After the rash of political revolutions and criminal attacks on governments and companies last year, it wasn’t hard to predict that 2012 would be the year of a cybercrime crackdown. The United States is considering its own cybercrime legislation, and the European Union is seeking to harmonize its member state’s computer crime laws. Governments understandably want to prevent further online attacks. Journalists suffer these attacks also, but they don’t necessarily gain from fiercer laws. And in the case of a proposed new cybercrime law in Iraq, they may face life imprisonment for simply doing their job.
In CPJ’s Attacks on the Press in 2011, I covered the risk to press freedom of such a rash of “cybercrime” laws, and how, even when well-meaning, they can have a damaging effect on online press freedom. The human rights group Access published its report on Iraq’s new Information Technology Crimes Bill, currently approaching its second reading in the Iraqi Parliament.
As The Economist notes, the IT Crimes Act is similar, in structure and flaws, to last year’s Journalist Protection Act. Ostensibly beneficial to freedom of expression, the laws lack precision where it is needed, and effectively could be used to exclude reporters from protections or criminalize their work.
We noted in January that Iraq’s Journalist Protection law excluded part-time journalists, bloggers, and others who volunteer to gather and distribute the news. (As Mexico shows, journalist protection laws don’t have to be written this way).
The IT Crimes bill goes further. The vague crimes of using the Internet to “harm the reputation of the country” or to broadcast “false or misleading facts” intended to “damage the national economy” is punishable by life imprisonment. Three months imprisonment awaits anyone who “intrudes, annoys, or calls [Internet] users without authorization” or “deliberately accesses a website … without authorization.” And, in the worst catch-all, “whoever violates principles, religious, moral, family, or social values or personal privacy through information networks or computers in any way” can be sentenced to a year in prison.
It is important to ensure that crimes — such as identity and information theft, spam, unlawful access, and fraud — that are conducted on the Internet are pursued and penalized as competently as they are in the rest of society. But just because an action takes place on the Internet does not mean it should be assumed to be a crime, or couched in vaguer tones than traditional criminal legislation. Journalists, especially when they expose the misdeeds of prominent figures, are frequently accused of harming the reputation of nations, annoying citizens, accessing information they have not been explicitly authorized to view, and violating social values. The accusation alone is not enough to send them to jail. In Iraq, merely combining these accusations with proof that a computer was used transforms them into serious crimes.
The ambiguity of the IT Crimes Bill alone will have a chilling effect on those who use the Internet to report news. Given that bloggers and part-time reporters are already excluded from the weak protections of Iraq’s journalism law, the Internet would become a freshly exposed place to report from what remains one of the world’s most dangerous countries for journalists.
Iraq should not pass this perilously overbroad and punitive law.