Octopus Cybercrime Community

Botswana's legislation that deals with cybercrime includes, particularly, the Cybercrime and Computer Related Crimes Act, amended in 2018 and the Electronic (Evidence) Records Act, from 2014. The Electronic Communications and Transactions Act includes provisions regarding Internet Service Providers but has not become effective as yet. The Mutual Assistance in Criminal Matters Act allows for mutual co-operation between Botswana and certain foreign states for the purpose of protecting against and prosecuting cross-border criminal activity. The Data Protection Act (Act No. 32 of 2018) was assented to by the Parliament of Botswana on 3 August 2018 and is currently on notice, awaiting commencement.

Cybercrime and Computer Related Crimes Act, amended in 2018.

The Act criminalises (Section 4 to 23):

• Unauthorised access to a computer or computer system
• Unauthorised access to computer service
• Access with intent to commit or facilitate the commission of an offence
• Unauthorised interference with data
• Unauthorised interference with a computer or computer system
• Unlawful interception of data
• Unlawful possession of devices or data
• Unauthorised disclosure of password or access code
• Damage to a computer or computer system
• Critical national infrastructure
• Cyber extortion
• Cyber fraud
• Cyber harassment
• Cyber stalking
• Offensive electronic communication
• Pornographic or obscene material
• Revenge pornography
• Racist or xenophobic material
• Racist or xenophobic motivated insult
• Unlawful disclosure by service provider

Electronic (Evidence) Records Act 2014

• This Act gives evidential admissibility and weight to electronic records.

Electronic Communications and Transactions Act (Act 14 from 2014)

The Act protects internet service providers in respect of third-party material who act as mere conduits if the ISP (Article 40):

• does not initiate the transmission;
• does not select the addressee;
• performs the functions in an automatic, technical manner without selection of the data; and
• does not modify the data contained in the transmission.

The Act protects internet service providers, in respect of third-party material, who provide caching services if the ISP (article 41):

• does not modify the data;
• complies with rules on access to the data;
• complies with rules regarding the updating of the data, specified in a manner widely recognized and used in the industry;
• does not interfere with the lawful use of right management information to obtain information on the use of the data; and
• removes or disables access to the data it has stored upon receiving a take-down notice

The Act protects internet service providers, in respect of third-party material, who provide hosting services if the ISP (Article 42):

• does not have actual knowledge that the electronic communication is infringing the rights of a third party;
• is not aware of facts or circumstances from which the infringing activity or the infringing nature of the electronic communication is apparent; and
• acts quickly upon receipt of a take-down notification

The Act does not place a general obligation on ISPs to monitor all content. The Minister may, subject to the provisions of any other law, prescribe procedures for service providers to:

a) inform the competent public authorities of alleged illegal activities undertaken or information provided by addressees of their service; and

b) communicate to the competent authorities, at their request, information enabling the identification of addressees of their service.

Law on Data Protection: The Data Protection Act was assented to by the Parliament of Botswana on 3 August 2018 and is currently on notice, awaiting commencement.

Cybercrime and Computer Related Crimes Act

Procedural powers include (Section 24 to 32):

• Preservation order by authorised persons, of data believed to be vulnerable to loss or modification
• Disclosure of preserved data by authorised person, which requires a person in control of a computer system to ensure the preservation of the data or to disclose sufficient traffic data about a specified communication to identify the service provider or the path through which the data was transmitted;
• Production order on application to a judicial officer, to compel a person to submit specified data in that person’s possession or control, which is stored in a computer or computer system or a service provider to submit subscriber information in relation to its services in that service provider’s possession or control;
• Access, search and seizure by an authorised person where there are reasonable grounds to believe that the stored data or information would be relevant for the purposes of an investigation or the prosecution of an offence; 
• Real time collection of content or traffic data by an authorised person, of traffic data for the collection or recording of traffic data associated with specified communications;
• Deletion order
• Acting without an order for pornography, obscene material or child pornography: A police officer of rank of sergeant or above may act without applying for an order if such application would result in undue delay of the investigation.
• Limited use of disclosed data and information: data obtained under the above provisions shall be used only for the purpose for which the data was originally sought except under certain circumstance.
• Non-compliance with order or notice as described above is an offence and is liable to a fine not exceeding P20 000 or to imprisonment for a term not exceeding one year, or to both.

Mutual Assistance in Criminal Matters Act of 1990

The object of the Act is to allow for mutual assistance between Botswana and foreign countries (where an arrangement has been made) with regard to criminal matters, and concerning:

• Obtaining of evidence, documents and other articles;
• Providing documents and other records;
• Locating and identifying of witnesses or suspects;
• Executing of requests for search and seizure;
• Making arrangements for persona to give evidence or assist investigations;
• Confiscating property in respect of offences;
• Recovering pecuniary penalties in respect of offences;
• Restraining of dealings in property, or freezing of assets, that may be confiscated, or that may be needed to satisfy pecuniary penalties imposed in respect of offences; the location of property that may be confiscated, or that may be needed to satisfy pecuniary penalties imposed, in respect of offences and the service of documents.

The Constitution of Botswana protects the fundamental rights and freedoms of its people, including protection from inhuman treatment, protection from deprivation of property and protection of privacy of home and other property.

• Copyright and Neighbouring Rights
• Cybercrime and Computer Related Crimes Act, 2018
• Electronic (Evidence) Records Act 2014
• Electronic Communications and Transactions Act, 2014
• Extradition Act 1990
• Financial Intelligence Act 2018
• Mutual Assistance in Criminal Matters Act of 1990
• The Penal Code
• Registration of Business Names Re-Registration Act No.26 of 2018 (“the Act”). The Act is meant to ensure an effective way of doing business by enabling already registered businesses and companies to re-register business names online. The Act is still on notice.