Definition of Data

“computer data” means any representation of facts, concepts, information or instructions, in a form suitable for processing in a computer system, including a program suitable to cause a computer system to perform a function.

Main Focus of Document

Makes provisions for criminalizing offences related to computer systems and ICT; and provides for investigation, collection and use of electronic evidence and for other related matters

Target Beneficiaries or Sector

General Public

Key Elements

Key sections of this Act include:
4. (1) A person shall not intentionally and unlawfully access or cause a computer system to be accessed. 
(2) A person who contravenes subsection (1) commits an offence and is liable, on conviction, to a fine of not less than three million shillings or three times the value of the undue advantage received, whichever is greater or to imprisonment for a term of not less than one year or to both.

11. (1) A person shall not intentionally and unlawfully input, alter, delay transmission or delete computer data, resulting in unauthentic data, with the intent that it be acted upon as if it were authentic, regardless of whether or not the data is readable or intelligible.    (2)  A person who contravenes subsection (1) commits an offence and is liable on conviction to a fine of not less than twenty million shillings or three times the value of undue advantage received, whichever is greater, or to imprisonment for a term of not less than seven years or to both.  

15. (1) A person shall not, by using a computer system impersonate another person. 
(2) A person who contravenes subsection (1) commits an offence and is liable on conviction, to a fine of not less than five million shillings or three times the value of undue advantage received by that person, whichever is greater, or to imprisonment for a term of not less than seven years or to both.

28. (1) The Minister may, by order published in the Gazette, designate a computer system as critical information infrastructure. 
(2) The order under subsection (1) may prescribe guidelines or procedures in respect of: (a) registration, protection or preservation of critical information infrastructure; (b) general management of critical information infrastructure; (c) access to, transfer and   control of data in any critical information infrastructure; (d) integrity and authenticity of data or information contained in any critical information infrastructure; (e) methods to be used in the storage or archiving data or information in critical information infrastructure; (f) disaster recovery plans in the event of loss of the critical information infrastructure or any part of critical information infrastructure; (g) manner and procedure for carrying out audit and inspection on any critical information infrastructure; and (h) any other matter that is relevant for adequate protection, management and control of data and other resources in a critical information infrastructure. 
(3) For the purpose of this section, “critical information infrastructure” includes assets, devices, computer system, or networks, whether physical or virtual so vital to the United Republic of Tanzania that their incapacitation affect national security or the economy and social well-being of citizens.

29. Where a person commits an offence under this Act or any written law in relation to critical information infrastructure, that person shall be liable, on conviction to a fine not less than one hundred million shillings or three times the loss occasioned or to imprisonment for a term not less than five years or to both. 

Policy/Regulation Mirrors

n/a