The development of Information and Communications Technology (ICT) over the last two decades has revolutionized the way in which societies of the world operate. ICT has significantly impacted on every facet of society and this is evident by its growing use and role in the government, banking, medical and business sectors. The revolution of ICT and, particularly, its growing use have led
to the emergence of a different type of crime, cybercrime. There is no universal definition of cybercrime, but it has been defined as “any activity in which computers or networks are a tool, a target or a place of criminal activity”. The prevalence of cybercrime may be attributed to the internet, a component of ICT, which has provided criminals with a fast, convenient, and anonymous avenue to commit various crimes which transcend traditional physical boundaries.
In 2013, the United Nations reported that a third to half of all nations have insufficient legal frameworks to criminalize cybercrimes. The Inter-American Development Bank, in its 2016 Cyber Security Report, stated that internet use had penetrated the country by thirty-seven percent. In light of our country’s rapidly increasing use of ICT technology and growing internet penetration, Guyana is more vulnerable to cybercrime.
Guyana’s current lack of cybercrime legislation may result in the country becoming a safe haven for cybercrime offenders, as offenders may be motivated to commit cybercrimes in our jurisdiction due to the country’s lack of mechanisms to prosecute the offences. Essentially, our lack of a legal framework leaves us powerless to address cybercrimes.
Therefore, in an effort to combat the occurrence of cybercrime in Guyana, the Cybercrime Bill was drafted to address offences related to cybercrime and to provide for the investigation and prosecution of cybercrime offences. It was passed in the National Assembly recently and assented to by President David Granger.
HISTORY OF BILL
In drafting the Bill, conventions, model laws and precedents from other jurisdictions were relied upon, particularly, the Budapest Convention on Cybercrime; the Harmonization of ICT Policies, Legislation and Regulatory Procedures in the Caribbean (HIPCAR) Cybercrime/e-crimes Model Policy Guidelines and Legislative Texts; the 2014 Cybercrime Bill of Trinidad and Tobago; the 2015 Cybercrimes Act of Jamaica and the 2013 Electronic Crimes Bills of Grenada and St. Vincent of the Grenadines. The United Kingdom’s Computer Misuse Act 1990 and cybercrime legislation from the United States were also considered.The Draft Cybercrime Bill was heavily consulted upon. In September 2015, a Draft Cybercrime Bill was posted on the Ministry of Legal Affairs website for comments. Comments on the Bill were received by the Drafting Division between October 2015 and March 2016. The Bill was also sent out to various stakeholders for comments. Comments were received from many stakeholders including Qualfon Guyana Inc., the Georgetown Chamber of Commerce and Industry, Digicel and Teleperformance. As a result of the comments received, changes were made to the Bill.
Public consultation on the Bill was held at the Pegasus Hotel on March 16, 2016. It was well attended and suggestions and comments were made by stakeholders, including the Director of Public Prosecutions, GRA, Rights of the Child Commission, Global Technology, Red Thread andthe Guyana Bar Association. Their comments were considered and necessary changes were effected to the Bill. The Bill was then reviewed and received in depth consideration at meetings in the Attorney General’s Chambers between drafters of the Chambers and senior officers of the DPP Chambers, resulting in certain changes being incorporated in it, namely the formulation of offences. The Cybercrime Bill 2016 was sent to the National Assembly on August 3, 2016 and published in the Gazette on August 4th as Bill No. 17 of 2016. It had its first reading on the August 4, 2016 and was sent to the Parliamentary Special Select Committee on that date. While there, the Bill was reviewed by Mr. Steven Chabinsky, an expert on the law of cybercrime from the Law Firm of Case and White in the USA, whose service was made available to the Attorney General’s Chambers from the International Senior Lawyer’s Project (ISLP). The comments of the expert were made available to the Members of the Select Committee. Most of Mr. Chabinsky’s comments were incorporated into the Bill by the Committee.
It remained before the Select Committee from August 4, 2016 to April 9, 2018 and the Committee’s Report on the Bill was tabled in the National Assembly on April 26, 2018.
The Bill has three parts. Part I addresses preliminary provisions, Part II addresses the cybercrime offences and Part III provides for enforcement.
Clauses 3 to 24 of the Bill identify and establish the cybercrime offences.
Clauses 3, 4, 5 and 6 of the Bill protect our citizens from persons who illegally access their computer systems and illegally intercept, interfere and acquire their electronic data.
Clause 7 establishes the offence of illegal system interference and makes interfering with another person’s computer system or another person’s lawful use or operation of a computer system an offence.
The original clause 9 made the unauthorized receiving, giving or obtaining of access to electronic data an offence. It must be noted that the “Reporters Without Borders” were concerned that this clause could be used to penalize journalists and media for publishing reports based on information from a confidential source, even if the journalists had no basis to suspect that the information was illegally obtained.
This clause has since been amended, taking into consideration the above concerns. The amendment has resulted in the removal of theprovision that may pose an obstacle to the freedom of the press, that is, the criminal aspect of receiving the electronic data. The type of conduct being criminalized has now been revised and is more specific. The types of electronic data to which this clause refers to have also been defined to include commercially sensitive data, a trade secret or data which relates to national security.
Clause 9 now reads – “ 9. (1) A person commits an offence who, through authorized or unauthorized means, obtains or accesses electronic data which –
(a) is commercially sensitive or a trade secret;
(b) relates to the national security of the State; or (c) is stored on a computer system and is protected against unauthorized access, and intentionally and without lawful excuse or justification grants access to or gives the electronic data to another person, whether or not he knows that the other person is authorized to receive or have access to the electronic data.
(2) A person who commits an offence under subsection
(1) is liable –on summary conviction to a fine of three million dollars and to imprisonment for three years; or on conviction on indictment to a fine of eight million dollars and to imprisonment for five years.”
The Bill represents a collaborative effort between Government, the legislature and the people of Guyana. It is a Bill that was heavily consulted on, received expert advice and was reviewed by the Special Select Committee. It is a Bill that is timely and relevant because of the colossal damages of cybercrime.
This mode of crime has destroyed lives, the economies of countries and has been used to carry out terrorist acts all over the world. With this Bill, Guyana now stands ready to join the rest of the world to fight this scourge.
The creation of cybercrime legislation is the first step in our battle against cybercrime. However, I wish to state
emphatically that the fight against cybercrime requires a comprehensive approach. This means that along with the legislation, which is essential as it is the foundation for successfully combating cybercrime, there needs to be training of law enforcement, prosecutors and judges, as this is a new area for Guyana. This is a process that the Government is fully committed to and endeavors to deploy the necessary resources to ensure our success.
Internet concept. Hacker working on a code on dark digital background with digital interface around.