Defending Cybercrime Allegations:How to Navigate Nigeria’s Cybercrimes (Prohibition, Prevention, etc.) Act

Abstract

In Nigeria’s rapidly digitizing society, the line between lawful digital expression and alleged cybercrime is often as fragile as a tweet. The Cybercrimes (Prohibition, Prevention, etc.) Act, 2015 was enacted to protect national interests in cyberspace but it has evolved into a double-edged sword. While it criminalizes genuinely harmful behavior online, its broad and sometimes ambiguous provisions have made it fertile ground for overreach, misinterpretation, and even political misuse. This paper is not merely a doctrinal review; it is a defense manual for the accused in a digital age where guilt is often presumed by association with an IP address. It dismantles the myth of infallible digital evidence and interrogates how power, ignorance, and flawed procedure converge in cybercrime prosecutions. Drawing on real-world cases, constitutional safeguards, and forensic fallibility, it offers a bold, rights-centered roadmap for navigating cybercrime allegations under Nigerian law. At its heart, this  article is a call to recalibrate the balance between cybersecurity and civil liberty-where justice is not coded in binaries, and where defending the accused is not an act of rebellion but of responsibility.

Author’s Note

This  article was written with the conviction that the future of law must reckon with the realities of digital life. In a country as complex as Nigeria, where innovation and authoritarianism often coexist online, the defense of cybercrime allegations is more than a legal procedure; it is a test of how justice adapts to the speed and scale of the internet. I hope this work will serve not only as a legal guide but also as a provocation for deeper thought on how to protect both digital spaces and the people navigating them.

 Introduction: Cybercrime and the Nigerian Legal Landscape

The rise of digital technology in Nigeria has transformed how individuals communicate, transact, and access information. Alongside this transformation, however, has come a surge in cyber-related offenses, ranging from phishing scams and identity theft to politically motivated cyberstalking and digital extortion. To combat these growing threats, Nigeria enacted the Cybercrimes (Prohibition, Prevention, etc.) Act, 2015, the country’s first comprehensive legislation addressing offenses committed through or against computer systems and networks

Yet, as the reach and application of the Act have expanded, so too have concerns about its implementation, especially in cases involving allegations that may lack clear evidence or where enforcement agencies exceed legal boundaries.

The challenges in navigating cybercrime allegations often stem from:

• Ambiguous statutory language, particularly in offenses such as cyberstalking;
• Overreliance on digital traces without proper

torensic validation;

• Violations of due process, including warrantless arrests or searches;
• A gap in public and professional understanding of digital rights and responsibilities.

This paper sets out to explore these challenges from a defensive legal perspective, asking not merely how cybercrime is prosecuted, but how it is alleged, and more importantly, how it may be fairly and successfully defended. Through doctrinal analysis, case references, and practical guidance, it offers a roadmap for legal practitioners, rights advocates, and defendants navigating Nigeria’s complex cybercrime landscape.

Cyber crimes are committed with the help of technology and cyber criminals have deep understanding of information technology. Cyber crimes can be said to be technology-based crimes, in which technology is the weapon as well as the target at the victim’s end. For committing most cyber crimes including hacking, phishing, data theft, identity theft etc., a deep understanding of computers and the Internet is required. Cyber criminals are technocrats who understand the intricacies of information technology.

Understanding the Structure and Scope of the Cybercrimes (Prohibition, Prevention, etc.) Act, 2015

The Cybercrimes Act, 2015 is a foundational statute designed to protect Nigeria’s cyberspace from criminal abuse. It introduces a broad framework that criminalizes various activities online, regulates electronic transactions, and outlines enforcement mechanisms. To navigate this legislation effectively, particularly when defending an allegation, it is critical to understand both its structural composition and the substantive scope of its provisions.

A. Structure of the Act

The Act is divided into several parts, each addressing different elements of cyber regulation:

• Part I: Provides general objectives and interpretative provisions.
• Part II: Protection of Critical National Information Infrastructure
• Part III: Lists specific offenses and penalties; this is the heart of the statute.
• Part IV: Establishes the duties of service providers and institutions.
• Part V: Administration and enforcement
• Part VI: Arrest, search, seizure and Prosecution
• Part VII: Discusses jurisdiction, extradition, and the application of international law.
• Part VIII: Includes miscellaneous and procedural provisions, such as the power to make regulations.

Understanding this structure allows lawyers to navigate the statute with precision, identifying whether an issue relates to substantive offense, procedural safeguards, or jurisdictional challenges.

B. Scope of the Act

The scope of the Cybercrimes Act is intentionally expansive. It criminalizes a wide range of behaviors that were previously unregulated or under-regulated under Nigerian law. The offenses broadly fall into the following categories:

1. Offenses Against Computer Systems and Data

• Section 6: Unauthorized access to computer systems or networks.
• Section 8: System interference (e.g., attacks on infrastructure).
• Section 9: Data interference or unauthorized modification.

2. Computer-Related Offenses

• Section 22: Identity theft and impersonation.
• Section 13: Computer-related forgery and fraud.
• Section 14: Online fraud (common in cases of ‘Yahoo-Yahoo’).

3. Content-Related Offenses

• Section 24: Cyberstalking; arguably the most controversial section due to its vague and subjective language.
• Section 23: Child pornography.
• Section 26: Racist or xenophobic content.

4. Financial and Payment-Related Offenses

• Sections 33-35: Offenses involving electronic cards, electronic payments, and ATM fraud.

5. Terrorism and National Security

• Section 18: Cyberterrorism

6. Jurisdictional and Cross-Border Application

• Section 50: Gives Nigerian courts jurisdiction over cyber offenses committed outside Nigeria, provided that the system affected is located within the country or if the offense has substantial effects in Nigeria.

The Most Commonly Alleged Offenses: Focus on Section 24 (Cyberstalking)

Among all the provisions in the Cybercrimes Act, Section 24 stands out as the most frequently invoked-and the most contentious. Its use has extended far beyond prosecuting genuine harassment to include cases involving political commentary, satirical expression, and interpersonal disputes. For legal practitioners, understanding the nuances of this section is critical in mounting a viable defense.

A. What Section 24 Criminalizes

Section 24(1) criminalizes any person who:

“..knowingly or intentionally sends a message or other matter by means of computer systems or networks that—

1. is grossly offensive, pornographic or of an indecent, obscene or menacing character; or
2. he knows to be false, for the purpose of causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred, ill will or needless anxiety to another…”

The penalty is up to three years imprisonment or a fine of N7,000,000, or both.

B. Legal Controversies and Constitutional Concerns

The wording of Section 24 allows for a subjective interpretation of “annoyance” or “insult”, which opens the door to selective enforcement.

C. Patterns in Enforcement

Defendants are often arrested following petitions by private individuals, many of whom are politically connected without a thorough investigation into the intent or truthfulness of the alleged content. In such cases:

• Devices are confiscated without proper warrants.
• Statements are taken in the absence of legal counsel.
• Charges are filed under Section 24 before forensic evidence is properly reviewed.

D. Defensive Strategies

To defend clients charged under Section 24, the following should be considered:

• Challenging the constitutionality of the section based on vagueness and infringement of rights under Section 39 of the Constitution.
• Arguing lack of intent or knowledge-key mental elements required by the statute.
• Demanding proof of forensic authenticity of messages or posts attributed to the defendant.
• Contextualizing the message, satire, critique, or personal expression may not meet the threshold of criminal conduct.

Enforcement Practices and Forensic Challenges in Cybercrime Prosecution

While the Cybercrimes Act sets a legal framework for prosecuting offenses committed through digital means, its real-world enforcement often falls short of constitutional standards. Alleged cybercrime cases in Nigeria are frequently characterized by procedural irregularities, forensic limitations, and rights violations, all of which create significant openings for a robust defense.

A. Arrests Without Warrants or Probable Cause

Although the Administration of Criminal Justice Act (ACJA), 2015 and the Constitution require that arrests be based on credible suspicion and conducted with proper warrants, many cybercrime suspects are arrested based on petitions or anonymous tips. This raises critical due process concerns. In practice:

• Law enforcement officers may seize devices and conduct searches without court-issued warrants.
• Arrests are made based on digital content without authenticating the source or authorship.
• Some defendants are denied immediate access to counsel, in violation of Section 35(2) of the Constitution.

These procedural breaches are grounds for challenging admissibility of evidence and seeking to quash charges.

B. The Myth of Digital Infallibility

Contrary to popular belief, digital evidence is not self-authenticating, nor is it immune to error or manipulation. Nigeria lacks a comprehensive, independent digital forensics infrastructure, and investigators often rely on third-party vendors or in-house units with limited capacity.

C. Chain of Custody and Forensic Integrity

A core principle of digital evidence is maintaining a chain of custody, ensuring that digital materials are collected, handled, and preserved in a way that prevents tampering. Nigerian courts have recognized that:

• Digital devices must be imaged and analyzed using certified tools.
• Any forensic report must include timestamps and logs.
• Investigators must be able to testify to the integrity of the process.

In the absence of this, the defense can cast doubt on the veracity and admissibility of the so-called evidence.

D. Defensive Tactics in Forensics-Based Cases

A sound defense strategy may involve:

• Demanding independent forensic analysis by a neutral expert.
• Filing motions to suppress evidence obtained without due process.
• Insisting on disclosure of investigative methods and forensic procedures.
• Citing the Evidence Act, 2011, particularly Section 84, which governs the admissibility of electronic evidence in Nigeria.

Strategic Defenses: Protecting the Accused in a Digital Era

Successfully defending a cybercrime allegation in Nigeria demands more than just rebutting the facts, it requires strategic engagement with both the letter of the Cybercrimes Act and the realities of its enforcement. The goal is to ensure that digital evidence is tested, due process is enforced, and constitutional rights are protected. Below are some of the most effective legal strategies for defending individuals accused under the Cybercrimes (Prohibition, Prevention, etc.) Act.

A. Challenge the Elements of the Offense

Every cybercrime offense has specific legal elements that the prosecution must prove beyond reasonable doubt. A common pitfall in prosecution is presuming guilt based on digital traces (e.g., IP addresses or social media handles) without showing intent, knowledge, or causation. For example:

• Section 24: offenses (cyberstalking) require proof of intent to cause harm or annoyance, not just the existence of the message.
• Section 14: offenses (computer related fraud) require proof of false representation and actual or intended gain.

By dissecting each element, the defense can often reveal evidentiary gaps.

B. Invoke Constitutional Protections

The 1999 Constitution provides critical safeguards against overreach. When defending a client, always assess the following rights:

• Freedom of Expression under Section 39: Used to challenge vague or overbroad charges
• Right to Fair Hearing under Section 36: Ensures full disclosure of evidence and proper legal representation.
• Right to Personal Liberty and Protection from Arbitrary Arrest under Section 35.

Where these rights are violated, courts may strike out charges, suppress evidence, or even award damages in civil claims.

C. Challenge the Admissibility of Electronic Evidence

Under Section 84 of the Evidence Act, 2011, electronic evidence must be:

1. Produced by a computer in regular use.
2. Derived from reliable and documented processes.
3. Accompanied by a certificate of authentication.

If the prosecution fails to meet these standards, the defense can file a motion to exclude the evidence. Courts have upheld this in cases. Kubor v. Dickson

D. Demand Proper Forensic Procedures

Digital forensics in Nigeria is still evolving, and many law enforcement officers lack training in handling electronic evidence. As a defense lawyer, you may:

• Request an independent forensic audit of the digital evidence.
• Cross-examine investigators on the forensic tools and processes used.
• Challenge chain of custody failures or lack of verification.

These steps often reveal inconsistencies that cast doubt on the prosecution’s case.

E. Emphasize Procedural Defects

Even if the facts appear to support the allegation, the violation of procedural rules,

such as arrest without a warrant, delay in charging, or denial of access to counsel, may render the case untenable.

Rebalancing Cybersecurity and Civil Liberties: A Call for Reform

The Cybercrimes (Prohibition, Prevention, etc.) Act, 2015 was envisioned as a modern legal response to the growing menace of cybercrime in Nigeria. However, its real-world application has revealed systemic imbalances-where digital security is too often prioritized at the expense of civil liberties. The defense of cybercrime allegations, therefore, is not just about individual justice, but also about preserving democratic values in the digital age.

A. The Tension Between Security and Freedom

In its current form, the Act reflects a security-first philosophy. While this is understandable in a context plagued by fraud, cyberterrorism, and internet-based crime, the implementation of the law has blurred the line between protecting the public and silencing dissent. Sections such as Section 24 (cyberstalking) have been used to arrest activists, bloggers, and journalists under pretexts that would not survive scrutiny in mature democracies.

To maintain legitimacy and fairness, Nigeria must strike a better balance between digital regulation and rights protection, where online expression is not criminalized under vague provisions, and where technological ignorance does not become a tool for persecution.

B. Legislative Reform

Legal scholars and civil society groups have called for a comprehensive amendment of the Cybercrimes Act to ensure:

• Clearer definitions of offenses, especially those involving subjective terms like “annoyance” or
  “menacing character.”
• Stronger safeguards against misuse of prosecutorial discretion.
• Mandatory judicial oversight for all forms of digital surveillance and data seizure.

In 2023, a draft amendment bill was proposed in the National Assembly, but it has yet to gain traction. The legal community must continue to advocate for reforms that make the Act clear, fair, and consistent with Nigeria’s constitutional framework.

C. Institutional and Judicial Education

One of the most pressing challenges in defending cybercrime allegations is judicial unfamiliarity with technology. Many judges, police officers, and even lawyers remain untrained in digital forensics, electronic evidence protocols, or the implications of encryption and anonymity. This gap can lead to unjust decisions based on misunderstood evidence or exaggerated threats.

Capacity-building programs, through judicial training, law school reform, and continuing legal education are essential for ensuring that digital justice is not reduced to digital confusion.

D. Toward a Rights-Centered Digital Future

Ultimately, the defense of those accused under Nigeria’s cybercrime laws must not be framed as obstructing justice, but rather as enforcing it. A society that presumes guilt from metadata or denies fair trial on the basis of a Facebook post is not truly secure. True cybersecurity includes:

• Protecting freedom of expression;
• Ensuring due process for all digital defendants;
• Developing evidence standards that match global best practices.

The path forward lies not in criminalizing the internet, but in governing it responsibly, transparently, and constitutionally.

Conclusion

The rise of cybercrime in Nigeria presents a genuine and evolving threat. However, the urgency to legislate and prosecute must never override the foundational principles of justice, fairness, and constitutional rights. The Cybercrimes (Prohibition, Prevention, etc.) Act, 2015, while a landmark in Nigeria’s digital legal framework, contains provisions that are vague, overly punitive, and susceptible to misuse.

For legal practitioners, defending cybercrime allegations is both a technical and constitutional enterprise. It demands knowledge of digital evidence protocols, a deep understanding of statutory language, and a firm commitment to protecting due process. By challenging overbroad interpretations, demanding forensic integrity, and invoking constitutional safeguards, defense lawyers help preserve the rule of law in an age of digital suspicion.

As Nigeria’s digital ecosystem continues to expand, the country must pursue reform, education, and judicial consistency, building a cyber law regime that truly balances national security with individual liberty. The future of digital justice in Nigeria will not be secured merely by convictions, but by the fairness with which those convictions are pursued and obtained.