EFCC's Plan to Register Cybercafes

[Shina Badaru]

Hi All,

 

It is no longer news that the Economic and Financial Crimes Commission (EFCC), the nation's fraud buster has been given legal teeth through a new law signed by President Obasanjo on June 5, 2006 to begin the registeration of cyber cafes nationwide.

 

The registration has commenced in earnest and cafes are equally required by the law to have the contact details of their customers as can be gleaned from the piece posted below;

 

While the EFCC plan to check online and other scams, why anxiety is that the law appears so broad, particuarly with respect to the inclusion of GSM, under the section on electronic offences that could be giving birth to a 'Big Brother' as well as its associated privacy issues.

 

Another article posted below show how vital 'snooping' technology helps in law enforcement with the FBI case below and may hopefully help the EFCC to in stemming the tide of online scams.

 

But it appears to place too much burden on small service providers like cyber cafes while not forgeting that it is likely to be another likely area of abuse by a few overzealous folks in our law enforcement community.

 

By asking the GSM service providers to submit 'such data that are necessary', isn't it likely to be construed as everything from subscriber details to reports of their call activities.

 

Some issues still need clarification by those who should understand the varied implications and ramifications of the new EFCC law.

 

Over to you all.

 

Shina 

 

 

 

 

 

....President Obasanjo had in June, this year, granted his assent to a new law requiring service providers to keep records of internet users in the country and register with the Economic and Financial Crimes Commission (EFCC) under a programme to check the use of electronic communication network to combat fraud.

The new law, the Advance Fee Fraud and Other Related Offences Act 2006, also repeals the Advance Fee Fraud and Other Related Offences No 13 of 1995 as well as the Advance Fee Fraud And Other Fraud Related Offences Act 2005. It also re-enacts a Consolidated Advance Fee Fraud and Other Related Offences Act, 2006 while providing jurisdictions to try offences and impose under the new law to the Federal High Courts, the High Courts of the Federal Capital Territory and the High Courts of the States.

In a move seen as spreading a dragnet over internet usage, all ISPs were recently directed by the EFCC to register with the anti-fraud agency, after it was recently empowered by the new enabling law.

The anti-fraud law, which deals extensively with issues of electronic telecommunication offences, requires individuals and entities providing any electronic communication service "or remote computing service either by e-mail or any other form" to obtain the details of their customers. The customer details will include full names, residential address (in the case of individual) and corporate address (in the case of corporate bodies).        

Subscribers who fail to provide such information or "with the intent to deceive, supplies false information or conceals or disguises the information required under this section, commits an offence and is liable on conviction to imprisonment for a term of not less than three years or a fine of N100, 000."

Additionally, the law says that persons or businesses who fail to comply with its provisions commit an offence, "and is liable on conviction to a fine of N100, 000 and forfeiture of the equipment or facility used in providing the service."          

The broad provisions of the law covers, "a person or entity who in the normal course of business provides telecommunications or internet services or is the owner or person in the management of any premises being used as a telephone or internet café."

They are required by law to be registered with the EFCC and, "maintain a register of all fixed line customers which shall be liable to inspection by authorised officer of the Commission and submit returns to the Commission on demand on the use of its facilities."

In what may a huge burden for service providers, telecentre operators as well as their counterparts in the GSM business are duty-bound by law to ensure that their service and facilities are not used for illegal activities.

"Any person whose normal course of business involves the provision of non-fixed line or Global System for Mobile Communications (GSM) or is in the management of any such services, shall submit on demand to the Commission such data and information as are necessary or expedient for giving full effect to the performance of the functions of the Commission under this Act", says the anti-fraud law.

Persons or businesses that run foul of the law by concealing nature of their business or use of their service or facilities, are "liable on conviction to imprisonment for a term not less than three years without an option of fine and in the case of a continuing offence, a fine of N50,000 for each day the offence persists."

The law also provides further that, "Any person or entity convicted more than once under this Act shall have his operational licence revoked or cancelled."    

 

 

 

 

 

 

The Google Hate Speech Incident by Chris Sabga | updated 20060802 @ 07:02AM EST | google it | send to friends Channel: Windows | Infopackets Gazette | (related terms: yahoo e-, gmail account, e- account)   Is the FBI poking around your e-mail? Randall C. Ashby II used his Google Mail (Gmail) account to distribute hate speech -- and that was all the feds needed to investigate him. On May 22nd, 2006, Ashby signed up for Gmail and sent a threatening message to the National Association for the Advancement of Colored People (NAACP). The NAACP immediately forwarded the offensive letter to the FBI. Here's a transcript of Ashby's e-mail: Warning: The following quote contains disturbing content! "You are no match for our numbers and our power. We will come out of the night and rise from the dirt to murder you in your sleep. Meet us on 6/6/06 to seal your fate. The end is at hand, accept your place at the foot of the true masters throne. The kingdom of god is for naught, Hell will rule the earth soon enough. We will meet you at the center of sin, Washington on June 6th or you can hide and die like the insignificant mortals you are. Christ is Dead." From there, the FBI issued a federal grand jury subpoena to extract information from Google about the identity of the person behind the account. Google supplied them the Internet handle Ashby used for his Gmail account -- AntiChrist Millenium -- and his secondary e-mail account -- a Yahoo Mail address. With the Yahoo trail now open, the FBI was able to extract the perpetrator's real name and IP address -- a unique string of numbers that can identify various details about a specific Internet connection. With Ashby's IP information, the feds were able to find out that both Gmail and Yahoo e-mail accounts were used on the same day, from the same location: a law office in Weston, West Virginia. The FBI's next step was (obviously) to pay a visit to the law firm. There, they discovered that the company's annex office was accessible from an apartment across the street. The FBI unsurprisingly found out that Ashby had rented the apartment from May 20, 2006 to June 2006. Randall Ashby obviously went to a lot of trouble just to send a piece of hate mail to the NAACAP. But, as they always say, every criminal makes at least one mistake. Ashby's major error was leaving a forwarding address for Dover, Delware. The FBI caught up to Ashby in Dover. He admitted to accessing the Yahoo e-mail address. But it was Gmail that Ashby used to commit the crime. Luckily for the FBI, they now had enough probable cause to obtain a search warrant. With that, they were finally able to acquire their own firsthand proof about Ashby's Gmail address and illegal activities. (Source: eweek.com) Here are pictures of the search warrant (courtesy of eweek.com): Picture 1 | Picture 2. Think Ashby's case is an isolated incident? Think again! Believe it or not, this apparently isn't the only time federal investigators have requested information from e-mail providers about certain users. According to a New York attorney, it happens more often than you think: "I'm an attorney in New York, and this sort of thing happens quite frequently, in both civil and criminal actions. Civil parties can subpoena Google, Microsoft, or Yahoo for gmail, hotmail, or yahoo email account information, including any and all emails sent from a specific email address. As this practice is legally acceptable for civil actions, it would certainly seem reasonable to allow such requests (via valid search warrants) in the context of criminal cases involving real threats of violence or otherwise. Of course, defense attorneys can and do frequently challenge such requests and confidentiality and/or protective orders are often required before information is released. But this is certainly nothing new or surprising in the legal realm -- Google and Microsoft must receive thousands of similar search warrants and subpoenas each day and likely have a separate legal department for dealing with such requests." (Source: boingboing.net)