Trinidad and Tobago Computer Society

Category: ICT policies

  • Trinidad and Tobago Computer Society comments on the Trinidad and Tobago Cybercrime Bill

    Trinidad and Tobago Computer Society comments on the Trinidad and Tobago Cybercrime Bill

    The Trinidad and Tobago Computer Society (TTCS) has sent their comments on the Trinidad and Tobago Cybercrime Bill (PDF ; 242K) to the Joint Select Committee of the Trinidad and Tobago Parliament on Friday June 16 2017.

    View/Read the TTCS comments on the Cybercrime Bill (PDF ; 242K)

    Some of the general areas of concern regarding the Cybercrime Bill noted in our comments:

    1. Suppression of free speech and the work of journalists

      It is important to note that many of the clauses in this Bill can be applied to  journalists carrying out their duties, and/or the free speech of private citizens, as well as to persons who are attempting, in the public interest, to report misconduct (aka whistleblowers). In the interest of support of the Fourth Estate as well as the principles of Free Speech enshrined in our Constitution, this Bill requires urgent complementary whistleblower/journalist protection via legislation.
    2. Excessive Penalties

      A number of sections outline penalties of $100,000 to $3,000,000. These are non-trivial amounts that far exceed the penalties in other areas that many would view as more serious – for example drunk driving. We wonder if the concept of proportionality could be incorporated in this act. The quantum of penalties will have chilling effect on the legitimate use of computers and networks, for example, students learning about computer security and security professionals investigating vulnerabilities on behalf of their clients.
    3. Collateral Damage

      The general trend in technology has been to move towards using shared server resources in the cloud. This opens up the possibility that data and equipment in use by accused persons may be simultaneously used by other persons unrelated to the accused and may thus be unduly affected by the shutdown and/or seizure of such equipment and data. Care must be taken to protect those who are not party to the criminal activities of other persons.
    4. Potential for Censorship and Abuse

      In the interest of protecting the rights of citizens, we believe that all requests for access systems and data should be approved by the Judiciary via the application for, and receipt of, a warrant. This judicial warrant would ensure that any potential for abuse by the State, or its agents, would be mitigated.
    5. Self Incrimination

      Several sections of this Bill seem to run afoul of the Constitution’s directive that persons are protected from self incrimination, for example, the requirement that persons unlock their phones or decrypt their data in furtherance of an investigation. This is a dangerous issue and should be reconsidered.
    6. Training

      It is highly likely that the Courts and Trinidad and Tobago Police Service will be called on to deal many cases under this legislation. As such, it is critical that officers of both agencies receive training in some of technical issues surrounding cyber crime. In this regard the TTCS would welcome the opportunity to assist in providing this training and any specialized advice when required.

    The comments were put together by the TTCS based on

    Many thanks to the contributors who helped with reviewing and commenting on the bill. For those interested in discussing and sharing ideas about computing, related technologies and related social issues are discussed, do join our announcement mailing list.

  • TTCS near final draft comments on the Trinidad and Tobago Cybercrime Bill 2017

    TTCS near final draft comments on the Trinidad and Tobago Cybercrime Bill 2017

    The Trinidad and Tobago Computer Society (TTCS) has posted a near final draft version of its comments on the Cybercrime Bill 2017 based on the discussions from the Trinidad and Tobago Computer Society lime on Wednesday June 7 2017, comments from subscribers on the TTCS announcement mailing list and a followup TTCS F2F meeting on Tuesday June 13 2017, online comments received following the posting of the TTCS draft comments on the Trinidad and Tobago Cybercrime Bill 2017 on Tuesday June 13 and a online TTCS conference call on Thursday June 15 2017.

    With the deadline of Friday June 16 for submission of comments to the Joint Select Committee of the Trinidad and Tobago Parliament , you can view and comment on the Google document of the TTCS near final draft comments on the Cybercrime Bill 2017 – you do not need a Google account to comment on the document.

    View/Comment TTCS near final draft comments on Cybercrime Bill 2017

  • TTCS draft comments on the Trinidad and Tobago Cybercrime Bill 2017

    TTCS draft comments on the Trinidad and Tobago Cybercrime Bill 2017

    screenshot showing part of the TTCS draft comments on Cybercrime Bill

    The Trinidad and Tobago Computer Society (TTCS) has posted a first draft of its comments based on the discussions from the Trinidad and Tobago Computer Society lime on Wednesday June 7 2017, comments from subscribers on the TTCS announcement mailing list and a followup TTCS meeting on Tuesday June 13 2017.

    With the deadline of Friday June 16 for submission of comments to the Joint Select Committee of the Trinidad and Tobago Parliament , you can view and comment on the Google document of the TTCS draft comments on the Cybercrime Bill 2017 – anyone can comment on the document directly – you do not need a Google account.

    Comments are welcomed.

    View/Comment TTCS draft comments on Cybercrime Bill 2017

     

     

  • Cybercrime Bill 2017

    Cybercrime Bill 2017

    The Cybercrime Bill 2017 was introduced in the House of Representatives by the Attorney General of Trinidad and Tobago Honourable Faris Al-Rawi on May 6 2017.

    The purpose of the Cybercrime Bill, 2017 is to provide for the creation of offences related to cybercrime and for other related matters in Trinidad and Tobago and if passed would repeal the Computer Misuse Act 2000

    View/Download:

     

     

  • TTCS comments on “Towards the Treatment of Over The Top (OTT) services” policy document submitted to Telecom Authority of Trinidad and Tobago

    TTCS comments on “Towards the Treatment of Over The Top (OTT) services” policy document submitted to Telecom Authority of Trinidad and Tobago

     

    The Trinidad and Tobago Computer Society (TTCS ; https://www.ttcs.tt/) has submitted its comments on the Telecommunications Authority of Trinidad and Tobago (TATT) document “Towards the treatment of Over The Top Services”

    The TTCS comments can be viewed at TTCS-comments-on-TATT-Towards-the-treatment-of-OTT-services-public-July20-2015 (PDF ; 369K)

    A general comment:

    “For the past two decades, TATT has presided over a telecommunications sector which has experienced significant and ongoing growth for all commercial actors. The TATT “light touch” approach is one of the main factors contributing to the success of the sector. The status quo, as facilitated by TATT, should be maintained as the market can and will continue to innovate in the provision of value added services as it has already done for the benefit of clients, consumers, service providers and the country as a whole.

    The TTCS fears that any change in the status quo *at the present time* will lead to a stifling of innovation and lead to significantly reduced domestic competition overall.

    The treatment of Over The Top (OTT) services is *fundamentally* a Network Neutrality (NN) issue. Once the Telecommunications Authority makes a final decision on where it stands regarding NN/zero rating of services, its way forward on topics such as OTT becomes much less complex and simple to execute. Over the top services (OTT) can be broad enough to
    apply to any service provided over the Internet as a whole, or any future network. If TATT is to consider competition described by providers as “unfair,” then Zero Rated services should also be considered by the Authority in greater detail.

    Attempting to make a final decision on OTT without any final decision on NN issues may needlessly complicate the country’s future regulatory landscape, and create precedents
    which may limit future regulatory agility and sector innovation and growth. One of the realities of a competitive marketplace is that service providers must innovate constantly or else perish.

    The TTCS believes that any regulator should have no vested interest in stifling future sources of innovation in order to preserve revenue streams for service providers. More significantly, any request by service providers that TATT *must* intervene in the regulatory environment in order  to mitigate any loss or potential loss of revenue as a result of technological changes in the sector misunderstands the responsibility of a regulator for the entire sector, and not just one part of it. Increased and differentiated competition and innovation in the telecoms space is to be encouraged, not stifled.

  • The Trinidad and Tobago Cyber Security Agency Bill, 2015

    The Trinidad and Tobago Cyber Security Agency Bill, 2015

    The Trinidad and Tobago Cyber Security Agency Bill, 2015 was introduced as the same time as the Cybercrime Bill 2015 by the Minister of National Security Brigadier General Carlton Alfonso on May 1 2015.

    It seeks to establish a the Trinidad and Tobago Cyber Security Agency (TTCSA) to act as a national point of contact for all cyber security related concerns and other related matters. The functions of the TTCSA are to:

    (a) act as the national point of contact for all cyber security related matters;

    (b) establish a national computer incident response team to be known as the “Trinidad and Tobago Cyber Security Incident Response Team” (hereinafter referred to as “TT-CSIRT”);

    (c) refer matters to the police, where evidence of an offence under the  Cybercrime Act, 2015 comes to its knowledge;

    (d) prepare, review and update periodically and in any event at least annually, a national cyber security strategy and prepare such plans as are necessary for the successful implementation of such strategy;

    (e) collaborate with the relevant public body in the collection of relevant information which would facilitate the analysis of current and emerging risks, including those risks which could produce an impact on the resilience and availability of data communications networks and on the authenticity, integrity
    and confidentiality of the information accessed and transmitted through such
    networks;

    (f) provide advice on cyber security related matters, including situational awareness information, to the Minister, the Trinidad and Tobago Police Service or such other competent national bodies as are necessary;

    (g) enhance cooperation between different actors operating in the field of cybersecurity by holding consultations with, interalia, various industries, universities, public sector bodies and private sector and civil society bodies;

    (h) contribute to the awareness raising, and the availability of, current, objective and comprehensive information on cybersecurity by, inter alia, promoting exchanges of current best practices, including methods of alerting users and facilitating cooperation and collaboration between public and private sector initiatives.

    (i) develop and publish standards for products and services on cyber security;

    (j) establish and publish baseline cyber security requirements and standards for
    various sectors including operators of critical infrastructures;
    (k) conduct research and development in the area of cyber security and identify critical research and development needs, gaps and emerging trends for future research;

    (l) promote the development of training and education programmes including the accreditation and certification of cyber security academic programmes;

    (m) advise the Minister on research in the area of cyber security as well as on the effective use and adoption of risk preventative technologies;

    (n) promote risk assessment activities, interoperable risk management solutions and studies on cyber security management solutions within public and private sector bodies;

    (o) collaborate with the relevant public body in the provision of educational guidelines to the national community, as to the appropriate use of the national network infrastructure;

    (p) establish internal and joint procedures between the public and private sectors  to manage the incidents and mitigate the threats associated with them;

    (q) provide appropriate strategic insights to policy and decision-makers and public bodies in order to strengthen the national network infrastructure;

    (r) develop a National Cyber Security Contingency Plan;

    (s) coordinate cyber security exercises; and

    (t) express independently its own conclusions and orientations and give advice on matters within its scope and objectives.

    The Bill lapsed with the end of the Parliamentary session on June 17 2015.

     

     

     

     

  • Cybercrime Bill 2015

    Cybercrime Bill 2015

    The Cybercrime Bill 2015 and the Trinidad and Tobago Cyber Security Agency Bill 2015 were introduced in the House of Representatives by the Minister of National Security Brigadier General Carlton Alfonso on May 1 2015.

    The Cybercrime Bill 2015 seeks “to provide for the creation of offences related to cybercrime and related matters” and if passed would repeal the Computer Misuse Act 2000

    The key changes between the Cybercrime Bill 2014 and the Cybercrime Bill 2015 were:

    • the penalties were adjusted for the various cybercrime offences
    • Clause 17 in the 2014 bill re: creating the offence of child pornography through the use of ICT was removed in the Cybercrime 2015 bill

    However, the Cybercrime Bill 2015 lapsed with the end of the Parliamentary session on June 17 2015.

     

     

  • Trinidad & Tobago Computer Society Statement to Telecommunications Authority of Trinidad & Tobago on the proposed acquisition of Columbus International by Cable & Wireless Communications

    Trinidad & Tobago Computer Society Statement to Telecommunications Authority of Trinidad & Tobago on the proposed acquisition of Columbus International by Cable & Wireless Communications

    cable&columbus

    Trinidad & Tobago Computer Society (TTCS) Statement to the Telecommunications Authority of Trinidad and Tobago
    on the proposed     acquisition of Columbus International by
    Cable and Wireless Communications.

    This comment is submitted by the Trinidad and Tobago Computer Society (TTCS ; http://cs.tt ) in response to the request for comments on the proposed acquisition of Columbus International Inc.(CII) by Cable and Wireless Communications (CWC)  published by the Telecommunications Authority of Trinidad and Tobago (TATT) on January 5th, 2015. The TTCS has commented on various ICT issues over the past decade as it relates to the interests of end users.

    The proposed acquisition can lead to high ownership concentrations in the provision of voice and broadband Internet services throughout the Caribbean as well as in subsea fiber connections. This acquisition may also reduce the probability of healthy competition in mobile telephony services in some jurisdictions. The concerns with the proposed merger between the parties (absent speculation on changes in corporate allegiance) revolves around five main pillars:

    • Potential decrease in market efficiency (competition vs effective duopoly/oligopoly – more benefits to firms rather than consumers);
    • Reduced consumer options for voice and broadband internet services (with an effective CWC/CII and Digicel duopoly);
    • Higher cost of voice and broadband Internet services (concentration of market power among fewer firms);
    • Reduced quality of service in voice and broadband Internet services (common with a concentration of market power among fewer firms);
    • A potential underserving of remote or otherwise ‘less-profitable’ areas by the new corporate entity, and
    • An increase in corporate compliance issues (arising out of the attitude of a merged CWC/CII towards consumers, employees and government regulators, based on experience and past local and regional attempts to “game” the regulators by CWC imposing additional charges and changing service terms).

    Ultimately, the TTCS sees the proposed merger as having the potential to reverse two decades of progress in liberalizing the local telecommunication sector and that residential, business and government consumers may lose many of the benefits of competition.

    Furthermore, the TTCS notes with concern that TATT has only allowed for a one week comment period on this complex issue. We believe that extending this comment period as well as increased advertising would increase the participation of the general public in this critical decision.

  • TTCS, ISOC-TT and IEEE-TT Joint Statement on Digicel Trinidad and Tobago’s ban on VOIP Services

    TTCS, ISOC-TT and IEEE-TT Joint Statement on Digicel Trinidad and Tobago’s ban on VOIP Services

    The following is a press release of the joint statement from
    the Trinidad and Tobago Computer Society,
    the Internet Society Trinidad and Tobago Chapter and
    the IEEE Trinidad and Tobago Section on
    Digicel’s Trinidad and Tobago’s  ban on Voice over IP services.

    PDF version of press release:

    A longer version of the statement can be viewed at TTCS-ISOC-TT-IEEE-TT-response-to-Digicels-ban-on-VOIP-services or at https://docs.google.com/a/ttcsweb.org/document/d/13pfWE4S6Rr3IwSntEFRdawpxdbnHXrSgpzQ2wcfp3YU/edit

    Joint Statement from the
    Trinidad and Tobago Computer Society,
    Internet Society Trinidad and Tobago Chapter &
    IEEE Trinidad and Tobago Section
    on Digicel Trinidad and Tobago’s ban on VOIP Services

    Summary of Issue

    On the 5th July, 2014, Digicel (Trinidad and Tobago) announced  that it will be blocking access to Voice over IP (VoIP) applications it considers to be  ‘unlicensed’ or “unauthorized” on  its “4G” service. The Trinidad and Tobago Computer Society (TTCS),
    the Internet Society Trinidad and Tobago Chapter (ISOC-TT) and the IEEE Trinidad and Tobago Section (IEEE-TT) consider this to be a grave error, and wish to make a public statement on this matter,  both from a technical perspective and a social one.

     

    Our position

    It is the position of the TTCS, ISOC-TT and IEEE-TT that this move is a violation of the concept of “Network Neutrality” as defined by Wu. We are of the firm belief that this move puts us, as Internet users, on a slippery slope, as it may well pave the way for the banning of  other important Internet services for learning, innovation and productivity which use much more bandwidth.

    Given that customers are paying for Internet data service, it is not accurate for Digicel to state that VoIP services amount to “illegal bypass activity”. Digicel is effectively asking that both consumers and suppliers pay for the same service.

    While we understand the need to ensure the integrity of their service, from a technical perspective, there is no reason to single out VoIP connections as a large consumer of bandwidth that can reduce the Quality of Service enjoyed by other customers as the throughput for a VoIP connection is very small (on the order of 20kbps). Compared to services such as YouTube, Netflix or even browsing media-rich web pages (on the order of hundreds of kbps), throughput required by VoIP applications is negligible. Therefore, the argument that services such as VoIP has a significant impact on other data services is inaccurate (unless the number of  VoIP users is very very much greater than the number of non-VoIP users).

    The reasoning given by Digicel TT for the move that “VOIP services (are) putting enormous pressures on bandwidth – and customers’ data usage experience (is) being negatively impacted” is also misleading since it is not technically possible for Digicel to give priority to VoIP traffic on their current data  network. In their current system,  VoIP traffic is treated just as any other data service.

    We can only conclude, therefore, that the reason for the proposed ban is to stop the loss of  revenue from traditional circuit switched voice services rather than any move to protect the integrity of its data service to customers.

    It is important that Internet service providers are committed to the concept of Network Neutrality in Trinidad and Tobago so as to encourage innovation and avoid the potential of censorship. Digicel should certainly backtrack on this move, in the interest of national development. The  Telecommunications Authority of Trinidad and Tobago (TATT) should engage all stakeholders in a broader discussion with respect to how we should move forward on the issue of Network Neutrality. TATT should also strive towards making a more competitive environment by accelerating the introduction of a 3rd service provider as well as accelerate the long promised implementation of Number Portability to promote the competitiveness in the telecommunications space that would prevent similar anti-consumer, anti-innovation and anti-economic growth policies.

     

  • The Cybercrime Bill 2014

    The Cybercrime Bill 2014

    The Cybercrime Bill was introduced in the Senate by the Minister of National Security Gary Griffith on March 21 2014. The Bill seeks “to provide for the creation of offences related to cybercrime and related matters” and if passed would repeal the Computer Misuse Act 2000

    The offences related to cybercrime and related matters includes

    • illegal access to a computer system
    • Illegally remaining in a computer system
    • Illegal interception of subscriber or traffic data
    • Illegal data interference
    • Illegal acquisition of data
    • possession and distribution of devices that is designed or adapted for the purpose of committing an offence under this Act or disclosure of password or access codes
    • Unauthorised receiving or granting of access to computer data
    • forgery of computer data and distribution of forged data
    • Computer-related fraud
    • Identity-related offences
    • child pornography
    • using computers to set up a meeting with a child for the purpose of abusing the child.
    • the offence of violating a person’s  privacy by capturing and sharing pictures or videos of a person’s private area without his consent.
    • relaying of multiple email messages with the intent to deceive as to the origin of the message
    • the offence of harassment through the use of electronic means with the intent to cause emotional distress.
    • criminalising the act of sending multiple electronic mail messages that are unsolicited and which causes harm to a person or damage to a computer.

    The Bill lapsed with the end of the Parliament session on July 30 2014.