Back to main site

    Trends in South and Southeast Asia

    Module 7: Cybercrimes

    South and Southeast Asia have experienced rapid growth in access to the internet in recent years. This increased digitalisation of society has afforded increased opportunities for citizens to exercise their rights to freedom of expression and to information. However, with increasing digitisation also come new security threats and, in turn, new rights concerns raised by many states’ approaches to emerging threats.  

    A 2021 INTERPOL report noted: “Given their position among the fastest growing digital economies in the world, ASEAN [Association of Southeast Asian Nations] member countries have become a prime target for cyberattacks.”(1) In response to growing cybersecurity threats, the Association of Southeast Asian Nations has taken certain steps towards multilateral cooperation on cybersecurity matters, notably becoming the first regional organisation to subscribe in principle to the UN’s 11 voluntary, non-binding norms of responsible state behaviour in cyberspace,(2) a series of principles that were elaborated in a 2015 report by a Group of Governmental Experts(3) and subsequently endorsed in a UN General Assembly resolution.(4)

    At the national level, across South and Southeast Asia, governments have been adopting new cybercrimes legislation, often to keep pace and continue to protect against crimes committed online.  Every state in South and Southeast Asia, with the exceptions of Cambodia, Myanmar and the Maldives, have adopted some form of cybercrimes legislation.(5) Cambodia, Myanmar and the Maldives are currently in the process of drafting such legislation.(6)

    However, cybercrimes legislation is increasingly being used to unjustly regulate internet content as well, including undesirable criticism or dissent.  Access Now notes that one of the main concerns about the plethora of laws that are currently being enacted to regulate cybercrimes is that many of them lack clear definitions and are susceptible to being used to over-regulate online content and restrict freedom of expression.(7) This is a growing concern among human rights defenders as many have been subjected to a wave of arrests and convictions in what is an escalating assault on freedom of expression using cybercrime laws.  Many of the laws are vague and overbroad and lack clear definitions, leaving them open to arbitrary and subjective interpretations.  Some common examples of overbroad provisions are those that criminalise spreading false information or harming national unity.

    For example, Bangladesh’s Digital Security Act has been widely criticised for its overbroad and vague provisions, which have been used to target critics of the government.(8) For instance, cartoonists and journalists who published cartoons and commentary critical of the government’s COVID-19 response have been charged under that law with spreading “propaganda, false or offensive information, and information that could destroy communal harmony and create unrest.”(9)

    Footnotes

    1. INTERPOL, ASEAN Cyberthreats Assessments 2021 (2021) at p. 13 (accessible at: https://www.interpol.int/en/content/download/16106/file/ASEAN%20Cyberthreat%20Assessment%202021%20-%20final.pdf). Back
    2. Channel Asia, ‘How ASEAN is driving global cyber security efforts’ (2021) (accessible at: https://www.channelasia.tech/article/691880/how-asean-driving-global-cybersecurity-efforts/). Back
    3. UN General Assembly, ‘Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security’, UN Doc A/70/174 (2015). Back
    4. UN General Assembly, ‘Developments in the field of information and telecommunications in the context of international security’, UN Doc A/RES/70/237 (2015) (accessible at: https://undocs.org/Home/Mobile?FinalSymbol=a%2Fres%2F70%2F237&Language=E&DeviceType=Desktop&LangRequested=False). Back
    5. United Nations Conference on Trade and Development, ‘Cybercrime Legislation Worldwide’ (2021) (accessible at: https://unctad.org/page/cybercrime-legislation-worldwide). Back
    6. Id. For a critical analysis of Myanmar’s new Draft Cyber Security Legislation, see Centre for Law and Democracy, ‘Myanmar: Note on New Draft Cyber Security Law’ (2022) (accessible at: https://www.law-democracy.org/live/wp-content/uploads/2022/05/Myanmar.Cyber-Security-Analysis-English-.pdf). Back
    7. Access Now, ‘When “cybercrime” laws gag free expression: stopping the dangerous trend across MENA’ (2018) (accessible at: https://www.accessnow.org/when-cybercrime-laws-gag-free-expression-stopping-the-dangerous-trend-across-mena/). Back
    8. See, for example, Human Rights Watch, Meenakshi Ganguly, ‘Limiting Free Speech Undermines the Fight Against Covid-19, (2021) (accessible at: https://www.hrw.org/news/2021/02/24/limiting-free-speech-undermines-fight-against-covid-19). Back
    9. Id. See also, Human Rights Watch, ‘Bangladesh: Repeal Abusive Law Used in Crackdown on Critics’ (2020) (accessible at: https://www.hrw.org/news/2020/07/01/bangladesh-repeal-abusive-law-used-crackdown-critics). Back