Basseterre St.Kitts, West Indies Your link to St.Kitts-Nevis since 1994
News	Community	Economy	Sports	Tourism	Weather	Commentary	Culture	Subscribe	Members	Search	Contact Us

Home

News

ELECTRONIC CRIMES (AMENDMENT) BILL, 2012

Post a comment

Click to read / download

The Electronic Crimes (Amendment) Bill, 2012 is now available for comments and suggestions from the general public and interest groups and is available on line at www.cuopm.com

Comments and suggestions can be sent to the Legal Department in the Attorney General’s Office, Government Headquarters, Church Street, Basseterre or email attorneygeneral@gov.kn

ELECTRONIC CRIMES (AMENDMENT) BILL, 2012

SAINT CHRISTOPHER AND NEVIS

No. … of 2012

ARRANGEMENT OF CLAUSES

Clause

1. Short title.

2. Interpretation.

3. Amendment to section 2 of the Act.

4. Amendment to section 3 of the Act.

5. Amendment to section 4 of the Act.

6. Amendment to section 5 of the Act.

7. Amendment to section 6 of the Act

8. Amendment to section 8 of the Act.

9. Amendment to section 9 of the Act.

10. Repeal of section 12 of the Act.

11. Amendment to section 14 of the Act.

12. Insertion of new sections 14, 15, 16, and 17.

13. Amendment to section 15 of the Act.

14. Renumbering of new sections 16, 17, 18, and 19.

15. Insertion of new sections 23, 24, and 25.

16. Renumbering of sections 20 and 21.

17. Insertion of new section 28.

No. of 2012 Electronic Crimes (Amendment) Saint Christopher

Bill, 2012 and Nevis

SAINT CHRISTOPHER AND NEVIS

No. of 2012

A BILL to amend the Electronic Crimes Act, No. 27 of 2009.

BE IT ENACTED by the Queen’s Most Excellent Majesty by and with the advice and consent of the National Assembly of Saint Christopher and Nevis, and by the authority of the same as follows:

1. Short title.

This Act may be cited as the Electronic Crimes (Amendment) Act, 2012.

2. Interpretation.

In this Act, unless the context otherwise requires, Act means the Electronic Crimes Act, No. 27 of 2009.

3. Amendment to section 2 of the Act.

The Act is amended in section 2 by replacing the definition of the word “intercept” with the following:

“intercept” includes, but is not limited to, acquiring, viewing and capturing of any computer data communication, whether by wire, wireless, electronic, optical, magnetic, oral, or other means, during transmission through the use of any technical advice;”.

4. Amendment to section 3 of the Act.

The Act is amended by replacing section 3 thereof with the following:

“3. Application of Act.

This Act applies to an act done or an omission made

(a) in Saint Christopher and Nevis;

(b) on a ship or aircraft registered in Saint Christopher and Nevis; or

(c) by a national of Saint Christopher and Nevis outside Saint Christopher and Nevis, if the person’s conduct would also constitute an offence under the laws of the country where the offence was committed.

5. Amendment to section 4 of the Act.

The Act is amended by replacing section 4 thereof with the following:

“4. Illegal access and illegal remaining.

(1) A person who, without lawful excuse or justification or in excess of a lawful excuse or justification, knowingly accesses the whole or any part of a computer system, commits an offence , and shall be liable, on summary conviction, to a fine not exceeding five thousand dollars or to imprisonment for a term not exceeding one year in the case of a first conviction, and in case of any subsequent conviction to a fine not exceeding ten thousand dollars or to imprisonment for a term not exceeding two years or both.

(2) If any damage results from an offence committed under subsection (1), notwithstanding the penalties referred to in that subsection, a person who is convicted of that offence shall be liable to a fine not exceeding twenty thousand dollars or to imprisonment for a term not exceeding three years or both.

(3) Where a person who is not authorized

(a) to have a program or computer data; or

(b) to have access to any program or computer data;

has in his or her custody or control any program or computer data or other information which is held in any computer or retrieved from any computer, with the intent to commit an offence, the person shall be deemed to have committed the offence of illegally accessing the program or computer data unless the contrary is proved.

(4) A person who commits an offence under subsection (3) shall be liable, on conviction on indictment, to a fine not exceeding fifty thousand dollars or to imprisonment for a term not exceeding five years or both.”.

(5) A person who has a right of access to a computer system or part of a computer system by virtue of the nature of that person’s work commits an offence if that person accesses the computer system in accordance with the authorization and remains logged in the computer system contrary to the authorization with intent to commit an ulterior offence to the detriment of his or her employer.

(6) A person who is convicted of an offence under the provisions of subsection (5) shall be liable, on summary conviction, to a fine not exceeding five thousand dollars or to imprisonment for a term not exceeding one year, in the case of a first conviction, and, in case of any subsequent conviction, to a fine not exceeding ten thousand dollars or to imprisonment for a term not exceeding two years or both.”.

6. Amendment to section 5 of the Act.

The Act is amended in section 5 by inserting immediately before the word “data”, wherever it appears in subsection (1) thereof the word “computer”.

7. Amendment to section 6 of the Act.

The Act is amended in section 6 by inserting immediately after subsection (2) thereof the following new subsection:

“(3) A person who knowingly, without lawful excuse or justification or in excess of a lawful excuse or justification, hinders or interferes with a computer system

(a) which is exclusively for the use of critical infrastructure operations; or

(b) which is not exclusively for the use of critical infrastructure operations, but which is used in critical infrastructure operations;

and the conduct of the person affects the use or impacts the operations of critical infrastructure commits an offence and shall be liable, on conviction on indictment, to a fine of one hundred thousand dollars or to imprisonment for a term of ten years or both.”.

8. Amendment to section 8 of the Act.

The Act is amended by replacing section 8 thereof with the following:

“8. Possession, sell etc of illegal devices.

A person who

(a) knowingly, without lawful excuse or justification or in excess of a lawful excuse or justification, produces, sells, procures for use, imports, exports, distributes or otherwise makes available

(i) a device, including a computer program, that is designed or adapted for the purpose of committing an offence defined by the other provisions of Part II of this Act; or

(ii) a computer password, access code or similar data by which the whole or any part of a computer system is capable of being accessed, with the intent that it be used by any person for the purpose of committing an offence defined by the other provisions of Part II of this Act; or

(b) has an item mentioned in subparagraph (i) or (ii) in his or her possession with the intent that it be used by any person for the purpose of committing an offence defined by the other provisions of part II of this Act;

commits an offence and shall be liable, on conviction on indictment, to a fine of fifty thousand dollars or to imprisonment for a term of five years or both.”.

9. Amendment to section 9 of the Act.

The Act is amended by replacing section 9 thereof with the following:

“9. Computer related fraud.

A person who knowingly, without lawful excuse or justification or in excess of a lawful excuse or justification, causes loss of property to another person by

(a) any input, alteration, deletion or suppression of computer data;

(b) any interference with the functioning of a computer system, with fraudulent or dishonest intent of procuring, without right, an economic benefit for oneself or for another person;

commits an offence and shall be liable, on conviction on indictment, to a fine of fifty thousand dollars or to imprisonment for a term of five years or both.

10. Repeal of section 12.

The Act is amended by repealing section 12 thereof, and by renumbering sections 13 and 14 accordingly.

11. Amendment to section 14 of the Act.

The Act is amended in section 14, which has been renumbered as section 13, by inserting immediately after subsection (2) thereof the following new subsection:

“(3) For the purposes of subsection (1), communication that constitute a threat or is menacing in character includes communication that causes substantial emotional distress.”.

12. Insertion of new sections 14, 15, 16, and 17.

The Act is amended by inserting immediately after section 14, which has been renumbered as section 13, the following new sections:

“14. Computer related forgery.

(1) A person who knowingly, without lawful excuse or justification or in excess of a lawful excuse or justification,

(a) makes an input;

(b) alters;

(d) suppresses computer data;

resulting in inauthentic computer data with intent that it be considered or acted upon for legal purposes as if it were authentic, regardless of whether or not the computer data is directly readable and intelligible, commits an offence, and shall be liable, on summary conviction, to imprisonment for a period not exceeding five years.

(2) If the offence created by subsection (1) is committed by sending out multiple electronic mail messages from or through computer systems, the person shall be liable, on conviction, to a fine not exceeding one hundred thousand or imprisonment for a term not exceeding ten years, or both.

15. Data espionage.

A person who, knowingly, without lawful excuse or justification or in excess of a lawful excuse or justification, obtains for himself or herself from another computer data which are not meant for him or her and which are specially protected against unauthorized access, commits an offence, and shall be liable, on summary conviction, to a fine not exceeding fifty thousand dollars, or to imprisonment for a term not exceeding five years, or both.

16. Identity related crimes.

A person who knowingly, without lawful excuse or justification or in excess of a lawful excuse or justification, uses a computer system at any stage of an offence to transfer, possess, or use a means of identification of another person with the intent to commit, aid or abet, or in connection with, any unlawful activity that constitutes a crime, commits an offence, and shall be liable, on summary conviction, to a fine not exceeding fifty thousand dollars or to imprisonment for a term not exceeding five years, or both.

17. Spam.

A person who knowingly, without lawful excuse or justification,

(a) initiates the transmission of multiple electronic mail messages from or through a computer system;

(b) uses a protected computer system to relay or retransmit multiple electronic mail messages, with intent to deceive or mislead users, or any electronic mail or internet service provider, as to the origin of such messages; or

(c) materially falsifies header information in multiple electronic mail messages and intentionally initiates the transmission of such messages;

commits an offence, and shall be liable, on summary conviction, to a fine not exceeding fifty thousand dollars, or to imprisonment for a term not exceeding five years, or both.

13. Amendment to section 15 of the Act.

The Act is amended by

(a) renumbering section 15 as section 18;

(b) replacing subsection (1) thereof with the following:

“(1) Where a Magistrate is satisfied, on the basis of information given on oath by a police officer, that there are reasonable grounds to suspect that there may be in a place or premises a thing or computer data:

(a) which may be material as evidence in proving an offence under this Act; or

(b) which has been acquired by a person as a result of an offence committed under this Act;

the Magistrate may issue a warrant authorizing the police officer to enter the place or premises and search and seize the thing or computer using such assistance as may be necessary, and the search may include a search or access to a computer system or part of it and the computer data stored in that system as well as a computer data storage medium in which the computer data may be stored in Saint Christopher and Nevis.”;

“(3) A police officer may, where it is reasonably required, request a person who is not a suspect of a crime but who has knowledge about the functioning of a computer system or measures applied to protect the computer data in the computer system which is the subject of a search under this section to assist the police officer, and the person so requested shall permit and assist the police officer to make the search by

(a) providing information that enables the undertaking of measures referred to in this section;

(b) accessing and using a computer system or computer data storage medium to search any computer data available to or in the system;

(d) using equipment to make copies; and

(e) obtaining an intelligible output from a computer system in such a format that is admissible for the purpose of legal proceedings.

(d) inserting immediately after subsection (3) thereof the following new subsection:

“(4) Where a police officer who is undertaking a search pursuant to the provisions of subsection (1) has reasonable grounds to believe that the computer data which is being sought is stored in another computer system or part of it is stored in Saint Christopher and Nevis, and such data is lawfully accessible from or available to the initial system, the police officer shall apply to the Magistrate in Chambers to expeditiously extend the search for the other computer system or the accessing of such system.”;

(e) inserting immediately after the newly inserted subsection (4) thereof the following new subsection:

(5) A person referred who fails, without lawful excuse or justification or in excess of a lawful excuse or justification, to permit or assist a police officer as required by the provisions of subsection (4) commits an offence, and shall be liable, on summary conviction, to a fine not exceeding ten thousand or to imprisonment for a term not exceeding one year, or both.”;

(f) renumbering subsections (4), (5), and (6) thereof as subsections (6), (7), and (8), respectively; and

(g) replacing the expression “subsection (1) (b) or (c)” which appear in the third line of the subsection which has been renumbered as subsection (6) thereof with the expression “subsection (2) (b) or (c)”.

14. Renumbering of sections 16, 17, 18, and 19.

The Act is amended by renumbering sections 16, 17, 18, and 19 as sections 19, 20, 21, and 22, respectively.

15. Insertion of new sections 23, 24, and 25.

The Act is amended by inserting immediately after section 19, which has been renumbered as section 22, thereof the following new sections:

“23. Expedited preservation of computer data.

(1) Where a police officer is satisfied that there are grounds to believe that computer data which is reasonably required for the purposes of a criminal investigation is particularly vulnerable to loss or modification, the police officer may, by written notice given to a person in control of the computer data, require the person to ensure that the computer data specified in the notice is preserved for a period of up to seven days as specified in the notice.

(2) The period referred to in subsection (1) may be extended beyond the seven days if, on an ex parte application, a Magistrate authorizes an extension for a further specified period of time.

24. Use of forensic software.

(1) If a judge is satisfied, upon application and on the basis of information given on oath, that in an investigation concerning an offence there are reasonable grounds to believe that essential evidence cannot be collected by applying other provisions of this Act but is reasonably required for the purposes of a criminal investigation, the judge may authorize a police officer to utilize a remote forensic software with the specific task required for the investigation and install it on the suspect’s computer system in order to collect the relevant evidence.

(2) The application made pursuant to the provisions of subsection (1) shall contain the following information:

(a) suspect of the offence, if possible with name and address;

(b) description of the targeted computer system;

(d) reasons for the necessity of the utilization.

(3) In granting the authorization, the Judge may require that in such investigation the police officer should ensure that modifications to the computer system of the suspect are limited to those essential for the investigation and that any changes if possible can be undone after the end of the investigation.

(4) During the investigation it shall be necessary to log

(a) the technical means used and time and date of the application;

(b) the identification of the computer system and details of the modifications undertaken within the investigation;

(5) Information obtained by the use of the software shall be protected against any modification, unauthorized deletion and unauthorized access.

(6) The duration of authorization granted pursuant to the provisions of subsection (1) shall be for a period of three months, and if the conditions of the authorization are no longer met, the action taken shall stop immediately.

(7) For the purposes of this section, the authorization to install the software includes remotely accessing the suspect’s computer system.

(8) If the installation process requires physical access to a place the requirements of section 15 shall be fulfilled.

(9) If necessary, a police officer may, pursuant to the authorization under subsection (1), request that the court order an internet service provider to support the installation process.

25. Disclosure of details of an investigation.

An internet service provider who receives an order related to a criminal investigation that explicitly stipulates that confidentiality is to be maintained or such obligation is stated by law and such internet service provider intentionally, without lawful excuse or justification or in excess of a lawful excuse or justification, discloses

(a) the fact that an order has been made;

(b) anything done under the order; or

the internet service provider commits an offence, and shall be liable, on summary conviction, to a fine not exceeding ten thousand dollars.

16. Renumbering of sections 20 and 21.

The Act is amended by renumbering sections 20 and 21 as sections 26 and 27, respectively.

17. Insertion of new section 28.

The Act is amended by inserting after section 21, which has been renumbered as section 27, thereof the following new section:

“28. Regulations.

The Minister may generally make regulations to give effect to the provisions of this Act.”.

CURTIS A MARTIN

Speaker

Passed by the National Assembly this day of , 2011.

JOSÉ LLOYD

Clerk of the National Assembly

OBJECTS AND REASONS

1. The object of the Bill is to amend the Electronic Crimes Act, No. 27 of 2009 in order to bring the Act in line with international standards. The amendments are intended to facilitate the harmonization of the Act by bringing it in line with the international standards so as to ensure that existing offences and laws respecting the investigative powers of the police and admissibility of evidence in judicial proceedings adequately apply in order to deal with the novel and sophisticated forms of criminal activity.

2. Clauses 1 and 2 of the Bill seek to make provision for matters of a preliminary nature, that is to say, the short title of the Bill and the definition of the term Act.

3. Clause 3 of the Bill seeks to amend section 2 of the Act by replacing the definition of “intercept” so as to bring it in line with international standards.

4. Clause 4 of the Bill seeks to amend section 3 of the Act so that jurisdiction is based on the principle of nationality. Currently that section makes provision for unlimited jurisdiction with regard to acts committed outside Saint Christopher and Nevis which would be very difficult to enforce.

5. Clause 5 of the Bill seeks to replace section 4 of the Act in order to create clear offences relating to illegal access and illegal remaining. Thus, the Clause seeks to ensure that acts committed in excess of a lawful excuse or justification are criminalized. Further, the Clause seeks to create the offence of illegal remaining, which offence is intended to target persons with a right of access to a computer system or part of a computer system by virtue of the nature of their work who access the computer system in accordance with the authorization and remain logged in the computer system contrary to the authorization with intent to commit ulterior offences to the detriment of their employer. Further, the Clause seeks to consolidate the provisions of section 12 of the Act into Clause 4 because of the similarities.

6. Clause 6 of the Bill seeks to amend section 5 of the Act by inserting immediately before the word “data” wherever it appears in subsection (1) thereof the word “computer’.

7. Clause 7 of the Bill seeks to amend section 6 of the Act in order to create the offence of hindering or interfering with a computer system

§ which is exclusively for the use of critical infrastructure operations; or

§ which is not for the use of critical infrastructure operations, but which is used in critical infrastructure operations;

whereby the conduct of the person affects the use or impacts the operations of critical infrastructure.

8. Clause 8 of the Bill seeks to amend section 8 of the Act in order to provide for possession of devices with the intent that such devices are to be used for the purpose of committing an offence. This is intended to bring the provisions of that section in line with international standards.

9. Clause 9 of the Bill seeks to amend section 9 of the Act in order to criminalise computer related fraud.

10. Clause 11 of the Bill seeks to amend section 14 of the Act by defining communication that constitute a threat or is menacing in character.

11. Clause 12 of the Bill seeks to introduce four new sections, namely, sections 14, 15, 16 and 17 in order to make provision for new offences which are not covered by the Act.

First, the Clause seeks to create the offence of computer related forgery in order to target persons who knowingly, without lawful excuse or justification or in excess of lawful excuse or justification,

(a) make an input;

(b) alter;

(d) suppress computer data;

Secondly, the Clause seeks to create the offence of data espionage in order to target a person who, knowingly, without lawful excuse or justification or in excess of a lawful excuse or justification, obtains for himself or herself from another computer data which are not meant for him or her and which are specially protected against unauthorized access.

Thirdly, the Clause seeks to create the offence of identity related crimes in order to target a person who knowingly, without lawful excuse or justification or in excess of a lawful excuse or justification, uses a computer system at any stage of an offence to transfer, possess, or use a means of identification of another person with intent to commit, aid or abet, or in connection with, any unlawful activity that constitutes a crime.

Fourthly, the Clause seeks to create the offence of spam in order to target a person who knowingly, without lawful excuse or justification,

(a) initiates the transmission of multiple electronic mail messages from or through a computer system;

(c) materially falsifies header information in multiple electronic mail messages and intentionally initiates the transmission of such messages.

12. Clause 13 of the Bill seeks to amend section 15 of the Act in order to enhance the investigative powers of the police.

13. Clause 15 of the Bill seeks to introduce three new sections, namely, sections 23, 24, and 25.

First, the Clause seeks to introduce a new section relating to expedited preservation of computer data in order to facilitate a police officer who, if satisfied that there are grounds to believe that computer data which is reasonably required for the purposes of a criminal investigation is particularly vulnerable to loss or modification, may, by written notice given to a person in control of the computer data, require the person to ensure that the computer data specified in the notice is preserved for a period of up to seven days as specified in the notice. Such period may be extended beyond the seven days if, on an ex parte application, a Magistrate authorizes an extension of the same for a further specified period of time.

Secondly, the Clause seeks to introduce a new section relating to use of forensic software in order to facilitate police officers to use forensic software in an investigation concerning an offence where there are reasonable grounds to believe that essential evidence cannot be collected by applying other provisions of the Act but is reasonably required for the purposes of a criminal investigation. The use of this method will have to be approved by the judge upon application by a police officer. Once the approval is given then a police would be able to utilize a remote forensic software with the specific task required for the investigation and install it on the suspect’s computer system in order to collect the relevant evidence.

Thirdly, the Clause seeks to introduce a new section relating to the disclosure of details of an investigation in order to ensure that an internet service provider who receives an order related to a criminal investigation that explicitly stipulates that confidentiality is to be maintained or such obligation is stated by law complies with such requirement, otherwise should the internet service provider intentionally, without lawful excuse or justification or in excess of a lawful excuse or justification, discloses the details of the investigation, then such provider will face legal consequences.

14. Clause 17 of the Bill seeks to introduce a new section that empowers the Minister to make regulation in order to give effect to the provisions of the Act.

PATRICE D.H. NISBETT

Hon. Attorney-General

__._,_.___

Reply to sender | Reply to group | Reply via web post | Start a New Topic

Messages in this topic (1)

Recent Activity:

· New Members 3

Visit Your Group

***************************************************************************

St.Kitts-Nevis List Http://SKNList.com

***************************************************************************

Switch to: Text-Only, Daily Digest • Unsubscribe • Terms of Use

*************************
DISCLAIMER

This article was posted in its entirety as received by SKNList.com. SKNList.com does not correct any spelling or grammatical error within press releases and commentaries. The views expressed therein are not necessarily those of SKNList.com, its sponsors or advertisers.

Reader comments