The Trinidad and Tobago Computer Society (TTCS) has sent their comments on the Trinidad and Tobago Cybercrime Bill (PDF ; 242K) to the Joint Select Committee of the Trinidad and Tobago Parliament on Friday June 16 2017.
View/Read the TTCS comments on the Cybercrime Bill (PDF ; 242K)
Some of the general areas of concern regarding the Cybercrime Bill noted in our comments:
- Suppression of free speech and the work of journalists
It is important to note that many of the clauses in this Bill can be applied to journalists carrying out their duties, and/or the free speech of private citizens, as well as to persons who are attempting, in the public interest, to report misconduct (aka whistleblowers). In the interest of support of the Fourth Estate as well as the principles of Free Speech enshrined in our Constitution, this Bill requires urgent complementary whistleblower/journalist protection via legislation.
- Excessive Penalties
A number of sections outline penalties of $100,000 to $3,000,000. These are non-trivial amounts that far exceed the penalties in other areas that many would view as more serious – for example drunk driving. We wonder if the concept of proportionality could be incorporated in this act. The quantum of penalties will have chilling effect on the legitimate use of computers and networks, for example, students learning about computer security and security professionals investigating vulnerabilities on behalf of their clients.
- Collateral Damage
The general trend in technology has been to move towards using shared server resources in the cloud. This opens up the possibility that data and equipment in use by accused persons may be simultaneously used by other persons unrelated to the accused and may thus be unduly affected by the shutdown and/or seizure of such equipment and data. Care must be taken to protect those who are not party to the criminal activities of other persons.
- Potential for Censorship and Abuse
In the interest of protecting the rights of citizens, we believe that all requests for access systems and data should be approved by the Judiciary via the application for, and receipt of, a warrant. This judicial warrant would ensure that any potential for abuse by the State, or its agents, would be mitigated.
- Self Incrimination
Several sections of this Bill seem to run afoul of the Constitution’s directive that persons are protected from self incrimination, for example, the requirement that persons unlock their phones or decrypt their data in furtherance of an investigation. This is a dangerous issue and should be reconsidered.
It is highly likely that the Courts and Trinidad and Tobago Police Service will be called on to deal many cases under this legislation. As such, it is critical that officers of both agencies receive training in some of technical issues surrounding cyber crime. In this regard the TTCS would welcome the opportunity to assist in providing this training and any specialized advice when required.
The comments were put together by the TTCS based on
- the discussions from the Trinidad and Tobago Computer Society lime on Wednesday June 7 2017,
- comments from subscribers on the TTCS announcement mailing list ;
- followup TTCS F2F meeting on Tuesday June 13 2017,
- online comments received following the public posting of the TTCS draft comments on the Trinidad and Tobago Cybercrime Bill 2017 on Tuesday June 13
- and a online TTCS conference call on Thursday June 15 2017
- public posting of the near final draft of the TTCS comments on Thursday after the online call.
- final review of last comments and edits on Friday June 16 2017 before submitting.
Many thanks to the contributors who helped with reviewing and commenting on the bill. For those interested in discussing and sharing ideas about computing, related technologies and related social issues are discussed, do join our announcement mailing list.