Various countries have introduced legislation that directly deals with cyber crime while others have reformed and modified their existing criminal laws to include this emerging crime.
However many countries do not have adequate legislation that addresses cyber crime and this includes Kenya. Cyber crime laws, for example, protect certain rights and assets such as privacy and identity by rendering illegal the interception and unauthorized access to digital data and resources privately owned.
They also provide legal frameworks that assist cyber crime investigators in achieving successful prosecutions. The United Kingdom for example has introduced various legislative initiatives over time, meant to specifically address cyber crime. These include the Computer Misuse Act (1990), the Criminal Justice and Police Act (2001), the Police & Criminal Evidence Act (1984) and the Regulation of Investigatory Powers Act (2000) among others.
In the USA, legislation has also been introduced to combat cyber crime for example the Patriot Act (2001), Homeland Security Act (2002), Prosecutorial Remedies and Tools Against the Exploitation of Children Today (PROTECT) Act among many others.
The absence of an integrated cyber legal framework in Kenya provides a great challenge to local cyber crime investigators and digital evidence gathering efforts.
The ICT Bill 2008, which will be tabled in Parliament once it reopens, commendably addresses cyber-crime and electronic transactions. It outlines a number of new electronic offences and prescribes the minimum/maximum punishment to be meted out on offenders. These offences include unauthorized access to computer data and access with intent to commit offences.
The ICT Bill 2008 (in the Fifth Schedule) notably mentions electronic evidence. In sum it defines electronic evidence as any information contained in an electronic record which is printed on a paper, stored, recorded or copied on optical or electro-magnetic media produced by a computer.
What the bill has, however, failed to recommend and spell out is the legal process of cyber crime investigation and digital handling in Kenya. This is absolutely necessary because it translates to the rate of successful prosecutions. This issue is especially relevant to our investors, for example call centers, which need a legislative umbrella that safeguards their operations (i.e. identity details and data handling).
The ICT Bill 2008 is long overdue and its tabling now is a damning indictment of our legislative process.
Technology is rapidly permeating our social and economic fabric. It is fundamentally altering past business and social processes that require current regulatory and legislative controls, for instance M-Banking.
Future ICT legislation and resultant amendments in existing Acts must not be reactive to the vibrancy of the industry. The relevant authorities must specify and instruct a specific body to constantly develop relevant ICT legislation for example the ICT Board or the Communications Commission of Kenya.