The Electronic Transactions and Cybercrime Bill appears set for discussion in the National Assembly despite it substantially lacking in public, industry and civil society inputs
With the surprise announcement that the Cybercrime Bill would be up for discussion in the National Assembly, despite the Bill not featuring on the parliamentary schedule of draft laws up for discussion and debate in 2017, which was released in early February, we are confronted with yet another piece of proposed legislation which substantially falls short in terms of having been democratically crafted, through an appropriate consultation process.
In light of this, we pose the following question to the Ministry of Information and Communication Technology: What are the potential human rights, and specifically privacy and freedom of expression, violations enabled by cyber security measures and invasive or intrusive monitoring mechanisms of intimate parts of users’ lives, mostly without their knowledge or approval?
It is important to note that this question should not only be addressed to state sector law enforcement but also private actors who gather and store large amounts of user generated date for commercial purposes. This question should have been discussed within the framework of wide consultations.
Against this backdrop, we make the following urgent recommendations:
- When crafting the final text and provisions of the proposed Electronic Transactions and Cybercrime Bill, it is important that drafters cast as wide a consultation net as possible in order to capture as many public views and expert onpinions as conceivable. In light of this, it is recommended that the proposed law be subjected to rigorous and extensive consultation and that the drafting process be a transparent, multistakeholder one in order to engender as much trust as could be summoned in the ultimate final text, which should enjoy wide subscription and endorsement because of its sensitively crafted provisions;
- It is recommended that every effort be made to gain deep understanding of the issues and concerns surrounding cybercrime and security in as comprehensive a manner as possible, through accessing as much as manageable the available and existing literature, of which there is already much, so as to arrive at a legal framework that is up-to-date and smart in design and clear in its language and objectives;
- It is recommended that when considering the provisional framework of the proposed law and the ultimate legal text, that consideration be given to the state of security and law enforcement, perennially troubled by poor and weak enforcement and policing practices, with an eye towards enabling ongoing capacity building in these crucial sectors towards achieving greater professionalism and an appropriate and adequate grasp of the complexity of the issues concerned, with the objective of reaching and ensuring optimal security and law enforcement and minimal human rights violations;
- It is recommended that cybercrimes be clearly and succinctly defined along with any security or law enforcement measures and methods, in all attendant regulatory frameworks, such as those concerning communications surveillance and interception, in keeping with international standards; and that the same definitional approach be applied to the circumstances under which such measures are to be deployed to counter online criminal activity, while minimising the potential for collateral damage inflicted on innocent third parties and bystanders, at the same time ensuring that cyber security measures and their use are lawful and proportional and respectful of the knowledge that perpetrators of such acts and practices too enjoy basic human rights;
- It is recommended that care and appropriate consideration be accorded the crafting of the text and provisions of the proposed law so as to exclude the use or deployment of cybersecurity frameworks and measures as means and methods to clampdown on political dissent and opposition, or freedom of expression and association, in asmuch as such activities do not constitute an existential threat to the state or the safety and security of citizens or threaten violence and property damage and destruction, but that such activities occur within the bounds of reasonable and universally accepted democratic or political practice and conduct. In fact, the innapropriate and often wide misuse of cyber security methods and measures in political processes to spy on or discredit opponents, or to needlessly invade their privacy and intimidate them, should rather be criminalised;
- And finally, we call on the Ministry of Information and Communication Technology (MICT) to withdraw the Bill from parliament and instead submit it to a multi-stakeholder consultation process, so as to ultimately have the best possible legislation installed, which could mark Namibia as a world leader in the countering of cybercrime.