African Union Legal Instrument
2.
P a g e | 31
Computerized Data Breaches
State Parties shall take the necessary legislative and/or regulatory measures to make it
a criminal offence to:
a)
Intercept or attempt to intercept computerized data fraudulently by technical
means during non-public transmission to, from or within a computer system;
b)
Intentionally input, alter, delete, or suppress computer data, resulting in
inauthentic data with the intent that it be considered or acted upon for legal
purposes as if it were authentic, regardless of whether or not the data is
directly readable and intelligible. A Party may require an intent to defraud, or
similar dishonest intent, before criminal liability attaches;
c)
Knowingly use data obtained fraudulently from a computer system;
d)
Fraudulently procure, for oneself or for another person, any benefit by
inputting, altering, deleting or suppressing computerized data or any other
form of interference with the functioning of a computer system;
e)
Even through negligence, process or have personal data processed without
complying with the preliminary formalities for the processing;
f)
Participate in an association formed or in an agreement established with a
view to preparing or committing one or several of the offences provided for
under this Convention.
3.
Content related offences
1.
State Parties shall take the necessary legislative and/or regulatory measures to
make it a criminal offence to:
a)
Produce, register, offer, manufacture, make available, disseminate and
transmit an image or a representation of child pornography through a
computer system;
b)
Procure for oneself or for another person, import or have imported, and
export or have exported an image or representation of child pornography
through a computer system;
c)
Possess an image or representation of child pornography in a computer
system or on a computer data storage medium;