Publishing false statements is not a crime - Court of Appeal declares

In a judgment by a three-judge bench comprising Justices P. O. Kiage, A. O. Muchelule and W. Korir, the court ruled that Sections 22 and 23 of the Act are unconstitutional for being overly broad and likely to capture innocent persons. 

Sections 22 and 23 of the Act criminalise the intentional publication of false or misleading information.

Section 22 makes it an offence to knowingly publish false or misleading data intended to be treated as genuine.

The law limits freedom of expression where such information could promote war, incite violence, amount to hate speech, spread ethnic hatred or discrimination, or harm the rights and reputation of others. Offenders face a fine of up to Ksh.5 million, up to two years in prison, or both.

Section 23 criminalises knowingly publishing false information that may cause panic, chaos, violence, or damage a person’s reputation. Convicted offenders can face a fine of up to Ksh.5 million, up to 10 years in prison, or both.

The decision arose from an appeal filed by the Bloggers Association of Kenya (BAKE) challenging a 2020 High Court ruling by Justice James Makau, which had upheld the constitutionality of the Act.

BAKE had sought to have multiple sections of the Computer Misuse and Cybercrimes Act, 2018 declared unconstitutional, arguing that they infringed on rights such as freedom of expression, privacy and fair trial.

The appellate court, however, largely agreed with the High Court and found that most provisions of the law were constitutional and justified under Article 24 of the Constitution.

“The intention of section 27 is clear. It is aimed at addressing harmful conduct occasioning harassment through an internet-enabled platform, which the legislature had the mandate to address,” the judges said.

The court held that Parliament has the authority to create offences regulating conduct in cyberspace in order to protect the public from harassment, fraud and other online harms.

The judges noted that cyberspace cannot operate outside the reach of criminal law.

“Cyberspace cannot be a law-free environment, a virtual jungle or wild west devoid of criminal sanctions essential to deter its abuse,” the bench stated.

The court also rejected BAKE’s challenge to Section 28, which criminalises cybersquatting, ruling that the provision legitimately protects intellectual property rights and prevents deceptive practices in the digital economy.

According to the judges, cybersquatting undermines trust in digital commerce and infringes on proprietary rights, and therefore does not deserve constitutional protection.

However, the bench found that Sections 22 and 23 were too broadly framed and could potentially criminalise innocent conduct.

“In the end, this appeal partially succeeds to the extent that we find sections 22 and 23 of the Act unconstitutional for being too broad to the extent that they are likely to net innocent persons,” the judges ruled.

Aside from that finding, all other grounds of appeal were dismissed.

The court also issued guidance to courts and state agencies implementing the law, warning that surveillance and interception powers must be exercised cautiously.

Judges and investigators were advised to clearly specify the offence under investigation, the period of interception and how the data collected will be examined, stored and eventually destroyed.

The bench further warned that the law could be misused for political purposes if not applied carefully.

“Courts must be alive and alert to the risk that the Act can be deployed for political purposes and must carefully scrutinise every application before granting any order,” the judges said.