Fiji - Octopus Cybercrime Community

Status regarding Budapest Convention

Status : Invited to accede See legal profile

Cybercrime policies/strategies

Fiji does not have an officially recognized national cybercrime strategy/policy, but it is part of some regional initiatives on related topics like the Pacific ICT Ministers meetings, or the Pacific Regional CIRT (PacCERT).

In June 2010, the meeting of Pacific Ministers for information and communication technologies adopted the “Tonga Declaration” which, among other things, called for “developing appropriate policy, legislative and regulatory frameworks and strategies to combat cybercrime and promote Internet safety and security, including child online protection“.

Fiji’s National Development Plan, approved by the Government in November 2017, identified cyber safety and cybercrime as high-priority areas for the next 5 years and proposed completion of a cyber security framework and policy by the end of 2018.

Cybercrime legislation

State of cybercrime legislation

The Crime Decree 2009 (the Criminal Code) covers computer offences in Division 6 from Section 336 to 346.

Starting with 2019, Fiji started the reform of the legal framework on cybercrime and electronic evidence This was finalized on 12 February 2021, when the Cybercrime Act no. 3/2021 was approved by the Parliament of Fiji. The Act is still to enter into effect. The act regulates offences against the confidentiality, integrity and availability of computer data and computer systems, computer-related and content-related offences, procedural measures and international cooperation. As soon as it will enter in force, the Act will replace the existing cybercrime legislation, namely Section 336 to 346 of the Crime Decree 2009.

In aligning its legislation to the international standards, Fiji benefitted from the support of the Council of Europe.

Substantive law

Crimes Decree 2009

Part 17, Division 6

Various offences for unauthorized modification of data to cause impairment; unauthorized impairment of electronic communication; unauthorized access to (or modification of) restricted data; unauthorized impairment of data held on a computer disk; and possession, control, production, supply or obtaining of data with intent to commit a computer offence

Part 11, Sub-division D

Forgery and related offences (not technology-specific)

Posts and Telecommunications Decree 198 9, as subsequently amended

Part IV

Various offences for modification, interception and disclosure of messages (applicable only to telecommunications employees)

Cybercrime Act 2021 (that will repeal the provisions of Part 17 Division 6 of the Crime Decree 2009, as soon as it will enter into effect):

Unauthorized access to computer systems (Part 2, art. 5)
Unauthorized interception of computer data or computer systems (Part 2, art. 6)
Unauthorized acts in relation to computer data or computer systems (Part 2, art. 7)
Unlawful supply or possession of computer system or other device, or computer data or computer program (Part 2, art. 8)
Computer-related forgery (Part 2, art.9)
10. Computer-related extortion and fraud (Part 2, art. 10)

The following substantive articles are regulated also, however fall outside the scope of the Budapest Convention:

Identity theft (Part 4, art. 11)
Theft of telecommunication services (Part 4, art. 12)
Disclosure during an investigation (Part 4, art. 13)
Failure to provide assistance (Part 4, art. 14)

Procedural law

The criminal procedural rules are generally regulated by the Criminal Procedure Act 2009, with Part 3 Section 15 and Part 9 regulating search warrants, for general search and seizure powers (no clear extension to electronic evidence).

With respect to procedural powers, as provided by the Budapest Convention, as soon as the newly adopted Cybercrime Act 2021 will enter into effect, the powers will be available under Part 5 – Procedural measures of the Cybercrime Act:

15. General procedural powers
16. Search and seizure (amending and completing section 15 of the Criminal Procedure Decree 2009
17. Admissibility of evidence
18. Expedited preservation of stored computer data
19. Expedited preservation and partial disclosure of traffic data
20. Production order
21. Search and seizure of stored computer data
22. Real-time collection of traffic data
23. Interception of content data

Safeguards

Constitution of Fiji guarantees through subsection 1 of article 24 the Right to privacy that states that “every person has the right to personal privacy, which includes the right to- A) confidentiality of their personal information; B) confidentiality of their communications; and C) respect for their private and family life”. However, through subsection 2) To the extent that it is necessary, a law may limit, or may authorise the limitation of, the rights set out in subsection 1.

Related laws and regulations

Crimes Decree 2009

Criminal Procedure Act 2009

Extradition Act 2003

Mutual Assistance in Criminal Matters Act 1997, amended in 2005 and 2016

Posts and Telecommunications Decree 1989

Specialised institutions

Fiji Police Force (with a dedicated Cyber Crime Investigations Unit)

Office of the Director of Public Prosecutions – Serious Fraud Division

Permanent Secretary for Justice

PacCERT collaborates with ISPs, Financial Institutes and other relevant entities in the Pacific region to deal with Cyber security incidents and threats.

Minister for Economy, Civil Service, Communications, Housing and Community Development

International cooperation

Competent authorities and channels

The Attorney-General operates as the central authority duly authorized to make and receive requests for mutual legal assistance. In practice, it is the Director of Public Prosecutions (DPP) who verifies compliance and implements all requests. Foreign authorities may seek the advice of the DPP, and draft requests can be forwarded to him for comment, to ensure that they comply with Fiji statutory requirements and requests are processed and executed in a timely manner.

Practical guides, templates and best practices

Legal Framework

Extradition Act 2003

Extensive provisions covering rules and procedure for extradition, for an offence with a minimum penalty of 1 year and with dual criminality
Some provisions for the taking of evidence for the purpose of criminal proceedings in a requesting country Mutual Assistance in Criminal Matters Act 1997.
Extensive provisions covering rules and procedures for mutual legal assistance in criminal matters, extending to any foreign country that has an arrangement or a reciprocal agreement on assistance in criminal matters with Fiji
Taking of evidence or production of documents can be undertaken or requested for the purposes of a proceedings or investigation in relation to any criminal matter.
Search and seizure powers can be exercised/requested for offences with a minimum penalty of 1 year
The Extradition Act 2003 regulates matters of extradition, but no bilateral or multilateral prisoner transfer agreements seem to have been in effect in the country.

The soon to enter into effect Cybercrime Act 2021 introduces general principles relating to international cooperation (Part 6) with respect to cybercrime and electronic evidence, that specifies that the Government may cooperate with any foreign government, 24/7 Network, foreign agency for the following purposes:

a) investigations or proceedings concerning offences related to computer systems;
b) electronic communication or data;
c) the collection of evidence in electronic form of an offence;
d) obtaining expeditious preservation and disclosure of traffic data or data by means of a computer system or real-time collection of traffic data associated with specified communications, or interception of content data or any other means, power, function or provision under this Act.

Fiji is member of:

Fiji is a signatory part to these international conventions or treaties: