Fraud and the law: a case study of identity theft in Uganda’s financial sector

Orogot, Pamela

View/Open

Masters Thesis (1.302Mb)

Date

2022-11

Author

Orogot, Pamela

Metadata

Show full item record

Abstract

This study examined the effectiveness of the legal framework relating to identity theft in Uganda’s financial sector. Predominantly, protection of information is provided for in the constitution of Uganda. Article 27(2) of the Constitution provides that no person shall be subjected to interference of the privacy of that person’s home, correspondence, communication or other property. Currently, The Data Protection and Privacy Act, 2019 regulates protection of collected personal data and how it is used. The study generally sought to examine the ways in which identity information theft occurs in the financial sector, the effectiveness of the legal framework and challenges related to identity theft. The study set out to analyze the existing state policies, laws, and regulations, including the extra-legal challenges of enforcing the laws related to identity theft acts to establish the gaps and recommendations needed in relation to identity theft crimes and address them. A case study methodology was selected for this project. Data was obtained from key informants such as officers in financial institutions, prosecutors, police officers, and legal officers in NIRA who were both interviewed and subjected to a questionnaire. Findings from the study confirmed that theft of personal data is on the increase due to easy data access, and no centralized fraud detection system and enforcement mechanism. The study further established that the laws on protection of data are yet to be implemented and or incorporated in Uganda’s financial sector. The study recommends that the government and other stakeholders should ensure and enable the effective enforcement of the data and privacy laws to protect against data breaches. Further, there is a need to criminalize identity theft as an offence on its own by labelling it as such in the penal laws while embracing the use of current authentic technology to protect against identity theft. Keywords: Data breaches, data leaks, data protection and privacy, cyber-crime, cybersecurity, identification information, identity theft, identity fraud and personation

URI

http://hdl.handle.net/10570/11664

Collections

School of Law (S.Law) Collections