Tagged: Cybercrime

Stop the draconian Cybercrime Bill

IN OCTOBER of 2015, I warned readers of the many dangers inherent to the deeply flawed and draconian Cybercrime Bill, Medialternatives was one of the first publications in the country to break the story, followed by an opinion piece written by myself and published by the Cape Times, I therefore feel obligated to respond to the latest round of publicity on the subject.

The bill continues to threaten the ‘fundamental democratic spirit of the Internet and increases the state’s surveillance powers.’ The allegations have been denied (but not refuted) by deputy minister of justice and constitutional development, John Jeffery, at a media briefing on the Bill in Pretoria last week.

Although the latest version of the bill that will be introduced to Parliament is ‘considerably different in many respects to the Bill that was issued for public comment,’ it still contains provisions which are highly problematic from a civil rights perspective, in particular the erosion of the communications rights in our Constitution which favour individual data gathering and information sharing.

Advocacy group Right2Know Campaign (R2K), which is opposed to the Cyber Security Bill and has called for it to be scrapped, says via ITWeb, that despite the revisions, the fundamental fatal flaws of the Bill are still there.

R2K advocacy coordinator Murray Hunter says the organisation recognises the Department of Justice has made some important revisions in the Bill:  “But as far as we can see, the fundamental, fatal flaw of the Bill is still there − it would hand over the keys of the Internet to state security minister David Mahlobo.”

Particularly worrying is the bill criminalises the modification of computer programmes by users, in effect open intellectual inquiry is outlawed by a presumption that any curiosity for instance, is evidence of an ulterior motive. Why would users want to gain access to their operating systems, if only to engage in crime?

The bill is thus an amalgamation of paranoid and securocratic concerns about potential, online criminal activities, From hacking to interception of data, from forgery and uttering, to  extortion and even terrorist activity. And most certainly there are very real reasons to be afraid these days of unwanted intrusions such as identity theft, fraud and surveillance, but should modifying computer data be grounds for the presumption of criminality?

Similarly, the use of common network tools, such as ping, finger, netstat and so on, would under the current version of the bill, also incur the legislators wrath.  Why would anyone wish to analyse network traffic if only to commit crime? The mind boggles at the scope and sheer over-reach of the contemplated new statute.

Removing bloatware, adware and other unwanted intrusions by software companies, will not surprisingly, also run the risk of offending the new proposed law. There are many articles available online, on the issue of whether computer software users do have or ought to have the right to modify legally-obtained software, either themselves or through the services of another party.

“Private software consumers should have those same modification rights under intellectual property law that are recognized when the government is a consumer of software” says Pamela Samuelson of Berkeley Law Review. The Free Software Foundation has long campaigned for user rights to modify and alter computer programmes. The entire open source movement is predicated on the rights contained in the GNU/Linux General Public License (GPL), which expressly allows such modifications.

One of the novelties inside the bill is the new delict of “theft of an incorporeal”. One can only presume this is meant to convey the idea of virtual objects, which may be copied without permission and thus also “stolen”. In legal tradition the crime of theft usually deprives the owner of property, not simply by leaving behind the original and making a digital copy, which has lead many internet rights activists to point out the inherent contradiction.*

The overly-broad definition of “computer” by the bill, leaves much to be desired, and opens up users to unwanted litigation merely for possession of a personal computer, and thus an unnecessary attack against general purpose, personal computing. In today’s interconnected and networked world, it is often difficult to determine where an intrusion or ‘cyberattack’ originates, and what exactly is being conveyed by the noughts and ones of machine code.

Turning victims into criminals isn’t the solution.

You can read more about this debate on  Itweb, with an excellent contribution by Simnikiwe Mzekandaba

See my separate article on how internet rights were included in South Africa’s Constitution.

(*NOTE: In 1991 South Press carried a pioneering article by myself, pointing out the problem of defining property in the computer age, the M&G refused to run a follow-up citing concerns to do with property-ownership. I later participated in the campaign to include Internet rights in the Constitution)

South African Cybercrime Bill creates Trial by Hollywood

THIS YEAR has been a disastrous year for cyber-liberties. South Africans have seen a range of proposed laws rolled out by legislators, each one eroding digital rights which include access to information, freedom of communication, the right to privacy and online speech.

First there was the draft ‘Online Regulation Policy of The Film and Publication’s Board’ (FPB Bill), labelled ‘Africa’s worst new Internet censorship law” and which has resulted in a storm of protest. This was quickly followed by a Copyright Amendment Bill (resale royalties bill) which fails to take into account permissive licensing under the Creative Commons. (There will be no possibility of releasing material under a Copyleft license, since such schemes are by deemed to be an infringement of compulsory licensing under Copyright law.)

Now the Cybercrimes and Cybersecurity Bill, ostensibly aimed at plugging online security breaches, while thwarting criminals — perhaps the worst piece of anti-speech law to come our way yet. Far from being an answer to cybercrime, the draconian bill views the mere intention to use the Internet, as grounds for suspicion, in an Orwellian world described by author Cory Doctorow, as a ‘war against general purpose computing’.

That’s right, merely using a computer, could lead to a chain of events, mapped out by legislators, which includes the end of due process and the annulment of fair use rights and other freedoms. As such, the Cybercrime Bill as it stands, already contradicts our constitution and the previous Copyright Amendment Bill, which in turn, is further complicated by the FPB bill, and when viewed as a suite of legislation, the result is rather scary.

Cybercrimes, such as merely downloading or copying a Hollywood ‘fliek’, could result in forced rendition to a foreign country as a “terror suspect”. The latest Bill, drafted by securocrats, attorneys and lobbyists, acting at the behest of Hollywood, creates a series of unlawful acts, including ‘appropriation of property under copyright’ and deals with the consequences, as if Bruce Willis and Arnold Schwarzenegger were the ones implementing the legislation.

Where the AFB uses the threat of child pornography to advocate for less online freedom, the cybercrime bill uses the threat of terrorism and espionage to motivate for a world in which merely owning a computer, could lead to a change in the legal principle, ‘innocent until proven guilty’. Interception of your data and communication by government agencies acting without a court order, becomes the norm, rather than the exception in the bill drafted by the Department of Justice and Constitutional Development.

Each one of these proposals, severely erodes rights and freedoms guaranteed by our constitution. Without sufficient checks and balances, safeguarding constitutional rights, a default override in favour of citizen’s rights, the laws represent a clear and present danger to freedom.

On January 18, 2012, a series of coordinated protests occurred on the Internet. The online demonstrations against the United State’s ‘Stop Online Piracy Act’ (SOPA), saw hundreds of web-sites, including Wikipedia voluntarily blacked out, sending a clear signal to the American Congress and resulted in a major victory against Hollywood, in a campaign lead by hacktivists and the late Aaron Swartz.

Like the earlier Digital Millennium Copyright Act (DMCA) which sought to control the reproduction of data, SOPA was criticised for being overly broad and too robust. It contained measures, critics said, that could cause great harm to online freedom of speech, Internet communities and net neutrality. Protesters also argued that there were insufficient safeguards in place to protect sites based upon user-generated content.

ACT NOW BEFORE IT IS TOO LATE

Interested parties wishing to comment on the Bill are invited to submit written comments to the Department of Justice and Constitutional Development on or before 30 November 2015. These can be submitted to: cybercrimesbill@justice.gov.za. Submissions can also be faxed to: (012) 406 4632. For information or queries related to submissions, contact Mr S J Robbertse on: (012) 406 4770.

Published as an Op-Ed in the Cape Times 23 October 2015.