The Bill for the Cybercrime Act No. of 2021 has been listed to be among the Bills that will be tabled in Parliament during the Ordinary Session that is expected to begin today.
The penalty for offences in this Bill ranges from VT1 million to VT100 million for an individual or corporate entity if convicted for breach of this soon-to-become law.
The purpose of the Bill is to protect the confidentiality, integrity and availability of computer system, programs and data as well as prevent abusive use of computer systems, programs and data.
Another purpose of the Bill is that once it is passed by parliament, the law will enable the gathering of forensic material for the investigation and prosecution of breaches of the Act and to facilitate international cooperation.
The Bill provides for the prohibition of illegal access to critical infrastructure, which are computers systems, physical facilities, supply chains, information technologies, communication networks, devices, public utilities and essential services.
The offence of illegal access has a penalty of VT2 million for individuals or 5 years imprisonment and VT4 million for corporate entities.
The Bill also provides guide on what happens when there is an intentional illegal interception of the whole or part of a critical infrastructure which also carries the same penalty as above.
In the case of unauthorised interference to a computer system, program or data, this attracts penalties varying from VT7 to VT50 million for an individual or a maximum 40 to 50 years imprisonment or both, and VT100 million fine for a body corporate.
Computer-related offences such as child pornography have a fine not exceeding VT5 million or imprisonment not exceeding 10 years and in the case of a company, the maximum fine is VT15 million.
The Bill interprets a child as a person under the age of 18 years.
In the area of identity-related crime, a person who intentionally or without lawful excuse uses a computer system to transfer, possess or use the identification of another person with the intention to commit, aid or abet or connect with unlawful activity, commits an offence and is liable on conviction to a fine not exceeding VT3 million or 3 years imprisonment for an individual and VT5 million for a body corporate.
Computer-related forgery and fraud both carry a penalty of VT5 million or maximum 12 years imprisonment for an individual and VT10 million fine for an individual.
Any person who intentionally and without lawful excuse causes a loss of property to another person by any input, alteration, or suppression of data or interferes in the function of a computer system with fraudulent intent of procuring personal gain for another person commits an offence.
The Bill's provision also prohibits service providers, their employee, agent and contractor from disclosing information of a criminal investigation relating to computer data as part of the procedure when a cybercrime is committed.
There is also a provision in the Bill that allows for international cooperation between Vanuatu and any foreign country or agency for the purposes of investigations or proceedings concerning offences related to computer systems and data.
This is not the first time that the Bill has been prepared to be included in the parliament agenda.
Last year the Bill was supposed to be discussed by parliament, but that did not happen.