The Senate Committee on Information and Technology has withdrawn the Cyber Security and Protection Bill 2016 [PDF] to allow the public more time to give their views on the proposed law.
The committee Chair, Hon. Mutahi Kagwe, pointed out that there are loopholes in the proposed bill and as such, it cannot be passed as the public was not involved in the process.
The committee had earlier published an advert in the local newspapers inviting public participation for the bill on 19 October 2016. This is in line with the Kenyan Constitution, which requires public participation before any Bill is taken to the parliament for debate.
The Computer and Cyber Crimes Bill 2016 proposes wide-ranging offences relating to aspects of unauthorised access or access to the internet in order to commit further offences involving protected computer systems, child pornography, cyber stalking and computer fraud, which aims at protecting Kenyans from cyber bullying.
The Bill was drafted in September 2015, with input from government agencies, specialised institutions, the private sector, and academia as well.
Other aspects of the Computer and Cyber Crimes Bill 2016 include protecting online transactions arising from mobile money related crimes.
According to statistics released by the Ministry of Information, Communication and Technology (ICT), cyber attacks in Kenya increased by over 100 per cent over the period of one year (2015-2016), the Ministry attributes the increase to poor detection and lack of capacity to respond to the crime when they occur.
According to the proposed Bill which was withdrawn for further consultations and public participation, cyber criminals could face life in prison or pay hefty fines if parliament adopts the Bill.
The Bill provides for the creation of a National Cyber Threat Unit which is tasked with receiving and investigating reports of cyber threats and formulates measures to curb the same.
“The principal object of this Bill is to provide increased security in cyberspace and to provide for the prohibition of certain acts in the use of computers," reads the Bill sponsored by Nyeri Senator Mutahi Kagwe.
The Bill further reads that; a computer user is obliged by law to report any Cyber attack, intrusion or disruption to the unit within seven days for immediate action failure to which the victim commits an offence and shall be held liable.
The Bill borrows heavily from international standards and global scholars. It has the input of experts from Europe, Inter-Agency Committee for Formulation on Cyber-crime, the Budapest Convention on Cybercrime and the Council of Europe experts.
The proposed Bill also protects the Kenyan Electronic Payment and Settlement (KEPSS) which transacts up to Sh. 100 billion annually.
Once enacted into law, the proposed Bill is expected to help law enforcement agencies cope with investigations and prosecutorial challenges posed by criminals’ devised new ways; also Computer aided forensic equipment will for the first time used as evidence in courts of law to reduce online fraud.
The proposed Bill seeks to address cyberspace offence loophole in the enacted 2012 Anti-Terrorism law providing for a life sentence or up to 30 years imprisonment without fine to persons found guilty of engaging or helping terrorists.
The Bill imposes a fine of approximately $3,400.00 (Ksh 350,000) or a jail term of three years or both to a website operator sending messages to users to disclose their personal information for unlawful purposes or gain unauthorized access to computer systems.