Above: The law is coming to cybertown. The next steps will be crucial to ensuring freedom of expression. Illustration by BeeBright/DepositPhotos.
BitDepth#1098 for June 20, 2017
Over the last two weeks I’ve been considering the Cybercrime Bill, 2017 spending two long evenings examining its legal provisions line by line with the executive of the T&T Computer Society for its formal comments on the draft legislation.
In its summary of its comments on the legislation, the TTCS rather potently and quite admirably notes that, “It is important to note that many of the clauses in this Bill can be applied to journalists carrying out their duties, and/or the free speech of private citizens, as well as to persons who are attempting, in the public interest, to report misconduct (aka whistleblowers).”
“In the interest of support of the Fourth Estate, as well as the principles of Free Speech enshrined in our Constitution, this Bill requires urgent complementary whistleblower/journalist protection via legislation.”
I wish that I could claim that I had a hand in driving these comments as the lone journalist on the panel discussing the bill, but this point came up repeatedly from different participants, who each saw quite clearly the slippery slope that follows the potential for chilling and suppression of the activities of the traditional media, and the effect that’s likely to have on online commentary and discussion.
My own, parallel and contemporaneous notes on the discussion from a journalist’s perspective end up tracking closely with the concerns raised by the Computer Society in its final document, which I took no part in completing and shaping.
In a nation which is just feeling its way to free and open discussion of national issues using online media as a tool for the disseminating views on such matters, there will be mistakes made in the heat of enthusiasm by newcomers to the guidelines of reporting and commentary along with a whole lot of the rumshop old talk so beloved by the people of this island in whatever medium they choose to congregate.
And that’s part of what makes the most problematic issues of the bill so potentially chilling of truth spoken to power in new media forums and channels.
Three years ago, I published a robust take on the 2014 edition of the bill by Information Security expert Shiva Bissessar after local media houses demonstrated no appetite to publish anything but abbreviated experts of his dissection of the legislation.
The 2017 edition of the bill tidies some issues, but leaves others in place in a way that’s clearly intended to punish without overdue attention to the consequences for communicators and activists.
Fines for access to information defined as illegal, which would include deliberate leaks of incriminating files and whistleblower statements, are met with quite staggering fines, scaling up quickly from $100,000 to $500,000 and depending on the reading of the infringement, can be applied cumulatively.
It wouldn’t be hard for an investigative journalist with an exceptionally cooperative and well-connected source to face charges in excess of $2 million for having access to information deemed illegal, regardless of the criminality it might reveal.
Noting this, the TTCS suggests in their comments that “Online fines should bear some resemblance to their nearest offline equivalence.”
Other restrictions that are likely to cause a chilling effect show up buried in clauses like the one covering the disclosure of details of a (court) order, which restricts someone placed under an order to reveal contested information from disclosing either the fact that the order has been made or the details of the order.
Which means that a media house which has been subject to such an order cannot report on the situation.
Journalists concerned about the restrictions and constraints to their trade posed by the Cybercrime Bill 2017 should also review the Data Protection Act and the Interception of Communications Act, 2010, which both overlap provisions of the new legislation in several areas of concern.
The law as proposed, for instance, seems to contradict the provisions of the Interception of Communications Act when it comes to the use of remote forensic tools by duly appointed police officers seeking access to computer information.
Journalists may also be called on to decrypt computer devices, including phones, while under police investigation, which calls into question the issue of self-incrimination, which is guarded against by the T&T constitution.
The constitution denies any authority the right to “compel a person to give evidence unless he is afforded protection against self-incrimination and where necessary, to ensure such protection, the right to legal representation.”
Clearly there is urgent need for complementary legislation establishing the rights of working journalists and commentators in our free democracy and a critical need to establish specific provisions for whistleblowers if there is to be any change in the pervasiveness of corruption in public office and corporate malfeasance.
The act is to be reviewed every three years, which may end up being too long given the pace of both technology developments and information sharing paradigms, and that review should be continuous, given the length of time it’s taken to consider the original document and the likelihood that pressing it into practical, day-to-day law may give rise to worst case scenarios in practice.
Consider the boots on the ground reality of police intervention.
The history of journalists facing police officers in their newsrooms has not been one of sleek technology sophistication. It has, rather, been one of computers being identified and ripped from desks for further inspection.
The Police Service has a capable Cybercrime Unit, but it is small and is presumably tasked with more compelling duties than running around with constables seizing computer information.
Will journalists facing a court order to reveal information find themselves facing the surgical precision of a forensic digital specialist or the bootoo of a beat cop?