Since President William Ruto assented to the Computer Misuse and Cybercrimes (Amendment) Act, 2024, on Wednesday, October 15, 2025, several issues regarding the law sparked public debate, with the majority of Kenyans opposing the new legislation.
The amendments have prompted several leaders to challenge the provisions in court, arguing that they violate multiple articles of the Kenyan Constitution, including those protecting privacy (Article 31), freedom of expression (Article 33), access to information (Article 35), media independence (Article 34), and fair administrative action (Article 47).
Presidential aspirant Reuben Kigame, alongside the Kenya Human Rights Commission (KHRC), filed a constitutional petition at the High Court in Milimani, Nairobi, seeking to nullify the recently enacted Computer Misuse and Cybercrimes (Amendment) Act, 2024.
Experts weigh in on the Need for Have cybercrime law
However, Dr. Amos Omolo, an advocate and expert in digital policy and transformation, argues that Kenya needs cybercrime laws and explains why they are important.
Omolo states that the government introduced the Computer Misuse and Cybercrimes (Amendment) Act, 2024, to align it with the Budapest Convention by broadening the definitions of various crimes that may fall under the law.
“It is important to understand the background and context of this particular amendment and new legislation. One of the international instruments Kenya is about to ratify is the Budapest Convention, which provides a national framework for dealing with issues such as cybercrime and cybersecurity.
“So, what the government was likely trying to do with this legislation is align it with the Budapest Convention, especially regarding broader definitions of different kinds of crimes that may be envisaged under the law. I think this is the context in which the legislation has come into place,” said Omolo.
The digital policy expert further argued that the newly signed legislation will also allow the government to enhance its security measures within legal limits.
Also Read: Govt Starts Crackdown on Social Media Users Hours After Ruto Signs New Law
He explained that Article 33 imposes certain limits on freedom of speech, both in content and verbal expression. This means there is a delicate balance between protecting human rights and addressing the rights of other individuals and entities, such as businesses, within society.
Looking at international examples, Omolo pointed out that countries like the United States allow general surveillance by security agencies such as the FBI. This kind of surveillance is common in many jurisdictions worldwide.
“Many jurisdictions, including the US, permit general surveillance, but when it comes to more specific actions, such as confiscating equipment, a court order is required in extreme cases. Kenya is not alone in enacting such laws; countries like South Africa, Nigeria, Ghana, Uganda, and Tanzania have similar legislation in place,” Omolo explained.
He added that the overall aim of this legislation is to protect people from issues related to pornography, terrorism, and related crimes, but if there is a danger of violating human rights, judicial oversight is in place.
At the same time, the digital policy expert dismissed claims that the legislation signed by President Ruto is similar to the 2015 Security Amendment laws, which were declared unconstitutional by the court.
He stated that the government is not trying to limit freedom of expression, especially after witnessing the Gen Z uprising in 2024.
“In this particular instance, I have reviewed the law as well as the different conventions we have signed. What they are trying to do is establish an international framework that enables coordination across jurisdictions, so you need to localize your laws to align with those in the Budapest Convention. Essentially, this is their goal,” said Omolo.
About the Act
The “Cyber Security Act” refers to the Computer Misuse and Cybercrimes (Amendment) Act, 2024, which amends Kenya’s original 2018 Computer Misuse and Cybercrimes Act.
President William Ruto signed it into law on October 15, 2025, at State House, Nairobi, alongside seven other bills. This occurred on the same day as the announcement of former Prime Minister Raila Odinga’s death, drawing criticism from people questioning its timing.
New offenses and penalties
- SIM swap fraud: One of the provisions criminalizes unauthorized SIM swaps intended to commit fraud. The penalty is a fine of up to KSh 200,000, two years imprisonment, or both.
- Spreading false or misleading information: The law targets the dissemination of false, misleading, or mischievous information that could cause public panic.
Also Read: Inside Law That Will See Kenyans Face Ksh 20 Million Fine or 10 Years Jail Over Online Posts
- Penalties for other offenses: The law raises penalties for various other cybercrimes, with severe cases potentially leading to fines of up to KSh 10 million or 20 years in prison.
Enhanced powers for authorities
- The National Computer and Cybercrimes Coordination Committee (NC4) is empowered to issue directives to block websites or applications found to promote unlawful activities, terrorism, child pornography, or extremist religious and cultic practices.
- Service providers are now required to preserve, produce, and share user data with law enforcement agencies for active investigations when requested.
- Courts can order the removal of unlawful or extremist content from platforms or devices following a successful prosecution.
Follow our WhatsApp Channel and X Account for real-time news updates
