INVESTIGATION OF NIGERIA’S LAWS AND PROCEDURES LINKING TO ELECTRONIC IDENTITY THEFT

ABSTRACT

Hacking, identity theft, cyber-crimes, and other cybercrimes are committed in Nigeria by people of all ages, from young to old, but the younger generation is the most common. People have benefited from the emergence of the Cyber era by saving time, money, and energy. Although this event has been beneficial and has made life easier, if left unchecked, the Cyber world poses a significant threat to human rights, security, and the protection of lives and property. Nigeria is well-known around the world for its involvement in cybercrime. Nigerians are involved in almost every type of online crime. This research focuses on identity theft as a cybercrime. The research examines Nigeria’s legal framework for dealing with electronic identity theft. As part of the research, a thorough review of the literature on the subject was carried out. It heavily relied on secondary sources such as web publications, textbooks, journal articles, newspaper reports, and legal conference papers, to name a few. According to the findings, Nigeria’s regulatory framework for identity theft as a cybercrime is ineffective and inefficient in combating the crime. This study also reveals a number of flaws in Nigeria’s identity theft legislation that must be addressed. As a result of the research, a number of policy and enforcement recommendations were made.

CHAPTER ONEGENERAL INTRODUCTION

1.1 BACKGROUND OF THE STUDY

ICT facilities are now as essential to human life as they are to carrying out daily tasks on a global scale^{[1] [2]} . Individuals, businesses, and government agencies rely on ICT and computer networks to perform simple and complex tasks such as conducting research and engaging on social media sites such as LinkedIn and Twitter, as well as to conduct business and trade.

Cyberspace is now plagued by a slew of security issues, including cybercrime. One of the most concerning threats is identity theft. In recent years, many criminals in Nigeria have been accused of using cutting-edge technology such as the internet and computers to commit various forms of cybercrime^[3] Identity theft, in particular, has harmed Nigeria’s international reputation^[4] .

A person’s identity is as important to his or her being as it is to the functionality of a person’s daily life. In today’s society, proof of identity is required to open a bank account, obtain a debit or credit card, obtain a loan, purchase goods and services, or claim perks or incentives. The value of an identity has attracted numerous threats from fraudsters who can impersonate a person and claim benefits through various identity theft techniques.

Identity theft is a type of fraud in which personal information (such as a person’s name, date of birth, address, and so on) is stolen for financial gain^[5] . Fraudsters use this information to open bank accounts, start illegal businesses, and commit other crimes. Data or an individual’s identity can be used to commit extremely dangerous crimes such as cyber terrorism and money laundering.

Unauthorized individuals have been accused of stealing money from people’s bank accounts in Nigeria on multiple occasions by stealing their data^[6] . In 2017, Nigeria ranked third in the world in terms of cybercrime, trailing only the United Kingdom and the United States of America^[7] . Nigeria, like other developing countries, faces numerous challenges in combating identity theft and other related crimes⁷.

One of the most common forms of identity theft in Nigeria is social engineering^{[8] [9]} . Social engineering attacks seek to coerce or deceive a person into providing personal information such as bank account numbers, email addresses, and so on. The three most common identity theft strategies used by social engineers are email-based phishing scams, Short Message Service

(SMS) scams, and phone call-related scams. Cybercrime cost Nigeria more than 127 billion Naira in 2015, according to reports.^[10]

The purpose of this research is to identify and critically evaluate existing laws and regulations for combating identity theft, as well as to assess the effectiveness of the Nigerian procedural framework in combating identity theft.

1.2 STATEMENT OF THE PROBLEM

Identity theft is a worldwide epidemic that is spreading at an alarming rate, and Nigeria is no exception. Identity theft is a serious security issue that can be committed by anyone, anywhere, against any computer system or user on the planet. It is a global issue that is becoming increasingly difficult to address in Nigeria. As a result, Nigerian governments, organizations, and individuals face significant financial consequences, as well as the new problem of combating identity theft as a cybercrime. Identity theft has existed and had an impact in Nigeria for some time. According to the Cyber Security Experts Association of Nigeria (CSEAN), cybercrime costs Nigeria approximately 127 billion Naira per year^[11] .

According to a 2018 study conducted by Serianu Limited and Demadiur Systems Limited, losses increased by 35%, totaling $649 million (N198.6 billion)^[12] . According to the survey, Social Engineering and Identity Theft offenses account for 15% of losses (a total of $97 million in damages)^[13] .

The most common types of identity theft in Nigeria are email-based phishing scams, SMS scams, and phone-related scams^[14] . The rise in these offenses begs the question of whether Nigeria’s existing laws and enforcement mechanisms are effective in combating identity theft. Prior to the advent of computer technology, the majority of Nigeria’s existing laws were drafted. The laws were enacted to improve the convenience of traditional paper-based commercial activities and the environment. Nigeria’s legal system has improved and implemented significant legislation to address current cybercrime issues such as fraud, data theft, money laundering, the transmission of hazardous codes, unauthorized access to information, and identity theft, among others^[15] .

The purpose of this research project is to investigate and analyze Nigeria’s identity theft laws and procedures. There is need for the following questions to be answered:

• Is there a legal framework regulating electronic identity theft in Nigeria?
• How effective is the present legal framework in combating and preventing electronic identity theft in Nigeria?
• Why is electronic identity theft such a serious threat to Nigerians today?
• How does electronic identity theft affect Nigerian citizens?

1.3 AIM AND OBJECTIVES OF THE STUDY

The purpose of this research is to investigate the laws in Nigeria that govern identity theft. The study will look at the characteristics of identity theft laws as well as some of the issues that these laws face.

The following is a synopsis of the study’s objectives:

1. Gain a working understanding of the concept of electronic identity theft.
2. To identify and evaluate Nigeria’s identity theft legislation and institutional system.
3. The purpose of this research is to highlight and investigate the numerous laws related to, or closely related to, the enforcement of identity theft legislation.
4. The investigation will also look into the legal options for ensuring an adequate and effective system for changing Nigeria’s current laws on identity theft and enforcement.

 

1.4 SCOPE AND LIMITATION OF THE STUDY

 

This research focuses on Nigeria’s current legislative and institutional framework for combating cybercrime and identity theft. This study will examine the concept of identity theft as a cybercrime, with a focus on the suitability of Nigeria’s legal framework for dealing with identity theft. The various legal instruments would also be examined to determine how well and effectively these laws, rules, and regulations have been implemented.

The research is limited to the jurisdiction of the Federal Republic of Nigeria.

 

1.5 SIGNIFICANCE OF THE STUDY

 

The goal of this research project is to create a critical and objective report on the problem of identity theft in Nigeria as well as the regulatory framework in place. The study will examine the effectiveness of recently enacted identity theft legislation in Nigeria, as well as its shortcomings and barriers to combating identity theft.

As a result, the findings of this study are expected to be extremely beneficial to the academic and government sectors, as well as the general public. It will benefit every internet user, including businesses that rely on the internet for operations and individuals who use internet banking services and conduct financial transactions on a regular basis. Researchers in the field of law, as well as those in related fields, will benefit from this work in their future work.

 

1.6 RESEARCH METHODOLOGY

 

The doctrinal research approach is used as the methodology in this study.

According to Dr. S.R. Myneni, doctrinal research is “research conducted on a legal notion or propositions by analyzing existing statutory provisions and cases using the 5 reasoning power.”^[16] Doctrinal research typically entails developing a legal proposition and analyzing evidence from primary and secondary sources in order to test the thesis or legal notion. The purpose of this study was to critically examine and analyze the concept of identity theft as a cybercrime, the legal and institutional framework in place to combat identity theft as a cybercrime in Nigeria, and to identify possible enforcement mechanisms to combat identity theft effectively.

The primary and secondary authoritative sources for the research work would be a mix of primary and secondary source materials. This investigation will rely heavily on statutes and case law as primary sources. Statutes such as the Criminal Code Cap. Act C38 LFN

2004, Economic and Financial Crimes Commission (EFCC) Act 2004, Advance Fee

Fraud Act 2006, Evidence Act 2011, National Identity Management Commission (NIMC) Act 2007, Cybercrimes (Prohibition, Prevention, etc.) Act 2015. This secondary sources to be used for this research will make use of materials from the internet, journal articles, conference and seminar papers, textbooks, magazine and newspaper articles, and so on.

1.7 LITERATURE REVIEW 

 

This component of the study was limited to research resources in the form of books and journals, but the entire study was conducted via the internet, with only a few volumes on file. This work will be supported by the following literatures in order to reach its conclusion.

 

Yusuf Ibrahim Arowosaiye investigates the cybercrime of identity theft and the various strategies used to commit the crime in his article “The New Phenomenon of Phishing, Credit Card Fraud, Identity Theft, Internet Piracy, and Nigeria Criminal Law.”^[17] Furthermore, the article discusses how the EFCC and other Nigerian law enforcement agencies are combating cybercrime such as identity theft, phishing, and credit card fraud. Although this article discusses the EFCC’s roles and efforts to prosecute cybercrime in Nigeria, it does not examine the current legislation governing identity theft in Nigeria, namely the Cybercrimes (Prohibition, Prevention, etc.) Act of 2015.

 

Markus Jakobsson and Steven Myers’ book “Phishing and Defenses: Understanding the Increasing Problem of Electronic Identity Theft”^[18] examines how and why phishing as a tactic of electronic identity theft is a problem, as well as viable countermeasures. They investigate how phishing attacks have evolved over time, as well as how to detect and prevent current and future identity theft attacks. The authors also discuss how the government can regulate and combat

identity theft.

 

Oluwatoyin Kadiri, A. Odunola, and A. O. Alabi discuss identity and identity card fraud, as well as effective and efficient ways to minimize these problems in Nigeria, in their article “Effective and Efficient Means to Prevent and Minimize Identity and Identity Cards Theft, Criminal Vices, and Unauthorized Access to Places in Nigeria.”^[19] The article also includes advice on avoiding identity theft and fraud. According to the article, identity theft is one of the major issues that costs Nigerians and businesses billions of Naira each year. The authors also look at the various types of scams that can occur as a result of identity theft.

 

Mohamed Chawki and Mohamed Abdel Wahab examine the growing threat of identity theft in cyberspace in their article “Identity Theft in Cyberspace: Issues and Solutions.”^[20] The essay discusses the difficulties and dangers of identity theft and suggests solutions based on strategic, regulatory, technical, and cultural approaches. In another study article titled “Nigeria tackles advance fee fraud,”^[21] Mohamed Chawki examines and analyzes the difficulties associated with the use of the internet for fraud by cyber scammers, particularly Advance Fee Fraud, and the strategies employed. In addition, the essay investigates the effectiveness of various legislative and regulatory frameworks in combating internet-related fraud. The article’s scope is limited to Nigeria. The article discusses some strategies for combating the use of the Internet in illegal activities, with a focus on the provisions of the Advance Fee Fraud and Other Fraud Related Offences Act of 2006. The article makes no mention of Nigeria’s current cybercrime legislation, the Cybercrimes (Prohibition, Prevention, and Other Measures) Act 2015. In “An Analysis Of Identity Theft: Motives, Related Frauds, Techniques, And Prevention,”^[22] Hedayati A. discusses

identity theft and fraud.

The article includes a discussion of the most effective methods for long-term development and preventing identity theft. This article summarizes the most effective methods for individuals and businesses to protect themselves from identity theft. The various methods used by thieves to attack people and businesses are discussed. The various approaches are divided into two groups, according to the text: physical and technological procedures. Physical approaches include mail theft and insider theft, whereas technology-based approaches include phishing and social engineering.

 

Anyaegbu, M., and Umejiaku, N. examine the legal framework that governs the cyber environment in Nigeria in their study paper, ‘Legal Framework for The Enforcement of Cyber Law and Cyber Ethics in Nigeria.’^[23] Their investigation also reveals flaws in the Nigerian legal system. In light of rapid technological advancements, their research suggests that legislation and ethics should be linked to protect society from the threat of cybercrime.

 

 

1.8 SYNOPSIS OF THE RESEARCH

This research project is divided into five chapters, each with its own subheadings, which are listed below.

• The first chapter is devoted to the general introduction, which covers the study’s background, problem description, objectives, scope and limitations, and methodology. It also goes over a thorough literature review of some of the available literatures on the research topic.
• The second chapter examines the definitions of identity theft, fraud, and acquiring by false pretense, as well as the elements of acquiring by false pretense, identity theft definitions, forms of identity theft, and identity theft strategies.
• The third chapter looks at the legal and institutional systems in Nigeria that govern identity theft. This chapter identifies and investigates Nigerian identity theft legislation, such as; Cybercrimes (Prohibition, Prevention, Etc) Act 2015^[24] , Economic and Financial Crime Commission Act 2004^[25] , Advance Fee Fraud and Related Offences Act 2006^[26] , Criminal Code^[27] , Evidence Act 2011^[28] and National Identity Management Commission Act, 2007^[29] . The Chapter also examines the available institutions in Nigeria that regulate identity theft such as; Federal

Ministry of Justice, Economic and Financial Crimes Commission and National Identity Management Commission.

• Chapter four discusses the procedural concerns and obstacles to combating

identity theft in Nigeria.

• Chapter 5 of this study paper covers the summary, findings, conclusion, and suggestions.

[1] Lee-Roy Chetty, ‘The Importance of Technology in Economic and Social Development’ Fair Observer (NewYork,

[2] May, 2013) accessed 27 June 2021

[3] Esharenana Adomi and Stella Igun., “Combating Cybercrime in Nigeria”(2008) 26(5) The Electronic Library; pp. 716-725 https://doi.org/10.1108/02640470810910738 accessed 27 June 2021

[4] Suleman Ibrahim Lazarus, ‘The view that ‘419’ makes Nigeria a global cybercrime player is misplaced’ The Conversation (13 March , 2017) < http://theconversation.com/the-view-that419-makes-nigeria-a-global-cybercrimeplayer-is-misplaced-73791> accessed 27 June 2021

[5] Lynne Roberts, David Indermaur, Caroline Spiranovic ‘Fear of Cyber-Identity Theft and Related Fraudulent Activity’ (2013) (20) (3) Psychiatry, Psychology and Law; 315-328.

[6] Gboyinwa Ajomale ‘6 Ways To Protect Yourself From Identity Theft’ Pulse NG (Lagos, 26 October 2017) accessed 27 June2021

[7] ‘Nigeria Ranks 3rd In Global Internet Crimes Behind UK, U.S. – NCC’ Premium Times Newspaper (Lagos, 22 August 2017) accessed 27 June 2021 ⁷ Ibid

[8] Adeyemi Adepetun, ‘Financial Losses to Cybercrimes on Steady Rise to N198b’ The Guardian (Lagos, 7 June

[9] ) accessed 27 June 2021

[10] Mbachu Godwin Nnanna, ‘Cybercrime: Nigeria’s Losing Battle Against Unrelenting Enemies’ Leadership Newspapers (Lagos, 30 September 2017) accessed 27 June 2021

[11] Prince Osuagwu, ‘Cybersecurity: Nigeria’s N127bn Annual Loss Can Be Recovered with Affective ERA’’ Vanguard Newspaper (Lagos, 28 February 2018) accessed 27 June 2021

[12] Ibid

[13] Ibid

[14] Ibid

[15] CA 2015

[16] Myneni S.R., Legal Research Methodology, (1st ed, Allahabad Law Agency India 2017)

[17] Yusuf Ibrahim Arowosaiye, “The New Phenomenon of Phishing, Credit Card Fraud, Identity Theft, Internet Piracy and Nigeria Criminal Law” (2008) 3rd Conference on Law and Technology, Faculty of Law, University Kebangsaan, Malaysia and Faculty of Law, University of Tasmania, Australia accessed 28 June 2021

[18] Markus Jakobsson and Steven Myers, Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft (John Wiley publishing, 2007)

[19] Oluwatoyin Kadiri, Odunola, A., & Alabi, A. O., ‘Effective and Efficient Means to Prevent and Minimize Identity and Identity Cards Theft, Criminal Vices and Unauthorized Access to Places in Nigeria’ (2015) (9) (4) JSSR; 1-17 accessed 28 June 2021

[20] Mohamed Chawki and Mohamed Abdel Wahab, “Identity theft in cyberspace: issues and solutions” (2006) accessed 28 June 2021

[21] Mohamed Chawki., ‘Nigeria Tackles Advance Free Fraud’ (2009) (1) JILT accessed 27 July 2019

[22] Ali Hedayati, ‘An Analysis of Identity Theft: Motives, Related Frauds, Techniques and Prevention’ (2012) (4) (1) Journal of Law and Conflict Resolution; 1-12.

[23] Anyaegbu, Mercy & Nneka, Umejiaku, ‘Legal Framework for The Enforcement of Cyber Law and Cyber Ethics in Nigeria’ [2016] (15) (10) International Journal of Computers & Technology;12

[24] CA 2015

[25] EFCCA 2004

[26] AFFA 2006

[27] CCA

[28] EA 2011

[29] NIMCA 2007

INVESTIGATION OF NIGERIA’S LAWS AND PROCEDURES LINKING TO ELECTRONIC IDENTITY THEFT