|
|||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
The Electronic Crimes (Amendment) Bill, 2012
is now available for comments and suggestions from the general public
and interest groups and is available on line at
www.cuopm.com
Comments and suggestions can be sent to the
Legal Department in the Attorney General’s Office, Government
Headquarters, Church Street, Basseterre or email
attorneygeneral@gov.kn
ELECTRONIC CRIMES (AMENDMENT)
BILL, 2012
SAINT CHRISTOPHER AND NEVIS
No. … of 2012
ARRANGEMENT OF CLAUSES
Clause
1.
Short title.
2.
Interpretation.
3.
Amendment to section 2 of the Act.
4.
Amendment to section 3 of the Act.
5.
Amendment to section 4 of the Act.
6.
Amendment to section 5 of the Act.
7.
Amendment to section 6 of the Act
8.
Amendment to section 8 of the Act.
9.
Amendment to section 9 of the Act.
10.
Repeal of section 12 of the Act.
11.
Amendment to section 14 of the Act.
12.
Insertion of new sections 14, 15, 16, and 17.
13.
Amendment to section 15 of the Act.
14.
Renumbering of new sections 16, 17, 18, and 19.
15.
Insertion of new sections 23, 24, and 25.
16.
Renumbering of sections 20 and 21.
17.
Insertion of new section 28.
No.
of 2012
Electronic Crimes (Amendment)
Saint Christopher
Bill, 2012
and Nevis
SAINT
CHRISTOPHER AND NEVIS
No.
of 2012
A BILL
to amend the Electronic Crimes Act, No. 27 of 2009.
BE IT ENACTED
by the Queen’s Most Excellent Majesty by and
with the advice and consent of the National Assembly of Saint
Christopher and Nevis, and by the authority of the same as follows:
1.
Short title.
This Act may be
cited as the Electronic Crimes (Amendment) Act, 2012.
2.
Interpretation.
In this Act,
unless the context otherwise requires, Act means the Electronic Crimes
Act, No. 27 of 2009.
3.
Amendment to section 2 of
the Act.
The Act is amended in section 2 by
replacing the definition of the word “intercept” with the
following:
“intercept” includes, but is not limited
to, acquiring, viewing and capturing of any computer data communication,
whether by wire, wireless, electronic, optical, magnetic, oral, or other
means, during transmission through the use of any technical advice;”.
4.
Amendment to section 3 of
the Act.
The Act is amended by replacing section 3
thereof with the following:
“3.
Application of Act.
This Act applies to an act done or an omission made
(a)
in Saint
Christopher and Nevis;
(b)
on a ship
or aircraft registered in Saint Christopher and Nevis; or
(c)
by a
national of Saint Christopher and Nevis outside Saint Christopher and
Nevis, if the person’s conduct would also constitute an offence under
the laws of the country where the offence was committed.
5.
Amendment to section 4 of
the Act.
The Act is amended by replacing section 4
thereof with the following:
“4.
Illegal access and illegal
remaining.
(1)
A person who, without lawful excuse or justification or in excess
of a lawful excuse or justification, knowingly accesses the whole or any
part of a computer system, commits an offence , and shall be liable, on
summary conviction, to a fine
not exceeding five thousand dollars or to imprisonment for a term not
exceeding one year in the case of a first conviction, and in case of any
subsequent conviction to a fine not exceeding ten thousand
dollars or to imprisonment for a term not exceeding two years or
both.
(2)
If any damage results from an offence committed under subsection
(1), notwithstanding the penalties referred to in that subsection, a
person who is convicted of that offence shall be liable to a fine not
exceeding twenty thousand dollars or to imprisonment for a term not
exceeding three years or both.
(3)
Where a person who is not authorized
(a)
to have a program or computer data; or
(b)
to have access to any program or computer data;
has in his or her custody or control any
program or computer data or other information which is held in any
computer or retrieved from any computer, with the intent to commit an
offence, the person shall be deemed to have committed the offence of
illegally accessing the program or computer data unless the contrary is
proved.
(4)
A person who commits an offence under subsection (3) shall be
liable, on conviction on indictment, to a fine not exceeding fifty
thousand dollars or to imprisonment for a term not exceeding five years
or both.”.
(5)
A person who has a right of access to a computer system or part
of a computer system by virtue of the nature of that person’s work
commits an offence if that person accesses the computer system in
accordance with the authorization and remains logged in the computer
system contrary to the authorization with intent to commit an ulterior
offence to the detriment of his or her employer.
(6)
A person who is convicted of an offence under the provisions of
subsection (5) shall be liable, on summary conviction,
to a fine not exceeding five thousand dollars or to imprisonment
for a term not exceeding one year, in the case of a first conviction,
and, in case of any subsequent conviction, to a fine not exceeding ten
thousand dollars or to imprisonment for a term not exceeding two years
or both.”.
6.
Amendment to section 5 of
the Act.
The Act is amended in section 5 by
inserting immediately before the word “data”, wherever it appears in
subsection (1) thereof the word “computer”.
7.
Amendment to section 6 of
the Act.
The Act is amended in section 6 by
inserting immediately after subsection (2) thereof the following new
subsection:
“(3)
A person who knowingly, without lawful excuse or justification or
in excess of a lawful excuse or justification, hinders or interferes
with a computer system
(a)
which is exclusively for the use of critical infrastructure operations;
or
(b)
which is not exclusively for the use of critical infrastructure
operations, but which is used in critical infrastructure operations;
and the conduct of the person affects the use or impacts the operations
of critical infrastructure commits an offence and shall be liable, on
conviction on indictment, to a fine of one hundred thousand dollars or
to imprisonment for a term of ten years
or both.”.
8.
Amendment to section 8 of
the Act.
The Act is amended by replacing section 8 thereof with the
following:
“8.
Possession, sell etc of
illegal devices.
A person who
(a)
knowingly, without lawful excuse or justification or in excess of a
lawful excuse or justification, produces, sells, procures for use,
imports, exports, distributes or otherwise makes available
(i)
a device, including a computer program, that is designed or
adapted for the purpose of committing an offence defined by the other
provisions of Part II of this Act; or
(ii)
a computer password, access code or similar data by which the
whole or any part of a computer system is capable of being accessed,
with the intent that it be used by any person for the purpose of
committing an offence defined by the other provisions of Part II of this
Act; or
(b)
has an item mentioned in subparagraph (i) or (ii) in his or her
possession with the intent that it be used by any person for the purpose
of committing an offence defined by the other provisions of part II of
this Act;
commits an offence and shall be liable, on conviction on indictment, to
a fine of fifty thousand dollars or to imprisonment for a term of five
years or both.”.
9.
Amendment to section 9 of
the Act.
The Act is amended by replacing section 9 thereof with the
following:
“9.
Computer related fraud.
A person who knowingly, without lawful excuse or
justification or in excess of a lawful excuse or justification, causes
loss of property to another person by
(a)
any input, alteration, deletion or suppression of computer data;
(b)
any interference with the functioning of a computer system, with
fraudulent or dishonest intent of procuring, without right, an economic
benefit for oneself or for another person;
commits an offence and shall be liable, on conviction on indictment, to
a fine of fifty thousand dollars or to imprisonment for a term of five
years or both.
10.
Repeal of section 12.
The Act is amended by repealing section 12 thereof, and by
renumbering sections 13 and 14 accordingly.
11.
Amendment to section 14 of
the Act.
The Act is amended in section 14, which has been renumbered as
section 13, by inserting immediately after subsection (2) thereof the
following new subsection:
“(3)
For the purposes of subsection (1), communication that constitute
a threat or is menacing in character includes
communication that causes substantial emotional distress.”.
12.
Insertion of new sections
14, 15, 16, and 17.
The Act is amended by inserting immediately after section 14,
which has been renumbered as section 13, the following new sections:
“14.
Computer related forgery.
(1)
A person who knowingly, without lawful excuse or justification or
in excess of a lawful excuse or justification,
(a)
makes an input;
(b)
alters;
(c)
deletes; or
(d)
suppresses computer data;
resulting in inauthentic computer data with
intent that it be considered or
acted upon for legal purposes as if it were authentic, regardless of
whether or not the computer data is directly readable and intelligible,
commits an offence, and shall be liable, on summary conviction, to
imprisonment for a period not exceeding five years.
(2)
If the offence created by subsection (1) is committed by sending
out multiple electronic mail messages from or through computer systems,
the person shall be liable, on conviction, to a fine not exceeding one
hundred thousand or imprisonment for a term not exceeding ten years, or
both.
15.
Data espionage.
A person who, knowingly, without lawful excuse or
justification or in excess of a lawful excuse or justification, obtains
for himself or herself from another computer data which are not meant
for him or her and which are specially protected against unauthorized
access, commits an offence, and shall be liable, on summary conviction,
to a fine not exceeding fifty thousand dollars, or to imprisonment for a
term not exceeding five
years, or both.
16.
Identity
related crimes.
A person who knowingly, without lawful excuse or
justification or in excess of a lawful excuse or justification, uses a
computer system at any stage of an offence to transfer, possess, or use
a means of identification of another person with the intent to commit,
aid or abet, or in connection with, any unlawful activity that
constitutes a crime, commits an offence, and shall be liable, on summary
conviction, to a fine not exceeding fifty thousand dollars or to
imprisonment for a term not exceeding five years, or both.
17.
Spam.
A
person who knowingly, without lawful excuse or justification,
(a)
initiates the transmission of multiple electronic mail messages
from or through a computer system;
(b)
uses a protected computer system to relay or retransmit multiple
electronic mail messages, with intent to deceive or mislead users, or
any electronic mail or internet service provider, as to the origin of
such messages; or
(c)
materially falsifies header information in multiple electronic
mail messages and intentionally initiates the transmission of such
messages;
commits an offence, and shall be liable, on summary conviction, to a
fine not exceeding fifty thousand dollars, or to imprisonment
for a term not exceeding five
years, or both.
13.
Amendment to section 15 of
the Act.
The Act is amended by
(a)
renumbering section 15 as section 18;
(b)
replacing subsection (1) thereof with the following:
“(1)
Where a Magistrate is satisfied, on the basis of information given on
oath by a police officer, that there are reasonable grounds to suspect that there
may be in a place or premises a thing or computer data:
(a)
which may be material as evidence in proving an offence under
this Act; or
(b)
which has been acquired by a person as a result of an offence
committed under this Act;
the Magistrate may issue a warrant authorizing the police officer to
enter the place or premises and search and seize the thing or computer
using such assistance as may be necessary, and the
search may include a search or access to a computer system or part of
it and the computer data stored in that system as well as a computer
data storage medium in which the computer data may be stored in Saint
Christopher and Nevis.”;
(c)
replacing subsection (3) thereof with the following new
subsection:
“(3)
A police officer may, where it is reasonably required, request a
person who is not a suspect of a crime but who has knowledge
about the functioning of a computer system or measures applied to
protect the computer data in the computer system which is the subject of
a search under this section to assist the police officer, and the person
so requested shall permit and assist the police officer to make the
search by
(a)
providing information that enables the undertaking of measures
referred to in this section;
(b)
accessing and using a computer system or computer data storage
medium to search any computer data available to or in the system;
(c)
obtaining and copying such computer data;
(d)
using equipment to make copies; and
(e)
obtaining an intelligible output from a computer system in such a
format that is admissible for the purpose of legal proceedings.
(d)
inserting immediately after subsection (3) thereof the following
new subsection:
“(4)
Where a police officer who is undertaking a search pursuant to
the provisions of subsection (1) has reasonable grounds to believe that
the computer data which is being sought is stored in another computer
system or part of it is stored in Saint Christopher and Nevis, and such
data is lawfully accessible from or available to the initial system, the
police officer shall apply to the Magistrate in Chambers to
expeditiously extend the search for the other computer system or the
accessing of such system.”;
(e)
inserting immediately after the newly inserted subsection (4)
thereof the following new subsection:
(5)
A person referred who fails, without lawful excuse or
justification or in excess of a lawful excuse or justification, to
permit or assist a police officer as required by the provisions of
subsection (4) commits an offence, and shall be liable, on summary
conviction, to a fine not exceeding ten thousand or to imprisonment for
a term not exceeding one year, or both.”;
(f)
renumbering subsections (4), (5), and (6) thereof as subsections
(6), (7), and (8), respectively; and
(g)
replacing the expression “subsection (1) (b) or (c)” which appear
in the third line of the subsection which has been renumbered as
subsection (6) thereof with the expression “subsection (2) (b) or (c)”.
14.
Renumbering of sections 16, 17, 18, and 19.
The Act is
amended by renumbering sections 16, 17, 18, and 19 as sections 19, 20,
21, and 22, respectively.
15.
Insertion of new sections
23, 24, and 25.
The Act is amended by inserting
immediately after section 19, which has been renumbered as section 22,
thereof the following new sections:
“23.
Expedited preservation of computer data.
(1)
Where a police officer is satisfied that there are grounds to
believe that computer data which is reasonably required for the purposes
of a criminal investigation is particularly vulnerable to loss or
modification, the police officer may, by written notice given to a
person in control of the computer data, require the person to ensure
that the computer data specified in the notice is preserved for a period
of up to seven days as specified in the notice.
(2)
The period referred to in subsection (1) may be extended beyond
the seven days if, on an ex parte
application, a Magistrate authorizes an extension for a further
specified period of time.
24.
Use of forensic
software.
(1)
If a judge is satisfied, upon application and on the basis of
information given on oath, that in an investigation concerning an
offence there are reasonable grounds to believe that essential evidence
cannot be collected by applying other provisions of this Act but is
reasonably required for the purposes of a criminal investigation, the
judge may authorize a police officer to utilize a remote forensic
software with the specific task required for the investigation and
install it on the suspect’s computer system in order to collect the
relevant evidence.
(2)
The application made pursuant to the provisions of subsection (1)
shall contain the following information:
(a)
suspect of the offence, if possible with name and address;
(b)
description of the targeted computer system;
(c)
description of the intended measure, extent and duration of the
utilization; and
(d)
reasons for the necessity of the utilization.
(3)
In granting the authorization, the Judge may require that in such
investigation the police officer should ensure that modifications to the
computer system of the suspect are limited to those essential for the
investigation and that any changes if possible can be undone after the
end of the investigation.
(4)
During the investigation it shall be necessary to log
(a)
the technical means used and time and date of the application;
(b)
the identification of the computer system and details of the
modifications undertaken within the investigation;
(c)
any information obtained.
(5)
Information obtained by the use of the software shall be
protected against any modification, unauthorized deletion and
unauthorized access.
(6)
The duration of authorization granted pursuant to the provisions
of subsection (1) shall be for a period of three months, and if the
conditions of the authorization are no longer met, the action taken
shall stop immediately.
(7)
For the purposes of this section, the authorization to install
the software includes remotely accessing the suspect’s computer system.
(8)
If the installation process requires physical access to a place
the requirements of section 15 shall be fulfilled.
(9)
If necessary, a police officer may, pursuant to the authorization
under subsection (1), request that the court order an internet service
provider to support the installation process.
25.
Disclosure of details of an investigation.
An internet service provider who receives
an order related to a criminal investigation that explicitly stipulates
that confidentiality is to be maintained or such obligation is stated by
law and such internet service provider intentionally, without lawful
excuse or justification or in excess of a lawful excuse or
justification, discloses
(a)
the fact that an order has been made;
(b)
anything done under the order; or
(c)
any data collected or recorded under the order;
the internet
service provider commits an offence, and shall be liable, on summary
conviction, to a fine not exceeding ten thousand dollars.
16.
Renumbering of sections 20
and 21.
The Act is amended by renumbering sections 20 and
21 as sections 26 and 27, respectively.
17.
Insertion of new section
28.
The Act is amended by inserting after section 21,
which has been renumbered as section 27, thereof the following new
section:
“28.
Regulations.
The Minister may generally make regulations
to give effect to the provisions of this Act.”.
CURTIS A MARTIN
Speaker
Passed by the National Assembly this
day of
, 2011.
JOSÉ LLOYD
Clerk of the National Assembly
OBJECTS AND REASONS
1. The object of the
Bill is to amend the Electronic
Crimes Act, No. 27 of 2009 in order to bring the Act in line with
international standards. The amendments are intended to facilitate the
harmonization of the Act by bringing it in line with the international
standards so as to ensure that existing offences and laws respecting the
investigative powers of the police and admissibility of evidence in
judicial proceedings adequately apply in order to deal with the novel
and sophisticated forms of criminal activity.
2. Clauses 1 and 2 of
the Bill seek to make provision for matters of a preliminary nature,
that is to say, the short title of the Bill and the definition of the
term Act.
3. Clause 3 of the Bill
seeks to amend section 2 of the Act by replacing the definition of
“intercept” so as to bring it in line with international standards.
4. Clause 4 of the Bill
seeks to amend section 3 of the Act so that jurisdiction is based on the
principle of nationality.
Currently that section makes provision for unlimited jurisdiction with
regard to acts committed outside Saint Christopher and Nevis which would
be very difficult to enforce.
5.
Clause 5 of the Bill seeks to replace section 4 of the Act in
order to create clear offences relating to illegal access and illegal
remaining. Thus, the Clause
seeks to ensure that acts committed in excess of a lawful excuse or
justification are criminalized. Further,
the Clause seeks to create the offence of illegal remaining, which
offence is intended to target persons with a right of access to a
computer system or part of a computer system by virtue of the nature of
their work who access the computer system in accordance with the
authorization and remain logged in the computer system contrary to the
authorization with
intent to commit ulterior offences to the detriment of their
employer. Further, the Clause
seeks to consolidate the provisions of section 12 of the Act into Clause
4 because of the similarities.
6. Clause 6 of the Bill
seeks to amend section 5 of the Act by inserting immediately before the
word “data” wherever it appears in subsection (1) thereof the word
“computer’.
7. Clause 7 of the Bill
seeks to amend section 6 of the Act in order to create the offence of
hindering or interfering with a computer system
§
which is
exclusively for the use of critical infrastructure operations; or
§
which is not
for the use of critical infrastructure operations, but which is used in
critical infrastructure operations;
whereby the
conduct of the person affects the use or impacts the operations of
critical infrastructure.
8. Clause 8 of the Bill
seeks to amend section 8 of the Act in order to provide for possession
of devices with the intent that such devices are to be used for the
purpose of committing an offence.
This is intended to bring the provisions of that section in line
with international standards.
9. Clause 9 of the Bill seeks
to amend section 9 of the Act in order to criminalise computer related
fraud.
10. Clause 11 of the Bill seeks to amend
section 14 of the Act by defining communication that constitute a threat
or is menacing in character.
11. Clause 12 of the Bill seeks to
introduce four new sections, namely, sections 14, 15, 16 and 17 in order
to make provision for new offences which are not covered by the Act.
First, the Clause seeks to create the offence
of computer related forgery in order to target
persons who
knowingly, without lawful excuse or justification or in excess of lawful
excuse or justification,
(a)
make an input;
(b)
alter;
(c)
delete; or
(d)
suppress computer data;
resulting in inauthentic computer data with intent that it be
considered or acted upon for legal purposes as if it were authentic,
regardless of whether or not the computer data is directly readable and
intelligible.
Secondly, the Clause seeks to create the
offence of data espionage in order to target a
person who, knowingly, without lawful
excuse or justification or in excess of a lawful excuse or
justification, obtains for himself or herself from another computer data
which are not meant for him or her and which are specially protected
against unauthorized access.
Thirdly, the Clause seeks to create the
offence of
identity related crimes in order to target a
person who knowingly, without lawful excuse or justification or in
excess of a lawful excuse or justification, uses a computer system at
any stage of an offence to transfer, possess, or use a means of
identification of another person with intent to commit, aid or abet, or
in connection with, any unlawful activity that constitutes a crime.
Fourthly, the Clause seeks to create the offence of spam in order to
target a person who knowingly, without lawful excuse or
justification,
(a)
initiates the transmission of multiple electronic mail messages
from or through a computer system;
(b)
uses a protected computer system to relay or retransmit multiple
electronic mail messages, with intent to deceive or mislead users, or
any electronic mail or internet service providers, as to the origin of
such messages; or
(c)
materially falsifies header information in multiple electronic
mail messages and intentionally initiates the transmission of such
messages.
12. Clause 13 of the Bill seeks to amend
section 15 of the Act in order to enhance the investigative powers of
the police.
13. Clause 15 of the Bill seeks to
introduce three new sections, namely, sections 23, 24, and 25.
First, the
Clause seeks to introduce a new section relating to expedited
preservation of computer data in order to facilitate
a police officer who, if satisfied that there are grounds to
believe that
computer data which is reasonably required for the purposes of a
criminal investigation is particularly vulnerable to loss or
modification, may, by written notice given to a person in control of the
computer data, require the
person to ensure that the computer data specified in the
notice is preserved for a period of up to seven days as specified in the
notice. Such period may be
extended beyond the seven days if, on an
ex parte application, a
Magistrate authorizes an extension of the same for a further
specified period
of time.
Secondly, the Clause seeks to introduce a new section relating to
use of forensic software in order to facilitate police officers to use
forensic software in an investigation concerning an offence where
there are reasonable grounds to believe that essential evidence cannot
be collected by applying other provisions of the Act but is reasonably
required for the purposes of
a criminal investigation.
The use of this method will have to be approved by the judge upon
application by a police officer. Once
the approval is given then a police would be able to utilize a remote
forensic software with the specific task
required for the investigation and install it on the suspect’s
computer system in order to collect the relevant evidence.
Thirdly, the Clause seeks to introduce a new
section relating to the disclosure of details of an investigation in
order to ensure that an internet service provider who receives an order
related to a criminal investigation that explicitly stipulates that
confidentiality is to be maintained or such obligation is stated by law
complies with such requirement, otherwise should the internet service
provider intentionally, without lawful excuse or justification or in
excess of a lawful excuse or justification, discloses the details of the
investigation, then such provider will face legal consequences.
14.
Clause 17 of the Bill seeks to introduce a new section that empowers the
Minister to make regulation in order to give effect to the provisions of
the Act.
PATRICE D.H. NISBETT
Hon.
Attorney-General
__._,_.___
Reply to sender |
Reply to group |
Reply via web post |
Start a New Topic
Recent Activity:
·
New Members
3
***************************************************************************
Switch to:
Text-Only,
Daily Digest •
Unsubscribe • Terms of
Use
.
|
|||||||||||||||||||||||||||||||
************************* This article was posted in its entirety as received by SKNList.com. SKNList.com does not correct any spelling or grammatical error within press releases and commentaries. The views expressed therein are not necessarily those of SKNList.com, its sponsors or advertisers. |
|||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||
Copyright © 1994-2014 SKNList.com All Rights Reserved Cayon, St.Kitts-Nevis Terms of use |