Nigeria: Cybercrimes (Prohibition, Prevention, etc.) Act including data protection regulation entered into force

On 15 May 2015, the Cybercrimes (Prohibition, Prevention, etc.) Act including data protection regulation entered into force following its signing into law by the President on the same day. It establishes a legal framework for the prevention, detection, prosecution, and punishment of cybercrimes within Nigeria. The Act applies nationwide and aims to safeguard critical national information infrastructure by securing computer systems, networks, electronic communications, data, and intellectual property. It outlines specific offences, such as unauthorised access to computers, cyberstalking, cybersquatting, identity theft, and electronic fraud. Additionally, it addresses the regulation of cybercafés, manipulation of electronic devices, and obligations for financial institutions and service providers. The Act further provides for penalties, including imprisonment, fines, and asset forfeiture, and grants enforcement powers to law enforcement agencies. Intermediaries are required to retain traffic data, subscriber information, and content for two years and must disclose this information to law enforcement upon request.