Cybercrime Bill deeply defective
The current bill before parliament has been described as outdated as well as severely problematic.
Worried experts have slammed the electronic transactions and Cybercrime Bill saying it is riddled with questionable legal provisions while its sloppy and outdated content could pose a serious threat to future individual rights as well as online security - if passed in its current form.
Experts are urging government to withdraw the current bill “as a matter of urgency” and to revive public consultations in order to bring it up to international and legally sound standards before it is passed.
In a statement issued yesterday by the Institute for Public Policy Research (IPPR) and Access to Information (Action) Namibia yesterday, experts said the bill is “substantially weak on adequate and appropriate judicial, legislative and public oversight mechanisms” to prevent abuse of secret surveillance by authorities and others.
The IPPR and Action Namibia furthermore said it was also concerning that the “latest draft managed to make it this far, and even briefly onto the parliamentary agenda”, despite the fact that it lacked any extensive consultative processes over the past seven years.
The bill in its current form was described as “outdated as well as severely problematic in a number of key aspects”, by Namibia Media Trust (NMT) this week.
Instead of rushing to pass the bill, which the ministry has stated would be later this year, experts have urged government to focus on reinitiating multi-stakeholder and expert consultations “in order to ensure that the proposed law is, among others, constitutionally and rights-compliant as well as current in the present climate of the constantly evolving cybersecurity and cybercrime environment.”
Big brother watches
A major issue highlighted by the IPPR and Action Namibia was a section in the bill that “appears to enable warrantless search and seizure operations, while other sections seem to allow for a system of secret warrants and unauthorised access by state agents.”
Moreover, the bill “is worryingly thin on personal data and privacy protections” and provides authorities broad and easy access to selected online targets who are “never informed of the order, even after the period of interception has ended even after any investigation has been concluded.”
The experts said that given the right to privacy as enshrined in Namibia's constitution, the “absence of substantive personal data and privacy protections in the draft law raises serious constitutional questions.”
The watchdog noted that unlike cybersecurity laws across the world, Namibia's propose cybersecurity provisions are “a mish-mash and do not deal in a structured and substantially consequential way with the necessary aspects of combating” cybercrimes.
The IPPR said the “he bill lacks coherence.”
The bill moreover “suffers from a lack of transparency inducing measures and does not in any way compel government authorities, law enforcement or private companies to account for their actions openly,” the IPPR and Action Namibia said.
The NMT summarised that overall, activists are concerned about the bill giving the minister “overreaching power” and the “lack of accountability or regulatory/oversight mechanisms to prevent online surveillance abuses, the provision of warrantless search and seizure operations and unauthorised access.”
Two in one
The IPPR and Action Namibia noted that another one of the bill's many “significant shortcomings, flaws and concerns” is the merging of two separate bills.
“The bill is in essence the Electronic Transactions Bill with cybercrime provisions tagged on towards the end. The lumping together of two related but different topics in such a significant statutory instrument is the consequence of using a flawed and outdated standard as a guide.”
Another concern is the lack of basic definitions in the bill, including the fact that neither the term 'cybercrime' nor 'cybersecurity' are defined in the proposed law.
“We would caution that hastily passing a bill into law which is both blemished and legally problematic on issues as important as cybersecurity and cybercrime, will undoubtedly culminate in the erosion of individual rights in the areas of access to information and privacy, among others,” NMT wrote.
Moreover, the push by the information ministry to promulgate the bill by the end of the third quarter of this year was also deemed troubling.
NMT said while these laws are important, “it would be short-sighted and inadvisable for parliament to rush it through with the prospect of serious future consequences for online security and individual rights.”
JANA-MARI SMITH
Experts are urging government to withdraw the current bill “as a matter of urgency” and to revive public consultations in order to bring it up to international and legally sound standards before it is passed.
In a statement issued yesterday by the Institute for Public Policy Research (IPPR) and Access to Information (Action) Namibia yesterday, experts said the bill is “substantially weak on adequate and appropriate judicial, legislative and public oversight mechanisms” to prevent abuse of secret surveillance by authorities and others.
The IPPR and Action Namibia furthermore said it was also concerning that the “latest draft managed to make it this far, and even briefly onto the parliamentary agenda”, despite the fact that it lacked any extensive consultative processes over the past seven years.
The bill in its current form was described as “outdated as well as severely problematic in a number of key aspects”, by Namibia Media Trust (NMT) this week.
Instead of rushing to pass the bill, which the ministry has stated would be later this year, experts have urged government to focus on reinitiating multi-stakeholder and expert consultations “in order to ensure that the proposed law is, among others, constitutionally and rights-compliant as well as current in the present climate of the constantly evolving cybersecurity and cybercrime environment.”
Big brother watches
A major issue highlighted by the IPPR and Action Namibia was a section in the bill that “appears to enable warrantless search and seizure operations, while other sections seem to allow for a system of secret warrants and unauthorised access by state agents.”
Moreover, the bill “is worryingly thin on personal data and privacy protections” and provides authorities broad and easy access to selected online targets who are “never informed of the order, even after the period of interception has ended even after any investigation has been concluded.”
The experts said that given the right to privacy as enshrined in Namibia's constitution, the “absence of substantive personal data and privacy protections in the draft law raises serious constitutional questions.”
The watchdog noted that unlike cybersecurity laws across the world, Namibia's propose cybersecurity provisions are “a mish-mash and do not deal in a structured and substantially consequential way with the necessary aspects of combating” cybercrimes.
The IPPR said the “he bill lacks coherence.”
The bill moreover “suffers from a lack of transparency inducing measures and does not in any way compel government authorities, law enforcement or private companies to account for their actions openly,” the IPPR and Action Namibia said.
The NMT summarised that overall, activists are concerned about the bill giving the minister “overreaching power” and the “lack of accountability or regulatory/oversight mechanisms to prevent online surveillance abuses, the provision of warrantless search and seizure operations and unauthorised access.”
Two in one
The IPPR and Action Namibia noted that another one of the bill's many “significant shortcomings, flaws and concerns” is the merging of two separate bills.
“The bill is in essence the Electronic Transactions Bill with cybercrime provisions tagged on towards the end. The lumping together of two related but different topics in such a significant statutory instrument is the consequence of using a flawed and outdated standard as a guide.”
Another concern is the lack of basic definitions in the bill, including the fact that neither the term 'cybercrime' nor 'cybersecurity' are defined in the proposed law.
“We would caution that hastily passing a bill into law which is both blemished and legally problematic on issues as important as cybersecurity and cybercrime, will undoubtedly culminate in the erosion of individual rights in the areas of access to information and privacy, among others,” NMT wrote.
Moreover, the push by the information ministry to promulgate the bill by the end of the third quarter of this year was also deemed troubling.
NMT said while these laws are important, “it would be short-sighted and inadvisable for parliament to rush it through with the prospect of serious future consequences for online security and individual rights.”
JANA-MARI SMITH
Comments
Namibian Sun
No comments have been left on this article