act - and;

b. Where the computer is the target for an unlawful act.

c. Where computer is both tool and target for/of unlawful act.

According to Pavan Duggal, an advocate of Supreme Court and Cyber law expert, he

defined cybercrime as, “Any criminal activity that uses a computer either as an

instrumentality, target or a means for perpetuating further crimes comes within the

ambit of Cybercrime."50 The term “cybercrime” also poses a significant challenge in

definition. Literally, it means crime committed in cyberspace or with the use of the

internet. This definition raises questions whether a criminal activity conducted via

non-internet-based computer or other electronic devices constitutes cybercrime.

Hence, others have opted for alternative terms such as “e-crime,” “computer crime,”

“hi-tech crime” or “digital crime.” While each of these alternative terminologies might

not necessarily involve the use of the internet, it is clear that they refer to criminal

activities on a far broader spectrum. Thus, the term, cybercrime, literally speaking,

49
The European Parliament, the Economic and Social Committee and the Committee of Regions, 26th January,
2001. <http://www.europe.en.int. > Accessed 14 April 2022
50
<http://www.rediff.com/netguide/index.html> Accessed 14 April 2022
 should be referring to a narrower set of criminal activities. 51 It is arguable whether the

consideration of the use of the internet in the commission of crime should remain a

function of the definition of cybercrime. Given the extant state of technology

advancement, there is hardly any electronic or digital device that is not now connected

to the internet, whether remotely or directly. The duration of the connection, or

whether the internet connectivity function of the device was enabled at the time the

crime was committed, is a question of fact. For the present purposes, it is pertinent to

adopt a working definition of cybercrime. Hence, cybercrime is defined as a financial

crime involving the use of internet-enabled electronic or other devices and platforms.

Therefore, for the present purposes, the scope of cybercrime is narrowed down to a

subset of financial crime. The cybercrime could also refer to all type of crimes that

exploit telecommunications network in computers or computer network are used for

criminal activities. E,g designing a fake receipt on a computer system to extort funds

from the government desk.52

Parker observed that computers play any or all of four roles in crime. They serve as

objects, subjects, tools and symbols.53 These roles of computers have been analysed

further:

Computers are the objects of crime when they are sabotaged or stolen …
computers play the role of subjects when they are the environment in
which technologies commit crimes. Computer virus attacks fall into this
category. When automated crimes take place, computers will be the
subject of attacks. The third role of computers in crime is as tools,
enabling criminals to produce false information or plan and control
crimes. Finally, computers are also used as symbols to deceive victims
…

51
I. Walden, Computer Crimes and Digital Investigations (Oxford University Press 2006).
52
Op cit at note 39
53
D. Parker, Fighting Computer Crime: For Protecting Information (Wiley 1998).
 When speaking about cybercrime, we usually speak about two major
categories of offence: in the first, a computer connected to a network is a
target of the offence; this is the case of attacks on network
confidentiality, integrity and/or availability. The other category consists
of traditional offences such as theft, fraud, and forgery which are
committed with the assistance of/or by means of computers connected to
a network, computer networks and related information and
communications technology.54
From this exposition, the working definition of cybercrime can further be expounded

as financial crime where internet-based computer or other devices and platforms serve

as objects, subjects, tools and/or symbols. The peculiar challenge posed by cybercrime

must form the backdrop of any analysis of this scourge. While the advancement in

technology has aided legitimate activities and transactions, criminals have also taken it

as a free ride to carry out criminal activities ubiquitously and anonymously.55

2.2. Historical Perceptive of Cybercrime

The history of cybercrime can be traced back to the 1970s when criminals committed

crimes via phone lines called "phreaking" 56. This was the use of certain tones to make

free calls 57. John Draper, a former United States Air Force engineer, realized while

working at Silicon Valley in 1971 that the prize whistles given in the “Cap'n Crunch

Cereal” boxes produced the same tones as telephone switching computers 58. He then

published instructions on how it can be used to make free long distance calls; the

number of phreakers increased after this 59. He subtly exposed himself in an interview

54
O. Olanipekun ‘Cybercrimes in the Banking Sector: Facing the new wave of criminals legally,’ (2015), 10.
55
Op cit at note 38
56
Raven, The History of Hacking and Phreaking. HelpnetSecurity (2002),
<www.helpnetsecruity.com/2002/04/04/the-history-of-hacking-and-phreaking/> Accessed 16 April 2022
57
A. Aaron, A legal Analysis of Cybercrime and Cyber Torts: Lessons for Nigeria’, (2019) [LL. B Thesis, University of
Lagos], 6
58
Op cit at note 55
59
Ibid
 with Esquire magazine in 1971, and gained the attention of the police; he was arrested,

convicted and given five years' probation; he was subsequently jailed twice for phone

fraud in 1976 and 197860

In 1981, Ian Murphy, aka Captain Zap, was the first person to be tried and convicted

as a felon for cybercrime61. He hacked the AT&T mobile network and changed their

internal clock to charge customers off-hours rates at peak-hours 62. He was punished

with only 1,000 hours of community service and two and a half years of probation and

inspired the 1992 movie, Sneakers63. In 1982, a computer virus which attacked Apple

II operating systems called "Elk Cloner" was created as a joke by a 15-year-old kid

and is one of the first known viruses to spread wildly through floppy disks 64. Soon

after, the United States passed the Computer Fraud and Abuse Act 1986which made it

a crime to break into computer systems. In 1988, Robert T. Morris Jr. released a self-

replicating worm, called the “Morris Worm”, onto the United States Department of

Defense’s ARPANET (the precursor to the internet). This affected over 6,000

networked computers and Mr. Morris got punished with only a $10,000 fine and 3

years’ probation65.
60
D. O’Brien, ‘A Short History of Law Enforcement and Cyber Crime,’ (2018) Medium <https://medium.com/threat-
intel/cyber-crime-takedowns-66915be7307e> Accessed 16 April 2022
61
Mifitzgerald, ‘Nine Famous Hacks. Extreme Tech’, (2004) <https://www.extremetech.com/extreme/55530- nine-
famous-hacks> Accessed 16 April 2022
62
Ibid
63
Le VPN, ‘Where Does Cybercrime Come From? The Origin & Evolution of Cybercrime’, (2018). < https://www.le-
vpn.com/history-cyber-crime-origin-evolution/> Accessed 16 April 2022
64
Ibid
65
Techopedia, ‘Cybercrime’ <https://www.techopedia.com/definition/2387/cybercrime> Accessed 16 April 2022
 It has been noted the breed of cybercriminals that existed had vastly changed from

hackers who were not interested in money but just did it to spite the authorities or

impress their colleagues, to hackers who were in it for the money 66. Some citizens

would even act as spies for other governments, and sell data to them for financial

return67. Unlike previous cybercriminals, this breed was not careless about letting

people know what they were doing and maintained a low profile; this is the breed of

cybercriminal that exists today68. Another difficult law enforcement faced was the

transnational nature of cybercrimes: before law enforcement could arrest and charge a

cybercriminal in another country, they either had to have an extradition treaty with

such country or wait for him to flee to a country with which they had one 69. In 1989,

the First National Bank of Chicago was the victim of a $70 million computer theft and

the global shock resulted in the United Kingdom enacting their Computer Misuse Act

of 1990 which criminalized unauthorized access to computer systems 70.The first large-

scale case of ransomware was reported in 1989 71. It was called the AIDS Trojan or PC

Cyborg Ransomware and was created by a biologist, Joseph Popp who handed out

66
United Nations Office on Drugs and Crime (UNODC), ‘Comprehensive Study on Cybercrime’ <
https://www.unodc.org/unodc/en/organized-crime/comprehensive-study-on-cybercrime.html> Accessed 16 April
2022
67
Ibid
68
Ibid
69
Op cit at note 59
70
ISBuzz Staff, ‘The Secret History of Cyber Crime. Information Security Buzz’ (2015),
<https://www.informationsecuritybuzz.com/articles/the-secret-history-of-cyber-crime/> Accessed 16 April 2022
71
J. De Groot, ‘A History of Ransomware Attacks: The Biggest and Worst Ransomware Attacks of All Times’, Digital
Guardian’s Blog. <https://digitalguardian.com/blog/history-ransomware-attacks-biggest-and-worst ransomware-
attacks-all-time> Accessed 16 April 2022
 floppy disks containing the virus to those attending the World Health Organization’s

AID Conference72. They were intended to be AIDS information introductory diskettes;

to regain access to the computers, the owners had to send $189 to PC Cyborg

Corporation in Panama73.The more cybercrimes became prevalent; states began to

legislate on them74. Cybercrimes have evolved over the years; examples are a denial of

service attacks, malware outbreaks, cracking and plundering computer systems,

intellectual property theft, cybersquatting, economic espionage, infiltration and

sabotage of networks, money theft, etc; the greater the technological advancement, the

greater the opportunity to commit cybercrimes.75

2.2.1 Types of Cybercrimes

The term “cybercrime” is used to cover a wide variety of criminal conduct. 76 As

recognized crimes include a broad range of different offences, it is difficult to develop

a typology or classification system for cybercrime. 77 One approach can be found in the

72
Ibid
73
KnowBe4, ‘AIDS Trojan or PC Cyborg Ransomware’ <https://www.knowbe4.com/aids-trojan> Accessed 16 April
2022
74
International Telecommunication Union (ITU). (2011). ICT Facts and Figures. ITU, 2011 https://www.itu.int/ITU-
D/ict/facts/2011/material/ICTFactsFigures2011.pdf&ved> Accessed 16 April 2022
75
N. Nweze-Iloekwe, ‘ The Legal and Regulatory Aspect of International Cybercrime and Cybersecurity: Limits and
Challenges’, (2022), SJD Dissertation, Department of International Legal Studies Golden Gate University School of
Law < https://digitalcommons.law.ggu.edu/theses> Accessed 16 April 16, 2022

76
U. Sieber, The international handbook on computer crime : computer-related economic crime and the
infringements of privacy, (Chichester : Wiley, 1986)
77
S. Gordon, and R. Ford, ‘On the Definition and Classification of Cybercrime’, (2006) (2) (1), Journal in Computer
Virology, 13-20;
 Convention on Cybercrime,78 which distinguishes between four different types of

offences79:

1. offences against the confidentiality, integrity and availability of computer data and

systems;

2. computer-related offences;

3. content-related offences; and

4. copyright-related offences.

This typology is not wholly consistent, as it is not based on a sole criterion to

differentiate between categories. Three categories focus on the object of legal

protection: “offences against the confidentiality, integrity and availability of computer

data and systems”; content-related offences; and copyright related offences. The fourth

category of “computer-related offences” does not focus on the object of legal

protection, but on the method used to commit the crime. This inconsistency leads to

some overlap between categories. In addition, some terms that are used to describe

criminal acts (such as “cyberterrorism” or “phishing”) cover acts that fall within

several categories. Nonetheless, the four categories can serve as a useful basis for

discussing the phenomena of cybercrime.80 Nonetheless, according to Olusola and

others81, the most prevalent cybercrime in Nigeria are:

78
Council of Europe Convention on Cybercrime (CETS No. 185), <http://conventions.coe.int.> Accessed 16 April
2022
79
The same typology is used by the ITU Global Cybersecurity Agenda / High-Level Experts Group, Global Strategic
Report < www.itu.int/osg/csd/cybersecurity/gca/global_strategic_report/index.html.> Accessed 16 April 2022
80
M. Gercke, ‘Understanding cybercrime: phenomena, challenges and legal response’, (2013), 12
<www.itu.int/ITU-D/cyb/cybersecurity/legislation.html > Accessed 17 April 2022
81
O. Maitanmi and others, ‘Impact of Cyber Crimes on Nigerian Economy‟, the International Journal of
Engineering and Sciences (IJES) (2) (4), 47<
http://www.theijes.com/papers/v2-i4/part.%20%284%29/H0244045051.pdf.> Accessed 17 April 2022.
 Hacking; Software Piracy; Pornography; Credit Card or ATM Fraud; Denial of

Service Attack; Virus Dissemination; Phishing; Cyber Plagiarism; Cyber Stalking;

Cyber Defamation and Cyber Terrorism. These are codified into our law known as

Cybercrime Act 201582.

Cybercrimes offence under the Act83 include: offences against critical national

information infrastructure; unlawful access to a computer system or network;

perpetration of electronic fraud or online fraud; system interference; interception

electronic messages or processes; tampering with critical infrastructure; and the wilful

misdirection of electronic messages. Unlawful interceptions; computer related forgery;

computer related fraud; theft of electronic devices; unauthorized modification of

computer systems, network data and system interference; forgery of electronic

signatures are all offences under the Act.84

This study will focus on type of cybercrimes that have economic impact either directly

or indirectly on the financial system of a nation or having cross border ripple effects.

Longe and Chiemeke85 simplified the list of unintended consequences of ICT to

include acts such as Phishing, cyber terrorism, electronic spam mails, cyber-stalking,

and fake copy -cat websites.

2.2.2.1 Phishing

82
Cybercrimes Act 2015. Cap E25 Laws of the Federations of Nigeria, 2004
83
Ibid
84
Ibid, Sections 5-36
85
O. Longe and B. Chiemeka, ‘Cybercrime and Criminality in Nigeria: what Role are Internet Access Point Playing?’,
(2008) (6) (4), European Journal of Social Science, < http://www.europeanjournalofsocialsciences.com> Accessed
17 April 2022
 According to Roger86, phishing is simply a high-tech identity theft that does not only

steal personal information and identity from unsuspecting consumers, but also an act

of fraud against the legitimate businesses and financial institutions that are victimized

by phishing. Phishing is usually a social engineering crime pervasive in attacking

organisations or individuals (customers) information systems (IS) in order to gather

private information to be used against organisations to extract some benefit for the

perpetrator through the anonymity of identity theft or identity deception acts.

According to recent estimates from the Anti- Phishing Working group 87 phishing

scams remain a relatively small percentage of spam sent worldwide today. Phishing

attempts to pose significant dangers for unsuspecting victims. It has become one of the

fastest-growing worldwide threats on the Internet. This rapid growth has made

combating it a huge priority for electronic mail service providers, since phishing

impacts every aspect of the Internet and computing and there is no single action from

any one company or organization to solve the problem. Data suggest that some

phishing attacks have convinced up to 5% of their recipients to provide sensitive

information to spoofed websites88. About two million users gave information to

spoofed websites resulting indirect losses of $1.2 billion for U.S. banks and card

issuers in 200389. Perpetrators target both document categories to secure personal

identifying information. Often they obtain a set of point of information documents in

order to present themselves as legitimate customers to deceive the target organisations

authentication and verification processes to commit identity fraud86. For example,

86
E.S. Roger, Rogers Communications Inc, (2008) Annual Report , 12
87
APWG (Anti-Phishing Working Group). Phishing Activity Trends Report, (2004) <http://www.antiphishing.org >
Accessed 17 April 2022
88
S. Loftness, Responding to Phishing Attacks.(Glenbrook Partners 2004)
89
A. Kochems, and L. Keith,.’Successfully Securing Identity Documents: A Primer on Preventive Technologies and ID
Theft’, (2006)
 77% of United States (US) adults were online in May 2006, up from 74% in 2005,

66% in 2002, 64% in 2001, and 57% in 2000, according to e-Marketer 90. In phishing e-

mail messages, the senders must gain the trust of the recipients to convince them to

divulge their personal information. To gain this trust, fraudsters “spoof,” or mimic, a

reputable company. The companies spoofed most often are financial services- Internet

organizations such as the Bank of America, Citibank, eBay, PayPal, etc. Retailers and

Internet service providers are also targeted88 these phishing e-mails are usually mass

mailed91. Fraudsters rely on the responses from the few recipients who are customers

of the spoofed company and who fall victim to the scam92.

According to Longe, Mbarika, Korouma, Wada, & Isabalija 93, the scammers claim to

be from reputable companies and go to great lengths to emulate the company’s visible

branding. Their fraudulent e-mails often contain the company’s logo and use similar

fonts and color schemes as those used on the company’s web site. Some of the

fraudulent e-mails simply reference images from the legitimate company’s site. The

main link in a fraudulent e-mail sends the recipient to the fraudulent phishing web site,

but many fraudulent e-mails include other links that send the recipient to sections of

the real company’s web site. To further convince the recipient that the e-mail

originated from the reputable company, the scammers use a “from” e-mail address that

appears to be from the company by using the company’s domain name (e.g.,

@ebay.com, @paypal.com)94. Phishing e-mails also try to assure the recipient that the
90
E-Marketer estimate and projections (2006).< http://www.emarketer.com/docs/emar_whitepaper.pdf.>
Accessed 17 April 2022
91
(Warner, 2004)
92
Op cit at note 39
93
O.B Longe, and V. Mbarika, and M. Kourouma, F. Wada, and R. Isabalija, ‘Seeing Beyond the Surface:
Understanding and Tracking Fraudulent Cyber Activities’(2009) (6) (3) International Journal of Computer Science
and Information Security 124-135.
94
Ibid
 transaction is secure in hopes of gaining the recipient’s trust. The following are

assurances that were included in fraudulent e-mails “Remember: eBay will not ask you

for sensitive personal information (such as your password, credit card, bank account

numbers, social security number, etc.) in an e-mail.” This e-mail then sends users to a

fraudulent web site that asks for personal and account information while promising

that the information is submitted via a secure server. The phishing perpetrators could

then notify the victim of a “security threat.” Such a message may be welcomed or

expected by the victim, who would then be easily induced into disclosing personal

information95. The number of unique phishing websites detected by APWG during the

second half of 200896 saw a constant increase from July to October with a high of

27,73997

In Nigeria, the most recent phishing attacks were on the customers of Inter-switch,

which remains the organization with the highest customer base in electronic

transactions. The Nigeria Deposit Insurance Corporation (NDIC) disclosed in its 2007

annual report and statement of account that underhand deals by bank staff, among

others, resulted in attempted fraud cases totalling over N10.01 billion (over 65 million

USD) and actual losses of N2.76 billion (13 million USD) in 2007 98. With the present

situation in the world economy and the appropriate technology, fraudulent action is

most likely to increase and phishing remains one of the main means of performing

“fraud without borders.” The extent of readiness to stem phishing in Nigeria needs to

95
K. Jaishankar, Space Transition Theory of Cyber Crimes, Crimes of the Internet, Pearson, 283.
96
APWG (Anti-Phishing Working Group). Phishing Activity Trends Report. (2008) <http://www.antiphishing.org>
Accessed 18 April 2022
97
M. Atherton, Criminals switch attention from Cheques and plastic to internet transactions. The Sunday Times of
(March 10, 2010)
98
I. Ahmed, Nigeria: N10 Billion Lost to Bank Fraud in 2007 – NDIC, Daily Trust, (Lagos October 28 2008)
 be determined because fraudulent activities emanating from these nations have far-

reaching consequences beyond her borders.99

Cyber Terrorism

According to the U.S. Federal Bureau of Investigation, cyber terrorism is any

"premeditated, politically motivated attack against information, computer systems,

computer programs, and data which results in violence against non-combatant targets

by sub-national groups or clandestine agents" 100. Unlike a nuisance virus or computer

attack that result in a denial of service, a cyber-terrorist attack is designed to cause

physical violence or extreme financial harm. According to the U.S. Commission of

Critical Infrastructure Protection, possible cyber terrorist targets include the banking

industry, military installations, power plants, air traffic control centers, and water

systems. Apart from that, there is another dimension to cyber terrorism – the use of

cyber infrastructure to launder money for financing physical terrorism. In 2005, FBI

officials reported that Al Qaeda terrorist cells in Spain used stolen credit card

information to make numerous purchases101.

According to Wilson, cyber terrorism is said to have taken place when the effects of a

widespread computer network attack is unpredictable and might cause enough

economic disruption, fear, and civilian deaths, to qualify as terrorism. At least two

views exist for defining the term cyber terrorism102. These are (1) Cyber terrorism
99
Ibid
100
Search security, Information Security magazine (2009),
101
J.K. Tudor, IS security Architecture, An Integrated Approach to Security in the Organization. (Auerbach
Publications, USA 2001)
102
B.C. Collin, ‘The Future of Cyber Terrorism: Where the Physical and Virtual Worlds Converge, 11th Annul
International Symposium on Criminal Justice Issues (1996)
 exists when computer attacks result in effects that are disruptive enough to generate

fear comparable to a traditional act of terrorism, even if done by criminals. (2) Cyber

terrorism exists when unlawful or politically motivated computer attacks are done to

intimidate or coerce a government or people to further a political objective, or to cause

grave harm or severe economic damage. The terrorist’s use of the Internet and other

telecommunications devices is growing both in terms of reliance for supporting

organizational activities and for gaining expertise to achieve operational goals. Tighter

physical and border security may also encourage terrorists and extremists to try to use

other types of weapons to attack the United States. Persistent Internet and computer

security vulnerabilities, which have been widely publicized, may gradually encourage

terrorists to continue to enhance their computer skills, or develop alliances with

criminal organizations103. They will also probably consider attempting a cyber-attack

against the U.S. critical infrastructure 104. Cybercrime has increased dramatically in past

years, and several recent terrorists events appear to have been funded partially through

online credit card fraud. Reports indicate that terrorists and extremists in the Middle

East and South Asia may be increasingly collaborating with cybercriminals for the

international movement of money and for the smuggling of arms and illegal drugs 105.

These links with hackers and cybercriminals may be examples of the terrorists’ desire

to continue to refine their computer skills, and the relationships forged through

collaborative drug trafficking efforts may also provide terrorists with access to highly

skilled computer programmers106.

103
DE Denning Information Warfare and Security. (ACM Press, USA 1999)
104
O.B Longe, and S.C. Chiemeke, ‘Beyond Web Intermediaries: Framework for Protecting Web Contents on Clients
Systems. Paper Presented at the International Conference of the International Association of Engineers ((IAENG)
Imperial 2007).
105
Op cit at note 102
106
OP cit at note 39
 2.2.2.2 Electronic Spam Mails
These are unsolicited bulk e-mail to multiple recipients. They can be commercial,

political, or religious. While the most widely recognized form of spam is e-mail spam,

the term is applied to similar abuses in other media: instant messaging spam, web

search engines, and blogs. Spamming is popular because the advertisers have no

operating costs beyond the management of their mailing lists and it is difficult to hold

senders accountable for their mass mailings. As a result, costs such as lost productivity

and fraud are borne by the public and by Internet service providers that have been

forced to add extra capacity to cope with the deluge 107. A good example is 419 mails or

the Nigerian advance fee frauds which in 1996 was estimated to have cost

unsuspecting clientele over five billion dollars108. These mails emanate in a triangle

called the "The Nigerian Connection" mostly in Europe and in someparts of Africa,

“The 419 Coalition, 2005.” The Nigerian Scam, according to published reports, is the

third to fifth largest industry in Nigeria. It is the 419 Coalition view that, in effect, the

elites from which successive governments of Nigeria have been drawn are the

scammers. Therefore, victims have little recourse in this matter. Monies stolen by 419

operations are almost never recovered from Nigeria. Most 419 letters and e-mails

originate from or are traceable back to Nigeria. However, some originate from other

nations, mostly also West African nations such as Ghana, Cameroon, Togo, Liberia,

Sierra Leone, Ivory Coast (Cote D‟Ivoire), etc. The effects of such scams have

immense effects with confirmed losses of millions of dollars annually 109. According to

107
O.B. Longe, and S.C. Chiemeke, ‘Cybercrime and Criminality in Nigeria- What roles are internet Access Points in
Playing’(2008) (6) (4) European Journal of Social Sciences,
108
R.G. Smith, and M.N. Holmes, and P. Kaufmann, ‘Nigerian advance fee fraud. Trends and Issues in Crime and
Criminal Justice’, (1999) (121) Australian Institute of Criminology, Canberra. <http://www.aic.gov.au> Accessed 18
April 2022
109
(Herald Tribute, 2007)
 Longe and Longe110, governments have tried to come up with policies to try to curtail

this menace. Nigeria, through the EFCC, banned night browsing. This is because most

fraudulent activities are perpetrated at cyber cafés at nights. For now, there are no

quantitative data to measure the effect of this action on the reduction or otherwise of

cybercrime in Nigeria.111

2.2.2.3 Cyber Stalking

Stalking in the physical sense generally involves harassing or threatening behavior in

which an individual engages repeatedly, such as following a person, appearing at a

person's home or place of business, making harassing telephone calls, leaving written

messages or objects, or vandalizing a person's property. According to, 112 cyber stalking

refers to the use of the Internet, e-mail, or other electronic communications devices to

stalk another person this term is used interchangeably with online harassment and

online abuse. Cyber stalking is becoming a common tactic in racism and other

expressions of hate. Cyber stalkers target and harass their victims via websites,

chatrooms, discussion forums, open publishing website (e.g., blogs) and e-mail. The

availability of free email and website space, as well as the anonymity provided by

these chat rooms and forums, has contributed to the increase of cyber stalking as a

form of harassment113.

110
O.B. Longe, and F.A. Longe, ‘The Nigerian Web Content: Combating the Pornographic Malaise Using Web
Filters’, (2005) (5) (2) Journal of Information Technology Impact, <www.jiti.net> Accessed 18 april
111
Op cit at note 39
112
L. Ellison, and Y. Akdeniz, ‘Cyberstalking: the Regulation of Harassment on the Internet,’ Criminal Law Review,
December Special Edition: Crime, Criminal Justice and the Internet, 29-48.
113
Ibid
 Most stalking laws require that the perpetrator make a credible threat of violence

against the victim; others include threats against the victim's immediate family; and

still others require only that the alleged stalker's course of conduct constitute an

implied threat114. While some conduct involving annoying or menacing behavior might

fall short of illegal stalking, such behavior may be a prelude to stalking and violence

and should be treated seriously. The nature and extent of the cyber stalking problem is

difficult to quantify. Indeed, current trends and evidence suggest that cyber stalking is

a serious problem that will grow in scope and complexity as more people take

advantage of the internet and other telecommunications technologies 115. Physical

stalking, online harassment, and threats may be a prelude to more serious behavior,

including physical violence. For example, the first U.S. cyber stalking law went into

effect in 1999 in California. Other states include prohibition against cyber stalking in

their harassment or stalking legislation. In Florida, HB 479 was introduced in 2003 to

ban cyber stalking. This was signed into law in October 2003. The crime of cyber

stalking is defined in Florida Statutes 784.048(1) (d) which is one of the strictest such

laws in the United States.116

2.2.2.4 Fake Copy-Cat Web Sites

One recent trend in on-line fraud is the emergence of fake „copy-cat‟ web sites that

take advantage of consumers who are unfamiliar with the Internet or who do not know

the exact web address of the legitimate company that they wish to visit. The consumer,

believing that they are entering credit details in order to purchase goods from the
114
US Attorney General ‘Cyberstalking: A New Challenge for Law Enforcement and Industry. (1999) A Report from
the Attorney General to the Vice President August,
115
CCIPS, ‘Cyber stalking: A New Challenge for Law Enforcement and Industry (1999), Workshop on the economics
of information security
116
M. Smith, ‘Cyberstalking and the Law’, (2004)
 intended company, is instead unwittingly entering details into a fraudster’s personal

database. The fraudster is then able to make use of this information at a later stage,

either for his own purposes or to sell on to others interested in perpetrating credit card

fraud.117

2.2.2.5 Malware:

Malware, short for malicious software, (sometimes referred to as pestware) is a

software designed to secretly access a computer system without the owner's informed

consent.118

2.2.2.6 Spoofing

Spoofing or decoying is the practice of inundating online networks with bogus or

incomplete files of the same name in an effort to frustrate the user.119

2.2.2.7 Cyber Contraband:

This is transferring illegal items through the internet (such as encryption technology)

that is banned in some locations.120

2.2.2.8 Child Pornography

117
O. Eteya, ‘An Analysis of Legal Framework on Combating Cybercrime in Nigeria’, (2017) Master dissertation,
Department of Private Law Faculty of Law Ahmadu Bello University, Zaria Nigeria
118
Ibid
119
Ibid
120
Ibid
 This is the use of computer networks to create, distribute, or access materials that

sexually exploit underage children.121

2.2.2.9 Cyber laundering

Is an electronic transfer of illegally-obtained monies with the goal of hiding its source

and possibly its destination.122

2.2.2.10 Cybertheft

This is an act of using a computer to steal. This includes activities related to; breaking

and entering, embezzlement and unlawful appropriation, espionage, identity theft,

fraud, malicious hacking, plagiarism, and piracy.123

2.2.2.11 Cybervandalism

Damaging or destroying data rather than stealing or misusing them (as with cybertheft)

is called cybervandalism.124

Keylogging: Keystroke logging (often called keylogging) is the practice of tracking

(or logging) the keys struck on a keyboard, typically in a covert manner so that the

person using the keyboard is unaware that their actions are being monitored.125

2.3 Meaning of Cyberspace

According to Chip M. and Randall F. F., cyberspace is defined more by the social

interactions involved rather than its technical implementation. 126 Cyberspace is

121
Ibid
122
Ibid
123
Ibid
124
Ibid
125
Ibid
126
F. Wadrip, and M. Nick, ‘The Lessons of Lucasfilms Habitat: The New Media Reader, (eds. MIT Press, 2003) 664-
667.
 therefore a word that began in science fiction literature in the 1980s, was quickly and

widely adopted by computer professionals as well as hobbyists, and became a

household term in the 1990s. During this period, the uses of the internet, networking,

and digital communication were all growing dramatically and the term "cyberspace"

was able to represent the many new ideas and phenomena that were emerging. 127 The

parent term of cyberspace is "cybernetics", derived from a Greek word which means

steersman, governor, pilot, or rudder.128

As a social experience, individuals can interact, exchange ideas, share information,

provide social support, conduct business, direct actions, create artistic media, play

games, engage in political discussion, and so on, using this global network. The term

„cyberspace‟ has become a conventional means to describe anything associated with

the Internet and the diverse Internet culture.129

As an internet metaphor, cyberspace should not be confused with the Internet, the term

is often used to refer to objects and identities that exist largely within the

communication network, so that a Website, for example, might be metaphorically said

to "exist in cyberspace." According to this interpretation, events taking place on the

internet are not happening in the locations where participants or servers are physically

located, but "in cyberspace.130

Firstly, cyberspace describes the flow of digital data through the network of

interconnected computers: it is at once not "real", since one could not specifically

127
Ibid
128
N. Weiner, A Life in Cybernetics, (The MIT Press 1948)
129
Internet Ecosystem <http://www.eitc.org/research-opportunities/future-internet-and-optical-quantum-
communications/the-internet-ecosystem-and-dns/the-internet-ecosystem> Accessed 20 April 2022
130
M. Graham, ‘Geography/Internet: Ethereal Alternate Dimensions of Cyberspace or Grounded Realities?’ (2014)
(179) (2), Geography Journal, 177-188.
 locate it as a tangible object, and clearly "real" in its effects. Secondly, cyberspace is

the site of computer-mediated communication (CMC), in which online relationships

and alternative forms of online identity were enacted, raising important questions

about the social psychology of internet use, the relationship between “online and

“offline” forms of life and interaction, and the relationship between the "real" and the

virtual.131 Cyberspace draws attention to remediation of culture through new media

technologies: it is not just a communication tool but a social destination, and is

culturally significant in its own right. Finally, cyberspace can be seen as providing

new opportunities to reshape society and culture through "hidden" identities, or it can

be seen as borderless communication and culture.132

Computers and electronic devices communicate through cyberspace. Cyberspace also

brings together every service and facility imaginable to expedite all cyber-crimes. For

example, in money laundering, one can purchase anonymous credit cards, bank

accounts, encrypted global mobile telephones, and false passports. From there, one can

pay professional advisors to set up IBCs (International Business Corporations, or

corporations with anonymous ownership) or similar structures in OFCs (Offshore

Financial Centers). Such advisors are loath to ask any penetrating questions about the

wealth and activities of their clients, since the average fees criminals pay them to

launder their money can be as much as 20 percent. 133 Cyberspace is therefore a

creation of science and a medium through which all electronic devices and computers

interact and transmit data. This is as the medium through which computers get internet

131
Ibid
132
Ibid
133
Ibid
 network, television operates, GSM service providers transmit data, etc is

electronically.134

2.4 Meaning of Cyberjurisdiction

According to The Encyclopedia America135 jurisdiction is defined as follows:

power or authority. It is usually applied to courts and quasi-judicial

bodies describing the scope of their right to act. Jurisdiction in the sense
of judicial power, often describes the general authority of a court to hear
and determine controversies and to carry its judgment in to effect. In this
abstract sense it does not relate to particular case, but instead refers to
the scope of courts, capacity to act within certain geographical
boundaries and in connection with various kinds of legal controversies.
In a more limited sense, jurisdiction means the power of a court to make
valid and binding determination in particular controversy. This kind of
jurisdiction relates solely to the court's authority in terms of the specific
subject matter and property which are involved in the case under
consideration..
Encyclopedia Britannica136 defines jurisdiction as follows:

Jurisdiction in general, the exercise of lawful authority, especially by a

court or a judge and so that extent or limits with which such authority is
exercisable. It has primarily a territorial signification, but where its
power are otherwise limited, it is rather a matter of competence and in
system of law based on codes this distinction is more clearly evident
than it is in English and U.S. law.
Nigerian perspective of jurisdiction is similar to that of the British. In the writer’s

opinion, jurisdiction is the territorial and or inherent power of a court or a judge to

adjudicate over an issue brought before them.137

Any matter decided by a court without jurisdiction is a nullity no matter how well

decided. The Nigeria Supreme Court has observed that “Any defect in competence is

134
Elelu-Habeeb vs. A.-G., Fed. 2012 13 NWLR (part 1318), 423 at 440, paragraphs D- E.
135
P. S. Golak ‘Jurisdictional Jurisprudence and Cyberspace’ (2009) (4) (2), Assam University Journal of Science
&Technology: Physical Sciences and Technology, 58.
136
Ibid
137
Ibid
 fatal, for the proceedings are a nullity however well conducted and decided; the defect

is extrinsic to the jurisdiction.138

In a wider sense, the expression “jurisdiction” does not mean the power to do or order

the act impugned but generally the authority of the judicial official to act in the terms

of subject matter, the prescriptive matter, the pecuniary and the territorial aspects. 139 A

court may be given exclusive jurisdiction in respect of a particular subject matter by

the Sovereign, or the constitution or statute, and it may prescribe

restrictions/constraints in respect of the pecuniary or the territorial aspects. 140In

exercising the jurisdiction conferred on a court, a Judge has no power to expand its

jurisdiction, but he can only expound the jurisdiction conferred on him. 141 Therefore,

the court need not always have an unfettered and uncircumcised authority to deal with

even a particular subject matter. However, jurisdiction to entertain the suit is different

from the point of maintainability of the suit. The court may have jurisdiction to

entertain a suit in relation to the grievances made by the plaintiff yet the suit as filed

may not be maintainable for various reasons. Similarly, a suit may be otherwise

maintainable, yet the court in which the suit is instituted may not have jurisdiction to

entertain the same.142

2.4.1 Cyberspace and Cyber Jurisdiction

Generally, the question of jurisdiction when a cybercrime offender has been detected

is complex.143 Electronic impulses may cross many jurisdictional boundaries before

138
Constitution of the Federal Republic of Nigerian 1999, Section 251 (1) (q) and (r)
139
S. S. DZEVER, ‘An Appraisal of the Legal Framework for Combating Cybercrime in International Law’, (2016)
Master dissertation, Department of Private Law Faculty of Law Ahmadu Bello University, Zaria Nigeria
140
Op cit at note 133
141
Op cit at note 138
142
Ibid
143
Ibid
 hitting their targets or bringing about the responses they seek. A cybercriminal can sit

in one country, route electronic communications through several others, commit a

crime in another and park the proceeds in yet another. Offences may be committed in

several countries along the way. Decisions may have to be made about where the

perpetrator may be amenable to justice and what offences should be prosecuted, under

what law (and where) in the general public interest. Practical considerations such as

the effective obtaining of evidence may impact on those decisions. General issues of

jurisdiction also apply – is it sufficient that an act occurs in the jurisdiction; is a

national subject amenable to the jurisdiction of his or her citizenship, wherever the

offence occurs; and so on.144

It is believed that the law courts are the last hope of the common man, hence the

saying that, 'Ubi jus ebi remedium'- there is a right and there is a remedy. Criminal

acts carried out in cyberspace through the internet affect people daily. In the last two

decades, the pervading impact of information technology being a transnational

character poses a serious threat to the administration of justice. Hence, the question is:

„which courts would have jurisdiction to adjudicate over a crime committed by a

cybercriminal against an individual on the internet, via cyberspace, a vast distance

between them and connected by two computers at both ends?145 A widely recognized

view which is gaining ground is that the existing law of jurisdiction is redundant for

cyberspace and an entirely different set of rules are required to govern the jurisdiction

over the internet which is free from the shackles of geographical borders.146

144
S. S. DZEVER, ‘An Appraisal of the Legal Framework for Combating Cybercrime in International Law’, (2016)
Master dissertation, Department of Private Law Faculty of Law Ahmadu Bello University, Zaria Nigeria
145
Ibid
146
Ibid
 2.4.2 Determinants of Jurisdiction in the United States of America, United
Kingdom and Nigeria
This discussion is based on factors responsible when considering if a court has

jurisdiction to hear a matter involving cybercrime. For the United States and England

(which are bound by the Budapest Convention), instances of cyber jurisdiction are

discussed, while for Nigeria (which is not a signatory to the Budapest Convention and

just passed its cybercrime specific laws in 2015) references would be made to case law

on general jurisdiction of courts in Nigeria. Some of the case laws referred to in this

discussion are locus classicus cases on jurisdiction generally or cyber jurisdiction in

the countries where they were determined. In this context, the term “jurisdiction‟ in

fact conceals three distinct concepts which require separate discussion as follows: 147

i. Prescriptive Jurisdiction

ii. Adjudicative Jurisdiction

iii. Enforcement Jurisdiction

2.4.3 Prescriptive Jurisdiction

Prescriptive jurisdiction is also known as subject matter or legislative jurisdiction.

According to the U.S. Constitution, the lawsuits can be brought either in a state or a

federal court, provided that the state in which the court is located must have a long-

arm statute which allows the court to assert jurisdiction over a non-resident defendant.

Although these statutes will differ from state to state, Fifth and Fourteen Amendments

of the U.S. Constitution lay down the outer limits for the courts while asserting
147
P. S. Golak. ‘Jurisdictional Jurisprudence and Cyberspace’, (2010) < http://assets.vmou.ac.in/PGDCL01.pdf>
Accessed 20 April 2022
 jurisdiction.148 Courts in the U.S., England and Nigeria have evolved various principles

to measure the legitimate exercise of judicial power over the parties to the litigation. 149

In England, the offences of unauthorized access or modification of computer material

under Sections 1 and 3 of the Computer Misuse Act, 1990 may be prosecuted in the

„home country‟,150 even if no element of the offence occurred in that country and or

the defendant was not present in that country, so long as there is at least one

“significant link” with the jurisdiction. 151 In essence, a “significant link” arises where

either the defendant was in the home country when he or she did the relevant act, or

the unauthorized access or modification occurred in the home country. 152 British

citizenship is immaterial to the question of guilt.153

Generally, in the last 40 years, however, revolutions have occurred in international

travel, trade, finance, and telecommunications, principal among which is the role of

internet in facilitating them. These, together with the changing patterns of criminal

conduct associated with them, have spawned numerous exceptions to the basic

principle of territoriality, many of which have been required in order to comply with

the United Kingdom's treaty obligations under international law.154

In Nigeria, it is the statute creating a Court that vests it with its jurisdiction. 155 Lower

Courts of Law in Nigeria are created by the various States in Nigeria for the purpose

of Administration of Justice.156 It is therefore observes that these courts, whether

148
Op cit at note 138
149
Op cit at note 138
150
Op cit at note 138
151
Computer Misuse Act, s. 4(6).
152
Ibid, s. 4(1)–(2).
153
Ibid, S 5
154
Computer Misuse Act of the United Kingdom, 1990, Section 9(1)
155
Constitution of the Federal Republic of Nigeria 1999, Section 230-269
156
Laws of the Kaduna State of Nigeria,1991
 superior courts or inferior courts of law have the jurisdiction to entertain cases

involving crime. Even though issues of cyber jurisdiction rarely arise in Nigeria

courts,157 in considering whether they have jurisdiction over a matter, Nigeria Courts

of law may likely consider the following ingredients of jurisdiction:

(a) it is properly constituted as regard number and qualifications of

the members of the bench, and no member is disqualified for one
reason or the other; and
(b) The subject matter of the case is within its jurisdiction; and there
is no feature in the case which prevents the court from exercising its
jurisdiction; and
(c) The case comes before the court of law initiated by due process
of law and upon fulfillment of any condition precedent to the
exercise of jurisdiction….
In issues involving conflicts of laws and jurisdiction generally, the courts in Nigeria

consider whether they have jurisdiction on the basis ofthe subject 158 matter i.e. in rem

or in personam.159 For civil and criminal matters, Nigerian courts have jurisdiction

overforeign companies. A foreign company can sue and be sued in its corporate or

registered name in Nigeria even though it is not locally registered and without the

requirement of its suing through an agent.160

It is observed that in considering whether they have jurisdiction over criminal cases,

courts in Nigeria would consider their inherent and the territorial 161 jurisdiction. In

Nigeria today, Jurisdiction to try cybercrimes is vested in the Federal High Courts.162

157
Op cit at note 138
158
Op cit at note 133
159
Op cit at note 133
160
O.U. Ins. Ltd. vs. Marine & Gen. Ass. Co. (2001) 9NWLR (Pt. 717) 92 at p. 95 paragraphs B-C.
161
Op cit at note 133
162
Cybercrime Act, 2015 Section 22
 In the Budapest Convention, Prescriptive jurisdiction is addressed in Article 22. This

sets out a number of basis on which parties are to establish jurisdiction. 163 The first is

where the offence is committed within its territory, reflecting the principle of

territoriality.164 This is the most common basis for the exercise of criminal

jurisdiction,165 there being a general presumption that criminal laws are local in

operation.166 Although allowing a country to exercise jurisdiction over conduct which

occurs within its sovereign territory, there are a number of ways in which the territorial

principle operates to encompass extraterritorial conduct. 167 First, a country may assert

territorial jurisdiction over conduct which occurs on a flagged ship or registered

aircraft of that country. This is specifically recognized in the Convention, and expands

the scope of territorial jurisdiction to those situations where the ship or aircraft is

outside the terrestrial jurisdiction of the relevant country. 168 Such an extension of

territorial jurisdiction is important in closing potential gaps in jurisdictional reach. For

example, if the ship or aircraft is in international waters or airspace, no other country

may be able to assert jurisdiction in respect of that conduct. 169 Alternatively, even

where a ship or aircraft is within the territorial jurisdiction of another country, its

presence may be so transient as to the make the assertion of jurisdiction impractical. 170

2.4.4 Adjudicative Jurisdiction

163
McConnell International (2000)< www.mcconnellinternational.com > Accessed 20 April 2022
164
Cybercrime Convention, Art. 22(4).
165
Ibid, 22(1)(a); Cybercrime Convention, Explanatory Report, [233].
166
Council of Europe: European Committee on Crime Problems, ‘Extraterritorial criminal jurisdiction’ (1992) (3)
Criminal Law Forum 441, 446
167
61Treacy vs. DPP [1971] AC 537 at 561 per Lord Diplock; Equal Employment Opportunity Commission v. Arabian
American Oil Co., 499 US 244 (1991); R vs. Finta [1994] 1 SCR701 at 805–6 per Cory J.
168
Council of Europe, „Extraterritorial criminal jurisdiction‟, 447; < >
169
Ibid
170
Ibid
 Once prescriptive jurisdiction has been established, the question remains whether the

particular court has adjudicative jurisdiction over the specific case. In considering its

adjudicative jurisdiction, courts use the following yardsticks: (a) The general

jurisdiction of the court (b) The specific jurisdiction of the court. In the United States,

general jurisdiction of a court equates to „continuous and systematic contacts‟ with

individuals or subject matter within the jurisdiction of the court by the plaintiff,

whether or not the contacts are related to the suit. For example, in the United States, if

a Plaintiff in the course of carrying out a transaction went to 5 different states in the

bid to execute the transaction, the courts in any of these states would have jurisdiction

to entertain an action filed by the Plaintiff with respect to the contract. It would allow

the forum to assert jurisdiction for any cause of action pertaining to the contract. On

the other hand, specific jurisdiction arises from contact with the court related to the

suit. It would permit the court to assert jurisdiction only to adjudicating a dispute

which took place within the court’s jurisdiction. In absence of clear rules and

regulations, the courts in the United States have devised new jurisprudence in order to

resolve rivalry grievances of the parties in cyber jungle. Prior to the mid-nineties, there

were very few decisions by U.S. Courts on competence over the Internet disputes.

Since 1995, there has been a true explosion of cyberspace litigation and the United

States blazes the trail on issues of internet law.171

American courts have used various tests to determine whether they have jurisdiction

over Internet disputes arising within their jurisdiction or affecting their citizens. Some

courts have simply applied traditional rules while others have tried to devise new tests

to accommodate the peculiarities of the medium. The principles considered by courts

171
Op cit at note 138
 in the United States, England and Nigeria when considering issues of extraterritorial

jurisdiction are discussed below.

(a) The territorial principle (Pennoyer Theory) 172 The traditional law of personal

jurisdiction in the United State is reflected in the landmark decision of the US

Supreme Court. In the Year 1877, Pennoyer laid down the fundamental principles that

"every state possesses exclusive jurisdiction and Sovereignty over persons and the

property within its territory and no state can exercise direct jurisdiction and authority

over person and property within its boarder. Due to these laws one state could not

infringe the laws of another state because that other state is also a sovereign power".

However, during 18th and early 19th. Centuries, the federalist model of jurisdiction

upon which Pennoyer theory was founded no longer reflected political and commercial

reality. After the Second World War, there was an exponential growth of

industrialization, urbanization, modernization and 'computerization in all walks of life.

The expansion of the United States, international Commerce after the world wars and

the increasing ease of travel across the state lines created problems when a state could

not assert jurisdiction over entities that established connections with the state. The

interstate movement of goods and persons compelled the states to provide a way for

their citizens to sue non-residents in local court.173

Unfortunately, Pennoyer test could not stand the test of time, as it has the effect of

prohibiting the states from exercising personal jurisdiction over persons and things

physically located outside of its territorial limits. Due to this, and to keep a pace with

the changing needs of the society, the state started to enact long arm statutes, which

172
Cybercrime Convention, Explanatory Report, [233].
173
Op cit at note 138
 permitted the local courts to exercise personal jurisdiction over non residents-

defendants. Provided the exercise of jurisdiction did not violate the 14th Amendment

of the US Constitution.174

(b) Minimum contact Principle

States in the United States wanted to give its citizens an option to sue non-residents in

local courts. The impact if these changes could be seen in a landmark judgment in

which the United States Supreme Court upheld a Massachusetts Statute 175 deeming

that non-residents using the roads of Massachusetts consented to be sued in that state.

After analyzing the perspective of natural person, the court held that a state may sue a

non-resident foreign corporation provided the corporation has "minimum contact" with

the forum state and provided that exercise of jurisdiction does not violate the

"principle of fair play and justice". This principle permits the exercise of jurisdiction in

the light of "virtual" presence of the defendant within a state. Furthermore, the

minimum contact principle developed by the United States Supreme Court in

International Shoe Co. vs. Washington, Office of Unemployment Compensation and

Placement et al.176 accordingly it analyzed the distinction between specific and general

jurisdiction. Historically, personal jurisdiction could satisfy due process if the foreign

defendant was present within jurisdiction or consented to the jurisdiction of a court to

hear a matter. However, the U.S. Supreme Court by this case cleared the mist that was

gathered around „jurisdiction in rem and jurisdiction in personam by making it clear

that there must be certain relationship between non-residents property and law suit. On

174
Op cit at note 138
175
United States vs. Roberts, 1 F. Supp 2d 601 (E.D. La. 1998
176
41. 444. U.S. 286 (1980).
 the other hand, in the case of World- Wide Volkswagen Corp. vs. Woodson177a New

York Volkswagen dealer sold a car to New York Residents. The New York couple

relocated to Oklahoma where they met with an automobile accident that injured the

wife and child. The purchaser filed a suit in Oklahoma under its long-arm statute

claiming “defective automobile design.” The Supreme Court held that the defendant

corporation did not have minimum contacts with state of Oklahoma because they

limited their sales, advertisements and business within New York only. The sole fact

that the product sold was readily movable in commerce did not subject the defendants

to jurisdiction of courts outside the area of where they conducted business. The court

held that forseeability has never been a sufficient benchmark for personal jurisdiction

under Due Process Clause.178

(c) Effects Principle

When a defendant targets a particular forum, he may be called to answer his or her

actions in that forum. The court asserted its jurisdiction on the principle that when the

defendant knew that her action would be injurious to the plaintiff, and then she must

reasonably anticipate being sued into the court where the injury occurred. The "Effects

Principle" is of particular importance in cyber space because conduct in cyber space

often has effects in various jurisdictions.179

(d) Purposeful Availment principle

The concept of this theory is that a person by conducting activities within a state

enjoys certain benefits and privileges of that state and with these privileges certain

177
42. 326 U.S. 310 (1945).
178
Burger King Corp. vs. Rudzewicz, 471 U.S. 462, 474.
179
Dow Jones & Co. Inc. vs. Gutnick, (2002) HCA 56
 obligations also arise which bears nexus with the activities within the state which

require the person to answer litigations in the state. Also, the theory states that for a

court to have jurisdiction over any cause of action and the defendant, the legal action

must have arisen from defendant’s activities there. Furthermore, the acts of the

defendant or consequences of his actions must have a sufficiently substantial

connection to the state.180

(e) The nationality principle

The other basis of jurisdiction recognized under the Convention is the „Nationality

Principle‟. This requires parties to establish jurisdiction where the offence is

committed by one of its nationals, irrespective of where it occurs in the world. 181 For

this principle to apply, the conduct must have also been punishable under the laws of

the country where the offence was committed, or where the offence was committed

outside the territorial jurisdiction of any state. 182 Although parties may opt out of

asserting jurisdiction on the basis of nationality or in respect of its ships or aircraft,

they must apply territorial jurisdiction of the relevant country.183

(f) The Universality Principle (principle of universal jurisdiction)

This principle is closely aligned with the international law doctrine of peremptory

norms (jus cogens). The principle holds that all states have jurisdiction over crimes

that are universally recognized to be a crime against humanity. These have historically

included piracy, slave trading, torture, genocide, and perhaps, terrorism. It is observed

that from the above principles of jurisdiction, the judiciaries are striving to handle
180
CompuServe, Inc. vs. Patterson 89 F.3d 1257
181
Ibid
182
Ibid
183
Cybercrime Convention, Art. 22(1)(b)–(c); Cybercrime Convention, Explanatory Report, [235].
 challenges of cyber jurisdiction when they arise. The judiciaries over the years have

shown a propensity to readily make laws or solve legal issues by judicial activism and

sound reasoning. This is probably the reason why cases involving the internet and

cyber jurisdiction are properly dealt with when they are instituted in American or

English Courts of law.184

2.4.5 Enforcement Jurisdiction

Even if there is both prescriptive and adjudicative jurisdiction, the ability to enforce

presents the most significant limitation on criminal jurisdiction. Unlike civil actions,

where principles of forum non conveniens may apply, in criminal law the issue is

effectively reduced to the question of who has the defendant in custody? This has the

practical effect of limiting the number of cases in which states assert jurisdiction. 185 It

is a general principle that individuals will not be tried in absentia for serious offences.

This is based in part on fairness to defendants but also the pragmatic fact that a foreign

state will not enforce another state’s public law judgments. 186 Criminal courts also

invariably apply local law.187 The effect of this is that „on those fairly rare occasions

when in possession of enforcement power, [states] have not been too concerned about

the limits of their legislative/adjudicative jurisdiction under public international

law‟.188 Hence, it is the jurisdiction which has the defendant in custody which has the

practical ability to exercise jurisdiction. In this respect, the Convention recognises the

principle of aut dedere aut judicare: the obligation to extradite or prosecute. 189 That is,

184
Op cit at note 138
185
U. Kohl, ‘Jurisdiction and the Internet’, <www.worldcat.org> Accessed 20 April 2022.
186
Ibid
187
Cybercrime Convention, Explanatory Report p. 1
188
Ibid
189
Ibid
 a country must assert jurisdiction where one of its nationals has committed an offence

within its jurisdiction, and a request for extradition has been refused solely on the basis

of nationality.190

Extradition is the process whereby one state will formally surrender a person for

prosecution in another state. This is a matter of international comity rather than an

obligation under international law, and is typically supported by bilateral treaties and

domestic legislation in each country. 191 Extradition typically requires there to be “dual

criminality” between the requesting party and the country where the person is located.

That is, the offence must be an offence under the laws of both jurisdictions, usually

subject to a minimum level of penalty, commonly a maximum penalty of at least

twelve months‟ imprisonment.192 The difficulties presented by this requirement are

well illustrated by the case of the “love bug” virus. 193 Where dual criminality exists,

however, it allows one jurisdiction to seek the surrender of a person alleged to have

caused damage in the requesting jurisdiction. In a recent example, English-man Gary

McKinnon lost his appeal against extradition to the United States in respect of his

unauthorized access to United States federal computers. 194 When the number of

extraditable offences were relatively few, it was typical for extradition treaties to

enumerate those offences which were extraditable. This tradition continued, even as

the number of extraditable offences grew, so that the 1976 Treaty between Australia

and the United States specified twenty-nine types of extraditable offence. This

approach presents particular difficulties where novel offences arise, with very few
190
Cybercrime Convention, Art. 24.
191
Extradition Act 1988 (Cth); Extradition Act 1999 (Can); Extradition Act 2003 (UK)
192
Cybercrime Convention, Art. 24.
193
M.D. Goodman and others. ‘The Emerging Consensus on Criminal Conduct in Cyberspace’ UCLA Journal of Law
and Technology, 16
194
McKinnon vs. Government of the USA
 applicable to computer-facilitated crimes, and none encompassing conduct where a

computer was the target of the offence.195 Because of such difficulties, treaties have

moved away from an enumerative to an eliminative approach. 196 For example, the

Australia–U.S. treaty was subsequently amended so that an extraditable offence was

defined as an offence „punishable under the laws in both Contracting Parties by

deprivation of liberty of more than one year, or by a more severe penalty‟. 197 Although

preferable, such an approach requires whether or not the contracting parties place the

offence within the same category of still requires consideration of whether an

equivalent law can be found in each jurisdiction, just two instances of conduct that is

commonly unlawful in one jurisdiction but not others. In addition, even if technically

extraditable, the complexity and cost of the and can still present an obstacle. 198 For

example, online gambling and hate speech are extradition process ensures that it is

typically reserved for serious offences.199

2.5 The Concept of Cybersecurity

A secure cyberspace will hamper the continuous boom and smooth running of terrorist

activities. In other words, a secure cyberspace is an effective antiterrorism measure.

Cybersecurity is the offensive way (otherwise known as a preventive measure) of

combating terrorism. The security of the cyberspace is as crucial more than ever to the

survival of mankind as the physical space is. This simply translates to the fact that the

security of the cyberspace is not only necessary for the prevention of cyber attacks, but

195
J.T Soma, and others ‘Transnational extradition for computer crimes: Are new treaties and laws needed? (1997)
(34) Harvard Journal on Legislation 317, 324–6.
196
Australian Treaty Series 1976 no. 10, Art. II(1)
197
Australian Treaty Series 1992 no. 43, Art. 1(1)
198
R vs. Bow Street Magistrates Court and Allison, ex parte Government of the United States of America [2000] 2
AC 216.
199
J. Paust, ‘Panel: Cybercrimes and the domestication of international criminal law’, (2007) (5) Santa Clara Journal
of International Law, 432- 442.
 also physical and other forms of attacks that can be organized or coordinated via the

cyberspace. From a counter-terrorism point of view, cybersecurity, as a tool, is

necessary for intelligence gathering.200

Cybersecurity plays an important role in the ongoing development of information

technology, as well as Internet services.201 Enhancing cybersecurity and protecting

critical information infrastructures are essential to each nation’s security and economic

well-being. Making the Internet safer (and protecting Internet users) has become

integral to the development of new services as well as government policy. 202 Deterring

cybercrime is an integral component of a national cybersecurity and critical

information infrastructure protection strategy. In particular, this includes the adoption

of appropriate legislation against the misuse of ICTs for criminal or other purposes and

activities intended to affect the integrity of national critical infrastructures. At the

national level, this is a shared responsibility requiring coordinated action related to

prevention, preparation, response and recovery from incidents on the part of

government authorities, the private sector and citizens. At the regional and

international level, this entails

cooperation and coordination with relevant partners. The formulation and

implementation of a national framework and strategy for cybersecurity thus requires a

comprehensive approach.203 Cybersecurity strategies – for example, the development

of technical protection systems or the education of users to prevent them from

200
Op cit at note 39
201
ITU, ‘ Cybersecurity Work Programme to Assist Developing Countries 2007-2009’, (2007),<
www.itu.int/ITU-D/cyb/cybersecurity/docs/itu-cybersecurity-workprogramme-developing-countries.pdf.>
Accessed 22 April 2022
202
Rev. Johannesburg, ‘on Cybersecurity (2008)’, ITU WTSA Resolution 50, <www.itu.int/dms_pub/itu-t/opb/res/T-
RES-T.50-2008-PDF-E.pdf > Accessed 22 April 2022
203
Op cit at note 200
 becoming victims of cybercrime – can help to reduce the risk of cybercrime. 204 The

development and support of cybersecurity strategies are a vital element in the fight

against cybercrime.205

2.5.1 Meaning of Cybersecurity

There are many definition of the term “Cybersecurity” in use; however, we would

present a couple of these: - first, Cyber security, referred to as information technology

security, focuses on protecting computers, networks, programs and data from

unintended or unauthorized access, change or destruction. 206 Second, cybersecurity is

“the state of being protected against the criminal or unauthorized use of electronic

data, or measure taken to achieve this.” 207 Third, from International

Telecommunications Union (ITU) Point, Cybersecurity is the collection of tools,

policies, security concepts security safeguards, guidelines, risk management

approaches, actions, training, best practices, assurance and technologies that can be

used to protect the cyber environment and organization and user’s assets. Organization

and users of assets include connected computing devices, personnel, infrastructure,

applications, services, telecommunications systems and the totality of transmitted and/

or stored information in the cyber environment cybersecurity strives to ensure the

attainment and maintenance of the security properties of the organization and user‟s

assets against relevant security risks in the environment.208

204
Kellermann, Technology risk checklist, Cybercrime and Security, IIB-2, page 1
205
Chjolberg and Hubbard, ‘Harmonizing National Legal Approaches on Cybercrime’, (2005),
<www.itu.int/osg/spu/cybersecurity/docs/Background_Paper_Harmonizing_National_and_Legal_Approaches_on_
Cybercrime.pdf > Accessed 22 April
206

207
Oxford Dictionaries (2013) < http://oxforddictionaries.com. >. Accessed 22 April 2022
208
< www.itu.int/en/ITU-T/studygroups/com17/pages/cybersecurity.aspx > Accessed 22 April 2022
 Fourth, “Cybersecurity” is the sum efforts invested in addressing cyber risk, much of

which was, until recently, considered so improbable that it hardly required our

attention.209 Cyber-security is the body of rules put in place for the protection of the

cyber space. But as we become more dependent on cyberspace, we undoubtedly face

new risks. Cyber-crime refers to the series of organized crime attacking both cyber

space and cyber security. Sophisticated cyber criminals and nation-states, among

others, present risks to our economy and national security. Nigeria’s economic vitality

and national security depend on a vast array of interdependent and critical networks,

systems, services, and resources known as cyberspace. Cyber-space has transformed

the ways we communicate, travel, power our homes, run our economy, and obtains

government services. Cyber-security is the body of technology, processes and

practices designed to protect networks, computers, programs and data from attacks,

damage, or authorized access. In the computing or cyber context, the word security

simply implies Cyber-security. Ensuring cyber-security requires coordinated efforts

from both the citizens of the country and the country’s information system210.

The threat posed by breaches in our cyber-security is advancing faster than we can

keep up with it. It is not possible to concentrate efforts on only one aspect of the

breach as it means negligence and allowance of growth for other aspects of the breach.

This leads us to conclude that we have to attack cyber security breaches as a whole.

What then are these breaches? Cyber-crime refers to criminal activity done using

computers and the Internet. This includes anything from downloading illegal music

files to stealing millions of dollars from online bank accounts. Cybercrime also

209
M.T Ladan, ‘Cyberlaw and Policy on Information and Communications Technology in Nigeria’ (Ahmadu Bello
University Press Limited 2015), 104.
210
Op cit at note 38
 includes non-monetary offenses, such as creating and distributing viruses on other

computers or posting confidential business information on the Internet. Perhaps the

most prominent form of cybercrime is identity theft, in which criminals use the

Internet to steal personal information from other users.211

2.5.2 Goals of Cyber Security

The following are the objectives of Cyber-security.

a. To help people reduce the vulnerability of their Information and Communication

Technology (ICT) systems and networks.

b. To help individuals and institutions develop and nurture a culture of cyber security.

c. To work collaboratively with public, private and international entities to secure

cyberspace.

d. To help understand the current trends in IT/cybercrime, and develop effective

solutions.

e. Availability.

f. Integrity, which may include authenticity and non-repudiation.

g. Confidentiality.212

2.6 Cybercrimes Committed in Nigeria and Criminalized under the Budapest

Convention

211
F. Ibikunle, ‘Approach to Cyber Security Issues in Nigeria: Challenges and Solution’, (2013) (1) (1) Publication of
Department of Electrical & Information Engineering, Covenant University Nigeria, 1.
<http://covenantuniversity.edu.ng> Accessed 22 2022
212
Ibid
 Fighting cybercrime, like any other crime requires three important elements namely:

identification, classification and the actual deployment of effective countermeasures.

The classification of cybercrimes, which is an important step to fighting it, has been

grossly limited to whether these crimes are “computer-crimes” or “computer assisted

crimes.”213 To further identify acts carried out by criminal-minded individuals today in

Nigeria, an attempt would be to identify them by linking them to traditional crimes

committed today in Nigeria. Under the Cybercrime Act, 2015. The cybercrimes are

categorized as follows:

i. Acts carried out by criminal-minded individuals against computers.

ii. ii. Acts carried out by criminal-minded individuals against people.

iii. iii. Acts carried out by criminal-minded individuals against the State.

2.6.1 Acts carried out by Criminal Minded Individuals against Computers

Acts carried out against computers with criminal intent in Nigeria constitute

cybercrimes. The cybercrime Act, 2015 in Section 2 states that unlawful access to a

computer constitutes a cybercrime. Section 2 (3). Section 3 makes it unlawful to

intercept communications by technical means, transmissions of non-public computer

data, content data or traffic data, including electromagnetic emissions or signals from a

computer, computer system or network carrying or emitting such, to or from a

computer, computer system or connected system or network an offence. This provision

covers mobile phones as the definition of a computer in the cybercrime Act, 2015

include mobile phones.214 Section 4 of the Act prohibits unauthorized modification of

213
O. Longe, and others, ‘Implications of the Nigeria Copyright Law for Software Protection’(2005) (5) (1) in the
Nigerian Academic Forum Multidisciplinary Journal, 7-10.
214
Cybercrime Act 2015, Section 37 of the Act
 computer program or data and sections 5 and 6 prohibit System interference and

Misuse of devices respectively.215

2.6.2 Acts carried out by Criminal Minded Individuals against Individuals

Acts carried out by criminal-minded individuals against people are done with the

intention to cause harm to them. These acts are as follows:

i. Computer-related Fraud

Computer-related fraud is one of the most popular crimes on the Internet in Nigeria 216

as it enables the offender to use automation and software tools to mask criminals‟

identities. This act is referred to as a crime because in most cases, the computer is only

a medium to establish a link with gullible victims whom they may later meet

physically or convince to deposit huge sums of money in their accounts. Automation

enables offenders to make large profits from a number of small acts. 217 One strategy

used by offenders is to ensure that each victim’s financial loss is below a certain limit.

With a „small‟ loss, victims are less likely to invest time and energy in reporting and

investigating such crimes.218 The main distinction between computerrelated and

traditional fraud is the target of the fraud. If offenders try to influence a person, the

offence is generally recognized as fraud. The writer observes that where offenders

target computer or data-processing systems, offences are often categorized as

computer-related fraud. Those criminal law systems that cover fraud, but do not yet

215
Ibid
216
N. A. Azeez, ‘Towards Ameliorating Cybercrime And Cybersecurity’(2009) (3) (1) International Journal of
Computer Science and Information Security, 1-11.
217
International Telecommunication Union Cybercrime Legislation Resources ‘Understanding
cybercrime: A guide for developing countries’ (2009) Draft,< www.itu.int/ITU.D/cyb/> , .Accessed
23 April 2022
218
Ibid
 include the manipulation of computer systems for fraudulent purposes, can often still

prosecute the computer related fraud.219

ii. Online Auction Fraud

Online auctions are now one of the most popular e-commerce services. In 2006, goods

worth more than USD 20 billion were sold on eBay, the world‟s largest online auction

marketplace.220 In Nigeria, many indigenous online auctions websites are

existingtoday221 Nigerians can access varied or specialist niche goods from around the

world. Sellers enjoy a worldwide audience, stimulating demand and boosting prices.

Offenders committing crimes over auction platforms can exploit the absence of face-

to-face contact between sellers and buyers. The difficulty of distinguishing between

genuine users and offenders has resulted in auction fraud being among the most

popular of cybercrimes.222 The two most common scams include:223

i. Offering non-existent goods for sale and requesting buyers to pay prior to Delivery.224

ii. Buying goods and asking for delivery, without intention to pay. In response, auction

providers have developed protection systems such as the feedback/comments system.

After each transaction, buyer and sellers leave feedback for use by other users as

neutral information about the reliability of sellers/buyers. In this case, reputation is

everything and without an adequate number of positive comments, it is harder for

219
Nigerian Criminal Code, S419
220
<http://www.ebay.com. > Accessed 23 April 2022
221
<konga.com, cheki.com nairaland.com, jumia.com.ng, inspiredmotors.com,> Accessed 23 April 2022
222
M.D. Goodman and Others, ‘The Emerging Consensus on Criminal Conduct in Cyberspace’, Journal of Law and
Technology, 16.
223
The United States Internet Crime Complaint Centre (IC3) (a partnership between the FBI and the
National White Collar Crime Centre) IC3 Internet Crime Report 2006, <
http://www.ic3.gov/media/annualreport/2006_IC3Report.pdf> Accessed 23 April 2022
224
Law Enforcement Efforts to combat Internet Auction Fraud, (2000) Federal Trade Commission, 1,
<http://www.ftc.gov/bcp/reports/int-auction.pdf. > Accessed23 April 2022
 offenders to persuade targets to either pay for non-existent goods or, conversely, to

send out goods without receiving payment first. However, criminals have responded

and circumvented this protection through using accounts from third parties.225

Identity Theft

The term identity theft – that is neither consistently defined nor consistently used

describes the criminal act of fraudulently obtaining and using another person’s

identity.226 The National Identity Management Commission Act, 2007 227 and the

Cybercrime Act, 2015228 rather state actions that constitute identity theft, rather than

define what it means. These acts can be carried out without technical means as well as

online by using Internet technology.229 In general the offence described as identity

theft contains three different phases:230

i. In the first phase the offender obtains identity-related information. This part of the

offence can for example be carried out by using malicious software or phishing attacks

ii. The second phase is characterized by interaction with identity-related information

prior to the use of the information for criminal offences. An example is the sale of

identity-related information.

iii. The third phase is the use of the identity-related information in relation with a criminal

offence. In most cases the access to identity-related data enables the perpetrator to

commit further crimes. The perpetrators are therefore not focusing on the set of data
225
http://pages.ebay.com/help/feedback/feedback.html.> Accessed 23 April 2022
226
N. A. Azeez and Others ‘Towards Ameliorating Cybercrime And Cybersecurity’ (2009) (3) (1), International
Journal of Computer Science and Information Security, 1-11.
227
National Identity Management Commission Act, 2007 Section 37
228
Cybercrime Act, 2015.Section 13
229
Peeters, ‘Identity Theft Scandal in the U.S.: Opportunity to Improve Data Protection, Multimedia’ (2007)
und Recht, 415
230
International Telecommunication Union Cybercrime Legislation Resources ‘Understanding
cybercrime: A guide for developing countries’ (2009), 48 <>
 itself but the ability to use them in criminal activities. Examples for such offence can

be the falsification of identification documents or credit card fraud. The methods used

to obtain data in phase one cover a wide range of acts. The offender can use physical

methods and for example steal computer storage devices with identity-related data,

searching trash or mail theft. In addition they can use search engines to find

information on individuals.

File sharing by individuals from their computer or computer networks also makes it

easy for cybercriminals to get valuable information on individuals. Finally the

perpetrators can use social engineering techniques to persuade the victim to disclose

personal information. In recent years perpetrators developed effective scams to obtain

secret information (e.g. bank account information and credit card data).By

manipulating users through social engineering techniques. The type of data

cybercriminals target varies. The most targeted data however are:

i. Date of birth, address and phone numbers.

ii. Drivers‟ license or Passport Number.

iii. Password for non-financial accounts.

iv. Password for financial accounts.231

2.6.3 Cybercrimes Committed against the State

Cyber terrorism is a growing menace all over the world today and Nigeria is also

affected by terrorist activities.232 Though terrorists do not use the internet to carry out

231
Op cit at 138
232
Ibid
 terror activities, the internet plays a role in aiding terrorists‟ activities. 233 Today it is

known that terrorists use ICTs and the Internet for:128

i. Propaganda;

ii. Information gathering;

iii. Preparation of real-world attacks;

iv. Publication of training material;

v. Communication;

vi. Terrorist financing;

vii. Attacks against critical infrastructures.

This shift in the activities of terrorists via Internet had a positive effect on research

related to cyber terrorism as it highlighted areas of terrorist activities that were rather

unknown before. Due to the digitalization of government organizations in Nigeria,

terrorists can launch attacks against government websites crippling governance for

several hours.234

Cyber-Warfare

Cyber-warfare describes the use of ICT in conducting warfare using the Internet. It

shares a number of features in common with cyberterrorism. 235 Discussions originally

focused on the substitution of classic warfare by computer-mediated or computer-

based attacks.236 Network-based attacks are generally cheaper than traditional military

operations and can be carried out even by small states. Protection against cyber attack

233
Terrorism Act, No. 10, 2011, Section 1; the Terrorism Act (Prohibition Order Notice) 2013, Sections 1 and 2
234
‘EFCC & NCC websites hacked’ <www.dailytimes.com.ng/article/efcc-ncc-websites-hacked> Accessed 23 April
2022
235
D.G. Marc and orhers ‘The Emerging Consensus On Criminal Conduct In Cyberspace’ (2002)
236
Ibid
 is difficult. Until now, there have been limited reports on the substitution of armed

conflicts by Internet-based attacks.237 Current discussions focus on attacks against

critical infrastructure and control of information during a conflict. In considering both

civil and military communications, information infrastructure is a key target in armed

conflicts. However, it is uncertain if these attacks will be carried out via the Internet.

Attacks against computer systems in Estonia 238 and the United States has been linked

with cyberwarfare. Since attacks cannot be traced back to official state organizations

with any certainty, it is difficult to categorize them as cyber-warfare. In Nigeria, no

known attack has been carried out against Nigeria cyberspace by another nation.

Attacks against infrastructure that are carried out physically – e.g. by arms and

explosives – are also difficult to categorize as cyber war fare. Nevertheless, in a bid to

secure Nigeria’s Cyberspace, the Nigerian government in April 2013 awarded a $40

million contract for monitoring Nigerian’s internet communication for national

security reasons.

Cyber-laundering

The Internet is transforming money laundering in Nigeria, with larger amounts,

traditional money-laundering techniques still offer a number of advantages, but the

Internet offers several advantages. Online financial services provided by banks in

Nigeria offer the option of enacting multiple, worldwide financial transactions very

quickly. The Internet has helped overcome the dependence on physical monetary
237
Ibid
238
Ibid
 transactions. Wire transfers replaced the transport of hard cash as the original first step

in suppressing physical dependence on money, but stricter regulations to detect

suspicious wire transfers have forced offenders to develop new techniques. The

detection of suspicious transactions in the fight against money-laundering is based on

obligations of the financial institutions involved in the transfer.239

239
Anti-money laundering Act, 2011section 2
 CHAPTER THREE

LEGAL AND INSTITUTIONAL FRAMEWORKS RELEVANT FOR

CURBING CYBERCRIME IN NIGERIA

3.1The Criminal Code Act240

The Criminal Code Act of Nigeria is an Act wholly administered in southern Nigeria.

Most crimes committed in southern Nigeria are tried under this law and other laws.

Acts or omissions that constitute cybercrimes are prosecuted under the provisions of

the Criminal Code of Nigeria under the traditional crimes of stealing, identity fraud,

piracy, etc. Specifically, sections 382 to 390 of the Criminal Code are on stealing,

sections 418 to 426 on cheating and obtaining property by false pretences, sections

434 to 439 on fraud and false accounting, 463 to 483 of the Criminal Code on the

offence of forgery generally, and sections 484 to 489 on personating.

Telecommunication offences are regulated by Sections 161 to 189.241

Law enforcement agencies like the EFCC and the Nigeria Police Force have the

mandate to prosecute crimes and hence, prosecute these offences. Examples of such

offences successfully prosecuted by law enforcement agents are the case Mike Amadi

vs.

Federal Republic of Nigeria(supra) Chima Larry Ikonji vs. Blessing Onochie

(supra)242.

3.3 The Penal Code Act243

240
Cap. C38 LFN 2004
241
Ibid
242
EFCC ALERT! ‘A publication of the Economic and Financial Crimes Commission’, (2007) (2)( 1), January 8, 1 and 5
243
Cap. 110 laws of Kaduna State, 1991
 The Penal Code is mainly applicable in northern Nigeria. Law enforcement agencies

prosecute all criminal offences committed in northern Nigeria under this law. For

instance, sections 362 to 380 are on forgery, section 179 is on impersonation, sections

320 to 325 are on cheating and section 334 is on telecommunication offences, to

mention a few. All offences including acts or omissions classified as cybercrimes

under the Budapest Convention are prosecuted by law enforcement agencies under this

law. This is by prosecuting cybercrimes as traditional crimes. An example of an

offence classified as cybercrime (identity theft) under the Budapest Convention is the

crime of impersonation.244

In the case of FRN vs. Muitala Abbas Ubandawaki, who is serving a 10year jail term

for impersonating the former EFCC boss, Mallam Nuhu Ribadu. Ubandawaki by use

of computer generated documents and the internet conned the former Governor of

Zamfara State – Nigeria, Alhaji Sani Ahmad Yarima and obtained the sum of

N1million from him while presenting himself as Ribadu.245

3.4 Terrorism (prevention) act, 2011 (as amended in 2013) and Regulations

2013246

Under the Anti-terrorism Act, acts referred to as terrorist activities are many but there

is neither a specific cybercrime offence nor cyber terrorism offence. In other words,

244
Op cit at note 138
245
Op cit at note 248
246
M.T. Ladan, ‘Appraisal of Legal, Regulatory and Institutional Frameworks in Combating
Money Laundering and Terrorism Financing in Nigeria’, (2013,) being an independent study on the recent legal,
regulatory and institutional regimes (2011-2013) in combating money laundering and terrorism financing
in Nigeria Zaria, Kaduna state, Nigeria, 36-40 < http://mtladan.blogspot.com/> Accessed 26 April 2022
 acts or omissions carried out by terrorists in cyber space against Nigeria are not

specifically referred to as acts of cyber terrorism.247

Though there is no discovery of an act of cyber terrorism yet in Nigeria, the internet

plays a great role in aiding terrorists‟ activities. 248 At a three-day conference on

cybercrime held in Lagos, Dr. Martins Ikpehai, chief executive officer, Computer

Audit and Security Associates Ltd., Lagos heightened tension of the participants when

he disclosed that the third world war might be fought on the computer considering

how different attacks were being launched through internet. 249 Ikpehai, expressing

concerns on how terrorists have been distorting information on internet, said internet

facility has recently become an instrument of terrorism. He reiterated that the third

world war might be fought on computers as terrorist groups like Al Qaeda have been

taking advantages of internet facilities to launch attacks and invectives. 250 Okonigene,

and others, in their article titled“ Cybercrime in Nigeria”251 state that Nigerian

websites and email system were used by Al Qaeda to disseminate internet information.

This has once again brought up the pertinent questions of the safety and security of

Nigeria’s national cyberspace. Furthermore, in view that Nigeria is not a party to the

Budapest convention on cybercrime, international cooperation against terrorist

activities in Nigeria and all over the world may be hard to come by.

Today, some international terrorist organizations finance terrorist activities all over the

world by internet trade. For instance, a local terrorist may order for goods on-line and

247
M.D. Goodman, and others, ‘The Emerging Consensus on Criminal Conduct in Cyberspace’, UCLA
Journal of Law and Technology, 51-52.
248
International Telecommunication Union Cybercrime Legislation Resources, ‘Understanding cybercrime:
A guide for developing countries’, (2009), Draft, <www.itu.int/ITU.D/cyb/> Accessed 26 April 20.
249
<www.saycocorporativo.com/saycoUK/BIJ/journal/Vol3No1/Article_> Accessed 22 April 2022
250
Ibid
251
Ibid
 they are paid for by their financiers whom may be based abroad or in the country their

financiers are based. The goods are delivered to the local terrorist whom sells them

and converts the proceeds to finance terrorist activities.252

The above scenarios necessitated the passing into law the first anti-terrorism Act in

Nigeria in 2011. The first ever Terrorism (Prevention) Act, No. 10, 2011 came into

force with the aim of providing for measures for the prevention, prohibition and

combating of acts of terrorism, the financing of terrorism in Nigeria and for the

effective implementation of the Convention on the Prevention and Combating of

Terrorism and Terrorism Financing; as well as prescribe penalties for violating any of

its provisions.253

The Terrorism (Prevention)(Amendment) Act, 2013 amends the 2011 Act and makes

provision for extra-territorial application of the Act and strengthens terrorist financing

offences in the following ways:

First, Section 13 of the 2013 Amended Act prohibits financing of terrorism and

provides for a liability regime with stiffer sanctioning strategy as follows: 13(1) Any

person or entity who, in or outside Nigeria –

a) Solicits, acquires, provides, collects, receives, possesses or makes available funds,

property or other services by any means to –

i. terrorists, or

252
Op cit 138
253
Op cit at note 138
 ii. terrorist groups, directly or indirectly with the intention or knowledge or having

reasonable grounds to believe that such funds or property will be used in full or in part

in order to commit an offence under this Act or in breach of the provisions of this Act,

b) Possesses funds intending that it be used or knowing that it will be used, directly or

indirectly, in whole or in part, for the purpose of committing or facilitating the

commission of a terrorist act by terrorist or terrorist groups, commits an offence under

this Act and is liable on conviction to imprisonment for life imprisonment,(2) Any

person who knowingly enters into, or becomes involved in an arrangement - a) which

facilitates the acquisition, retention or control by or on behalf of another person of

terrorist fund by concealment, removal out of jurisdiction, transfer to a nominee or in

any other way, or(b) as a result of which funds or other property are to be made

available for the purposes of terrorism of for the benefit of a specified entity or

proscribed organization, commits an offence under this Act and is liable on conviction

for life imprisonment.(3) For an act to constitute an offence under this section, it is not

necessary that the funds or property were actually used to commit any offence of

terrorism. Second, Section 14 of the same Act outlaws dealing in terrorist property by

any person or entity, knowingly and provides equally for a liability regime that may

attract at least 20years jail term. According to Section 14(1) A person or entity who,

knowingly does the following:

a) deals, directly or indirectly, in any terrorist funds;

b) acquires or posses terrorist fund,

c) enters into, or facilitates, directly or indirectly, any transaction in respect of a terrorist

funds,
 d) concerts, conceals, or disguises terrorist funds or property, or

e) provides financial or other services in respect of terrorist fund or property at the

direction of a terrorist or terrorist group, commits an offence under this Act and liable

on conviction to imprisonment for a term of not less than twenty years.

(2) It is a defense for a person charged under subsection (1) of this section to prove

that he did not know and had no reasonable cause to suspect or believe that the

arrangement is related to a terrorist property.254

Section 32 of the amended Act confers the jurisdiction to try all prohibited acts of

terrorism and financing of terrorism under the amended Section 1, on the Federal High

Court located in any part of Nigeria, regardless of the location where the offence is

committed; and to impose any prescribed penalty (ranging from death sentence and

life imprisonment to lower prison terms) on any convicted person.255

The amended Section 33 empowers the Court to, in addition to any penalty imposed,

order the forfeiture of any proceed or fund traceable to a terrorist act and includes

proceed or fund irrespective of the person in whose names such proceeds or funds are

standing or in whose possession they are found.256

In the exercise of the powers conferred on the Attorney-General of the Federation and

Minister of Justice by Section 9(6) and 39 of the Terrorism (Prevention) Act 2011,

asamended in 2013, the Regulations on the Freezing of International Terrorists Funds

and other Related Measures, 2013 were made in August 2013with the aim of

prescribing the procedure for the freezing of funds, financial assets or other economic

254
Op cit at note 138
255
Op cit at note 138
256
Op cit at note 138
resources of any suspected terrorist, international terrorist or an international terrorist

group, the conditions and procedure for utilization of frozen funds, or economic

resources and constituted the Nigeria Sanctions Committee for the purpose of

Proposing and designating persons and entities as terrorists within the framework of

the Nigerian legal regime. In terms of scope of application, the regulations shall apply

to any person or entity listed under Regulation 3(1) as follows:

a) designated persons contained in the Consolidated List of the United Nations 1267

and 1988 Sanctions Committee („the UN Consolidated List‟); b) designated persons

approved by the Nigeria Sanctions Committee under the Nigeria („the Nigeria List‟);

and c) all law enforcement agencies to implement measures to prevent the entry into or

the transit through the Nigerian borders or the direct or indirect supply, sale and

transfer of arms and military equipment by any individual or entity associated with Al

Qaeda, or the Taliban, including other international terrorists based on requests from

other countries or other third parties. The above Regulations are structured into ten

parts. While Part 1 deals with preamble, purpose and scope; Part 2 covers the

constitution of the Nigeria Sanctions Committee and the effective implementation of

the relevant UN Security Council Resolutions; Part 3 provides for the freezing of

funds procedure and reference to lists by financial, designated non-financial

institutions, law enforcement and security agencies; Part 4 relates to funds held by

designated persons; Part 5 prohibits making funds, financial services or economic

resources available to designated persons and circumventing prohibitions; Part 6 lays

down the conditions and procedure for utilisation of frozen funds; Part 7 places travel

restrictions and arms embargo on designated persons; Part 8 provides for information
 and reporting obligations; Part 9 on penalties and sanctions provides for a maximum of

5 years of imprisonment for any individual or corporate or institutional violator of the

regulations; and Part 10 on miscellaneous matters covers revocation of the 2011

Regulations, guidelines for effective implementation, interpretation and citation. 257

3.5 The Evidence Act

Evidence is the means by which facts are proved, excluding inferences and arguments.

It is anything presented in support of an assertion. 258 The Evidence Act, 2011 is the

latest Nigeria law on admissibility of evidence by Courts of Law in Nigeria. It is

applicable to all criminal trials in Nigerian Courts of Law. Generally, all evidence is

admissible under the Evidence Act once it is relevant. 259 Section 84 of the Evidence

Act relates to admissibility of electronically generated evidence. In most cases,

electronically generated evidence is tendered by third parties and this amounts to

hearsay. This section is also an exception to the hearsay rule of evidence, which states

that hearsay evidence will otherwise be inadmissible.

By Section 41 the Evidence Act, where even though the maker of the evidence cannot

be called to give primary evidence of the “hearsay evidence”, such evidence is

established to have been made and kept contemporaneously in an electronic device, in

the ordinary cause of business or in the discharge of a professional duty or in

acknowledgment, written or signed, of the receipt of money, goods, securities or of

property of any kind. Where the statement and the recording of the transaction are not

instantly contemporaneous, they must occur such that a Court of Law will consider it

257
Op cit at note 138
258
Evidence Act, 2011 Cap. E14, Laws of the Federation of Nigeria, 2004
259
Ibid, S 2
 most likely that the transaction was at the time of the record, still fresh in the memory

of the maker of the recorded statement.260

Section 258 (1) (d) of the Act describes a document, for the purpose to include “any

device by means of which information is recorded, stored or retrievable including

computer output”. A computer is in turn described to be “any device for storing and

processing information and any reference to information being derived from other

information is a reference to its being derived from its calculation, comparison or any

other process.” 261

Section 86(3) of the Evidence Act 2011 provides that where a number of documents

have all been produced by one uniform process as in the case of printing, lithography,

photography, computer or other electronic or mechanical process, each of such

documents shall be the primary evidence of the contents of all the documents so

produced by this one uniform process.262

As for documents signed electronically, Section 93 (1-3) of the Act, 2011 provides that

an electronic signature will satisfy the legal requirement that a document must be

signed where the electronic signature shows that a procedure was followed whereby

the person that executed a symbol or followed some other security procedure verifying

that an electronic signature was made to an electronic record, actually followed an

established procedure.263

The earliest and commonly referred to case law on the admissibility of electronic

evidence in Nigeria is the Nigerian Supreme Court decision in Esso West Africa Inc.
260
Ibid
261
Ibid
262
Ibid
263
Ibid
 vs.

T. Oyebgola264 where the Supreme Court said orbiter that “the law cannot be and is

not ignorant of modern business methods and must not shut its eyes to the mysteries of

the computer.”

The document that called for the decision of the Court is this case was one that was

signed in quadruplicate with carbon copies through one single process with the

original copy. The Supreme Court ruled on this matter, relying on the old section 93 of

the 1945 Evidence Act to hold that where a number of documents have been made by

one single paper, each of such document so reproduced is primary evidence of the

quadruplicate copies. The Esso West Africa Inc. vs. T. Oyegbola case was referred to

in the case of Yesufu vs. A.C.B.265 where the document that was tendered with

objection by opposing Counsel was a bank statement prepared by a Machinist from the

ledger of card of the Respondent Bank; the Machinist obtained the entries from the

Respondent Bank’s day-to-day vouchers. The bank officer that tendered the statements

did not personally prepare the statements or verify that the statements were correct.

Objection was raised to the admissibility of the bank statements on the grounds that

the existence of the bankers book from which the entries were extracted was not

established neither was the custody and control, with the examination of the original

entries established before the lower court admitted the bank statements. The Supreme

Court held in the case of Yesufu vs. A.C.B266. that the admission of the bank statements

which entries were derived from day-today vouchers of the Respondent Bank did not

qualify without supporting oral evidence, as bankers book and therefore offended the

264
(1969) 1NMLR 194, 27.
265
(1976) 4 at pages 9-14
266
supra
 provision of the Section 96 (1) (h) of the 1945 Evidence Act. The Supreme Court did

however refer to the orbiter in the case of Esso

West Africa Inc. vs. T. Oyegbola267 and said as follows:

….it would have been much better, particularly with respect to a

statement of account contained in a book produced by a computer, if the
position is clarified beyond doubt by legislation as has been done in the
English Civil Evidence Act, 1968.
From the forgoing, the generating and tendering electronically generated evidence in

cases involving cybercrimes, law enforcement agencies and Courts of law in Nigeria

follow the procedure laid down by the Nigerian Evidence Act, 2011.268

3.6 The Advance Fee Fraud Act269

The advance Fee Fraud Act 2006 is an Act to create offences pertaining to advance fee

fraud270 and other fraud related offences.

Sections 1 and 2 of the Act makes it an offence for any person to obtain property from

another person in Nigeria or outside Nigeria or induce a person to deliver property to

someone within or outside Nigeria or to obtain property by false pretence. This may be

either through the internet or by physical contact with the victim271.

Section 11A (1) of the Act states that any person or entity providing an electronic

communication service or remote computing service either by e-mail or any other

form shall be required to obtain personal information of their customers.272

267
Supra
268
Op cit at note 138
269
No. 14, 2006
270
< www.cenbank.org/cashless/ > Accessed 26 April 2022
271
Ibid
272
Ibid
 Section 11A (2) makes it an offence if they fail to obtain their customer’s personal

data.273

Sections 11B (1) (2) and (3) provides that providers of internet services shall be

registered with the EFCC and together with GSM service providers provide

information on demand to the EFCC. All these are in a bid to trace them or their

customers if it is later discovered that they are carrying out fraudulent activities on-

line.274

3.7 The Money Laundering (Prohibition) Act, 2011

The Money Laundering Act as the name implies, prohibits money laundering. In

section 1 of this Act, there are limitations to make or accept cash payments by

individuals and corporate bodies. in as much as banking business is mainly carried out

through banking institutions in Nigeria, the cashless economy policy and mobile

banking services currently propagated by the Central Bank of Nigeria has created

loopholes for cybercriminals to exploit and launder money. It is observed that by the

time these loopholes are discovered, the cybercriminals would have already enriched

themselves.275 Section 3 of the Act stipulates that bankers should identify their

customers. Dzever observes that 3rd parties whom benefit from electronic or mobile

payments through banks are not customers of the bank and consequently, they cannot

be identified by the bank. The least the bank can do is to verify that the person

initiating the transaction and the transaction itself are not frauds. He further observes

that in spite of the provisions of this Act and attempts by financial and non-financial

273
Ibid
274
‘Nigeria’s Transition to Cashless Economy’, Thisday Live, (Lagos, July, 3 2013)
<http://www.thisdaylive.com/artilcles/nigeria-s- transition -to-cashless-economy/122241> accessed 26 April 2022
275
Ibid
 institutions to comply with the provisions of the Act, cyberspace and the internet has

provided vast opportunities, more than can be imagined and only discovered gradually,

for cybercriminals to carry out money laundering activities.276

3.8 The Nigerian Financial Intelligence Unit (NFIU)

The rationale behind the establishment of the Nigerian Financial intelligence Unit

(NFIU) is to safeguard the Nigerian Financial system and contribute to the global fight

against money laundering, terrorism financing and related crimes through the

provision of credible financial intelligence. Considering that there are different FIU

models, Recommendation of the Financial Action Task Force (FATF) do not prejudge

a country’s choice for a particular model and applies equally to all of them. The

Recommendation however emphasizes that countries should establish an FIU with

responsibility for acting as a national centre for receipt and analysis of suspicious

transaction reports and other information relevant to money laundering, associated

predicate offences and terrorist financing; and for the dissemination of the results of

that analysis. Further, the FIU should be operationally independent and autonomous in

carrying out its core and distinct functions and be free from any undue political,

government or industry influence or interference, which might compromise its

operational independence. Accordingly, the NFIU is the Nigerian arm of the global

financial intelligence Units (FIUs) domiciled within the EFCC as an autonomous unit

and operating in the African Region. The NFIU seeks to comply with international

standards on combating Money Laundering and Financing of Terrorism and

276
Op cit at note 138
proliferation. The establishment of the NFIU is based on the requirements of

Recommendation of the Financial Action Task Force (FATF) Standards and Article 14

of United Nations Convention Against Corruption (UNCAC). The NFIU was admitted

into the Egmont Group of FIUs in 2007. The Egmont Group is the global body

responsible for setting standards on best practices for FIUs and is made up of more

than 131 FIUs from 131 jurisdictions. It was founded in 1995 to foster international

collaboration in the exchange of intelligence by member states. It also supports and

influences the work of FATF as it relates to the mandate of FIUs under FATF

Recommendations 29 and 40. The NFIU, as a member of Egmont Group has reached

out to other African FIUs by sponsoring and mentoring them to join the Egmont

Group. The Unit has since then sought to develop standards and procedures for the

receipt, analysis and dissemination of financial intelligence to law enforcement

agencies, perform onsite and off-site examination of financial institutions, enhance

compliance with the legal and regulatory regimes on Anti-Money Laundering and

Combating the Financing of Terrorism (AML/CFT) in Nigeria as well as respond to

the global trends by collaborating with other FIUs worldwide.

Powers/Mandate: - The NFIU largely draws its powers from the Money Laundering

(Prohibition) Act 2011 as amended in 2012 and the Economic & Financial Crimes

Commission (EFCC) establishment Act, 2002. The core mandate of every FIU as

required by international standard is to serve as the national center for the receipt and

analysis of: (a) suspicious transaction reports; and (b) other information relevant to

money laundering, associated predicate offences and terrorist financing, and for the

dissemination of the results of the analysis to law enforcement and anti-corruption

agencies. Other Functions of the NFIU include the responsibility to receive currency

transactions reports, suspicious transactions reports; currency declaration reports and

other information relating to money laundering and terrorist financing activities from

financial institutions and designated non-financial institutions (DNFIs); receive reports

on cross-border movement of currency and monetary instruments; maintain a

comprehensive financial intelligence database for information collection, analysis and

exchange with counterpart FIUs in the jurisdiction and law enforcement agencies in

Nigeria; advise the government and regulatory authorities on prevention and

combating of economic and financial crimes; provide information relating to the

commission of an offence by entities and subjects linked to another jurisdiction to

foreign financial intelligence unit based on the membership of Egmont Group or on

the basis of bilateral cooperation; promote public awareness and understanding of

matters relating to economic and financial crimes, money laundering & financing of

terrorist activities; liaise with compliance officers and ensure strong compliance

culture by reporting entities. The NFIU has a reporting requirement which requires

that it works closely with all the core regulators of financial, otherfinancial institutions

and designated non- financial businesses and professions, namely Central Bank of

Nigeria (CBN), National Insurance Commission (NAICOM), Securities & Exchange

Commission (SEC), Special Control Unit against Money Laundering (SCUML),

particularly in the receipt of the following reports: i. Report of international transfer of

funds and securities exceeding US$10,000.00 or naira equivalent as required by

Section 2 (1) of the MLP. ii. Suspicious Transaction Reports (STRs) related to

potential money laundering activities from reporting entities. iii. The STRs mentioned

under Section 6 (2) of the MLPA 2011 shall be reported exclusively to the NFIU to aid
 intelligence gathering and in line with Financial Action Task Force (FATF) 2012

Recommendations 20 and 29. iv. Declaration reports of more than USD$10,000 or its

equivalent made to the Nigerian Customs pursuant to the Foreign Exchange Act, 1995

and Section 2 (3) of the MLP Act, 2011 as amended. v. Currency Transaction Reports

(CTRs) that should be submitted directly to the NFIU from the reporting entities as

provided in Section 10 of the MLP Act 2011 as amended. vi. Application of freezing

measures under Section 6 (5) (b) of the MLP Act 2011 as amended. vii. Mandatory

Disclosures by financial institutions and any other individual (voluntarily) – related to

single transaction, lodgment or transfer of funds in excess of N5, 000,000 or N1,

000,000 by an individual and N10, 000,000 or N5, 000,000 by a corporate entity as

provided Section 10 (1) and (2), MLP Act. viii. To determine the flow of transactions

and the beneficiaries for individual and corporate accounts as provided by Section 14

MLP Act, 2011 as amended.

viii. Receive STRs on transactions that may relate to Terrorism or terrorist financing from

reporting entities as provided under Section 14 of the Prevention of Terrorism Act

2011 as amended in 2013; The financial institutions shall also have regard to the

Regulation on the freezing of terrorist assets issued in 2012 by the Attorney General of

the Federation and United Nations Security Council Resolutions as issued from time to

time. x. Other statutory reports mandated by the regulators in their AML/CFT

Regulations must also be complied with and the reports filed with the NFIU and the

regulators.

Section 25 of the MLP Act 2011 as amended in 2012 defines the reporting institutions

to include but not limited to:

 Financial Institutions: - Commercial Banks; Primary Mortgage Institutions;

MicroFinance Banks; Finance Companies; Discount Houses; Bureau de change

(BDCs); Development financial institutions (NEXIM, Agric, Rural and Urban

development banks, FMBN etc); Money Service Businesses and Transmitters.

Capital and Stock Market Operators: - Stock brokers; Issuing houses; Registrars; Trust

Fund and Assets Managers; Investment and Portfolio Managers.Insurance Sector: -

Insurance companies; Reinsurance Companies; Insurance Brokers.

Designated Non-Financial Businesses and Professions (DNFBPs) 33: -

NonGovernmental Organizations (NGOs); Estate surveyors and Valuers; Dealers in

Precious Stones and Metals; Trust and Company Service Providers; Casinos, Pool

Betting and Lottery; Dealers in jewelry, cars and luxury goods; Chartered/professional

accountants and Audit firms; Tax Consultants; Legal practitioners; supermarkets;

Hotels and Hospitality Industries; and Casinos.

3.9 Special Control Unit against Money Laundering

The Special Control Unit against Money Laundering (SCUML) domiciled in the

Federal Ministry of Commerce and Industry (FMC&I) has the responsibility under the

provisions of the Money Laundering (Prohibition) Act No. 1, 2011 (as amended) 277 to

monitor, supervise and regulate the activities of Designated Non-Financial Businesses

and Professions in Nigeria. By section 5(4) of the Money Laundering (Prohibition) Act

No. 1, 2011 (as amended) the Honourable Minister of Commerce and Industry can

make regulations for the Designated Non-Financial Businesses and Professions

(DNFBP) to protect the designated sectors against money laundering and combating
277
<http://www.scuml.org/userfiles/SCUML%20FINAL%20REGULATORY%20DOCUMENT%5B1%5D.pdf> Accessed
27 April 2022
 the financing of terrorism. In line with the statutory mandate, the Minister may

designate and include businesses and professions to be so regulated. Inclusion of the

legal profession as “trading” to be so regulated was challenged and set aside by Justice

Gabriel Kolawole of the Federal High Court in the suit between Registered Trustees of

the Nigerian Bar Association vs. the Attorney General of the Federation & the Central

Bank of Nigeria.278

This suit is similar with the case of Federation of Law Societies of Canada vs. the

Attorney General of Canada & Canada Bar Association. Delivering its judgment, the

Honourable Madam Justice Gerow noted that the section that has to do with legal

practitioners infringes on their rights.279 The Regulation is guided by the Money

laundering Prohibition Act 2011(as amended), Terrorism Prevention Act 2011 (as

amended),Financial Action Task Force 40 recommendations(February 2012) as well

as international best practice documents. Pursuant to the above, the Special Control

Unit against Money Laundering (SCUML) issues AML/CFT regulation to guide

DNFBP‟s in the implementation of the Know Your Customer (KYC) and Customer

Due Diligence (CDD) requirements for the DNFBP sector. The Regulation not only

minimizes the risk faced by DNFBP‟s on laundering the proceeds of crime but also

provide protection against fraud, reputational and institutional market risks. 280 As part

of the effort to ensure that financial crime in cyberspace is curtail, this regulation

requires that all DNFBP’s businesses shall be conducted in compliance with the

278
Op cit at note 138
279
‘Fight Against Cybercrime, Legislation As Rescue’,
<http://callcenterinfo.tmcnet.com/news/2006/04/14/1573060.html> Accessed 27 April 2022
280
Op cit at note 138
 requirements of the Money Laundering (Prohibition) Act, 2011 and Terrorism

(Prevention) Act, 2011.281

3.10 Economic and Financial Crimes Commission (establishment) Act 2004

The preponderance of cybercrimes involving advance fee fraud(419), money

laundering, phishing to mention a few has had severe negative consequences on

Nigeria, including decreased Foreign Direct Investments in the country and tainting,

Nigeria’s image.282 The menace of cybercrime and the magnitude and gravity of the

situation led to the passing into law of the EFCC Act 2004. The EFCC Act also

establishes the Economic and Financial Crimes Commission (the EFCC) to implement

and execute the provisions of the act. Specifically, the EFCC Act mandates the

Commission to collaborate with government bodies within and outside Nigeria

concerning the following:

a) The identification, determination of the whereabouts and activities of persons

suspected of being involved in economic and financial crimes,

b) The movement of proceeds or properties derived from the commission of economic

and financial and other related crimes;

c) The exchange of personnel or other experts;

d) The establishment and maintenance of a system for monitoring International

Economic and Financial crimes in order to identify suspicious transactions and persons

involved;

281
Op cit at note 138
282
<http://callcenterinfo.tmcnet.com/news/2006/04/14/1573060.html> Accessed 27 April 2022
 e) Undertaking research and similar works with a view to determining the

manifestation, extent, magnitude and effects of economic and financial crimes,

advising government on appropriate intervention measures for combating same. Since

its establishment, the Commission has investigated and prosecuted several offences

relating to cybercrimes.283The writer however observes that this is not adequate

considering the rate acts and omissions that constitute cybercrimes under the Budapest

Convention are committed in Nigeria today and the EFCC Act is not cybercrime

specific284.

The power of the Commission to investigate all financial crimes including advance fee

fraud, money laundering, counterfeiting, illegal charge transfers, future market of

negotiable instruments, computer credit card fraud, contract scam etc has been

subjected to serious judicial contest and some pronouncements, the end result is that

the trials particularly that of politically exposed persons are unnecessarily delayed and

thus no appreciable progress has been achieved over the years. In plethora of these

cases, the trial hardly go beyond the initial stage of arraignment before being stalled

owing to multiple preliminary applications ranging from challenges of territorial

jurisdiction of the trial courts, the propriety of the indictments/charges and to a large

extent, the authority of the prosecuting authorities to try the accused persons, often

citing the federal system envisaged in the Nigerian Constitution as an excuse.285

283

284
EFCC Act, 2004 section 1; <http://www.efccnigeria.org/index.php?option=com_contact&catid=4&Itemid=3.>
Accessed 27 April, 2022
285
EFCC <www.cybercrimejournal.com> Accessed 27 April 2022
 CHAPTER FOUR

ISSUES AND CHALLENGES IN COMBATING CYBERCRIMES IN DIGITAL

TRANSACTIONS

4.1 Law Enforcement in Combating Cyber Crime

Law-enforcement agencies can now use the increasing power of computer systems and

complex forensic software to speed up investigations and automate search

procedures.328 It can prove difficult to automate investigation processes. While a

keyword-based search for illegal content can be carried out easily, the identification of

illegal pictures is more problematic. Hash-value based approaches are only successful

if pictures have been rated previously, the hash value is stored in a database and the

picture that was analysed has not been modified.286

Forensic software is able to search automatically for child-pornography images by

comparing the files on the hard disk of suspects with information about known images.

For example, in late 2007, authorities found a number of pictures of the sexual abuse

of children. In order to prevent identification of offender had digitally modified the

part of the pictures showing his face before publishing the pictures over the Internet.

Computer forensic experts were able to unpick the modifications and reconstruct the

suspect’s face.287 Although the successful investigation clearly demonstrates the

potential of computer forensics, this case is no proof of a breakthrough in child-

286
Kerr, ‘Searches and Seizures in a digital world’, (2005) (119) Harvard Law Review, 546.
287
Interpol in Appeal to find Paedophile Suspect, The New York Times, ( New York, August 10 2007),
<www.nytimes.com/2007/10/09/world/europe/09briefs-pedophile.html?_r=1&oref=slogin > Accessed 28 April
2022
 pornography investigation. If the offender had simply covered his face with a white

spot, identification would have been impossible.288

4.3 The Role of Judiciary in the Admissibility of Electronic Evidence in Cyber

Crime Cases

By the provision of the Cybercrime Act289 it confirm jurisdiction on the Federal High

Court. The Act provides thus;

The Federal High Court located in any part of Nigeria regardless of the
location where the offence is committed shall have jurisdiction to try
offences under this Act, if committed –
(a) In Nigeria; or
(b) In a ship or aircraft registered in Nigeria; or
(c) By citizen or resident in Nigeria if the person‟s conduct would also
constitute an offence under a law of the country where the offences was
committed; or
(d) Outside Nigeria, where –
3. The victim of the offence is a citizen or resident of Nigeria; or
4. The alleged offender is in Nigeria and not extradited to any other
country for prosecution.
Electronically generated evidence how applicable in our court system, especially due

to the low costs290 compared to the storage of physical documents, the number of

digital documents is increasing.291 Digitization and the emerging use of ICTs have a

great impact on procedures related to the collection of evidence and its use in court. 292

As a consequence of this development, digital evidence has been introduced as a new

288
Op cit at note 138
289
Cybercrime Act, Section 50
290
Giordano, ‘Electronic Evidence and the Law’, ( 2006) (6) (2) Information Systems Frontiers, 161;
Willinger and Wilson, ‘Negotiating the Minefields of Electronic Discovery’, (2004) (x) (5) Richmond Journal of Law &
Technology,
291
Lange and Nimsger, ‘Electronic Evidence and Discovery’, (2004) 1
292
Hosmer, ‘Proving the Integrity of Digital Evidence with Time’, (2002) (1) (1), International Journal of Digital
Evidence, 1
 source of evidence.293 It is defined as any data stored or transmitted using computer

technology that supports the theory of how an offence occurred. 294 Handling digital

evidence is accompanied with unique challenges and requires specific procedures. 295

One of the most difficult aspects is to maintain the integrity of the digital evidence. 296

Digital data are highly fragile and can easily be deleted or modified 297. This is

especially relevant for information stored in the system memory RAM that is

automatically deleted when the system is shut down 298 and therefore requires special

preservation techniques. In addition, new developments can have great impact on

dealing with digital evidence. An example is cloud computing. In the past,

investigators were able to focus on the suspects‟ premises when searching for

computer data. Today, they need to take into consideration that digital information

might be stored abroad and can only be accessed remotely, if necessary. 299 Digital

evidence plays an important role in various phases of cybercrime investigations. It is

in general possible to separate four phases. 300 The first phase is identification of the

relevant evidence. It is followed by collection and preservation of the evidence. 301 The

third phase includes the analysis of computer technology and digital evidence. Finally,

the evidence needs to be presented in court. In addition to the procedures that relate to

the presentation of digital evidence in court, the waysn which digital evidence is
293
Op cit at note 290
294
Cybex ‘The admissibility of Electronic evidence in court: fighting against high-tech crime’, (2005), <
www.cybex.es/agis2005/elegir_idioma_pdf.htm> Accessed 28 April 2022
295
Moore, ‘Cramming more components onto integrated circuits’, (1965) (38) (8) Electronics,
<ftp://download.intel.com/museum/Moores_Law/ArticlesPress_Releases/Gordon_Moore_1965_Article.pdf
>Accessed 28 April 2022
296
Op cit at note 291
297
Op cit at note 294
298
Nolan and O’Sullivan and Branson and Waits, ‘First Responders Guide to Computer Forensics’, (2005) 88
299
Op cit at note 293
300
Ciardhuain, ‘An Extended Model of Cybercrime Investigation’, (2004) (3) (1), International Journal of Digital
Evidence, 66
301
Op citb at note 295
 collected requires special attention. The collection of digital evidence is linked to

computer forensics.302

The impact of ICT on the Law of Evidence in Nigeria is reflected in the following

improved provisions of the new Evidence Act, 2011, which repealed the old Evidence

Act303.

First, expectedly, certain definitions under the Act have been modified to reflect the

prevailing attitude of the Act to issues such as documents and admissibility of

electronically generated evidence, amongst others. Perhaps, the most significant

modification is the new definition of a 'document‟. The broadness of this definition

can conveniently accommodate all known forms of storage or record of information.

The inadequacy of the repealed Act in this regard is highlighted in the case of Udoro

v. Governor, Akwa-Ibom State304 where a video cassette was rejected in evidence since

it was clearly not envisaged under section 2(1) of the repealed Act.

However, the unbridled broadness of what constitutes a document may constitute

serious problems for practitioners in the application of the Act. This is because the

definition of a document does not only accommodate information in all forms of

devices; it also accommodates the device itself as a form of document. For instance,

information stored in a flash drive can tightly be described as a document under

paragraph (a) of the definition of "document". Under paragraph (d) of the same

definition, the flash drive itself also constitutes a document under the Act. The

implication of this interesting provision is that "documents" such as flash drives, tapes

302
Ibid
303
Cap. E. 14, Laws of the Federation of Nigeria, 2004.
304
(2010)11 NWLR (pt. 1205)322
 or sound track can also be classified as private and public documents under sections

102 and 103 of the Act. Where such documents fall within the purview of public

documents, the law requires that only a certified true copy of same can be admissible

in evidence. Section 104 of the Act explains what is meant by a certified true copy of a

document. The pungent question that arises here is "how does a public officer in

custody of a flash drive or a sound track certify a copy of such device as a certified

true copy in compliance with the modalities stipulated in section 104?" we can ask a

further question, "where is the 'foot' of a copy of such a document where at the law

requires the public custodian to write a certification thereof?" Without doubt, the

answer (if any) to the above questions will border on the ridiculous and lead to further

questions. There is a need to harmonies and reconcile this expanded definition of

document with other aspects of the Act in order to eliminate such amusing confusion.

A possible solution would be to reconsider the definition of a document. The

legislature, in the course of trying to solve one problem, may have unwittingly created

another. It may be helpful if the Act is amended to create a distinction between

'devices' and 'documents' as forms of evidence. Different considerations should apply

to both forms in the application of the Act. For Instance, while 'public documents' may

require certification as a pre-requisite for admissibility, some other form of

authentication should be created for 'public devices'. This is the fact that section 104 of

the Act is clearly designed or 'documents' and does not in any way envisage

'devices'.305

Another crucial issue, which comes to mind, is on the rigidity of the provisions dealing

with the requirement for certification of public documents. There is a need to qualify
305
Op cit at note 138
 the requirement of certification in certain cases. The blanket requirement of

certification for all documents (and devices) emanating from public authorities is

bound to occasion hardship and injustice. Those provisions have to be re-visited and

appropriately qualified. Unfortunately, the understanding of what constitutes a

'banker's book' remains unchanged under the Act. One would have thought the

legislators would heed the clarion call handed by our appellate Court in the cases of

Yesufu vs. ACB306 and UBA V. SAFPU & 3 ors 307 on the need to amend the Evidence

Act definition of 'banker's book' to reflect the bankers' daily use of the computer in the

ordinary course of business.

In this regard, the definition of the 'banker's book' in section 2 of The Corrupt

Practices and other Related Offences Act 2000 308 is highly desirable in this era of

modernizing our law of evidence. That provision defines the term to include inter alia

"all other books and documents or electronic devices used in the ordinary course of

business of a bank". Admittedly, computer-generated statements of account can be

admissible under section 84 of the Evidence Act subject to substantial compliance

with the conditions stipulated there under. There is however a need to amend this

definition of banker's books to reflect the prevailing tenor of the Act.309

The Act attempts a definition of a computer as any device for storing and processing

information. It is however unclear why the legislature decided to explain what it

means for information to be derived from other information under the definition of a

computer. It is sufficient to state that two different concepts are defined under this

306
(1976)4 SC 1
307
(2004)3 NWLR (pt. 861) 516 at 541-543
308
Cap C31 LFN 2004.
309
Op cit at note 138
 head and it is important not to confuse the definition of both concepts. We hope that

this unnecessary ambiguity would be cured in subsequent amendments of the Act.310

Second, the provisions of Section 51 and 52 of the Act proved on the repealed Act

sections 38 and 39 by organizing the admissibility of electronic records regularly kept

in the ordinary course of business. This is obviously in cognizance of remarkable

decisions to the effect that the old vision of section 38 must be construed to include

entries kept by electronic process such as a computer. 311" It must however be pointed

out that the electronic records referred to in section 51 can only be restricted to

electronic records of accounts and not just electronic records of any fact.

It is also important to observe that section 52 does not solely refer to public officers.

By making reference to records by 'any other person in the performance of a duty

specially enjoined by the law of the country', the provision can be extended to include

records kept by private persons pursuant to statutory obligations to keep such records.

For instance, private and public companies incorporated under the Companies and

Allied Matters Act are obliged to keep certain records under the Companies and Allied

Matters Act312.

Third, section 84 of the 2011 Act provides for admissibility of statements in

documents produced by computers. Prior to the enactment of the Act, the CS have

resorted to all forms of judicial ingenuity to admit computer-generated evidence even

in the face of inadequate or non-existent statutory framework. For example, in the case

310
Op cit at note 138
311
Trade Bank Plc v. Chami (2003)13 NWLR (pt. 836)158@ 216-217; ESSO WA Inc v. Oyegbola (1969)
NMLR 194.
312
Op cit at note 138
 of Anyaebosi v. R. T. Briscoe Nig. Ltd313 the Supreme Court, per Karibi-Whyte JSC,

upheld the admissibility of a computerized statement of account relying on section

97(l)(d)&(g) and 97(2) of the repeated Act.314 Those provisions permit the

admissibility of secondary evidence when the original is of such a nature as not to be

easily movable or where the original consist of numerous accounts or other documents

which cannot conveniently be examined in Court. One area where the issue of

computer generated evidence has generated great controversy is the admissibility of

computer-generated statement of account. The Court of Appeal was faced with this

issue in the case of FRN v. Fani-Kayode'315 where the appellant appealed against the

trial Court's rejection of a computer-generated statement of account in evidence. In

allowing the appeal, the Court observed that there is nothing in the Act to suggest that

a computerized statement of account is excluded under the definition of the terms

'document' and 'Bankers' books'. In the illuminating contributory judgment of Saulawa

JCA, reliance was placed on the old Supreme Court case of Esso WA Inc. v.

Oyegbola316 when his Lordship observed thus- Undoubtedly, the provisions of the

Evidence Act, and indeed most of the Nigerian statutes, including the Grundnorm

itself, the Constitution of the Federal Republic of Nigeria, 1999, need to be generally

overhauled to meet the exigencies of the modern computer age ... The law cannot be

and is not ignorant of modern business methods and must not shut its eyes to the

mysteries of the computer."317

4.4 Challenges in the Fight against Cybercrime

313
(2000) 2 NWLR (pt 165) p56
314
Cf, Sections 89(d)&(g) and 90(1)(a)&(d) of the repealed Act.
315
(2010)14 NWLR (pt. 1214)481; Oghoyone v. Oghoyone (2010)3 NWLR (pt. 1182)564 at 585.
316
(1969) NMLR 194
317
Ibid
 the following under listed challenges militate against effective fight against

cybercrime all around the world today as follows:

4.4.1 Lack of Cybercrime Specific Laws

Lack of cybercrime specific laws are the motive for cybercriminals to commit

cybercrime. Most nations of the world today prohibit punishing of criminals in the

absence of specific laws. Lack of cybercrime specific laws has militated against

international cooperation in fighting cybercrime318. On this lapse, and others, in their

work titled „The Emerging Consensus on Criminal Conduct in Cyberspace state as

follows:

Law enforcement officials cannot take action against cybercriminal

sunless countries first enact laws which criminalize the activities in
which these offenders engage. As the “Love Bug” investigators learned,
the existence of such laws is a fundamental prerequisite for investigation
as well as for prosecution.319
It is against this background that the Chairman of the EFCC advocated for the passing

into law of the cybercrime bill and it has being passed into law as the Cybercrime Act,

2015.320

4.4.2 Lack of Adequate Provisions on Collection and use of Electronic Evidence

in Nigeria

There are no adequate provisions on admissibility of electronically generated evidence

in most nations of the world. In spite of the fact that cybercrimes are mainly carried

out in cyberspace which is an electronic medium, the laws of Nigeria and most
318
EFCC, NBA Back Anti-cybercrime Bill <www.thisdaylive.com >Accessed 23 April 2022
319
Ibid
320
Ibid
 countries are lagging behind by not taking a bold step in making adequate laws on

admissibility of electronically generated evidence.321 According to Ani, L.

The Evidence Act has become grossly inadequate to cover the present
advancement in technology with the concomitant sophistication
employed in the commission of economic and financial crimes. There is
a need to reconsider the prohibitive aspects of our laws. The inadequacy
of our legislation turns out to be even more serious when we consider
the lack of analogy between most cyber crimes and their conventional
network.… As Professor Yemi Osibanjo (SAN) observed “one specific
problem that have arisen from the use of electronic financial
transactions is the manner and procedure for proving the forms of
evidence generated by these means or simply proof of such transactions
themselves.322
From the foregoing therefore, it is opined that to effectively combat cybercrime the

legislature, judiciary and law enforcement agencies have to take steps by utilizing

every measure to fight it electronically in cyberspace.323

4.4.3 Lack of Proper Training of Law Enforcement Agencies on Investigating

Acts or Omissions that Constitute Cybercrimes-

To effectively combat cybercrime, there is a need for proper training of investigators

and prosecutors on how to investigate acts or omissions which constitute cybercrimes.

This affects how they prosecute crimes in law courts. Lack of proper training of Law

enforcement agencies on investigation of acts or omissions which constitute

cybercrimes militates against fighting cybercrimes. The writer observes that most law

enforcement officers lack basic computer knowledge; talk more of complex forensic

knowledge on cybercrimes.324

321
Op cit at note 138
322
L. Ani,’Cyber Crime and National Security: the Role of the Penal and Procedural Law in Law and Security in
Nigeria’, (2011), (eds.), 211
323
Op cit at note 138
324
Ibid
 CHAPTER FIVE

SUMMARY, CONCLUSION AND RECOMMENDATION

5.0 Summary

Internet is one of the greatest technological advancements of all time and it has

tremendous impact on humans. This is because as shown in this work, the internet has

brought people in the world closer and has made communication much easier than it

ever was. Cybercriminals however, despite the positive effect of the internet have

come up with ways of committing cybercrimes through the internet. It is easy to

commit crime through the internet due to its virtual and borderless nature, lack of

appropriate laws to punish cybercriminals who use the internet for crime, lack of

proper training of law enforcement agents to investigate and prosecute cybercrimes

and issues of cyber jurisdiction. In the forefront of combating cybercrime in the world

today is the Budapest Convention on cybercrime which as at today is the only treaty

on cybercrime. The treaty provides for laws against cybercrime and also encourages

international cooperation against cybercrime. The treaty can be amended subsequently

if the need arises and it serves as a template for cybercrime specific laws to all

countries. In this research titled “An Appraisal of the Legal Framework for Combating

Cybercrime in International Law” the writer in Chapter one, provided the benefits of

this work to include the making of adequate cybercrime specific laws fashioned after

the Budapest Convention on cybercrime, subject to local circumstances. The writer

argued that this work will be of tremendous importance to Law Teachers and students,

who are interested in carrying out further research in this area. This strong assertion

led to the explanation of what cybercrime is and the concepts and terms common with
cybercrime in particular and the internet in general as contained in Chapter Two of this

work. Most crime Statutes of most nations date back to the pre- colonial and or pre-

internet boom. To simply put, they are archaic. The writer further made it clear that

cybercrimes are offences related to advancement in technology and there are no

cybercrime specific laws in most nations of the world and cyber jurisdiction is a great

challenge in the fight against cybercrime even as technology advances every day. Most

existing criminal laws target real-world crimes of stealing, money laundering, murder,

advance fee fraud, et cetera. This makes it difficult to tackle acts or omissions which

constitute cybercrime among nations. The writer in Chapter 3 of this research x-rays

the most relevant Statutes that would enable Nigeria cooperate effectively in fighting

cybercrime among the comity of nations, to reveal their short comings in international

cooperation in combating cybercrime. In view of the above, the writer in Chapter 4 of

this research identifies the specific benefits of the Budapest Convention on

Cybercrime to parties, so as to weigh the possibilities of attaining the same benefits to

nations. This is why comparism is made between the Budapest Convention on

Cybercrime and the cybercrime Act, 2015.

5.1 Conclusion

Fighting cyber security on a global scale is never the sole responsibility of the

international or regional community such as the UN, EU or the AU; it is the

responsibility of every State to see to the enhancement of global cyber security. The

responsibility of states in regards to cyber security cuts across the establishment of

organizations amongst some States to tackle problems of cyber crimes and enhance

cyber security amongst these States, and it goes beyond this also. When we talk of
collective security, one example is the North Atlantic Treaty Organization (NATO)

and its military arm SHAPE (Supreme Headquarters Allied Powers Europe). As a

collective security organization, the premise of NATO is that an attack on one country

is an attack on all and therefore NATO will respond on behalf of all member

countries1007. This could exist to tackle the issues of cyber crime amongst States.

To some extent, the norm that states may be held responsible for acts and omissions

within their territories which produce trans-boundary harm in other countries can also

be applied for the purpose of promoting global cyber security1008. The implication of

this is that where a State fails to promote cyber security by not establishing appropriate

regulatory mechanisms to deter malicious cyber conducts which gives rise to the

existence of a safe haven for cyber criminals, then such State should be held

responsible for any trans-boundary harm that arises from the perpetration of

cybercrimes in that safe haven1009. Simply put, a State should be held responsible

where failure to establish deterrent regulatory measures within its territory has

permitted the perpetration of cybercrimes that affected other states or individuals or

organizations located in other States.

Also, the need for effective cross-border cooperation on the legal and technical aspects

of cyber security cannot be overemphasized. This requires the harmonization of cyber

security laws, the enhancement of cross-border legal and technical assistance, and the

effective participation of the IT industry and the aiding of developing countries to

improve their technical capacities for the regulation of cyber security. In order to

achieve the collective responsibility of states for global cyber security even in the face

of the “digital divide”1010, it is imperative that all states must ensure the
establishment of laws and regulatory mechanisms that will eliminate safe havens for

cyber criminality.

5.2 Recommendation

Following the observations gathered during the course of this study—the legal

framework for combating cybercrime in digital transaction across borders, following

recommendations are stated below:

1. It is recommended that there should be a legislative reforms and amendment of

legislation in combating cybercrime so it could be in full harmonization with

international legislation in order for legislation on cybercrime in Nigeria to keep pace

with e-crime, especially as it becomes more prevalent and sophisticated hence there is

the need to develop a common platform to address cyber security since cybercrime

crosses borders and cannot be fought by one country.

2. There is a need to enlighten the public on the dangers that come with using the

internet. Ignorance that cybercrimes have similar effect with real world crimes makes

people not to adopt measures to protect themselves from the cybercriminal. Such

measures may include using computer anti-viruses/internet protection for computers

and or smart phones, accepting only people you know as your friends on social media,

and avoiding unnecessary publicity of private lives as through this, a cybercriminal

may stalk and later kidnap a victim.

3. There is a need to create a commission responsible for the implementation of the

provisions of the Cybercrime Act, 2015 and to make regulations on issues bothering

on cybercrime.
4. Law enforcement agencies should be properly trained to investigate and prosecute

cybercrimes. This might be through workshops or specialized training abroad on cyber

forensics.
BIBILIOGRAPHY

JOURNALS/ ARTICLES

Aaron A., A legal Analysis of Cybercrime and Cyber Torts: Lessons for Nigeria’,
(2019) LL. B
Long Essay, University of Lagos, 6
Agba P.C., ‘International Communication Principles, Concepts and Issues: In Okunna
C.S. (ed)
Techniques of Mass Communication: A multi – Dimensional Approach. (Enugu: New
Generation Books 2003), 9
Akomolede T.I., and others, Cybercrime and Cybersecurity as challenges to the fight
against
Global Terrorism (2016) Paper Presented at the 47th Conference of the Nigerian
Association of Law Teachers 22nd -27th May, Nasarawa State University, Keffi,
Nigeria.
Anah B.H., Funmi, D.L. and Julius M., Cyber Crime in Nigeria: Causes, effects and
the way out.
(2012) (2) (8) ARPN Journal of Science and Technology, 626,
<http:/www.ejournalofscience.org> Accessed 3 April 2022
Ani L.,’Cyber Crime and National Security: the Role of the Penal and Procedural Law
in Law
and Security in Nigeria’, (2011), (eds.), 211
Azeez N. A., ‘Towards Ameliorating Cybercrime And Cybersecurity’(2009) (3) (1)
International Journal of Computer Science and Information Security, 1-11.
Chen H., and Wang F.Y., ‘Guest Editors' Introduction: Artificial Intelligence for
Homeland
Security’, (2005) (20) (5), IEEE intelligent systems, 12–16.
Chiesa R., Auditing the Hacker‟s Mind: The Hacker‟s Profiling Project, (2011) A
Presentation
by Chiesa Raoul at WINS International Best Practice Conference, Vienna,
Austria.
Ciardhuain, ‘An Extended Model of Cybercrime Investigation’, (2004) (3) (1),
International
Journal of Digital Evidence, 66
Collin B.C., ‘The Future of Cyber Terrorism: Where the Physical and Virtual Worlds
Converge,
11th Annul International Symposium on Criminal Justice Issues (1996)
Dasgupta D., ‘Computational Intelligence in Cyber Security’, (2006), IEEE
International
Conference on Computational Intelligence for Homeland Security and Personal
Safety, 2–3
De Groot J., ‘A History of Ransomware Attacks: The Biggest and Worst Ransomware
Attacks of
All Times’, Digital Guardian’s Blog. <https://digitalguardian.com/blog/history-
ransomware-attacks-biggest-and-worst ransomware-attacks-all-time> Accessed 16
April 2022
DZEVER S. S., ‘An Appraisal of the Legal Framework for Combating Cybercrime in
International Law’, (2016) Master dissertation, Department of Private Law Faculty of
Law Ahmadu Bello University, Zaria Nigeria
Ehimen O.R. and Bola A., ‘Cybercrimes in Nigeria’, (2010) (3) (1) Business
Intelligence
Journal, January, 5
Ellison L., and Akdeniz Y., ‘Cyberstalking: the Regulation of Harassment on the
Internet,’
Criminal Law Review, December Special Edition: Crime, Criminal Justice and the
Internet, 29-48.
Eteya O., ‘An Analysis of Legal Framework on Combating Cybercrime in Nigeria’,
(2017)
Master dissertation, Department of Private Law Faculty of Law Ahmadu Bello
University, Zaria Nigeria

Folashade B.O. and others, ‘The Nature, Causes and Consequence of Cyber Crime in
Tertiary
institution in Zaria-Kaduna state’, (2013) (3) (9) American International Journal of
Contemporary Research, .98
Gereke M., ‘Understanding cybercrime: phenomena, challenges and legal response’,
(2013), 12
<www.itu.int/ITU-D/cyb/cybersecurity/legislation.html > Accessed 17 April
2022
Giordano, ‘Electronic Evidence and the Law’, ( 2006) (6) (2) Information Systems
Frontiers,
161;
Goodman M.D. and others. ‘The Emerging Consensus on Criminal Conduct in
Cyberspace’
UCLA Journal of Law and Technology, 16
Golak P. S. ‘Jurisdictional Jurisprudence and Cyberspace’ (2009) (4) (2), Assam
University
Journal of Science &Technology: Physical Sciences and Technology, 58.
Golak P.S.,‘Jurisdictional Jurisprudence and Cyberspace’, (2010) <
http://assets.vmou.ac.in/PGDCL01.pdf> Accessed 20 April 2022
Gordon S., and Ford R., ‘On the Definition and Classification of Cybercrime’, (2006)
(2) (1),
Journal in Computer Virology, 13-20
Graham M., ‘Geography/Internet: Ethereal Alternate Dimensions of Cyberspace or
Grounded
Realities?’ in the Geography Journal, (2014) (179) (2), 177-188.
Hosmer, ‘Proving the Integrity of Digital Evidence with Time’, (2002) (1) (1),
International
Journal of Digital Evidence, 1
Ibikunle F., ‘Approach to Cyber Security Issues in Nigeria: Challenges and Solution’,
(2013) (1)
(1) Publication of Department of Electrical & Information Engineering, Covenant
University Nigeria, 1. <http://covenantuniversity.edu.ng> Accessed 22 2022
Igwe E.K., ‘An Exposition on the Jurisdictional Issues in Cybercrimes in Nigeria’,
(2016) (7)(1)
Benue State University Law Journal, 281-282
Kaspersen Henrik W.K., Cybercrime and internet jurisdiction Vrrje Universiteit
Amsterdam,
Economic crime Division, Directorate General of Human Rights and Legal Affairs,
Strasbourg, France Version 5 March (2009), 12 < www.coe.int/cybercrime.> Accessed
14 April 2022
Kochems A., and Keith L.,’Successfully Securing Identity Documents: A Primer on
Preventive
Technologies and ID Theft’, (2006)
Ladan M.T., ‘Appraisal of Legal, Regulatory and Institutional Frameworks in
Combating
Money Laundering and Terrorism Financing in Nigeria’, (2013,) being an
independent study on the recent legal, regulatory and institutional regimes (2011-
2013) in combating money laundering and terrorism financing in Nigeria Zaria,
Kaduna state, Nigeria, 36-40 < http://mtladan.blogspot.com/> Accessed 26 April 2022
Laura A., ‘Cybercrime and National Security; the role of the penal and procedural
Law, (2015),
Research Fellow, Nigerian Institute of Advance Legal Studies, 7 < http://nials-
nigeria.org/pub/lauraani.pdf.> Accessed 3 April 2022.
Longe O. and Chiemeka B., ‘Cybercrime and Criminality in Nigeria: what Role are
Internet
Access Point Playing?’, (2008) (6) (4), European Journal of Social Science, <
http://www.europeanjournalofsocialsciences.com> Accessed 17 April 2022
Longe O.B., and Longe F.A., ‘The Nigerian Web Content: Combating the
Pornographic Malaise
Using Web Filters’, (2005) (5) (2) Journal of Information Technology Impact,
<www.jiti.net> Accessed 18 april
Longe O.B, Mbarika and V., and Kourouma M., Wada F., and Isabalija R., ‘Seeing
Beyond the
Surface: Understanding and Tracking Fraudulent Cyber Activities’(2009) (6) (3)
International Journal of Computer Science and Information Security 124-135. Search
security, Information Security magazine (2009),
Maitanmi O. and others, ‘Impact of Cyber Crimes on Nigerian Economy‟, the
International
Journal of Engineering and Sciences (IJES) (2) (4), 47<
http://www.theijes.com/papers/v2-i4/part.%20%284%29/H0244045051.pdf.>
Accessed 17 April 2022.
Meke E.S.N., ‘Urbanization and cybercrime in Nigeria : Causes and Consequences:
(2012) (2)
(8) ARPN Journal of Science and Technology, 631,
<http:/www.ejournalofscience.org.> Accessed 3 April 2022
Mu’azu A.S, and Abubakar M.K., ‘Cybercrime in Nigeria:An Overview of
Cybercrime Act
2013’, (2014) (32) Journal of Law, Policy and Globalization, 23
Moore, ‘Cramming more components onto integrated circuits’, (1965) (38) (8)
Electronics,
<ftp://download.intel.com/museum/Moores_Law/ArticlesPress_Releases/
Gordon_Moore_1965_Article.pdf >Accessed 28 April 2022
Nweze-Iloekwe N., ‘ The Legal and Regulatory Aspect of International Cybercrime
and
Cybersecurity: Limits and Challenges’, (2022), SJD Dissertation, Department of
International Legal Studies Golden Gate University School of Law <
https://digitalcommons.law.ggu.edu/theses> Accessed 16 April 16, 2022
O’Brien D., ‘A Short History of Law Enforcement and Cyber Crime,’ (2018) Medium
<https://medium.com/threat-intel/cyber-crime-takedowns-66915be7307e> Accessed
16 April 2022
Okeshola F.B., and Adeta A.K., ‘The Nature, Cause and Consequences of Cybercrime
in tertiary
Institution in Zaria, Kaduna State’, (2013) (3) (9), American International Journal of
Contemporary Research, 1.
Olanipekun O. ‘Cybercrimes in the Banking Sector: Facing the new wave of criminals
legally,’
(2015), 10.

Osborn H.Q., and others, ‘Fighting Cybercrime in Africa; Computer science and
Engineering,
(2012) (2) (6), computer.scientific&Academic, 2
<http://Journalsapub.org/computer.scientific&Academic.> Accessed 14 April 2022
Paust J., ‘Panel: Cybercrimes and the domestication of international criminal law’,
(2007) (5)
Santa Clara Journal of International Law, 432- 442.
Peeters, ‘Identity Theft Scandal in the U.S.: Opportunity to Improve Data Protection,
Multimedia’ (2007),und Recht, 415
Selma D., and others ‘Applications of artificial intelligence techniques to combating
cyber
crimes: a review’, (2015) (6) (1) International Journal of Artificial Intelligence &
Applications, 2
Smith R.G., and Holmes M.N., and Kaufmann P., ‘Nigerian advance fee fraud. Trends
and
Issues in Crime and Criminal Justice’, (1999) (121) Australian Institute of
Criminology, Canberra. <http://www.aic.gov.au> Accessed 18 April 2022
Soma J.T, and others ‘Transnational extradition for computer crimes: Are new treaties
and laws
needed? (1997) (34) Harvard Journal on Legislation 317, 324–6.
Vladimir G., ‘International Cooperation in Fighting Cyber crime’, (2005) (5)
<www.crimeresearch.org> Accessed 3 April 2022
Willinger and Wilson, ‘Negotiating the Minefields of Electronic Discovery’, (2004)
(x) (5)
 Richmond Journal of Law & Technology,
BOOKS

Denning DE, Information Warfare and Security. (ACM Press, USA 1999)

Council of Europe: European Committee on Crime Problems, ‘Extraterritorial criminal

jurisdiction’ (1992) (3) Criminal Law Forum 441, 446
Garner A. B., Black’s Law Dictionary, (8th ed, Thomson West, United State of
American, 2009),
414.
Ladan M.T., ‘Cyberlaw and Policy on Information and Communications Technology
in Nigeria’,
(Ahmadu Bello University Press Limited 2015) 104.
Loftness S., Responding to Phishing Attacks.(Glenbrook Partners 2004)
Parker D., Fighting Computer Crime: For Protecting Information (Wiley 1998).

Rodney D.R., Intellectual Property are the internet, (Butterworths, New Delhi. 2002)

111

Roger S., Rogers Communications Inc, (2008) Annual Report , 12

Shinder, D.L Scene of the Cyber Crime; Computer Forensics handbook, (Syngress
Publishing
Inc. 88 Hingham street, USA. 2002)1
Sieber U., The international handbook on computer crime : computer-related
economic crime
and the infringements of privacy, (Chichester : Wiley, 1986)
Sutherland E., Principles of Criminology. (4th edn, Chicago: Philadelphia J.B.
Lippincott
Company 1939),
Tudor J.K., IS security Architecture, An Integrated Approach to Security in the
Organization.
(Auerbach Publications, USA 2001)
Wadrip F., and Nick M., ‘The Lessons of Lucasfilms Habitat: The New Media Reader,
(eds.
MIT Press, 2003) 664-667.
Walden I., Computer Crimes and Digital Investigations (Oxford University Press

2006).

Weiner N., A Life in Cybernetics, (The MIT Press 1948)

OTHER INTERNET SOURCES

Cybercrime (Prohibition, Prevention, etc.) Act, 2015, Explanatory Memorandum <
https://ictpolicyafrica.org/en/document/h52z5b28pjr#:~:text=CYBERCRIMES
%20(PROHIBITION%2C%20PREVENTION%2C%20ETC)%20ACT%2C
%202015Explanatory,punishment%20of%20cybercrimes%20in%20Nigeria.>
Accessed 3 April 2022
The communicator Magazine, ‘Nigerian Communications Commission’ (2015) 1
<www.ncc.gov.ng/thecommunicator/index//php/option=com-
content&iew=article&id=899:9-summary-of-thelegislation-on-cybercrime-in-
nigeria&catid-132:features&itemid=68> Accessed 13 April 2022.
The communicator Magazine <www.ncc.gov.ng/thecommunicator> Accessed 14
April 2022
Crimes related to computer networks, background paper for the workshop on crimes
related to computer networks, 10th UN Conference on the prevention of crimes and to
treatment of offenders, 2000, A/CONF/87/10, 5
<www.uncjin.org/documents/confr10/10e.pdf.> Accessed 14 2022
The Indian Law Institute, Introduction to the cyber world and Cyber law (2010), 10<
https://www.texilajournal.com/academic-research/article/844-cyber-crime-in>
Accessed 16 April 16, 2022
The European Parliament, the Economic and Social Committee and the Committee of
Regions,
26th January, 2001. <http://www.europe.en.int. > Accessed 14 April 2022
Raven, The History of Hacking and Phreaking. HelpnetSecurity (2002),
<www.helpnetsecruity.com/2002/04/04/the-history-of-hacking-and-phreaking/>
Accessed 16 April 2022
Mifitzgerald, ‘Nine Famous Hacks. Extreme Tech’, (2004)
<https://www.extremetech.com/extreme/55530- nine-famous-hacks> Accessed 16
April 2022
Le VPN, ‘Where Does Cybercrime Come From? The Origin & Evolution of
Cybercrime’,
(2018). < https://www.le-vpn.com/history-cyber-crime-origin-evolution/> Accessed
16 April 2022
Techopedia, ‘Cybercrime’ <https://www.techopedia.com/definition/2387/cybercrime>
Accessed
16 April 2022
United Nations Office on Drugs and Crime (UNODC), ‘Comprehensive Study on
Cybercrime’ <
https://www.unodc.org/unodc/en/organized-crime/comprehensive-study-on-
cybercrime.html> Accessed 16 April
ISBuzz Staff, ‘The Secret History of Cyber Crime. Information Security Buzz’ (2015),
<https://www.informationsecuritybuzz.com/articles/the-secret-history-of-cyber-
crime/> Accessed 16 April 2022
KnowBe4, ‘AIDS Trojan or PC Cyborg Ransomware’
<https://www.knowbe4.com/aids-trojan>
Accessed 16 April 2022
International Telecommunication Union (ITU). (2011). ICT Facts and Figures. ITU,
2011
https://www.itu.int/ITU-D/ict/facts/2011/material/ICTFactsFigures2011.pdf&ved>
Accessed 16 April 2022
Council of Europe Convention on Cybercrime (CETS No. 185),
<http://conventions.coe.int.>
Accessed 16 April 2022
The same typology is used by the ITU Global Cybersecurity Agenda / High-Level
Experts
Group, Global Strategic Report <
www.itu.int/osg/csd/cybersecurity/gca/global_strategic_report/index.html.> Accessed
16 April 2022
APWG (Anti-Phishing Working Group). Phishing Activity Trends Report, (2004)
<http://www.antiphishing.org > Accessed 17 April 2022
E-Marketer estimate and projections (2006).<
http://www.emarketer.com/docs/emar_whitepaper.pdf.> Accessed 17 April
2022
Internet Ecosystem <http://www.eitc.org/research-opportunities/future-internet-and-
optical-
quantum-communications/the-internet-ecosystem-and-dns/the-internet-ecosystem>
Accessed 20
April 2022
McConnell International (2000)< www.mcconnellinternational.com > Accessed 20

April 2022

U. Kohl, ‘Jurisdiction and the Internet’, <www.worldcat.org> Accessed 20 April

2022.

ITU, ‘ Cybersecurity Work Programme to Assist Developing Countries 2007-2009’,

(2007),<
www.itu.int/ITU-D/cyb/cybersecurity/docs/itu-cybersecurity-workprogramme-
developing-countries.pdf.> Accessed 22 April 2022
Rev. Johannesburg, ‘on Cybersecurity (2008)’, ITU WTSA Resolution 50,
<www.itu.int/dms_pub/itu-t/opb/res/T-RES-T.50-2008-PDF-E.pdf > Accessed 22
April 2022
www.itu.int/en/ITU-T/studygroups/com17/pages/cybersecurity.aspx > Accessed 22
April 2022
International Telecommunication Union Cybercrime Legislation Resources
‘Understanding
cybercrime: A guide for developing countries’ (2009) Draft,<
www.itu.int/ITU.D/cyb/> , Accessed 23 April 2022
<konga.com, cheki.com nairaland.com, jumia.com.ng, inspiredmotors.com,>
Accessed 23 April
2022
The United States Internet Crime Complaint Centre (IC3) (a partnership between the
FBI and the
National White Collar Crime Centre) IC3 Internet Crime Report 2006, <
http://www.ic3.gov/media/annualreport/2006_IC3Report.pdf> Accessed 23 April
2022
Law Enforcement Efforts to combat Internet Auction Fraud, (2000) Federal Trade
Commission,
<http://www.ftc.gov/bcp/reports/int-auction.pdf. > Accessed23 April 2022
http://pages.ebay.com/help/feedback/feedback.html.> Accessed 23 April 2022

‘EFCC & NCC websites hacked’ <www.dailytimes.com.ng/article/efcc-ncc-websites-

hacked>
Accessed 23 April 2022
International Telecommunication Union Cybercrime Legislation Resources,
‘Understanding
cybercrime: A guide for developing countries’, (2009), Draft,
<www.itu.int/ITU.D/cyb/> Accessed 26 April 20.
<www.saycocorporativo.com/saycoUK/BIJ/journal/Vol3No1/Article_> Accessed 22

April 2022

< www.cenbank.org/cashless/ > Accessed 26 April 2022

Nigeria’s Transition to Cashless Economy’, Thisday Live, (Lagos, July, 3 2013)

<http://www.thisdaylive.com/artilcles/nigeria-s- transition
-to-cashless-economy/122241> accessed 26 April 2022
<http://www.scuml.org/userfiles/SCUML%20FINAL%20REGULATORY

%20DOCUMENT%5B1%5D.pdf> Accessed 27 April 2022

‘Fight Against Cybercrime, Legislation As

Rescue’,<http://callcenterinfo.tmcnet.com/news/2006/04/14/1573060.html> Accessed
27 April 2022
<http://callcenterinfo.tmcnet.com/news/2006/04/14/1573060.html> Accessed 27 April

2022

Interpol in Appeal to find Paedophile Suspect, The New York Times, ( New York,
August 10
2007), <www.nytimes.com/2007/10/09/world/europe/09briefs-pedophile.html?
_r=1&oref=slogin > Accessed 28 April

Cybex ‘The admissibility of Electronic evidence in court: fighting against high-tech

crime’,
 (2005), < www.cybex.es/agis2005/elegir_idioma_pdf.htm> Accessed 28 April
2022