(Petaling Jaya, Wednesday): The DAP Central Executive Committee will meet to consider whether DAP MPs should propose amendments to the Computer Crimes Bill and the Digital Signature Bill in the current meeting of Parliament.
The Multimedia Development Corporation, which described itself as “The MSC’s Super Agency” created to make the MSC a success, has a website on the Internet which contained a FAQ (Frequently Asked Questions) about the MSC which said:
“8. Is the legal environment restrictive ?
“ In accordance with the Bill of Guarantees, the policies and laws of the
MSC are being designed to make it the best environment in the world to
harness the benefits of multimedia technologies and applications. The
laws that will be enforced will make Malaysia the regional leader in
intellectual property protection and free information exchange.
“Founding companies will have an influential role in continuing to shape
the development of the MSC's world-first ‘cyber-laws’ and other
business policies. Over 150 detailed interviews have been conducted
with multimedia / IT companies to understand their requirements. The Bill
of Guarantees and cyber-laws reflect this input.”
If it is true that some 150 international multimedia/IT companies had been consulted on the first batch of proposed cyberlaws, it is most unfortunate that local companies and Malaysians, especially individuals and organisations who would be directly affected by the cyberlaws, like Members of Parliament, Bar Council and NGOs like the consumer organisations, had not been consulted or allowed “an influential role..to shape MSC’s world-first cyberlaws”.
At present, MPs have not been shown the Copyright (Amendment) Bill and the Telemedicine Development Bill although both these two bills would be among the first batch of four cyberlaws to be enacted by the current meeting of Parliament.
The Computer Crimes Bill is modelled on the UK Computer Misuse Act 1990, although with very severe penalties.
For instance, section 3(1) of the Computer Crimes Bill, which makes it an offence for any person who causes any computer to perform any function with intent to secure unauthorised access to any computer material, is virtually copied word for word on section 1 of the UK Misuse Act 1990.
Section 3(1) of the Computer Crimes Bill reads:
“3. (1) A person shall be guilty of an offence if- (a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer; (b) the access he intends to secure is unauthorised; and (c) he knows at the time when he causes the computer to perform the function that that is the case.”
However, the penalties proposed for Malaysia for the same offence would be 12 times more severe than in the United Kingdom. In the Computer Crimes Bill, the penalty for committing an offence under Section 3 is up to a fine of RM50,000, five years’ jail or both.
In the UK Computer Misuse Act 1990, however, the penalty of such a similar offence is six months’ jail and 5,000 pounds sterling.
Is it appropriate for Malaysia to have a penalty 12 times more severe than that provided in the United Kingdom for a similar offence? Is this the way Malaysia wants to have the “world-first cyberlaw”?
There is lively discussion on the Malaysian newsgroups as to whether there should be a “French Spiderman” provision in the Computer Crimes Bill to exempt hackers with no criminal or malicious intent and which result in better computer security systems from prosecution.
There is merit that this proposal be given serious consideration. This is because although computer crimes can cause massive enormous losses - the estimates for financial losses from computer crime in the United States reach as high as US$10 billion a year - the overwhelming majority of these computer attacks go undetected. In fact, the US Federal Bureau of Investigations’ National Computer Crimes Squad estimates that between 85 and 97 per cent of computer intrusions are not even detected.
This is why hackers who have unauthorised access to computer systems with no malicious or criminal intent but who want to test the security of the systems may be performing a very valuable contribution not only to the targetted companies and systems but also to the computer-using public at large.
The Digital Signature Bill is modelled after the Utah Digital Signatures Act, the first digital signature law in the world when it was enacted on March 9, 1995. This Utah Digital Signatures Act 1995 was repealed and renacted in 1996.
Following the lead of Utah, numerous states in the United States and several other countries have enacted “digital signature” legislation aimed at promoting the development of a public key infrastructure (PKI) to facilitate electronic commerce.
A comparative study of the Digital Signature Bill and the Utah Digital Signatures Act show that although there have been improvements to the Utah law in certain provisions, in some sections, the Bill is weaker than the public key infrastructure enacted in Utah.
The Utah law has been described as “comprehensive and addresses many issues”, but has also been criticised for failing to fully deal with issues which can infringe on consumer and privacy interests such as technology, liability, privacy and costs.
In Malaysia, which is on the threshhold of enacting a digital signature law, there is complete absence of public discussion on these public interest issues.
There should a more informed understanding and debate of the proposed cyberlaws dealing with all their wide-ranging socio-economic ramifications before they are enacted by Parliament.
Deputy Prime Minister, Datuk Seri Anwar Ibrahim, has agreed that the cyberbills would be debated later in the current Parliamentary meeting to allow MPs more time to study them.
Under the Parliamentary Order Paper, the two cyberbills, the Digital Signature Bill and the Computer Crimes Bill, are to be the first two bills to be debated on April 9, immediately after the conclusion of the debate on the motion of thanks on the Royal Address.
I had requested Anwar Ibrahim to allow other bills to be debated first so that MPs could be given more time to study the cyberbills and to allow for greater public interaction and participation in the formulaton of the cyberbills, both because of the newness and complexity of the issues involved. Anwar had been very sympathetic to the proposal and had immediately given his agreement when I spoke to him in Parliament onn Monday.
This will also give time for a cyberbill forum to be organised to allow for public feedback and inputs into the first batch of cyberbills to be presented to Parliament.
The Deputy Prime Minister is also supportive of the idea that such a cyberbill forum be organised involving MPs from all political parties.
This means that the proposed DAP cyberbill forum mooted at the DAP “IT For All” Conference at the Federal Hotel, Kuala Lumpur on March 23 involving lawyers, computer enthusiasts and interested members of the public tentatively fixed for April 6 would now be replaced by another cyberbill forum probably on the following Sunday on April 13.
There have been a lot of public interests on the cyberbills and those who have already indicated their interest to participate in the cyberbill forum as proposed at the DAP “IT For All” Conference should await further announcements in the next few days.
(2/4/97)