Trends in South and Southeast Asia
Module 7: Cybercrimes
South and Southeast Asia have experienced rapid growth in access to the internet in recent years. This increased digitalisation of society has afforded increased opportunities for citizens to exercise their rights to freedom of expression and to information. However, with increasing digitisation also come new security threats and, in turn, new rights concerns raised by many states’ approaches to emerging threats.
A 2021 INTERPOL report noted: “Given their position among the fastest growing digital economies in the world, ASEAN [Association of Southeast Asian Nations] member countries have become a prime target for cyberattacks.”(1) In response to growing cybersecurity threats, the Association of Southeast Asian Nations has taken certain steps towards multilateral cooperation on cybersecurity matters, notably becoming the first regional organisation to subscribe in principle to the UN’s 11 voluntary, non-binding norms of responsible state behaviour in cyberspace,(2) a series of principles that were elaborated in a 2015 report by a Group of Governmental Experts(3) and subsequently endorsed in a UN General Assembly resolution.(4)
At the national level, across South and Southeast Asia, governments have been adopting new cybercrimes legislation, often to keep pace and continue to protect against crimes committed online. Every state in South and Southeast Asia, with the exceptions of Cambodia, Myanmar and the Maldives, have adopted some form of cybercrimes legislation.(5) Cambodia, Myanmar and the Maldives are currently in the process of drafting such legislation.(6)
However, cybercrimes legislation is increasingly being used to unjustly regulate internet content as well, including undesirable criticism or dissent. Access Now notes that one of the main concerns about the plethora of laws that are currently being enacted to regulate cybercrimes is that many of them lack clear definitions and are susceptible to being used to over-regulate online content and restrict freedom of expression.(7) This is a growing concern among human rights defenders as many have been subjected to a wave of arrests and convictions in what is an escalating assault on freedom of expression using cybercrime laws. Many of the laws are vague and overbroad and lack clear definitions, leaving them open to arbitrary and subjective interpretations. Some common examples of overbroad provisions are those that criminalise spreading false information or harming national unity.
For example, Bangladesh’s Digital Security Act has been widely criticised for its overbroad and vague provisions, which have been used to target critics of the government.(8) For instance, cartoonists and journalists who published cartoons and commentary critical of the government’s COVID-19 response have been charged under that law with spreading “propaganda, false or offensive information, and information that could destroy communal harmony and create unrest.”(9)