Status regarding Budapest Convention
Status : NA Declarations and reservations : N/A See legal profileCybercrime policies/strategies
In 2009, the Gambia adopted the Information and Communications Act (ICA). The legislation covers a number of distinct topics, but parts of it specifically address cybercrime. While the substantive offences under the ICA are broadly in line with the Budapest Convention, the investigatory powers available to law enforcement under the Criminal Procedure Code, the obligations of service providers and the mechanisms for international cooperation require significant improvement. It is hoped that upon successful review of the ICA, and the enactment of the Cybercrime Bill (supported by COE), the Cybercrime component will be removed from the ICA, thereby making it standalone.
The Gambia has opened for public consultation until March 2020 the National Cybersecurity Policy, Strategy and Action Plans (2020-2024) together with the National Broadband Policy and Strategy. The ICT4D Master Plan is also being formulated under the same consultancy, which is expected to take the same approach.
In May 2019, a Draft Data Protection and Privacy Policy Strategy 2019 was issued by the Public Utilities Regulation Authority (PURA). MOICI is also currently working on finalizing the data protection bill, expected to be tabled with the National Assembly in March 2022.
Cybercrime legislation
State of cybercrime legislation
The Council of Europe supported the Gambian Ministry of Justice and Ministry of Information and Communication Infrastructure in the preparation of a draft Cybercrime Bill, which was finalized in December 2019 and opened for public consultation until January 2020. The Minister for Information, Communications and Technology (‘MOICI’) is currently working on finalizing the cybercrime bill, expected to be tabled with the National Assembly in March 2022.
Substantive law
ICA covers a number of distinct topics, but Chapter III, Part III is specifically addressed to “Computer Misuse and Cyber Crime”. The ten provisions address aspects of two categories of cybercrime under the Budapest Convention: computer integrity offences and computer-related, while Part IV addresses crimes relating to indecent photographs of children as a content-related cybercrime.
In terms of computer integrity crimes, ICA broadly contains offences that cover the offences detailed in the Budapest Convention at Articles 2-6.
Computer-related crime, specifically extortion, fraud and forgery, are addressed under a single provision, although only in respect of the computer integrity acts detailed in the section, rather as a stand-alone offence. For general fraud and forgery offences, the Gambian Criminal Code contains provisions, at Chapter XXX, on false pretences that do seem fit for purpose in terms of addressing modern forms of cyber fraud.
With regard to child sexual abuse images, the provsions are based on UK law, the Protection of Children Act 1978, as amended. As such, it is limited to conduct relating to the supply of such materials, not possession per se, although, based on the experience in the UK, the supply offences could be used to address conduct relating to possession, such as downloading images from the internet as a form of ‘making’. There appears to be no definition of the term “child” in the ICA and so it is unclear to what age limit this provision would apply. The Criminal Code has specific offences against girls under 18 (i.e. Art. 127), but it is not clear if such an age limit would apply here.
Procedural law
Other than in respect of the interception by law enforcement, investigative powers and procedures are primarily detailed in the Criminal Procedure Code (CPC). As such, while it may contain provisions that could be used in the course of a cybercrime investigation, such as search and seizure, it does not contain the range of powers specified in the Convention (Art.16-19 and Art. 20).
Safeguards
Chapter IV of the Constitution of the Republic of Gambia grants protections to the fundamental rights and freedoms of “every person in The Gambia” (Art. 17(2)).
Art. 23(1) protects an individual’s right to privacy, including their ‘communications’. Art. 23(2) addresses any search of a person or their home and requires that any such powers are “authorised by a competent judicial authority”.
In May 2019, a Draft Data Protection and Privacy Policy Strategy 2019 was issued by the Public Utilities Regulation Authority (PURA). MOICI is also currently working on finalizing the data protection bill, expected to be tabled with the National Assembly in March 2022.
Related laws and regulations
- Constitution of The Gambia (1997, as amended in 2018);
- Draft Constitution 2020;
- Criminal Code (1933, as last amended by Act No. 18 of 2010)
- Criminal Procedure Code (1933, as last amended by Act No. 5 of 2005);
- Information and Communications Act (ICA), 2009;
- Evidence Act,1994
- Copyright Act, 2004
- Criminal offences bill, 2020
Specialised institutions
The Ministry of Information and Communications Infrastructure (MOICI) is in charge of the development and implementation of the laws, regulations and strategy for the ICT sector. Some of these responsibilities, such as regulatory functions/oversight will be shifted to the ICT Agency, which is currently established by law but yet to be operational.
The telecommunication sector, a key component of Gambia’s critical national infrastructure, is largely regulated by the Public Utilities Regulatory Authority (‘PURA’).
Attorney General’s Chambers and Ministry of Justice, through the Criminal Prosecution Department is responsible for commencing, taking over, and continuing or discontinuing criminal proceedings against or in respect of any offender in the Gambia subject to the direction and control of the Attorney General as per section 85 (4) of the Constitution.
Judiciary of The Republic of The Gambia holds the overall mandate for adjudication of disputes through the due process of law, administration of courts, registries, processes, directives & procedures and enforcement of decisions, orders, rulings and judgments.
International cooperation
Competent authorities and channels
While the Gambia is party to various international treaties governing extradition and mutual legal assistance, these do not contemplate the types of evidence, conduct or modes of international co-operation addressed in the Convention.
The Gambia has bilateral extradition treaties with various countries (e.g. the United States of America and the United Kingdom), as well as multilateral regional agreements, i.e. Economic Community of West African States (‘ECOWAS’) Convention A/P.1/8/94 on Extradition.
In domestic law, the applicable legislation is the Extradition Act No. 10, 1986 (§§ 2, 5 & 7, LAWS OF THE GAMBIA, Cap. 12:01 (rev. ed. 2009), which permits a person to be extradited for any ‘serious offence’ except where the tariff is life imprisonment or death penalty.
The Gambia is party to the ECOWAS Convention A/P.1/7/92 on mutual assistance in criminal matters but would be limited to member countries.
The Gambia is a signatory to the 2010 Supplementary Act A/SA.1/01/10 on Personal Data Protection within ECOWAS.
The Gambia is also a member of the Global Forum on Cyber Expertise (GFCE) platform, that allows countries, international organizations and private companies to share best practices and expertise for capacity building on cybercrime related matters.
Jurisprudence/case law
Sources and links
These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe.
Are you aware of the latest legislative or policy developments on cybercrime and electronic evidence?
Share this information with us helping to keep this platform up to date.
- Cybercrime website
- Template: Mutual Legal Assistance Request for subscriber information (Art. 31 Budapest Convention). English and bilingual versions available.
- Template: Data Preservation Request (Articles 29 and 30 Budapest Convention). English and bilingual versions available.