October 2025 — Nairobi – President William Ruto has signed the controversial Computer Misuse and Cybercrimes (Amendment) Bill, 2024 into law. This marks a significant shift in the country’s legal framework around digital activity. This development, with Ruto signing the Computer Misuse bill, highlights the complexities of modern digital regulations.
The law introduces expanded definitions of cybercrimes, imposes stricter penalties, and grants broader powers to the government—sparking concern among civil society, legal experts, and digital rights advocates. Ruto’s signing of the Computer Misuse law has certainly amplified these concerns.
What the New Law Changes
The amended law updates Kenya’s original 2018 Computer Misuse and Cybercrimes Act, reflecting the government’s push to modernize legislation in the face of rising cyber threats. The key changes include:
1. Expanded Definitions of Cybercrime
- Unauthorized Access: Broadened to include any access—whether or not information is altered or stolen—that occurs without express permission.
- Cyber Harassment: Now includes persistent unwanted digital communication, including through social media and messaging platforms.
- Phishing: Explicitly criminalized, with definitions covering deceptive digital tactics used to steal personal information or credentials.
- SIM Card Fraud: Unauthorized SIM swaps, commonly used in financial fraud, are now clearly defined and penalized.
2. Stricter Penalties
- Cyber Harassment: Offenders face heavier fines and longer prison sentences, particularly for harassment that leads to mental distress or reputational damage.
- False Publications: The spread of “false or misleading digital content” is now punishable by law, raising concerns about press freedom and misinformation regulation.
- SIM-Swap Fraud: Penalties for unauthorized SIM swaps have been significantly increased, reflecting growing concern over mobile banking fraud in Kenya.
3. Expanded Government Powers
The law empowers the state to block access to digital platforms or content deemed to violate the law, giving authorities increased control over Kenya’s digital space. This includes:
- Ordering takedowns of online content.
- Compelling service providers to hand over user data.
- Surveillance capabilities under the guise of national security or public interest.
The Controversy: Striking a Balance or Stifling Dissent?
While the government argues that the law is necessary to combat evolving cyber threats, critics warn that Ruto signing this Computer Misuse bill with its vague language and sweeping powers could be used to target government critics, journalists, and activists.
1. Potential for Misuse
With terms like “false publications” and “offensive content” left broadly defined, civil liberties groups fear the law could be selectively enforced. This could suppress dissent, particularly online.
2. “Chilling Effect” on Free Expression
Kenyan digital rights advocates argue that the fear of criminal charges under this law may deter citizens from speaking out. This is especially true on social media, where criticism of the government is common.
3. Constitutional Challenges
Legal experts predict the law will face constitutional challenges. Kenya’s 2010 Constitution guarantees freedom of expression, media, and privacy—all of which may be at risk under the new framework.
What It Means Going Forward
Though the bill is framed as a modernization of Kenya’s cyber laws, Ruto signing the Computer Misuse act has expansive scope and lack of clear safeguards that raise important questions about digital rights, privacy, and government accountability.
The law will likely face scrutiny in courts and the public sphere in the coming months, as civil society weighs its implications and potential overreach.
For now, Kenya joins a growing list of countries navigating the tension between cybersecurity and civil liberties. The line between protection and censorship is increasingly blurred.
Follow our WhatsApp Channel and X Account for news updates.
