Cybercrime policies/strategies
Barbados has not yet published a national cybercrime strategy.
Cybercrime legislation
State of cybercrime legislation
Barbados adopted the Computer Misuse Act in 2005, which contains both penal substantive rules and procedural rules.
A draft Cybercrime Bill 2021 is currently being discussed, with support from the Octopus Project of the Council of Europe.
Substantive law
Section 3 of the Computer Misuse Act (2005) defines computer data, computer system, service provider, traffic data.
The Computer Misuse Act (2005) criminalises the following “prohibited conduct”:
- illegal access (sections 4 and 12),
- illegal interception of data (section 7),
- interfering with data (section 5),
- computer system (section 6),
- use of illegal device (sections 8 and 10),
- access to commit and offence (section 9),
- child pornography (section 13) and
- sets out the applicable sanctions in section 21.
The Barbados Copyright Act (1998) specifically criminalises infringement committed by means of a “telecommunication system”, which as defined would include computer systems.
The Proceeds of Crime Act (1991) includes provisions on material that can be seized by law enforcement in the execution of a warrant.
The Telecommunications Act (2001) includes provisions on unlawful interception of telecommunications (section 82).
The Data Protection Act (2019) defines data, restriction of possessing of personal data and child in the section 2 relating to the interpretation of the Act. It includes provisions on data protection principles (part II), sensitive personal data processing (section 9), confidentiality (section 62 on security of processing), data subject rights (part III), data controllers and processors (part VI) and exemptions (part V).
Barbados is also a Party to five intellectual property conventions.
Procedural law
The Computer Misuse Act also includes provisions on search and seizure (Art 15), police assistance (Art. 16), data handling (Art. 17), production order (Art. 18), partial disclosure (Art. 19) and data preservation (Art. 20).
The Computer Misuse Act (2005) includes provisions on
- search and seizure (section 15),
- police assistance (section 16),
- data handling (section 17),
- production orders (section 18),
- partial disclosure (section 19) and
- data preservation (section 20).
The Proceeds of Crime Act (1991) includes provisions on material that can be seized by law enforcement in the execution of a warrant (Part III on the powers of search and seizure).
Safeguards
The Computer Misuse Act (2005) is in accordance with the requirements under Article 15 of the Budapest Convention in regard to the application of certain conditions safeguards the nature of the procedure or power concerned, inter alia, including judicial or other independent supervision, grounds justifying application, and limitation of the scope and the duration of such power or procedure.
The Constitution of Barbados (as amended in 2002) enshrines the protection of fundamental rights and freedoms of the individual (chapter 3) such as
- the protection of right to life (section 12),
- the protection for the privacy of his home and other property (section 16),
- the protection from arbitrary search or entry (section 17),
- fair trial (section 18) and
- freedom of expression (section 20).
The Data Protection Act (2019) provides safeguards for the data subject (part III), such as access (section 10), rectification (section 11) and the right to erasure (section 12).
Related laws and regulations
- Constitution of Barbados
- Proceeds of Crime Act (1991)
- Copyright Act (1998)
- Telecommunications Act (2001)
- Mutual Assistance in Criminal Matters Act (1993)
- Mutual Assistance in Criminal Matters (Amendment) Act (2008) (to implement the Caribbean Treaty on Mutual Legal Assistance in Serious Criminal Matters)
- Data Protection Act (2019)
- Draft Cybercrime Bill (2021) (not yet publicly available)
- The (Amendment Bill) Mutual Assistance in Criminal Matters Act Cap (2021) (not yet publicly available)
Specialised institutions
The Cyber Crime Unit of the Royal Barbados Police Force, which is the primary law enforcement unit responsible for investigating cybercrime at a national level.
The Director of Public Prosecutions institutes and undertakes criminal proceedings against any person before the courts.
National Computer Incident Response Team (CIRT), Telecoms Unit
The Financial Intelligence Unit (FIU) is responsible for the daily work of the Anti-Money Laundering Authority (AMLA). The Anti-Money Laundering Authority (AMLA) is the body established under the Money Laundering and Financing of Terrorism (Prevention and Control) Act, 2011-23 to supervise Barbados’ financial institutions and Designated Non-Financial Businesses & Professions in an effort to prevent money laundering, terrorist financing and proliferation financing.
The Data Protection Commissioner is responsible for the general administration of the Data Protection Act (2019).
International cooperation
Competent authorities and channels
Barbados has a detailed Mutual Legal Assistance in Criminal Matters Act from 1993. In addition, the Mutual Assistance in Criminal Matters (Amendment) Act (2008) implements the Caribbean Treaty on Mutual Legal Assistance in Serious Criminal Matters.
According to the Mutual Legal Assistance in Criminal Matters Act, the Attorney-General is the central authority for Barbados.
Jurisprudence/case law
These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe.
Are you aware of the latest legislative or policy developments on cybercrime and electronic evidence?
Share this information with us helping to keep this platform up to date.
- Cybercrime website
- Template: Mutual Legal Assistance Request for subscriber information (Art. 31 Budapest Convention). English and bilingual versions available.
- Template: Data Preservation Request (Articles 29 and 30 Budapest Convention). English and bilingual versions available.