1 TABLE OF CONTENTS

Certification............................................................................................................. ................................i Declaration.............................................................................................................. ................................ii Copyright................................................................................................................. ...............................iii Acknowledgement................................................................................................... ..............................iv Dedication................................................................................................................ ...............................v Abstract................................................................................................................... ...............................vi CHAPTER ONE........................................................................................................8 1.0 INTRODUCTION.............................................................................................8 THE BACKGROUND TO THE PROBLEM..............................................................10 1.2 STATEMENT TO THE PROBLEM...................................................................13 1.3 OBJECTIVES OF THE STUDY........................................................................14 1.4 SIGNIFICANCE OF THE STUDY.....................................................................14 1.5 LITERATURE REVIEW...................................................................................14 1.6 HYPOTHESIS OF THE STUDY.......................................................................17 ........................................................................18 CHAPTER TWO..................................................................................................... 18 2.1 Introduction................................................................................................18 CHAPTER THREE..................................................................................................27 3.1 Introduction................................................................................................27 CHAPTER FOUR....................................................................................................38 4.1 Introduction................................................................................................39

CHAPTER FOUR....................................................................................................................... ..............32 4.1 Introduction............................................................................................................. ....................32 4.2 Conclusion............................................................................................................... .....................32 4.3 Recommendations................................................................................................... ....................32 4.3.1 The Need to Enacting Cyber laws.....................................................................................33 4.3.2Training of Judges, Lawyers and Law Enforcers................................................................34 4.3.3 Judicial Response............................................................................................................34 4.3.4 Raising Public Awareness and Education........................................................................35 4.3.5 The Need for firms to secure their Networked Information...........................................35 4.3.6 Coordination and Cooperation........................................................................................35

Bibliography.............................................................................................................................36

CERTIFICATION The undersigned certify that has read and hereby recommends and approve for acceptance by the Faculty of Law of Tumaini University Makumira, a Research paper titled AN
ASSESSMENT OF LEGAL SYSTEM IN RELATION TO THE INCREASING RATES OF CYBER CRIMES IN TANZANIA in partial fulfilment of requirement for the award of the

bachelor of laws degree of Tumaini University-Makumira, Arusha.

DECLARATION AND SUPERVISION I, Fikiri Liganga, do hereby declare that this research paper is my own original work and has not been presented in any University in full or partial fulfilment of academic requirement for any degree or equivalent.

Signed at Arusha this.........day of .........2012 Signature....................... Fikiri Liganga

This research paper was supervised by Frank Akyoo, Lecturer, Faculty of Law, Tumaini University-Makumira. I have read this paper and approve it for final marking.

Signature............... F. Akyoo Date..................

COPYRIGHT All rights reserved. This research work is a copyright material protected under the Berne Convention, the Copyright and Neighbouring Rights Act, Cap 218 R.E. 2002 and other International and National enactments in that behalf, written on intellectual property. No part of this work may be reproduced, stored in any retrieval system, or transmitted in any form by any means, electronic, mechanical, photocopying, recording or otherwise without prior

written permission of the researcher or The Faculty of Law of Tumaini University-Makumira in that behalf.

All rights reserved 2012

ACKNOWLEDGEMENT One person who hands without assistance and contribution from other people cannot do as a hard work as this research would seem to be. Many people have contributed in accomplishing this research. Few of them are mentioned but all who accompanied me in one way or another are regarded and their assistance is of vital role in doing this research.

I would first of all thank my Heavenly Father for his close presence to me since I was born to date and be with me ever since I set my feet at Tumaini University-Makumira. I would like also to thank my family for their moral and financial support during my studies. I would like to thank my parents in a very special way for their courage and prayer throughout my lifetime and during my studies at this Institution. It is hard to pay them back but I pray they are blessed by the Almighty God. Special thanks to my supervisor, Mr. Frank Akyoo for his kind supervision, fatherly heart and material support in accomplishment of this research. Also his guidance and criticism played a vital role for this research to be presentable. I also appreciate the contribution of Dean, Faculty of Law, Tumaini University - Makumira for his support and courage. Special thanks to my roommates; Daniel D. Sanka, Gabriel Wansato and Dennis Ngutu for their moral support and criticism to this research. Finally, I would like to express my appreciation to my fellow third year students, Faculty of Law at Tumaini University, Makumira (2012) for their cooperation throughout three years of studying. I wish them all the best.

DEDICATION This work is dedicated to my family, my precious parents Zubeda Rashidi Kunamba and Dr. Ntauka, my lovely sister Fatima Faraji, my elder brother Abillahi Omari and my lovely younger brother Ninde Liganga.

Their Love, Labour and Courage are untold.

ABSTRACT The ICT revolution is shaping our world in ways it has been difficult to predict and to appreciate. The remarkable achievements in the Information and Communication Technology (ICT) sector is really a matter of pride in Tanzania and the world as a whole, but

cybercrime, as its associated problem, is causing serious concern. Cybercrime, also known as Internet crime or computer crime, is a modern crime, which is growing and expanding at the highest speed. As a result, incidences of cybercrimes are increasing geometrically worldwide and Tanzania in particular. The countrys image has also suffered because of the immoral activities of some Tanzanians and other foreigners that have now turned ICT technology into a cheap conduit for the commission of the offences. Few incidences have been reported to the police and few cases taken to court. Although, some cases are in court, however, existing laws in Tanzania have not sufficiently considered the online society in cyberspace. The offences have changed from traditional crimes to cybercrimes; Evidence has also changed from tangible to intangible. The ways of prosecuting, collecting, preserving and tendering evidence in court have also changed. This situation challenges existing traditional laws in Tanzania. The researcher in this work has digested various issues by making a comparative study with other jurisdictions that have taken serious measures in addressing cyber issues. In analysing the issues, the researcher has realised that Tanzanian laws are inadequate to curb cyber related issues. Finally, the researcher has provided recommendations on the possible measures to curb the situation.
CHAPTER ONE

1.0 INTRODUCTION The term "cybercrime" is also known as the "computer crime" or "computer-related crime, or "high-tech crime." However, they can be used interchangeably. Cybercrime is understood as "criminal acts committed using electronic communication networks and information

systems or against such networks and systems."1 The term cybercrime is not different from the concept of conventional crime. Both include conduct which causes breach of rules of law and counterbalanced by the sanction of the state.2 However, they somehow differ from one another. The primary difference is that; cybercrimes operates by using new technology that involves computer systems in a cyber- culture context.3 This involvement of the computer technology creates new challenges that require legal systems and legislation be amended.4 Cybercrime is global in character; offenders can take advantage of gaps in existing laws to avoid apprehension and prosecution. Therefore, in so far as this is concerned, Tanzania needs to have in place all the necessary legal tools including an arsenal of clearly defined cybercrime offences for use in prosecuting cyber criminals and procedural rules governing evidence gathering and investigation.5 Cybercrimes are associated with the use and development of Information Communication Technology (ICT) which has improved the efficiency and flexibility in providing services and many organizations are increasingly relying on it, which evidently handles a very critical part of the organisations core services.6 The exponential growth of this technology, the increase in its capacity and accessibility, and the decrease in its cost, has brought about revolutionary changes in commerce, communication, entertainment and the rise of a modern crime known as cyber crime.7 This work, therefore, focuses at providing an overview of the recent developments in Information Communication Technology in Tanzania and its legal impact on domestic laws and the security of internet users. Furthermore, it provides a critical analysis of the efforts taken by Tanzania in addressing cyber issues and the challenges it faces so far.

1 2

The cybercrime convention committee, cybercrime and the European Union, 2007 at Pg. 4 Rathinasabapathy, G and Rajendran, L, Cyber crimes and information frauds: Challenges for LIS professionals, Butterworths, Lexis 1991 Pg. 132. 3 Ibid 4 Bakari, J.K. A Holistic Approach for Managing ICT Security in non Commercial Organization, Doctoral Thesis, Stockholm University Sweden. 2007 Pg. 3 5 Ibid 6 See note 4 above 7 Grabosky,P, Cyber crime and Information Warfare; paper presented at the transnational crime conference convened by the Australian Institute of Criminology in association with the Australian Federal Police and Australian customs service, 2000 at Pg. 3

10

THE BACKGROUND TO THE PROBLEM The problem of cybercrime in Tanzanian can be traced far back in 1960s. By that time, following the need to protect information technologies, the government enacted legislations to regulate Information Communication Technology (ICT). Examples of these pieces of legislation include; Post and Telecommunications Corporation Act, the Broadcast Receiving Apparatus (Licensing) Act,8 and the Tanganyika Broadcasting Corporation (Dissolution) Act.9 In 1970s, following the advancement of science and technologies in the world, which was associated with the massive use of computers, the government foresaw the danger of information system in the country being affected by such advancement. As a result, the government banned the importation of computers in the country.10 This mission failed and as a result several computers were imported. Because of this, the government enacted the Posts and Telecommunications Corporation Act in 1977 to cope with those changes. The process continued and it reached the time where the technological changes outpaced the law regulating Information Communication Technologies (ICT) in the country. In other words, the laws by that time were not meant to incorporate internet issues. They were indeed meant to deal with paper-based transactions. Until now Tanzania does not have specific legislations dealing with cyber laws and most of the laws that are in place were enacted before cyber security was an issue. Therefore, statutory laws have remained in yesterday while the society and technology are moving at a speed of light. This situation contravenes the very purpose of the law and disturbs its functions in the society as well. It is a known fact that law is a dynamic concept that keeps on changing in keeping pace with changes in society. Flexibility provides some measure of discretion in law to make it adaptable to social conditions.11 If law is rigid and unalterable, it may not respond to changes spontaneously which may lead to resentment and dissatisfaction among the subjects and may even result in violence or revolution.12
8 9

Act No. 6 of 1964 Act no. 11 of 1965 10 The website of Eileen P. Drew and F. Gordon on the Information Technology in Selected Countries: Reports from Ireland, Ethiopia, Nigeria and Tanzania found at http://www.lrct.go.tz/documents/jpurnal.pdf retrieved on the 21st December 2011. 11 Paranjape, N.V. Studies in jurisprudence and Legal theory, Central Law Publications, 2004, Pg.136 12 Ibid

11

Furthermore, some cases may go unpunished due to the absence of clear and responsive laws. For example, in early May of 2000, a computer virus known as the "love bug" emerged and spread rapidly around the globe.13 The virus that was designed to disseminate itself and to destroy various kinds of files on a victim's computer infected about 270,000 computers and forced the shutdown of computers at large corporations such as Ford Motor Company and Dow Chemical Company, as well as the computer system at the House of Lords in the first hours after it was released.14 If one goes clearly through this particular experience, he will, without hesitation, find that the challenges, which were posed by love bug virus in Philippines is a good lesson for other countries around the world including Tanzania. Although, the judiciary in Tanzania has tried in certain instances to resolve the challenges of ICT; however, it has done this by interpreting and applying the existing statutory and common law principles in ways and manners that incorporate the existing social realities.15 While the Evidence Act of 1967,16 Penal Code17 and the Criminal Procedure Act,18 remain operational, developments in such areas as information technology have gone way beyond what those statutes could have envisaged at the time of their enactment. The advent of the computer has brought with it new forms of record microchips, diskettes, and flash discs that are not keeping in software - microfilms, by any means within the former

understanding of the word document19 which was a written matter on a surface. While cybercrimes pose a significant threat to the development of electronic transactions, Tanzanian laws do not recognize criminal activities on the internet. For example, laws on consumer protection, sales and supply of goods in Tanzania protect consumers in off-line
13

Abdallah .A, The impact of ICT revolution in Tanzanias legal system: A critical analysis of cybercrimes and computer forensic evidence. A compulsory research paper submitted in partial fulfilment for the requirement for the degree of master of laws ( LLM) by thesis of the open university of Tanzania, p. 96 14 Brenner, S.W. Cybercrime investigation and prosecution; the role of Penal and Procedural law. Macmillan Publications, 2001, Pg.2 15 This was stated i the case of Tanzania Cotton Marketing Board v Cogecot Cotton Company SA [1997] TLR No. 165 16 CAP 6 of the Laws of Tanzania (R.E 2002 17 CAP 16 of the Laws of Tanzania(R.E 2002) 18 CAP 20 of the Laws of Tanzania (R.E 2002) 19 The term document is defined under section 3(1) of the Evidence Act 1967 (CAP 6 R.E 2002) to mean; any writing, handwriting, typewriting, printing, Photostat, photograph and every recording upon any tangible thing, any form of communication or representation by letters, figures, marks or symbols or by more than one of these means which may be used for the purpose of recording any matter provided that such recording is reasonably permanent and tangible.

12

business only and do not apply to online businesses especially when it comes to the matter of distance contracts. Current laws do not protect consumers against risks involved in the distance selling and buying business because online or distance contracts were not in practice in Tanzania by the time these laws were enacted. It is further, noted that, Tanzanian laws neither cover on-line contracts nor recognize cyber space. The laws provide that; the contract must be in writing and duly signed or authenticated before a witness.20 This requirement is hardly applicable in cyber space. The existing laws facilitate paper based transactions, which apparently are not applicable to technological changes that are currently taking place in requirement of an information society.21 Furthermore, the government and institutions relying on ICT have not accommodated the increased capacity, efficiency and security risk in ensuring the delivering of public services at the safe environment.22 The report from the Tanzanian Police Force shows that there is an increase in reported cases of computer related crimes in the country. A good example is the increase of number of traders forging receipt of imported goods using computers in order to evade tax. The incident of theft that occurred at Barclays bank where an organised group of business people stole US$1.8 million equivalent of 2.4 billions Tanzania shillings using computer technology is a continuation of computer crimes taking place in Tanzania.23 Although, cybercrime is a worldwide problem, in developed countries such as USA and the UK, the government and institutions relying on ICT have tried to employ inhouse Computer forensic experts who realise the risks of having an attack before it occurs or before the security breach and have enacted cyber laws which define clearly cybercrime offences.24 As the industrial revolution rendered obsolete aspects of law based on notions of an agrarian society, so a legal system focusing on issue of ownership, control and use of physical objects must reorientate itself to suit the requirement of an information society.25
20 21

See note 13 above. The website of Cyber security in Tanzania- Country report, available at http://www.itu.int/osg/spu/cybersecurity//contributions/tanzania-ulanga-paper- visited on 29th March 2012. 22 See note 13 at pg. 39 23 See note 13 above. 24 Ibid, pg. 43 25 See note 13 above,at pg. 45

13

That has never been done in Tanzania and it remains clear, however, that regulation of ICT in Tanzania is still at an initial stage, and much needs to be done in the ICT legal framework. 1.2 STATEMENT TO THE PROBLEM The problem of cybercrimes in Tanzania is, like in many other jurisdictions, increasingly fatal. As computers have developed in the country, so have also criminal offences associated with their use. But the laws in Tanzania have never changed to reflect these dangerous advancements. The existing traditional penal laws such as the Penal Code26 have nothing to do with the increasing cybercrimes yet. These traditional laws were not written with the on-line society with Cyberspace in mind causing the problem of their applicability on cybercrime. It is a common understanding that the information structure in Cyberspace represents values which should be protected, also by criminal law measures. But the provisions in existing traditional criminal laws are still meant to ignore the protection of these values and instead they only describe qualified unethical behaviours that the societies have decided to be criminal offences. There is, until now, no specific provision in the penal code which addresses cybercrime as an offence under the Code. There are also issues associated with admissibility of electronic evidence. It is clearly known that in every criminal case, parties are required to tender evidences before the court of law. In Tanzania, the law regulating the principles of evidence is governed by Evidence Act.27 The Act provides for the best evidence rule that Documents must be proved by primary evidence except as otherwise provided in this Act.28 The term primary evidence is defined under section 64(1) to mean the document itself produced for the inspection of the court. According to sections 67 and 68,29 secondary evidence may be admitted in court where the original cannot be found. From the analysis of the provisions above, it seems that the term evidence assumes the existence of a tangible thing, which under normal circumstances entails a piece of paper. The ordinary construction given to the term evidence in the Act excludes evidence derived from electronic transactions. It is thus suited only to a paper-based economy. It can therefore be correctly stated that the Evidence Act was enacted to govern paper-based transactions. The
26 27

CAP 16 of the Laws of Tanzania (R.E 2002) CAP 6 of the Laws of Tanzania (R.E 2002) 28 Section 66 of Evidence Act, CAP 6 of laws R.E 2002. 29 Ibid

14

Act, however, does not take into account of the electronic evidences as being admissible. Probably it is because by the time this Act was enacted, the advancement of information technology was not such high. But the trend has changed since 1990s and still nothing exhaustive has been done to the Act to reflect those changes. 1.3 OBJECTIVES OF THE STUDY In this work, the researcher intends to explore the legal system in relation to the increasing rate of cybercrimes activities in the country. The researcher has managed to probe into whether the current legal framework in Tanzania is adequate and sufficient in responding to the changes in information technology which accelerates cybercrimes in the country. The specific objectives of this study were; 1.3.1 To examine the extent to which the current legal framework in Tanzania has achieved in fighting against cybercriminals. 1.3.2 To examine the factors hindering the fight against cybercrimes in Tanzania. 1.3.3 To propose a suitable legal framework that is responsive to technological changes with a view to reducing problems associated with cybercrimes in Tanzania.

1.4 SIGNIFICANCE OF THE STUDY The general study provides a thorough review of the legal framework regulating criminal matters in the country with a view to determining the extent to which it is responsive to the advancement of science and technology which introduces new forms of criminal activities. The gap identified in this study is that; while the changes in information technology associated with the massive use of computers has led to new tactics of criminal activities, most laws in Tanzania are left behind these changes. The study presents an argument that without provisions in the existing laws with as much clarity and specificity as possible, and not relying on vague interpretations of the existing laws, the problem of cybercrimes will continue to exist. To this end, the protection of information and communication in Cyberspace will continue being at risk. 1.5 LITERATURE REVIEW Several writers have, in one way or another, contributed towards addressing the problem which this researcher intended to work on. Some of these writers are worthy reviewing as

15

follows hereunder; Adam Mambi30 in his article shows how most African countries, Tanzania inclusive, lack effective legal framework to combat cybercrimes. Then the article explores what initiatives may be taken to tackle cybercriminals in Africa. Lastly, the article shows the possible obstacles towards the implementation of those initiatives. Adam Mambi31 in his book further contends that; the Tanzanian legal system is far behind in adopting regulatory steps to secure electronic transactions. He gives examples of digital signatures, reforms to business laws, and dispute settlement which have not yet been promulgated. The book further explores how our laws should be in order for them to be able to fight against cybercriminal activities in the country. Andrew Mollel and Zakayo Lukumay32 in their book show that the Tanzanian Evidence Act does not recognise electronic evidence as being admissible in Tanzanian Courts. They also show how the problem can be cured, that is by amending some of the provisions of the Act so that it also takes into account of the electronic evidence. Finally the book outlines the cause as to why the Tanzanian Evidence Act is in the nature as it stands now. David I. Bain33 in his book shows how it is difficult to fight against cybercrimes if the country does not have a specific statute to deal with electronic transactions. He further gives comparative study of the United Kingdom (U.K), where it was after the enactment of the Computer Misuse Act of 1990 from which cybercrimes were effectively regulated. Prior to that, cybercrimes had increasing effects in the United Kingdom society. Dr. Eve Hawa Suinare34 in her article shows the efforts made by the Tanzanian Legal Framework in fighting against cybercrimes. She gives examples of sections 40, 76 and 78 of the Tanzanian Evidence Act which were amended to recognise electronic evidence as being admissible in courts of law. However, she further gives a caution that; it is still in doubt as to whether the electronic equipments such as a computer or server would be acceptable as
30 31

`Adam Mambi, Public Policy, Legal Issues on cyber Security in Africa, Dakar, Senegal, 2009 pg. 19 Adam Mambi, ICT Law Book: A Source book For Information and Communication Technologies and Cyber Law In Tanzania and East African Community, Mkuki na Nyota Publishers: Dar Es Salaam, Tanzania, 2010 pg.13. 32 Andrew Mollel et el, Electronic Transactions and Law of Evidence in Tanzania, Peramiho Printing Press: Iringa Tanzania, 2007 pg. 14 33 David I Bainbridge, Introduction to Information Technology Law, 6th Ed. Pearson Education Limited: England, 2008 pg. 417 34 Eve Hawa Suinare, Electronic Evidence and its Admissibility in Tanzania Courts, World Series Group Publications: 2007 pg.23
`

16

evidence under Section 40A of the amended Evidence Act especially where it has been used to store information which is subject to the legal proceedings. Edward A35 in his book explores the difficulties facing the traditional copyright laws in dealing effectively with computer mediated communications. The book further gives initiatives to be employed to cure the problem as that there must be specific laws to deal with copyright issues arising out from the electronic transactions or modifying the existing laws to cope with the change. Erick Agwe-Mbarika Akuta36 in their journal shows how most governments in African countries are caught off guard as a result of the manifestations of Cybercrime, its far reaching and potentially devastating capacity for harm. They also show how African countries are unable to keep up with the alarming rate at which cybercrimes have diffused. John Ubena37 in his article shows how Tanzania is running the risk of being the cybercriminals haven because there is no legislation in place to govern or address the issues of cyber world. He further gives a comparative analysis with other countries like United Kingdom which has adopted the Convention on Cyber Crimes and has enacted the Computer Misuse Act of 1990. He concludes that there are no laws of the specificity to cybercrimes in Tanzania. Richard A.38 in his book shows how difficult governing internet is. He further argues that even covering cybercrimes is also difficult. He states that this difficulty can be overcome only by enacting specific cybercrime statutes instead of relying on the vague interpretation of the existing criminal statutes. Saidi M. Kalunda39 in his article shows how cybercrime is uncovered in Tanzania. He explores that Tanzania lacks a robust legal regime on cybercrime that is why it is increasingly affected with the cybercriminals activities.

35

Edward A. Cavazos et el, Cyber-Space and the Law: Your Rights and Duties in the On-Line World, MIT Press: Cambridge, London 1996 pg.47. 36 Erick Agwe-Mbarika Akuta et el Combating Cybercrimes in Sub-Sahara Africa: A Discourse onLaw, Policy and Practice, International Research Journals: 2011 pg 1 37 The website of John Ubena on Why Tanzania Needs Electronic Communications Legislation?, Law Keeping up with Technology, found at http://www.Irct.go.tz/documents/journal.pdf retrieved on 23rd December 2011. 38 Richard A. Spinello, Cyber Ethics: Morality and the Law In Cyber Space, 3rd Ed. Jones and Bartlett Publishers: Massachusetts, London, 2006. Pg. 27-28 39 Saidi M. Kalunde The Status of Cybercrimes in Tanzania, Strasbourg, France, 2011 pg 5.

17

1.6 HYPOTHESIS OF THE STUDY In this study the following have been established by the researcher; The current Tanzanias legislations on criminal matters are not sufficient in dealing with cybercrimes issues. The legislature have done no effort on the existing legal framework for them to reflect technological advancements. 1.7 SCOPE OF THE STUDY This study is basically confined in the following sources; the Penal Code40 the Law of Evidence Act,41 the Criminal Procedure Act42 and case laws. The main focus in this study is Tanzania. However, in some instances a comparative study has been made from other communities apart from Tanzania such as Kenya, and other African communities for this problem is also considered worldwide. 1.8 RESEARCH METHODOLOGY. This research has employed two methods which are library research and field research. Library research has been used to develop the theoretical part of the research. These libraries include Tumaini University-Makumira Library for general theoretical development, International Criminal Tribunal for Rwanda (ICTR) Library for complementary of materials read at Tumaini University- Makumira Library. The relevant materials which have been relied from these libraries include books, articles, journals, and reports of the researchers done on the cybercrimes and the laws. Internet has also been relied on to download relevant materials that have been considered to back up the reading particularly on the latest updated information regarding the cybercrimes and the law. All these sources have assisted the researcher to build up and develop the theoretical part of the research and collect insights of what other researchers have done to discover the extent of their findings, the way forward and the areas which demand further research in cybercrimes and the law.

40 41

As amended by the Sexual Offences Special Provisions Act CAP 16 R.E 2002 CAP 6 of laws R.E 2002 42 CAP 20 of laws R.E 2002

18

CHAPTER TWO A COMPARATIVE ANALYSIS ON LEGAL AND INSTITUTIONAL FRAMEWORK IN COMBATING CYBERCRIMES IN TANZANIA

2.1 Introduction In this chapter, the researcher shows how far Tanzanian legal system has gone in fighting cybercrimes. However, in so doing, a comparative study from other jurisdictions is made. The researcher has tried to evaluate what has been done at international and regional level, so that the same be incorporated at national level. 2.2 CYBERCRIMES, CRIMINALS AND THE NEED FOR SPECIFIC LAWS Cybercrimes have been disturbing and necessitating the slight changes in legal systems of different jurisdictions due to effects it has posed so far in those countries. Almost every country around the globe has experienced the effects brought by it. Different International and regional bodies have adopted various efforts so that they get rid of this new form of crimes.

19

Following its global nature, it is crucial that the fight against cybercrime be cooperative as well. Every country should employ cooperative measures with other countries or institutions with the aim to achieving a measurable overthrow of this form of criminality. It is also important for each country to learn experience from other jurisdictions on how this new form of crimes can be fought against. The rationale of this chapter is, therefore, to give a detail of cybercrimes and how cyber criminals go about it. It also makes a comparative analysis of the efforts undertaken by different International and Regional Institutions in combating cybercrimes. Finally, it shows the steps taken by Tanzanian government in combating cybercrimes and areas which attracts more concern. In order to comprehend cybercrime and to determine how this new form of criminality be fought, this chapter also traces the origin of cybercrimes, and the cyber-criminals. The question as to why the science and technological evolution necessitates the need to having specific laws to regulate the electronic transactions has been discussed in this chapter as well.

2.2.1 Law and Computer Technology The quarter century between 1945 and 1970 is the first stage in the evolving relationship between law and computer technology, which is now generally referred to as information technology.43 Although, early uses of computers were mainly mathematical, the globe has moved a very long way from the notion of the computer as a calculating machine to an important machine in various aspects of human life.44 The scope of the machines capabilities has expanded to the extent that virtually any item of information, sound pictures, text or graphics is in a series of zeros and ones in to a digital format.45 Although, legal aspect of the use of ICT have been addressed and dealt with by academics in the Nordic countries since the late 1960s,46 it is only since 1990s that ICT related legal

43 44

Gringras, C, The Laws of the Internet, 2nd edition, Butterworths, Lexis, 2003 pg. 15 See note 7 above, pg 132-139, see also Watney, M. Understanding Electronic Surveillance as an investigatory method in conducting criminal investigations on the internet, 4th Ed, Butterworths, 2006, pg.113. 45 Lloyd J.J, Information Technology Law, 3rd Ed. Butterwoths, Edinburgh Duldin, London, 2001, pg. 3. 46 Ibid, at pg. 4.

20

problems have gained more general attention all around the world.47 The basic reason is that the technology and its use has achieved a higher grade of penetration and are thus bringing problem out from the room of academics to the practical sphere of everyday life.48 From legal point of view, these activities challenge the continuing relevance and effectiveness of traditional legal provisions. The actions taken by International organisation have activated some countries to either amend or enact laws to cope with IT revolution. Legal harmonisation has been a major emphasis on the work of various international organisations. 2.2.2 Cybercrime and Criminals As technology develops, the world must adapt. Crime is an ever present problem, and with the proliferation of computer and computer technologies, crime using computers has become widespread. Computer crime, or cybercrime, is defined as any criminal activity in which computers, or a computer network, are the method or source of a crime. This encompasses a wide variety of crimes, from hacking into databases and stealing sensitive information to using computers to set up illegal activities.49 Cybercrime encompasses the use of a computer as a tool in the perpetration of a crime, as well as situations in which there has been unauthorised access to the victims computer, or data.50 Because cyber criminals can launch coordinated attacks from all over the globe, catching them often requires the collaboration of many people, and this becomes more difficult as cyber crime continues to grow. Cyber defenders have to constantly develop new tools, new technologies, new procedures and even new fields of study just to keep up with cyber criminals.51 2.3 The International Criminal Law reform in Combating Cybercrime In this part the researcher discusses the efforts undertaken at international level, particularly under the United Nations, in addressing and fighting against cybercrimes. In so doing, the

47

The website of Heidari, M. on. Malicious codes in depth, available in http://www.securitydocs.com accessed on 9th March 2012 48 Seipel I.J, Law and Information Technology, Information Communication Technology Commission Report Stockholm, 2002, pg. 44-45. 49 See note 13 above, at p 109 50 Fick J, Cybercrime in South Africa: Investigating and Prosecuting Cyber crime and the benefits of publicprivate partnerships, Butterworths, London, 2009, pg. 4. 51 See note 13 above, at p 109

21

researcher has also tried to show how, in fighting against cybercrimes, the United Nations differs from other international and regional organisations. 2.3.1 The United Nations The United Nations is the only global organisation that forms a forum of its 191 member states with fuller functions. Compared with professional organisation, the United Nations does not limit its activities to certain domains. Compared with regional organisations, the United Nations does not limit its activities to certain states (in the field of cyber security protection and cybercrime prevention). The actions of the United Nations have unique advantages in coordinating international positions.52 In 1985, the General Assembly Resolution 40/71 of 11 December called upon Governments and international organisations to take action in conformity with the recommendation of the commission on the legal value of computer records of 1985, in order to ensure legal security in the background of the broadest possible use of information processing in international transactions. In 1990, the General Assembly of the United Nations adopted the guidelines concerning computerized personal data files. It proposed to respond appropriately to protect the files against both natural and artificial dangers.53 The international review of criminal policy: United Nations Manual on the Prevention and Control of Computer-Related Crime called for further international work and presented a proper statement of the problem. It stated that; at the international level, activities shall be undertaken, including harmonisation of substantive law, and establishing a jurisdictional base.54 Also, the UNCITRAL Model Laws55 and other related Model Laws can be useful in seeking solutions to the above stated legal problems. For instance, some of the core provisions of the UNCITRAL Model Law stipulate that; information shall not be denied legal effect, validity
52 53

Ibid, at p 111. The website of United Nations on Criminalisation of Computer wrong doing United www.un.org/events/11thcongress/docs/bkkcp19e.pdf, accessed on 25th March 2012. 54 The website of United Nations on Criminalisation of Computer wrong doing United www.un.org/events/11thcongress/docs/bkkcp19e.pdf, accessed on 25th March 2012. 55 The United Nations Commission on International Trade Law (UNCITRAL) is the core United Nations system in the field of international trade law. Its mandate is to remove international trade by progressively modernizing and harmonizing trade law.

Nations, found at Nations, found at legal body of the legal obstacles to

22

or enforceability solely on the grounds that it is in a form of a data message.56 The subsequent article provides that; legal requirement for writing,57 signature,58 and the use of originals59 can be satisfied by the use of appropriate data messages and that rules of evidence should not deny the admissibility of data messages solely because of their form.60 Countries with common law principles that lack cyber laws like Tanzania can create a legal framework that can take into account some relevant provisions of UNCITRAL Model Laws and other related cyber laws. In 2007, the United Nations adopted the United Nations Convention on the use of electronic communications in International Contracts. Some relevant provisions of this convention that are worth mentioning as far as electronic communications and digital signatures are concerned are; Legal recognition of electronic communications is dealt with by Article 8 which provides that; A communication or a contract shall not be denied validity or enforceability on the sole ground that it is in the form of an electronic communication.61 The question of electronic evidence as compared to physical world evidence is stipulated under Article 9 which states that; Nothing in this Convention requires a communication or a contract to be made or evidenced in any particular form.62 On the other hand, legal issues and uncertainties as to the determination of time and place of dispatch and receipt of electronic communications are covered under Articles 6, 8, and 10 of the Convention.63 2.4 The African and the Regional Criminal Law reform in Combating Cybercrime In this part the researcher concentrates much on discussing the measures taken by the African Union in fighting cybercrimes. The researcher also discusses what has been made at regional level, mainly, under the East African Community, in achieving the same goals. 2.4.1 The African Union
56 57

See note 31above. 35 Article 6 of the UNCITRAL Mode Law, guide to enactment, 1996. 58 Ibid, article 7 59 See note 58 above, article 8 60 Ibid, article 9 61 See note 56 above 62 Ibid 63 Ibid

23

The African Union (AU) is now working to keep in place the legislation to combat cybercrimes in Africa.64 Cyber criminals have over the years considered Africa as a fertile continent to commit their criminal acts which had given the continent a bad name.65 For that reason, the AU want to ensure that an e-legislation protocol is developed under close cooperation with the EAC, and it will ensure that it is adopted by member states in order to curb the menace. cyber security in Africa would provide improved and easy economic and commercial activities such as e-laws, e-signatories, arbitration laws, e-commerce, etransaction and other e-services which will improve good governance on the continent.66 The African Union has also adopted the Draft African Union Convention on the Establishment of a Credible Legal Framework for Cyber Security in Africa. The Draft Convention gives effect to a Resolution of the last session of the Assembly of Heads of State and Government of the African Union, and seeks to harmonize African cyber legislations on electronic commerce organization, personal data protection, cyber security promotion and cyber crime control.67 In pursuance of the principles of the African Information Society Initiative (AISI) and the African Regional Action Plan for the Knowledge Economy (ARAPKE), the Draft Convention is intended not only to define the objectives and broad orientations for the Information Society in Africa, but also to strengthen existing legislations in Member States and the Regional Economic Communities (RECs) on the Information and Communication Technologies.68 It defines the security rules essential to establishing a credible digital space in response to the major security related obstacles to the development of digital transactions in Africa. It lays the foundation for an African Union-wide cyber ethics and enunciates fundamental principles
64

The United Nations Economic Commission for Africa (UNECA) report, on 3rd April 2012 This was said by Aida Opoku-Mensah, the director, ICT, Science and Technology division of the UNECA, in Addis Ababa at the closing press conference of the second meeting of Committee on Development Information, Science and Technology. 66 The website of UN, on UNECA, AU to provide e-legislation against cyber crimes in Africa, found at http://www.businessdayonline.com/NG/index.php/news/world-news/20982-uneca-au-to-provide-e-legislation, accessed on 6th April 2012. 67 Article 23(1) of the draft convention which states that Each Member State shall adopt such legislative measures as it deems effective, to define material criminal offenses as acts which affect the confidentiality, integrity, availability and survivability of ICT systems and related infrastructure networks; as well as procedural measures deemed effective for the arrest and prosecution of offenders. Member States shall be called upon to take on board, where necessary, the approved language choice in international cyber crime legislation models such as the language choice adopted by the Council of Europe and the Commonwealth of Nations. 68 The website of the UN on the Draft African Union convention on the Establishment of a Credible Legal Framework for Cyber Security in Africa, found at http://www.uneca.org/aisi/elegislation/documents/Draft_ accessed on 6th April 2012.
65

24

in the key areas of cyber security. It also defines the basis for electronic commerce, puts in place a mechanism for combating intrusions into private life likely to be generated by the gathering, processing, transmission, storage and use of personal data and sets broad guidelines for incrimination and repression of cyber crime. Its adoption would capitalize African and international experiences in cyber legislations and speed up relevant reforms in African States and the RECs. 2.4.2 The East African Community The East African Community has also started to take efforts in addressing cyber related issues. In January 2008, the East African Community (EAC) held the first regional task force meeting on cyber laws in Arusha, Tanzania.69 At the meeting, attendees from four EAC member states; Burundi, Kenya, Uganda, and Tanzania, discussed a range of issues relating to the need to reform national laws to address the increasing use of the internet as a medium for electronic commerce and administration.70 The task force noted and recommended that the process of law reform be coordinated at a regional level and harmonized and benchmarked against international best practice. The task force also recommended that a comparative review of the existing laws and bills of partner states be undertaken and a regional legal framework be developed for harmonisation of cyber laws.71 In terms of developing a draft legal framework for EAC partner states, the task force recommended that the process be divided into two phases. In phase I, cyber law reform would focus on five topics: Electronic transactions, electronic signature and authentication, data protection and privacy, consumer protection and computer crime. Phase II would address topics such as intellectual property and taxation.72 The second meeting of the EAC regional task force on cyber laws was held on 23 rd 25th June 2008 in Kampala, Uganda. It was jointly organised by EAC and UNCTAD and supported by the Finnish government. This meeting was held as a follow up to the first meeting of the EAC task force on cyber laws held on 28th 30th January in Arusha, Tanzania.
69 70

Walden, I. East African Community Task Force on Cyber Laws, May 2008. See note 69 above 71 Ibid 72 Supra note 66 above

25

However, in the meeting, it was revealed that nothing in this area had changed since the first task force meeting in January 2008.73 2.5 The Efforts Taken by Individual East African Countries in Adopting Cyber Laws and Combating Cyber Crimes. In this part, after discussing the overall efforts taken at Africa and regional level, the researcher discusses the efforts taken by countries forming part to the East African Community. This is done to selected East African countries, namely; Kenya, Uganda, and, finally, Tanzania.

2.5.1 Kenya The government has already initiated the process of enacting cyber legislation. The Kenya Communication (Amendment) Bill, published in August of 2008, provides for regulation of telecoms, posts, broadcasting, electronic transactions and domain names. In the same month, the bill went through the first reading in Parliament.74 2.5.2 Uganda The Government of Uganda has drafted electronic laws, the electronic transaction Bill, the Computer Misuse Bill and The Electronic Signature Bill. The bills were approved by the Cabinet on 16th January 2008, and went to Parliament for debate. The bills are in conformity with the proposed East African Community (EAC) framework on cybercrimes.75 2.5.3 Tanzania The process commenced in 2006 with the submission of a proposal for the enactment of cyber laws by the Tanzania Law Reform Commission to the Ministry of Justice and Constitutional Affairs.76 It proposed separate bills on cybercrimes, regulation of electronic

73

Report of the second EAC regional task force meeting on cyber laws, Golf course Hotel Kampala Uganda, June 2008 74 See note 73 above 75 Ibid 76 See note 13 above, at pg 104

26

transactions and communications, privacy and data protection and the amendment of the Evidence Act 1967.77 Only some of these recommendations were taken into action. The second development was the creation of a merged Tanzania Regulatory Authority (TCRA) to oversee postal and electronic communication industries on the mainland. The Commission for Human Rights and Good Governance Act78 provides for the admissibility of electronic evidence. However, this is not adequate and the bills proposed by the Tanzania Law Reform Commission still need to be enacted. It was revealed by the Law Reform Commission legal officer who provided the position of the commission as far as cyber laws are concerned.79 He said; Tanzanian Law Reform Commission has completed a report on electronic commerce, that examines all the issues of concern, but there is no draft legislation.80 However, under part IX of the Written Laws (Miscellaneous) Act 2007, reforms have been adopted in respect of the use of electronic evidence in certain context.81 In the report, the commissioner is intending to review the laws affected by the development and use of E-commerce. The rationale behind is to protect the consumers and facilitate business transactions. The commission recommended also on the enactment of the new laws to cover the crucial area that has a high impact on the economic development in Tanzania and East Africa in general. The laws proposed include Law of Contract Act,82 the Bill of Exchange Act,83 Sale of Goods Act84 and Banking and Financial Institutions Act.85

77

Economic Commission for Africa, first meeting of the committee on Development Information, Science and Technology(CODIST), Addis Ababa, Ethiopia, 2009 at Pg.9 78 Act No. 16 of 2007 79 See note 13 above, at, pg 122 80 See 13 note 81 Ibid, at pg 122 82 CAP 345 of the Laws of Tanzania (R.E 2002) 83 CAP 215 of the Laws of Tanzania (R.E 2002) 84 CAP 214 of the Laws of Tanzania (R.E 2002) 85 CAP 342 of the Laws of Tanzania (R.E 2002)

27

CHAPTER THREE THE IMPACT OF CYBERCRIMES ON THE TANZANIAS LEGAL SYSTEM

3.1 Introduction This chapter generally discusses on how the emergency of this new form of crime (cybercrimes), as associated with the development of Information Communication Technology, impacts on the Tanzanian legal system. The researcher focuses much on the law of evidence as the main area which brought many challenges as a result of criminal activities. To that end, the discussion will provide a critical analysis of digital evidence and how it differs from paper based evidence. Moreover, the discussion will provide challenges associated with Electronic/Digital Evidence in Tanzania. On top of that, analysis will be made on the improvements made to the law of evidence and suggest which more is to be done so as to make the law fully compatible with the admissibility of electronic evidence in Tanzanian courts. 3.2 Evidence The legal definition or question of evidence is of different schools of thoughts. In the original sense, the word evidence signifies the state of being evident, that is to be plain, or apparent. In other words, the means which tend to prove or disprove any matter of fact the truth of which is for judicial investigation.86
86

Mapunda, B.T.Evidence part one, Relevancy of facts, 2005 Pg. 1

28

The Evidence Act, 196787 defines the term evidence as being, the means by which an alleged matter of fact, and the truth of which is submitted to investigation, is proved or disproved, and without prejudice to the proceeding generally, includes statements and admissions by accused person.88 From this definition, it is clear that the term evidence signifies two main senses; first, that which is received in court to prove or disprove an alleged matter of fact which is inquired in court, secondly, those rules of law used in judicial proceedings, which lay down as to what matter is or is not admissible.89 There are various methods or kinds of evidence, few of which are oral evidence, direct evidence, circumstantial evidence, real evidence, intrinsic and extrinsic evidence, hearsay evidence, original evidence, conclusive evidence, derivative evidence, documentary evidence, primary and secondary evidence.90 Due to technological advancement, computer digital evidence has emerged as another category of evidence in the list.91 3.3 Digital Evidence and Cybercrime Digital or Electronic Evidence means any data stored or transmitted using a computer that supports or refutes a theory that addresses critical elements of the offense such as intent or alibi.92 Digital evidence has previously been defined as any data that can establish that a crime has been committed or can provide a link between a crime and its victim or a crime and its perpetrator.93 However, these definitions focus too heavily on proof and neglect data that simply further an investigation.
87

CAP 6 of the Laws of Tanzania (R.E 2002) Section 3 of the Evidence Act, CAP 6 of the Laws (R.E 2002). 89 See note 13 above, at pg. 96 90 The website of Terry M. Anderson on Criminal Evidence: Principles and Cases, found at www.amazon.com/Criminal-Evidence-Principles-Thomas-Gardner/dp accessed on 1st April 2012 91 Ibid 92 An alibi is evidence showing that a defendant was somewhere other than the scene of a charged crime at the time that the crime occurred. Film and TV characters often pronounce the word "alibi" with a sneer, suggesting that alibi claims are inherently untruthful. In reality, an alibi is a perfectly respectable legal defence. Defendants may offer an alibi defence without giving up their constitutional right to remain silent. Any witness who can place the defendant at a location other than the scene of the charged crime can provide an alibi. Alibi can be used in formal contexts, such as providing evidence to the police for a crime that has been committed and they can also be used in informal contexts, such as in conversation between friends. Alibis vary in how convincing they are. For example, teenagers are well known for pretending to be at each other's houses while sneaking out for the night, so sensible parents check with the parents of the other child before believing an alibi. Yet sometimes false alibis can cover up dishonest behaviour for years, and are often so convincing that online alibi services are even available for people trying to get away with something. An alibi can be useful to clear your name. But using a false alibi is deceitful, and will eventually land you in trouble. Using a friend as a false alibi can cost you and/or your friendship, and if you haven't told your friend in advance that you intend to use them as an alibi, may not effectively cover up what you are trying to hide. Found at http://addictions.about.com/od/legalandethicalissues/g/What-Is-An-Alibi.htm, accessed on 4th April 2012. 93 Casey, E. Digital evidence and computer crime: forensic science, computers and the internet, 2004, pg. 23
88

29

The use of digital evidence has increased in the past few decades as courts have allowed the use of emails, digital photographs, TM transaction logs, word processing documents, and instant message histories, files saved from accounting programmes, spreadsheets, internet browser histories, databases, the contents of computer memory, computer backups, computer printouts, global positioning system tracks, logs from a hotels electronic door locks, and digital video or audio files.94 As compared to the more traditional evidence, the digital evidence tends to be more voluminous, more difficulty to destroy, easily modified, easily duplicated, potentially more expensive, and more readily available.95 In todays era of rapid growth, information technology is encompassing all occupations all over the world. These technological developments in internet and computer globally has led to the growth of new forms of transnational crime especially internet related.96 These crimes have virtually no boundaries and may affect any country across the globe. 97 Moreover, criminals are using technology to facilitate their offenses and avoid apprehension, creating new challenges for attorneys, judges, law enforcement agents, forensic examiners, and corporate security professionals.98 Organized criminals around the globe are using technology to maintain records, communicate, and commit crimes. Digital evidence can be useful in a wide range of criminal investigations including homicides, sex offenses, missing persons, child abuse, drug dealing, and harassment. In addition, civil cases can hinge on digital evidence, and digital discovery is becoming a routine part of civil disputes. Computerized records can help establish when events occurred, where victims and suspects were, whom they communicated with, and may even show their intent to commit a crime.99 Robert Durallss Web Browser history showed that he had searched for terms such as kill +spouse, accident + deaths, and smothering and murder prior to killing his wife. These searches were used to demonstrate premeditation and increase the charge to first degree murder. Sometimes information stored on a computer is the only clue in an

94 95

See note 93 above, at pg.24 Ibid 96 See note 13 above, at pg 100 97 Ibid 98 Ibid 99 Ibid, at pg.102

30

investigation. In one case, e-mail messages were the only investigative link between a murderer and his victim.100 For example, in the American Maryland case,101 Maryland women named Sharon Lopatka told her husband that she was leaving to visit friends. However, she left a terrifying note that caused her husband to inform police that she was missing. During their investigation, the police found hundreds of e-mail messages between Lopatka and a man named Robert Glass concerning their torture and death fantasies. The contents of the e-mail led investigators to Glasss trailer in North Carolina and they found Lopatkas shallow grave nearby. Her hands and feet had been tied and she had been strangled. Glass pled guilty, claiming that he killed Lopatka accidentally during sex.102 The researcher found it necessary to refer to the American case due to lack of a relevant Tanzanian case to illustrate the point elaborated above. Digital data are all around us and should be collected in any investigation routinely. More likely than not, someone involved in the crime used a computer, personal digital assistant, mobile telephone, or accessed the internet. Therefore, every corporate investigation should consider relevant information stored on computer systems used by their employees both at work and at home. Every search warrant should include digital evidence to avoid the need for a record warrant and the associated lost time and evidence. Even if digital data do not provide a link between a crime and its victim or a crime and its perpetrator, they can be useful in an investigation. Digital evidence can reveal how a crime was committed, provide investigative leads, disprove or support witness statements, and identify likely suspects.103 3.4 The Nature of Electronic Evidence Different from paper based documents, which are visible and tangible, much of electronic evidence are invisible with naked eye. It takes a number of technological steps for electronic evidence to be determined. It tends to be hidden among immense data files. This evidence is measured by kilobytes, megabytes, gigabytes, and terabytes.104 Thus, in the electronic or
100

Supra note 13 above. (1996) 48 Cal. App. 4th 1822 [56 Cal. Rptr. 2d 498] 102 See note 13 above, at pg 103 103 Ibid, at pg.103 104 See note 32 above, at pg. 77
101

31

digital world, the information is divided in two parts. The binary strings of zero and one that make up the genetic code of data and allow information to be fruitful and multiply, and allow people to create, manipulate and share data.105 In the event one sends this information to another person using computers, the information is transmitted through many phases. First, the sender creates it. Then the information to be communicated is broken down in to small packets that contain some portion of the contents of the communication as well as the sender and recipients Internet Protocol addresses and some accounting information.106 The packets are individually transmitted from the senders computer to a nearby packet switch and then forward to the next available switch in the direction of their ultimate destination. Different packets may take different routes through the network as they travel from the sender to recipient, depending on link availability and loading in the network. Upon receipt, the packets are reassembled into an exact replica of the original file.107 Therefore, information passes through several stages of disassembly, storing and forwarding and reassembly, before becoming available to the recipient. The recipient may store the file for future reference for some period before deleting it. The issue is how to ensure trustworthiness, reliability, integrity, and security of electronic evidence. It is argued that, since digital evidence usually takes the form of writing, or at least a form, which can be analogous to writing, it must be authenticated and satisfy the requirements of the best evidence rule.108

105 106

See note 32 above, at pg. 77 Ibid 107 Ibid 108 When dealing with the contents of writing, recording, or photograph courts sometimes require the original evidence. This was originally intended to prevent a witness from misrepresenting such materials by simply accepting their testimony regarding the contents. With the advent of photocopiers, scanners, computers, and other technology that can create effectively identical duplicates, copies became acceptable in place of the original, unless "a genuine question is raised as to the authenticity of the original or the accuracy of the copy or under the circumstances it would be unfair to admit the copy in lieu of the original" (Best Evidence Rule).Because an exact duplicate of most forms of digital evidence can be made, a copy is generally acceptable. In fact, presenting a copy of digital evidence is usually more desirable because it eliminates the risk that the original will be accidentally altered. Even a paper printout of a digital document may be considered equivalent to the original unless important portions of the original are not visible in printed form. For example, a printed Microsoft Word document does not show all of the data embedded within the original file such as edits and notes. See Casey op.cit, Ch 7.2

32

3.5 Challenges Brought by Electronic or Digital Evidence The problem with electronic evidence lies in the temporary nature of digital data. 109It is very easy to view, copy, modify, or destroy a digital record; be it a number, document, or image. Digital technology permits perfect reproduction and easy dissemination of print, graphics, sound, and multimedia combination, the combination of a high percentage of a fraud with employee involvement and the possibility that an individual can modify raw data with immediate access to the system.110 In addition, evidence collected from the system has a questionable and unverifiable level of integrity.111 By their very origin and nature, mode of transmission, storage and usage, electronically generated evidence pose certain challenges when used in evidence, challenges bordering on authenticity, integrity and confidentiality of the pieces of evidence.112 3.5.1 Authentication Authentication means satisfying the court that (a) the contents of the record have remained unchanged, (b) that the information in the record does in fact originate from its purported source, whether human or machine, and (c) that extraneous information such as the apparent date of the record is accurate. As with paper records, the necessary degree of authentication may be proved through oral and circumstantial evidence113, if available, or via technological features in the system or the record.114 Authentication is actually a two-step process, with an initial examination of the evidence to determine that it is what its proponent claims and, later, a closer analysis to determine its probative value.115 In the initial stage, it may be sufficient for an individual who is familiar with the digital evidence to testify to its authenticity.

109 110

See note 32 above, at pg. 78 See note93 above, at pg. 30 111 See note 32 above 112 Ibid 113 Circumstantial Evidence is a testimony by witnesses as to the circumstances from which an inference is to be drawn as to the fact in issue. In case of absence of direct evidence then circumstantial evidence can be resorted to. It is the evidence which relates to a series of other facts than the fact in issue, but by experience has been found so associated with the fact-in-issue in relation to cause and effect that it leads to a satisfactory conclusion. 114 See note 93 above 115 See note 113 above S See note 93 above

33

For instance, the individual who collected the evidence can confirm that the evidence presented in court is the same as when it was collected. Alternatively, a system administrator can testify that log files presented in court originated from her/his system. In some cases, the defence will cast doubt on more malleable forms of digital evidence, such as logs of online chat sessions.116 Normally, when information is entered on a computer memory, or an e-mail is sent or an order is placed for goods or services through the internet, the sender is unable to authenticate the information he has sent by way of a signature. It is the same if he speaks with another person on the telephone, leaves a message on that other persons voicemail or sends a text message (sms). Even if he uses a password or an acronym they may not be peculiar to him the way a signature written by him would be.117 The password or acronym can also be endorsed or used by anybody else who knows them far more easily than a signature can be imitated. A voice on the phone can also be imitated. In a work place, any person can enter information into a computer memory, purporting it to be entered by another person.118 As a result, when customers account records are called up in a banks computer system there is hardly any way of knowing which person made which entry. This makes it difficult to ascertain whether that person was an appropriate officer to make the entry. Even if one of several appropriate officers makes a wrong entry, it may not be traceable to him since he has not signed it, because there is no way he would have done so.119 This means that if such a false entry or message is presented to the Court, there will hardly be a way of detecting the false nature and the Court can easily be misled. The presence of signatures in equivalent non-electronic documents or materials makes them more authentic and harder to forge or imitate. Of course, signatures can be forged on non-electronic documents but a Court can compare an allegedly forged signature with other signatures of the same person and come to an intelligent decision on the point. If the Court is unable to decide on the matter, a signature expert can be called in and detect if there is any forgery.120

116 117

See note 93 above Ibid 118 Ibid 119 See note 112 above 120 See note 93 above

34

Furthermore, even in the absence of a signature, if a document is written in long hand, a comparison with the alleged writers other writings can be done. For an entry in software (bank account entries, e-mail, websites), there is no opportunity for those steps to be taken.121 Electronically generated materials therefore do not lend themselves to effective tests of authenticity that are normally possible with the conventional documents.122 Once digital evidence is admitted, its reliability is examined to determine its probative value. For instance, if there is concern that the evidence was tampered with prior to collection, these doubts may reduce the weight assigned to the evidence. In several cases, attorneys have argued that digital evidence was untrustworthy simply because there was a theoretical possibility that it could have been altered or fabricated.123 However, as judges become more familiar with digital evidence, they are requiring evidence to support claims of untrustworthiness. Even when there is a reasonable doubt regarding the reliability of digital evidence, this does not necessarily make it inadmissible, but will reduce the amount of weight it is given by the court.124 3.5.2 Integrity Integrity is another problem of authenticity. It can however be seen as more of an issue of whether or not the information has got distorted or tampered with even after it emanated from a correct source. An audio or visual tape can be edited or tampered with through the introduction or removal of some bits and superimposition of images. Through any such interference, the later form of the contents is fundamentally different from the first or original form.125 Through hacking of computers, crashing through passwords and kindred wrongdoings, information stored in computer memories and e-mails can be altered even without the knowledge of the maker, sender and, or receiver as the case may be. Telefaxes can be intercepted and possibly changed just as text messages can be intercepted, listened in to and even edited by an unscrupulous operator. On the other hand, if a letter is sent through the post office or through a courier service, it may be only remotely possible, if at all, for it to be
121 122

See note 93 above Chukwuemerie, A.I. Affidavit Evidence and Electronically Generated Materials in Nigerian Courts Volume 3, 2006 at Pg. 185 123 See note 93 above 124 Ibid 125 Ibid

35

tampered with. A hard copy of a document is generally more difficult to tamper with than an electronic copy.126 3.5.3 Confidentiality. Confidentiality ensures that only authorised parties access computer-related assets. That is, only those who should have access to something will actually get that access. By access here it means not only reading but also viewing, printing, or simply knowing that a particular asset exists. Confidentiality is sometimes called secrecy or privacy. The electronically generated materials hardly enjoy confidentiality since they are legitimately or illegitimately accessible to third parties or undesirable readers or users. Any information posted on the internet or used in what has come to be called e-filing of Court processes and e-trial and related procedures, is accessible to many more people than the immediate parties and Court staff that directly deal with or treat the documents.127 3.6 Relevancy and Admissibility of Digital Evidence in Tanzanian Courts In a simple language, relevancy determines whether one fact is related to another. A fact is relevant to case when it is related to the facts in issue. Lord Simon attempted to define the term relevant evidence, in the case of DPP v. Kilbourne128 as follows; Evidence is relevant if it is logically probative or disapprobative of some matter which requires proof....evidence which makes the matter which requires proof more or less probable129 However, a classic definition of relevance is contained under Article 1 of Stephens Digest of the Law of Evidence according to which the relevance means; any two facts to which it is applied are so related to each other that according to the common course of events one either taken by itself or in connection with other facts proves or renders probable the past, present or the future existence or non existence of the other.130

126 127

See note 120 above Ibid 128 [1973] A.C.729 at Pg. 756 129 See note 13 above, at pg 111 130 See note 86 above, at Pg. 7

36

Evidence must be sufficiently relevant to be admissible but sufficiently relevant evidence is only admissible as far as it is not excluded by any rule of law of evidence. Admissibility presupposes relevancy and is found on the law and not logic. The consequence of this is that some evidence, however relevant it may be, it may as well be excluded. It is the law that determines whether a particular fact can be admitted or accepted in evidence.131 With increased computerisation and ICT, courts have been forced to admit digital evidence.132 The Tanzanian law of Evidence Act133 does not have provisions recognizing electronic documents as admissible evidence whether primary or secondary. Yet Tanzanian companies take orders, conclude contracts, send invoices and generally conduct business electronically without additional documentation to support the business transacted electronically.134 Only minor amendments have been made to the Tanzania Evidence Act to give partial recognition to evidence generated electronically. Part IX of the amending Act proposes to amend the Evidence Act.135 The amendment was done to include new sections 40A, 78A, and 78B.136 Nevertheless, this initiative alone is seriously inadequate in so far as electronic transactions and their nature are concerned. In the first place, the amendment does not cover all aspects of challenges posed by electronic transactions on the law of evidence. Only some few sections of the Evidence Act were amended, leaving untouched a number of other provisions of the same law which relate to documentary evidence.137 The amendment is also inadequate if one takes into account the fact that there are various other laws in the country which touch upon the documents as potential pieces of evidence. 138 Furthermore, the amendment does not cover all issues relating to ICT, electronic commerce and Internet transactions in general, particularly in relation to legal certainty. Another shortcoming of the above amendment is lack of mechanism for authenticity. Since one of the main concerns in the admissibility of electronically generated documents centres on the question of their security, reliability and credibility, any attempt to provide legal
131 132

See note 86 above Juma,I.H. Admissibility of Electronically obtained evidence at Pg. 2 133 Act No. 6 of 1967, CAP 6 of the Laws (R.E 2002) 134 The website of Rex Attorneys on Tanzania: Admissibility Of Electronic Evidence, found at http:// www.mondaq.com/article.asp?articleid accessed on 9th April 2012 135 CAP 6 of the Laws of Tanzania (R.E 2002) 136 See note 133 above, at pg 90 137 Ibid, pg. 91 138 See note 133 above, at pg. 91

37

recognition of this type of documents has to go hand-in-hand with the provision for mechanisms of authentication, so as to reduce the risks resulting from the above concerns.139 The current amendment of the Tanzania Evidence Act140 does not mention anything about the manner of authentication of electronically obtained documents when they are used as evidence. It was not until 2000 when the wisdom of the High Court of Tanzania was called upon to rule whether electronic evidence is admissible as best evidence in the case of Trust Bank Ltd v. Le-Marsh Enterprises Ltd.141. In this case, Nsekela J (as he then was), adopting the view of the English Judge in the Barkers case, extended the definition of bank records to include computer print-outs. He noted, further, that; the law must keep abreast of technological changes as they affect the way of doing business. This was a departure from the strict rule of best evidence rule. On the role of the courts in admitting electronic evidence, the judge stated that; the court should not be ignorant of modern business methods and shut its eyes to the mysteries of the computer.142 This decision shows the judicial activism and the role of Judiciary in filling the gaps left by the legislature. The ruling by Nsekela J (as he then was) above presupposes that courts should not be blind of technological advancement in so far as they affect the legal system of the country. They should play their role in making sure that cybercriminals do not go unpunished on a mere ground that laws do not effectively cover cybercrimes matters. Subsequently, cases involving computer-generated evidence have been referred to courts of law. For instance, Tanzania Bena Co. Ltd v. Bentash Holdings Ltd143 relates to e-mail evidence. In this case, parties exchanged communications by way of e-mails on purchase of a farm and crushes. The e-mails were tendered in court and admitted as one of the exhibits. The court (Per Kimalo J, as he then was), found that the exchange of e-mails between the parties draws a conclusion that the defendant took possession of the farm and crushes.144 In other words, the e-mails were admitted as admissible electronic evidence.
139 140

See note 133 above, at pg. 91 CAP 6 of the Laws of Tanzania (R.E 2002) 141 Commercial case No. 4 of 2000 (Unreported) 142 See note 13 above, at pg.113 143 Commercial case No. 71 of 2001 (Unreported) 144 See note 133 above, at pg. 113

38

Another case is that of National Bank of Commerce v. Milo Construction Co. Ltd and two others145 which involved a claim on recovery of an amount of money alleged to have arisen out of an overdraft facility. It was alleged that the plaintiff defaulted repayment of the said facility. Two statements were tendered in court. One was the processed easy bank computer program, and the other was the processed inflexible banking computer program. The court found discrepancies between the two statements as some entries were not reflected in one of the statements. The plaintiff did not adduce sufficient explanation on the discrepancies. The court therefore found that the plaintiff has failed to prove the exact amount the first defendant borrowed from the plaintiff. The analysis of this case reveals that the plaintiff had bank-produced statements generated by two different computer programs. The later program did not have features similar to the earlier one. Unfortunately, the Bank failed to lead expert evidence to clear the discrepancies noted. The court was therefore justified in rejecting the claim in the absence of sufficient explanations regarding the operation of the two computer programs. One would expect the bank to make use of the software programmers who created the two computer programs. Perhaps it is an opportune moment for the courts to make use of forensic experts, who would assist it in analysing computer related evidence.146 The Legislature, on the other hand, responded by enacting Electronic Evidence Amendment Act 2007147 which provided provision for the reception of electronic evidence in courts of law in Tanzania. The new section has been added in the Tanzania Evidence Act 1967, the said section is section 40 A. This section provides, inter alia, that; in any criminal proceedings, information retrieved from computer systems, networks or servers; or records obtained through surveillance of means of preservation of information including facsimile machines, electronic transmission and communication facilities shall be admissible as evidence.

CHAPTER FOUR CONCLUSION AND RECOMENDATIONS

145 146

Commercial case No.293 of 20002(Unreported) See note 133 above, at pg. 114 147 Act No. 46 of 2007

39

4.1 Introduction The researcher, after making a thorough examination on how the advancement of science and technology have impacted on the Tanzanian legal system, comes up with the following conclusion and recommendations. 4. 2 CONCLUSION This research aimed at examining the current legal system in Tanzania as far as cybercrimes are concerned. That was to be done through examining the efforts taken to combat cybercrimes and areas for more concern. Comparison as to what has been done in other jurisdictions to fight against cybercrimes was inevitable as well. Some of the laws which the researcher has examined are; The Evidence Act,148 Criminal Procedure Act,149 and the Penal Code,150 whereby the researcher observed and concludes that none of these laws deals with the issue of cybercrimes with overriding specificity and seriousness as required. The researcher has come to the conclusion that the existing laws in Tanzania are not capable enough to combat cybercrimes. The amendments made to some of the laws such as the Evidence Act, are still not adequate enough to keep pace with the increasing rate of cybercrimes. The researcher has also examined that, following the lack of specific cyber laws, and continued relying on the vague interpretation of existing criminal laws, Tanzania is increasingly becoming the cybercriminals haven as cyber activities are getting roots therein. 4.3 RECOMMENDETATIONS After coming across all challenges brought by technological development worldwide and Tanzania, there is no room for Tanzania to isolate itself from the rest of the world. Serious efforts should be taken by responsible organs to bring cyber laws within the jurisdiction of this country. To curb these challenges, the researcher has come up with the following recommendations to be considered; 4.3.1 The Need to Enacting Cyber Laws
148 149

CAP 6 of the Laws of Tanzania (R.E 2002) CAP 20 of the Laws of Tanzania (R.E 2002) 150 CAP 6 of the Laws of Tanzania (R.E 2002)

40

The only quick and sure attempt by which Tanzania will defeat cybercrimes is the enactment of specific laws dealing with cybercrimes and not relying on the vague interpretation of the existing penal laws. Tanzania will need to learn experience of other countries like India, South Africa, Nigeria and the UK that have accommodated the challenges of Information Communication Technology through enactment of legislation that address properly issues relating to cyberspace. Tanzania can also enjoy the lesson from the provisions of Convention on Cyber Crime,151 Model Law on Electronic Evidence,152 and the Commonwealth Model Law on Computer and Related Crime.153 The government should be flexible enough to cope with the changes that are taking place rather than using traditional legislations in the digital age. Speaking in 2005 on the need for the law to adapt itself to the times for the achievement of justice, the Nigerian Honourable Justice, Pats-Acholonu of the Supreme Court stated,154 The beauty of the law in a civilised society is that....It should be progressive and act as a catalyst to social engineering. Where it relies on mere technicality or out-moded or incomprehensible procedures and immerses itself in a jacket of hotchpotch legalism that is not in tune with the times, it becomes anachronistic and it destroys or desecrates the temple of justice it stands on 155 In addition to that, we can also benefit from the wisdom of Lord Denning, who said that;156 What is the argument on the other side? Only this that no case has been found in which it had been done before. That argument does not appeal to me in the least. If we never do anything which has not been done before, we shall never get anywhere. The laws will stand still whilst the rest of the world goes on and that will be bad for both157 The arguments by these two scholars all suggest the need of having a specific law on a particular matter and the need for those laws to change timely following the changes in the

151 152

Convention on Cybercrime ,Budapest, 23.XI.200 The Uncitral model law on electronic commerce, with guide to enactment 1996 with additional article 5 bis as adopted in 1998 153 Bourne, 2002 154 Chukwuemerie, A.I. Affidavit Evidence and Electronically Generated Materials in Nigerian Courts Volume 3, 2006 at Pg. 198 155 Ibid 156 Ibid 157 See 154 note above, at Pg. 198

41

social circumstances. Tanzania can be said be one of the big targets of these arguments as far as cybercrimes are concerned. 4.3.2. Training of the Judges, Lawyers and Law Enforcers. There is no doubt that, most of the lawyers, magistrates, judges and law enforcers got their education and training while cybercrime was not an issue. To ensure that justice is not only done but seen to be done, training of these people is very important to equip them with basic knowledge of cyber law. 4.3.3. Judicial Response The researcher recommends that judges should continue to play a vital role in extending the existing principles governing paper-based documents and authentication to cover documents and signatures in electronic form. It is recommended that judges should categorically hold that evidence in a computer hard disk, flash disk; compact disk or floppy disk is relevant and admissible to prove or disprove a fact in issue in legal proceedings. The effect of this is to allow parties to present in court not only computer printouts, but also a piece of information in the above mentioned devices. For instance, in the case of National Bank of Commerce v. Milo Construction Co. Ltd and two others,158 the court missed the opportunity of inspecting the two computer programs which generated the statement that were admitted in court. The examination of the two programs, with the aid of a forensic expert, would have cleared the doubts whether replacing an old computer program for a new one leads to having two different standards of calculating interest resulting in two different statements. With the absence of a computer forensic, a person knowledgeable with the operation of the two computer programs could have been called to testify in his respect. The similar view was taken in an English case of R v. Shepherd.159 Though his case was criminal in nature, but the principle set is relevant to the point under discussion. It was held that; proof that a computer was reliable could be provided by calling a witness who was familiar with its operation in the sense of knowing what the computer was required to do and

158 159

Commercial case No. 293 of 2002 (Unreported) (1993)1 All ER 213

42

who could say that it was doing it properly, and such a witness need not be someone responsible for the operation of the computer.160 4.3.4. Raising Public Awareness and Education There is a need of educating the whole community on the harms of cybercrimes and the techniques applied by the cyber criminals. For example, as most of the organisations and financial institutions are operating with the assistance of computer, people should be educated on how they can handle their computers and passwords for the sake of securing their information. Tanzanians are characterized by generosity that affects not only material exchange, but also information exchange. Because of this generosity, you may ask to know about one thing and end up with a lot of more information being provided. One with malicious may be tempted to misuse the information. Furthermore, in connection with culture, there was observed lack of discipline concerning password that appears to be a very significant problem. It is very common to have passwords shared among employees. 4.3.5. The Need for Firms to secure their networked information The first thing organisations can do is to take reasonable steps to ensure that their networks are well protected. Even where laws are adequate, organisations dependent on their network must make their own information and systems secure. This can be done through the installation of software such as antivirus software and firewalls. 4.3.6. Coordination and Cooperation There is no doubt that cybercrime is global in nature, to curb this problem, Tanzania will need to cooperate with other countries and international organisations to effect this war. In addition, Tanzania will have also to ratify the convention on cybercrime and to invite legal and IT experts within and outside Tanzania to address the issue and thereafter to provide ways of handling this global harm.

160

See note 133 above, at pg. 119

43

BIBLIOGRAPHY

BOOKS Adam Mambi, ICT Law Book: A Source book For Information and Communication Technologies and Cyber Law In Tanzania and East African Community, Mkuki na Nyota Publishers: Dar Es Salaam, Tanzania, 2010

44 Andrew Mollel et el, Electronic Transactions and Law of Evidence in Tanzania, Peramiho Printing Press: Iringa Tanzania, 2007 Casey, E. Digital evidence and computer crime: forensic science, computers and the internet, 2004.

Chukwuemerie, A.I. Affidavit Evidence and Electronically Generated Materials in Nigerian Courts Volume 3, 2006. David I Bainbridge, Introduction to Information Technology Law, 6th Ed. Pearson Education Limited: England, 2008 Dr. Eve Hawa Suinare, Electronic Evidence and its Admissibility in Tanzania Courts, World Series Group Publications: 2007 Edward A. Cavazos et el, Cyber-Space and the Law: Your Rights and Duties in the On-Line World, MIT Press: Cambridge, London 1996. Fick J, Cybercrime in South Africa: Investigating and Prosecuting Cyber crime and the benefits of public-private partnerships, Butterworths, London, 2009. Grabosky, P. Cybercrime and Information Warfare, Paper presented at the Transnational Crime Conference convened by the Australian Institute of Nexis, UK. Edinburgh Dublin. Sciences, 2009 Vol. 6, No. 4. Gringras, C, The Laws of the Internet, 2nd edition, Butterworths, Lexis, 2003. Klodwig Mgaya, Development of Information Technology in Tanzania, United Nations University (UNU) Press: Tokyo, Japan, 1994. Lloyd J.J, Information Technology Law, 3rd Ed. Butterworths, Edinburgh Duldin, London, 2001.

Mapunda, B.T.Evidence part one, Relevancy of facts, 2005. Richard A. Spinello, Cyber Ethics: Morality and the Law In Cyber Space, 3rd Ed. Jones and Bartlett Publishers: Massachusetts, London, 2006. Seipel I.J, Law and Information Technology, Information Communication Technology Commission Report Stockholm, 2002. Watney, M. Understanding Electronic Surveillance as an investigatory method in conducting criminal investigations on the internet, 4th Ed, Butterworths, 2006

45

CASES DPP v. Kilbourne (1973) A.C.729 at Pg. 756 Maryland case (1996) 48 Cal. App. 4th 1822 [56 Cal. Rptr. 2d 498] National Bank of Commerce v. Milo Construction Co. Ltd and two others, Commercial case No.293 of 20002(Unreported) R v. Shepherd. (1993)1 All ER 213 Trust Bank Ltd v. Le-Marsh Enterprises Ltd, Commercial case No. 4 of 2000 (Unreported) Tanzania Bena Co. Ltd v. Bentash Holdings Ltd, Commercial case No. 71 of 2001 (Unreported) ELECTRONIC SOURCES The website of John Ubena on Why Tanzania Needs Electronic Communications Legislation?, Law Keeping up with Technology, found at http://www.Irct.go.tz/documents/journal.pdf retrieved on 23rd December 2011. The website of Eileen P. Drew and F. Gordon on the Information Technology in Selected Countries: Reports from Ireland, Ethiopia, Nigeria and Tanzania found at http://www.lrct.go.tz/documents/jpurnal.pdf retrieved on the 21st December 2011. The website of the UN on the Draft African Union convention on the Establishment of a Credible Legal Framework for Cyber Security in Africa, found at http://www.uneca.org/aisi/elegislation/documents/Draft_ accessed on 6th April 2012. The website of Heidari, M. on. Malicious codes in depth, available in http://www.securitydocs.com accessed on 9th March 2012 The website of United Nations on Criminalisation of Computer wrong doing United Nations, found at www.un.org/events/11thcongress/docs/bkkcp19e.pdf, accessed on 25th March 2012. The website of UN, on UNECA, AU to provide e-legislation against cyber crimes in Africa, found at http://www.businessdayonline.com/NG/index.php/news/world-news/20982-uneca-au-to-provide-elegislation, accessed on 6th April 2012. The website of Terry M. Anderson on Criminal Evidence: Principles and Cases, found at www.amazon.com/Criminal-Evidence-Principles-Thomas-Gardner/dp accessed on 1st April 2012. The website of Rex Attorneys on Tanzania: Admissibility Of Electronic Evidence, found at http:// www.mondaq.com/article.asp?articleid accessed on 9th April 2012 JOURNALS/ THESIS

46 A. Abdallah, The impact of ICT revolution in Tanzanias legal system: A critical analysis of cybercrimes and computer forensic evidence. A compulsory research paper submitted in partial fulfilment for the requirement for the degree of master of laws ( LLM) by thesis of the open university of Tanzania. Adam Mambi, Public Policy, Legal Issues on cyber Security in Africa, Dakar, Senegal, 2009 Dr. Eve Hawa Suinare, Electronic Evidence and its Admissibility in Tanzania Courts, World Series Group Publications: 2007 Erick Agwe-Mbarika Akuta et el Combating Cybercrimes in Sub-Sahara Africa: A Discourse on Law, Policy and Practice, International Research Journals: 2011. Saidi M. Kalunde, The Status of Cybercrimes in Tanzania, Strasbourg, France, 2011 Walden, I. East African Community Task Force on Cyber Laws, May 2008. REPORTS Report of the second EAC regional task force meeting on cyber laws, Golf course Hotel Kampala Uganda, June 2008 The United Nations Economic Commission for Africa (UNECA) report, on 3rd April 2012 NATIONAL LEGISLATIONS Broadcast Receiving Apparatus (Licensing) Act No. 6 of 1964 Broadcasting Corporation (Dissolution) Act of 1965 No. 11 of 1965 Broadcasting Services Act of 1993 Commission for Human Rights and Good Governance Act No. 16 of 2007 Communications Act N0 18 of 1993 Evidence Act of 1967 (CAP 6 of Laws R.E 2002) Penal Code CAP 16 of the Laws (R.E 2002) The Communications Regulatory Authority Act N0 12 of 1994

47 The Posts and Telecommunication Act of 1993(R.E 2010) The Posts and Telecommunications Corporation Act of 1977

FOREIGN LEGISLATIONS The Computer Misuse Act of the United Kingdom of 1990

CONVENTIONS Draft African Union Convention on the Establishment of a Credible Legal Framework for Cyber Security in Africa, version 01/01of 2011. United Nations Convention on International Trade Law (UNCITRAL) Model Law, guide to enactment, 1996. United Nations Convention on the use of electronic communications in International Contracts of 2007. The Convention on Cybercrimes of 2004