Kenya: Withdraw Computer Misuse and Cybercrimes Bill and protect freedom of expression

Kenya: Withdraw Computer Misuse and Cybercrimes Bill and protect freedom of expression - Digital

National Assembly, Nairobi, Kenya, 15 June, 2023. Monicah Mwangi/ Reuters

ARTICLE 19 warns that the recently introduced Computer Misuse and Cybercrimes (Amendment) Bill 2024 contravenes international human rights standards. We call on the Kenyan Parliament to reject the Bill and uphold freedom of expression. 

On 25 November 2024, the Bill, proposed by Hon. Aden Daudi Mohamed, passed its first reading before the National Assembly. The Bill has been referred to the Communication, Information and Innovation Committee, which will prepare a sectoral report to be presented to Members of Parliament together with the Bill at the second reading stage. The general aim of the Bill is to prohibit groups and individuals from using electronic media to promote terrorism and extreme religious or cult practices. 

Several of the proposed amendments contravene international human rights standards. 

First, the proposed Amendment of Section 6 on the functions of the National Computer Cybercrimes Co-ordination Committee (hereafter ‘NC4’) would allow the NC4 to issue a directive to render a website or application inaccessible where it is proved that it promotes illegal activities. This expansion of the powers of the National Computer Cybercrimes Co-ordination Committee is deeply problematic as it enables the blocking of entire websites and application without any judicial oversight. Additionally, the amendment, if enacted, will result in overlapping functions between the communications authority of Kenya established under the Kenya Information and Communications Act and the NC4.

Recommendation: The proposed amendment should be rejected.  

 

Second, the proposal for the amendment to Section 27 of the Act on cyber harassment includes communication by a perpetrator who knows or ought to know that the communication is likely to cause the victim to commit suicide. The inclusion of this vague terminology in the definition of a cyber harassment fails to meet the legality requirement under international law, which stipulates that laws should be sufficiently precise to enable individuals to regulate their conduct online and to avoid arbitrary applications of the provision. 

Recommendation: The proposed amendment should be rejected. 

Third, the amendment Bill proposes introducing a provision (section 42A) on unauthorised SIM Card swap ‘with intent to commit an offence’.

The offence is unduly broadly drafted and will present practical challenges of having to establish the ‘intent to commit an offence’. In particular, the reference to intent to commit ‘an offence’– i.e. an offence under any possible law – fails to comply with the requirements of legal certainty under international law. 

The criminal law should only criminalise intent to commit both specific and serious offences rather than broadly refer to every possible offence, however minor. 

The legality principle further requires that individuals should be able to reasonably expect where criminal offences are defined. The fact that the offence is to be introduced in the Computer Misuse and Cybercrimes Act rather than in the Kenya Information and Communications Act (under which Guidelines on SIM card registration were adopted) is thus problematic. 

Further, the prescription of criminal penalties, including imprisonment and/or onerous fines, for this offence appear to be disproportionate. Generally, criminal sanctions constitute ‘serious interference with the freedom of expression and are disproportionate responses in all but the most egregious cases’. 

Recommendation: The proposed offence on unauthorised SIM card swap should be significantly narrowed. It should be made clear that the unauthorised alteration or unlawful taking of ownership of another person’s SIM-card serves as the means to or preparatory act to the commission of a further offence, which should be clearly defined. Sanctions must be proportionate and not include imprisonment. In addition, the offence should be introduced under the Kenya Information and Communications Act. 

Read the memorandum 

ARTICLE 19, together with partners, raised concerns in 2021 regarding proposed amendments to the Computer Misuse and Cybercrimes Act. Read the July 2021 joint letter and memorandum.