The battlefield is gruesome, global and growing — cyberattacks have become a dangerous threat to governments, people and institutions all over the world.
In response, around 80% of the world’s countries have implemented cybercrime legislation, according to the United Nations Conference on Trade and Development.
But in some Arab countries, these laws are increasingly misused by governments to silence dissent and curb freedom of speech.
The latest example is Syria, where President Bashar Assad’s government updated its cybercrime laws in April. The newly amended law 20/2022 targets both online and offline criticism of the president, state and constitution.
“Syria has criminalized online speech which is said to undermine the authority of the government by, for example, harming the ‘prestige’ of the state,” Bernhard Maier, a London-based attorney and professor of International Law at King’s College, told DW.
The law only vaguely defines cybercrime offenses, but drastically increases the penalties and punishment.
These now range from imprisonment of up to 15 years to fines of up to 15 million Syrian pounds, Syrian news agency SANA reports. With the currency officially pegged to the US dollar, this amounts to $12,000 (€11,400) inside Syria, or around $5,900 (€5,600) on the free market.
Human rights groups were outraged.
“There is no doubt that this article is designed entirely in order to silence different opinions under unclear headings, as any digital content can theoretically be accused of leading to the overthrow or change of the regime or encouraging it,” the Gulf Centre for Human Rights (GCHR) wrote in a statement.
For Syria’s war-battered population, this means that future crackdowns are now legal on a broader scale than ever before.
Since the war began in Syria in 2011, more than 100,000 people have disappeared in jails, or worse, in mass graves, human rights organizations fear
Egypt: Hiding behind rule of law
Similar tactics are being used in Egypt as well.
In March this year, the Alexandria Economic Court sentenced singers Hamo Beeka and Omar Kamal to fines and imprisonment on vague charges of “violating family values” under a cybercrime law for singing and dancing in a YouTube video.
Human Rights Watch condemned the verdict as “violating their right to freedom of expression.”
“By applying cybercrime laws to dissidents, States are able to condemn free speech under the guise of the rule of law,” law professor Maier said. “As we saw with the Arab Spring in 2011, digital platforms such as Twitter and Facebook can be used with great effect to mobilize protesters and ‘revolutionaries’.”
It is obvious that “this approach is arguably more effective than naked oppression,” he added.
Egyptian authorities already had almost unlimited power to curb freedom of speech and dissenting opinions after President Abdel-Fattah el-Sissi ratified the country’s Anti-Cyber and Information Technology Crimes Law in 2018.
Their reach was broadened further, however, when the so-called “NGO-law” came into effect in January 2022. The law demands registration by civil rights and non-governmental organizations, allowing the government insight into their work and funding.
This has led to the closure of many such groups, including the Arabic Network for Human Rights (ANHRI).
Last year, Egypt came in third in the global ranking of jailed journalists, according to the Committee to Protect Journalists (CPJ).
With 25 reporters behind bars, it trailed only China (50) and Myanmar (26).
One key difference is that prior to 2018, journalists were usually charged with anti-state crimes. But in 2021, the CPJ observed a surge in cybercrime accusations.
New tactics in Saudi Arabia
Egypt’s neighbor Saudi Arabia has shown some improvements in this area, though this doesn’t necessarily signal greater press freedom. Once in the top five rankings for jailed journalists, the CPJ reports that the Gulf state has dropped down into the top eight.
The Saudi kingdom is officially striving to modernize the country under the framework of its “Vision 2030” economic and societal reform program.
Nevertheless, it has found more sophisticated ways to silence independent reporting and stop the publication of critical opinions.
Rather than relying on their 2007 Saudi Information Technology Crimes Act to jail dissidents, the CPJ reports that authorities are employing internet shutdowns and increased surveillance through high-tech spyware instead.
This view is confirmed by the fact that in 2021, 10 journalists were released, while none were convicted — which led to the new rank on the CPJ list.
The organization also noted that the “intimidatory effect” of the journalist Jamal Khashoggi’s 2018 murder at the Saudi consulate in Istanbul is likely still silencing dissent.
Fewer prisoners don’t necessarily amount to more freedoms, either. While prisoners like bloggers Loujain al-Hathloul or Raif Badawi were released over the last year, they remain banned from sharing their opinions on social media or communicating with foreign press.
Loujain al-Hathloul was released in 2021 after almost 1,000 days in jail, but she remains banned from publishing anything on social media or speaking to international media outlets
Progress in the UAE?
The United Arab Emirates (UAE) is also among the frontrunners in using anti-cybercrime laws against dissidents in the Middle East.
The IT Crimes Act (Federal Law No. 2 of 2006), last updated in February 2022, includes fines for hacking, identity theft, electronic armies and cryptocurrencies in the UAE, as well as taking photos without consent and spreading rumors.
The MENA Rights Group and 14 other human rights organizations have called on the UAE to repeal or amend the law, which they say is clearly intended to curb freedom of speech.
It remains to be seen if these calls will be heard by the UAE’s first National Human Rights Institution (NHRI), which began operating this week.
The body states that its vision is “leadership in the promotion and protection of human rights,” adding that “all citizens, residents and visitors in or connected to the UAE have the right to submit complaints and proposals related to human rights.”
Critics say the body lacks independence, however.
“I sincerely hope it helps with the dissident issue in UAE,” Chris Kubecka, the cyber security expert at the Washington-based Middle East Institute, told DW. But it “must be more than just a website and some paper, it should have a transparent strategy with key metrics.”
Human rights groups will likely be watching closely to see how the institute handles cases such as human rights activist Ahmed Mansour’s imprisonment there.
Emirati blogger and human rights activist Ahmed Mansour remains in jail after he criticized human rights violations in the United Arab Emirates
Seeking international standards
The first international treaty to align cybercrime legislation, the “Budapest Convention”, came into effect in 2004 and has been ratified by just 65 states.
To create a more updated treaty that aligns cybercrime definitions and punishments on a more global scale, the United Nations has been pushing for new legislation under the working title “Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes.”
The treaty will next be discussed in June 2022, with a lot clearly at stake.
“As ever greater portions of our lives are lived, stored, and accessed online, cybercrime laws will take center stage as a battleground between freedom of speech and wider government interests,” law professor Maier said.
Human rights organizations and cyber experts see the push by the UN for a contemporary international agreement on cybercrime laws as more than controversial
Yet cyber expert Kubecka is skeptical that such international regulation could improve laws in the Middle East.
“After reviewing the governments involved, I have serious concerns that the expert advice will be harmful, instead of a force for good,” Kubecka told DW. “I have immediate doubts that it can be effective; it may even allow actual cybercrime to remain unpunished.”
This may be particularly true for the Middle East.
“The expert group has limited representation from the MENA region. The region should be better represented whilst focusing on the human effects of cybercrime.”
Edited by: Kristen Allen and Lucy James