The Nigerian government and private sector should join forces to address rising cybercrime that will trail the nation’s technology sector’s growth, according to Dr. Muiz Banire (SAN), former Lagos State Commissioner for Transportation.
The legal expert, who made the call on Tuesday while speaking during a webinar organised by the Lagos State Judiciary, warned that as Nigeria’s technology sector grows, it could lead to a rise cybercrimes, a development that requires both the government and private sector to adopt a multi-faceted approach to tackle these threats and safeguard the nation’s digital future.
As part of the 2024/2025 legal year activities, the Lagos State Judiciary hosted a webinar today titled “Cyber Offences in the Digital Stratosphere: Civil and Criminal Implications Tackling the Menace.” The event was chaired by retired Supreme Court Justice Bode Rhodes-Vivour and moderated by Mr Adeniji Kazeem (SAN), while Justice Kazeem Alogba, Chief Judge of Lagos State, served as the chief host.
Banire, who served as a guest speaker, discussed the growing cyber threats in Nigeria and ways to mitigate them, focusing on the civil aspect.
As we embrace new technologies, Banire told attendees at the webinar, we must realise that we are likely to experience and harvest more crimes. He explained that while cybercrime was once limited to activities such as money laundering, child pornography, identity theft, stalking, harassment and bullying through online messages, electronic funds transfer, click frauds, and phishing, today, the range of offences has now expanded.
“This has, however, extended to the broadcast of subversive elements; destructive ideas; indoctrination for groups; invasion of websites etc. Remember the Estonia digital infrastructure attack of 2007, attacks on master and visa cards websites virtually disrupting the financial system,” he noted.
Looking at the cybercrime legislation in Nigeria and how Nigeria has responded to these growing threats, Banire detailed the provisions of the Cybercrime (Prohibition, Prevention, etc.) Act of 2015, which was amended in 2024. The Act regulates various forms of cybercrime, imposing penalties on offenders. “The range of offences are limitless and in order to protect citizens and businesses, governments all over the world have enacted legislation to regulate cyber uses and define offences relating to cybercrimes with punishments attached,” Banire explained.
Despite these efforts, he advised that the law must continuously evolve to keep pace with emerging technologies, citing challenges like the anonymity of cybercriminals and the misuse of cryptocurrencies for fraud.
“The evolution of the Nigerian ‘419 scams’ into more sophisticated forms of fraud, including fake digital currencies and fraudulent initial coin offerings (ICOs), shows how criminals are adapting,” Banire said.
“This is understandable against the background that as technology develops, the more the criminals innovate. As reflected in the UK legislation on cyber crimes, any attempt to define cybercrime will either lead to under-inclusion or over-inclusion, both of which come with attendant consequences. This may be the reason that the Nigerian Act also shied away from providing a general definition of what amounts to cybercrime. By way of working description, however, we can say that cybercrime refers to illegal activities that involve the use of digital technology and networks,” he explains.
Cybercrime: Legal and civil remedies for victims
Banire outlined the legal protections available to victims of cybercrimes, particularly in the financial sector. Under the Cybercrime Act, financial institutions are required to implement anti-fraud measures to protect customers’ sensitive data. If a customer is affected by fraud, the law provides for the recovery of lost funds, especially in cases involving electronic card fraud.
“Ordinarily,” Banire explained, “victims of cybercrimes can sue for recovery of stolen funds or compensation for financial losses incurred as a result of fraud or identity theft. This is usually the case in matters involving financial institutions and money kept therein. The question of protective clause or exemption used to be a major challenge in this regard as most financial institutions might have inserted clauses in account-opening forms protecting or limiting their liabilities.
“However, in this regard, it can be argued that the law has changed and the digital stratosphere has provided better opportunities as the Act has provided some liability to assist in recovering or refunding certain funds lost as a result of the operations of fraudsters using the financial institutions services.”
He explained further that, “by Section 19 of the Act, financial institutions shall, as a duty to their customers, put in place effective counter-fraud measures to safeguard their sensitive information although where a security breach occurs, the proof of negligence lies on the customer to prove the financial institution in question could have done more to safeguard its information integrity. Where, however, it can be shown that the financial institution or its employee failed to observe necessary precautions, the employee may be made liable to make good the losses of the customer. It is doubtful if the financial institution cannot be vicariously liable where the employee is unable to refund the amount involved.”
Accordingly, Banire said, “victims of electronic cards related frauds are specially protected by the Cybercrimes Act. Section 33 of the Act provides for many instances where a victim of electronic card fraud is entitled to payment in monetary terms, the value of loss sustained by him. The same civil remedy is applicable under Sections 34 and 35 with respect to dealing in, sale or purchase of the card of another person. The victim is entitled to monetary compensation up to the value of the loss or the assets or goods acquired with the funds.
“A civil remedy provided under Section 36 of the Act is where a person fraudulently re-directs funds transfer instructions during transmissions over any authorised communications path or device and re- directs funds transferred electronically with an authorised account. Aside from the criminal implication of 3 years imprisonment or a fine of N1,000,000.00, the cardholder victim is entitled to receive in monetary terms the value of loss sustained or forfeiture of the assets or goods,” the SAN explains.
Speaking on contractual disputes, Banire said that cybercrimes extend beyond criminal liability and often lead to civil suits, especially in cases of breach of contract or the misuse of digital data. “In the digital age, many transactions are conducted online, and disputes over failed deliveries or unauthorised data use can lead to significant financial losses.”
“Generally speaking, service providers hardly have liability in the case of breach of protocols. Where hacked, their liability will be at best to the co-contractor and not the user. Insurance comes in here by the companies to mitigate loss. The modern transactions of online activities may require a proof or authorship of a document originating or evidencing a transaction,” he explained.
But Banire acknowledged that litigation in cybercrime cases is often challenging. “However, the civil route also has its challenges. Litigation can be expensive and time-consuming, and often the perpetrators are anonymous or located in foreign jurisdictions, making it difficult to enforce civil judgments.”
One of the most complex aspects of prosecuting cybercrimes is jurisdiction, Banire explained. According to him, cyber offences can be committed across multiple countries, making it difficult to determine which country has the authority to prosecute the crime. “A cybercrime could be conceptualised in one country, committed in another, and the victim could be in yet another country, all within minutes.”
Banire discussed international efforts to address these challenges, including global conventions like the Budapest Convention on Cybercrime, which facilitates cooperation across borders and African Union Convention on Cyber Security and Personal Data Protection. He also pointed to Section 52 of Nigeria’s Cybercrime Act, which allows the Attorney General of the Federation to request or provide assistance to foreign authorities in investigating or prosecuting cyber offences. This provision empowers Nigeria to engage in joint investigations with other countries, even in the absence of a bilateral agreement, Banire noted.
The legal expert warned that as technology evolves, so too will cybercriminal tactics. “The more we depend on the internet and technology, the more cybercrimes fester,” he said while citing the rise of cryptocurrency fraud and cyber-terrorism as examples of how criminals are taking advantage of new digital platforms. “We must prepare for the eventualities and forestall being victims of cyber-crimes.”
He also highlighted the potential economic consequences of unchecked cybercrime. Cybercrime has already tarnished Nigeria’s international reputation, particularly with scams like the ‘Nigerian Prince’ fraud, he noted. He warned that without adequate protection, Nigeria risks further damage to its status as a global leader in fintech.
Banire: How to mitigate cybercrime
Banire emphasised that tackling cybercrime requires a multi-faceted approach involving the government, private sector, civil society, and individuals.
“To engender confidence in the adoption of technology,” he said that “there is a need for setting up national/international funds by all the stakeholders that are economically benefiting from the use, so that in instances where offenders could not be tracked, victims can be compensated from the fund.”
He noted that Nigeria has already created the now suspended National Cyber Security Fund Under Section 44 of the Cybercrime Act, with a 0.5% levy on electronic transactions to support the fight against cybercrime.
He also stressed the need for continuous investment in keeping pace with technological advancements, as “users of internet services cannot afford to be behind the criminals in the race.”
Banire noted that while the Cybercrime Act of 2015, as amended, is a good foundation, Nigeria must continually update its laws to reflect new threats. “We need to build the capacity of our law enforcement agencies to investigate and prosecute cybercrimes effectively,” he said.
This includes investing in cyber forensics and training law enforcement in digital investigations. The SAN emphasised the importance of international collaboration, noting that cybercriminals often operate across borders, and Nigeria must work closely with organisations like the INTERPOL and the United Nations to track and apprehend these offenders.
He also stressed the importance of public education in the fight against cybercrime. “People need to be aware of the risks of sharing personal information online, recognize phishing attempts, and understand the dangers of downloading unknown software,” he said while urging schools, universities, and workplaces to incorporate cyber hygiene education into their curricula.
Banire also called on the private sector, especially tech companies and financial institutions, to play a bigger role in combating cybercrime. “They can invest in stronger cybersecurity measures, share intelligence on emerging threats, and collaborate with the government on initiatives to combat cybercrime.”
Since cybercrime is a global issue, Banire underscore the need for international cooperation. “Nigeria should continue to work with organisations like. INTERPOL, the United Nations, and foreign governments to track and apprehend cybercriminals operating across borders,” he said. For him, extradition agreements and joint task forces would be critical in ensuring that cybercriminals do not escape punishment by hiding in other countries.
It is also important to support the victims of cybercrime, many of whom have lost significant amounts of money or had their businesses crippled by attacks. Victims need legal assistance, psychological support, and mechanisms for recovering their funds, he said.
Banire said that “the fight against cybercrime is not one that can be won overnight. It requires vigilance, cooperation, and a commitment to justice. However, I believe that with the right approach, Nigeria can not only tackle the menace of cybercrime but also become a leader in cybersecurity in Africa.
“Essentially, therefore, judicial officers capacity needs to be enhanced for effective interpretation of cyber laws; education of users generally; strengthening of the legislation; cooperation amongst states; financial institutions and other corporate entities must also enhance their capacities regularly in terms of cybersecurity; development of binding international agreement etc. must be embraced.”