(Malacca, Saturday): I was very surprised when I got a copy of Monday’s Parliamentary Standing Orders, which has scheduled Telemedicine Bill and the Copyright Amendment Bill for debate next week, as they are No.4 and No. 7 in the list of official businesses to be transacted by the Dewan Rakyat.
Why is the Parliamentary Standing Order slating Telemedicine Bill and the Copyright Amendment Bill for debate next week when the Cabinet has agreed that the first batch of the four cyberbills would be debated the week, i.e. after the Parliamentary Cyberbill Forum being organised by the multi-party Parliamentary IT Committee in Parliament either on April 25 or 26.
I believe this must be a mistake, not only arising from miscommunication, but the ignorance that Telemedicine Bill and Copyright Amendment Bill are part of the first batch of cyberbills which had been tabled in the current meeting of Parliament.
I would like to know whether this mistake was made by Parliament or by the Ministry of Health and the Ministry of Domestic Trade which are respectively responsible for these two bills. Otherwise, it would be most unfair to start debating on Telemedicine Bill and the Copyright Amendment Bill when there is a clear undertaking by the government that debate on the four cyberbills would only begin on April 28.
I hope this matter would be put right when the Dewan Rakyat sits on Monday.
With the introduction of the first batch of cyberlaws, Malaysia stands at a very important crossroad in our national history because this constitutes a historic step in our transition into the Digital Era in the 21st century.
Although cyberspace is borderless, it cannot be a law-free zone. One of our greatest challenges which will decide whether Malaysia can successfully make the transition into the Information Society and take its rightful place among the front rank of nations in the 21st century is whether we can devise new legal structures and concepts that will afford due recognition to the rapid changes and the new realities that would be wrought by Information Technology to lay the basis for a civil and knowledge-based society.
DAP has embraced Information Technology not because the DAP is preparing to join the Barisan Nasional, but because on issues of national interest, the DAP is and had always been prepared to work in co-operation with other political parties, whether it be the Barisan Nasional or other opposition parties.
The DAP Central Executive Committee at its meeting last Sunday resolved to adopt "IT For All" as a national policy objective with the dual aim of ensuring that Malaysia make the quantum leap into the Digital Era and ensuring that there would be equitable IT development for all without creating a new disparity between "Information-rich" and "Information-poor".
This is one outcome of the three-point Party Reform movement launched at the end of 1995, which calls for "re-thinking of party policies, strategies and approaches".
At the first DAP Cyberbill Seminar in Kuala Lumpur last Sunday, I had pointed out that it should be a matter of fundamental concern that there had been very little consumer or user perspective in the drafting of the first batch of cyberbills in the country, whether Computer Crimes Bill, the Digital Signature Bill, the Telemedicine Bill or the Copyright (Amendment) Bill.
This is not only highlighted in each bill, as there had been virtually no public participation or consultation in its drafting, but also by the absence of a Data Protection Bill to be in the first batch of cyberbills to give protection to the rights of ordinary citizens.
If not for this series of DAP Cyberbill seminars to create opportunities for public involvement and participation in the formulation of the cyberlaws for Malaysia, there would have been no public forum whatsoever - despite the fact that the DAP had performed the national service of posting all the cyberbills on the Internet to make them available to the net citizens of Malaysia.
Malaysia needs a Computer Crimes Law if we are serious about the country going IT as computer crimes can cause astronomical financial losses and will be used more and more in military and intelligence attacks as national security is increasingly in the hands of computers.
An International Computer Crime Conference in New York last month was told of three recent cases in which a computer was the weapon used to commit crimes against a bank, the flying public and a 911 system in the United States.
In one, someone with a laptop computer in St. Petersburg, Russia tried to gain access to millions of dollars in a U.S. bank. In another, a convicted terrorist used a laptop to create plots to blow up a dozen U.S. airliners. In the third case, a young man in Sweden hacked his way into computers in Florida to shut down a 911 emergency call system for an hour, cripplying the networks responsible for speedy responses by police, fire and ambulances.
The full resources of the state must be focussed on these cyberspace criminals and not to criminalise the majority of the computer users in the country.
Under the present Computer Crimes Bill, the young hobbyist who commits the minor trespass of unauthorised access to computers with no malice and causing no damage and who could make a contribution to strengthen the information security system in the interests of the general public would be guilty of the offence of unauthorised access under Section 3 of the Bill, which carries a maximum sentence of RM50,000 fine, five years’ jail or both - the most severe sentence for such an offence in the world!
This is most unfortunate, for it would divert attention from the real cyberspace criminals - the real highwaymen on the Information Superhighway - who could steal billions of dollars a year by illegally transfering funds, diverting payments and shaving cents off other people’s earnings.
The US Federal Bureau of Investigations’ National Computer Crimes Squad estimates that between 85 and 97 per cent of computer intrusions are not even detected. In a recent test sponsored by the US Department of Defense, the statistics were startling. Attempts were made to attack a total of 8932 systems participating in the test. 7860 of those systems were successfully penetrated. The management of only 390 of those 7860 systems detected the attacks, and only 19 of the managers reported the attack.
This should be a sobering reminder that having computer crimes laws is one thing, but having the capability to enforce them is another - and we not just talking about the problem of extraterritoriality. Be that as it may, when enacting our first Computer Crimes Act, Malaysians should take vigorous part in a national discussion as to whether we should criminalise all unauthorised access - and whether this is not like "taking a sledgehammer to a nut".
I would seriously suggest that Parliament should study how other countries enact legislation to avoid criminalising young computer hobbyists for the minor trespass of unauthorised access without malice or causing damage.
The State of Hawaii, for instance, has such a saving clause, which reads:
1. The court may dismiss a prosecution if, having regard to the nature of the conduct alleged and nature of the attendant circumstances, it finds that the defendant’s conduct did not actually cause harm or damage to any computer, computer system, computer network, or any of its data or software.
2. The court shall not dismiss a prosecution under section (1) without filing a written statement of its reasons."
The DAP Parliamentary Working Group on the Cyberbills is considering whether to introduce amendments to the first batch of cyberbills in the current meeting of Parliament and it would meet next week to decide whether such a Hawaian saving clause should be added to the Computer Crimes Bill.
The Computer Crimes Bill has a section which criminalises the majority of computer users in the country. This is Section 8 which creates a statutory presumptionwhere any person having custody or control of any program, data or other information when he is not authorised to have it will be deemed to have obtained unauthorised access unless it is proven otherwise. This section criminalises the majority of the computer users in the country - including, I believe, journalists, government officials, MPs and Ministers who use computers.
During the Parliamentary debate on the Computer Crimes Bill, I will like to ask the Ministers, Deputy Ministers and MPs who use computers, or whose children use computers, to declare whether they have any program or data in their computers which they are not authorised to have, which might have been downloaded from the Internet or passed to them by a friend.
What I cannot understand is why Malaysia should create such a computer crime to criminalise the majority of computer users in the country, when no other country that I know of has such a computer crime in their laws.
Unless the government can give very strong and persuasive arguments as to why Section 8 is needed in Malaysia, this provision should be withdrawn and removed from the Bill.
(19/4/97)