By Mory D.A Sumaworo
Two years ago, in 2016, Liberia’s internet infrastructure was brought to a grinding halt after it was attacked by hackers which led to the Distributed Denial of Service (DDoS) in the entire nation (Woolf, 2016). This situation called for a serious attention to be drawn towards adopting the both preventive and curative measures and policies to safeguard the cyberspace in Liberia for the general good and the public interest.
It is paramount to state that the Internet penetration in the West African nation though is a relatively low compared with other highly penetrated Internet nations. Nonetheless, it is on the exponential rise. Statistically, in 2000, there were roughly 512 Internet users in the whole country. However, in 2016, this figure has escalated to hit 395063 users (three hundred, ninety-five thousand and sixty-three users) which is about 8.6% of the overall population 4.5 (Internet Live Stats, 2018). This means, there has been a tremendous increment on the Internet penetration over the last 16 years in Liberia. It is imperative to note that commercial and financial institutions are now extensively moving from traditional ways to doing business with their clients to online.
The nation just launched her first Biometric Identification Card which process requires every applicant to provide his/her personal information to be stored in the national database for any future government to citizen or citizen to business transactions (Yates, 2017). All of these call for an extra mile to be instituted by the government, Internet Service Providers (ISPs) and private citizens to avoid or at least mitigate intrusion of protected data and sensitive information of the State. Having said the above, this paper seeks to propose to the policymakers and legislators in Liberia to extremely consider Professor Lawrence Lessig’s Model of cyberspace governance in Liberia as it is being deeply discussed in the proceeding deliberation.
Lawrence Lessig’s Model (LLM) Cybersecurity
The Harvard Law School’s professor, Lawrence Lessig in his book “Code and other Laws of the Cyberspace” had designed a model and proposed some measures which can be adopted by the governments and Internet Service Providers (ISPs) to make cyberspace relatively safer and protected (Lessig, 1999, p. 85). Those measures are law, architecture(Technology), social norm and market as depicted in Figure (1). These measures are detailed as follows
According to Professor Lessig, ‘Each oval represents one kind of constraint operating on our pathetic dot in the center (Cyberspace). Each constraint imposes a different kind of cost on the dot for engaging relevant behavior (Lessig, 1999, p. 88)’. What he simply tries to depict and describe is that the cyberspace can be governed and behaviors of its users can be regulated by these four constraints in order to mitigate harms that could be generated from it to the public and private individuals; legal and natural. Besides, these four constraints are detailly outlined in the forthcoming discussion.
The regulatory aspect of protecting cyberspace and transactions online is by instituting laws and adopting policies that set out rules for the Internet users and Internet Service Providers ISPs. That is possible through legislating penalties for cyber intrusions, crimes and any other unlawful omission or commission on the visual space. Nevertheless, Liberia is yet to enact a cyberlaw as it has been witnessed in many countries afar and in the region. For instance, in 1986, the United States enacted her law on Computer Fraud and Abuse Act (CFAA), in 1990, the United Kingdom enacted its Computer Misuse Act. In the high-tech City State of Singapore, Computer Misuse and Cybersecurity Act was legislated in 1993 (Jiow, 2013). From the African context, many African nations have realized the necessity of enactment of specialized cybersecurity laws, this has led Nigeria to enact its first cybercrime Act in 2015, The Computer and Cybercrimes bill of Kenyan is being awaited the passage into law.
Therefore, these initiatives coupled with a real need for safeguarding people online are clear indications that Liberia to follow the trend of the international best practices in dealing with and governing the internet under its jurisdiction. By instituting this legislative action, there will be a safer cyberspace for businesses, individuals and the sensitive information of the government. It is pertinent to point out here that regulation or law is the most effective and the sum of all of these constraints that are deemed to make cyberspace safer for the people and institutions. However, it can more result-driven if it is being embodied with other three constraints (Lessig, 1999, p. 85).
Architecture in this context means technical and technological intervention to halt cyberspace malpractices. Most often, the misuse of cyberspace and the Internet or computer is done by technology itself through malware and using others IT means to get access to what is not belong him – hacker-. Therefore, the best way to police the visual space is through adopting and applying appropriate tech. However, in order to empower the usage of technological means to fight cybercrimes and regulate the Internet as a whole, there must be a body of law governing the whole process so that the defensive technology will not be used to infringe other fundamental rights and liberties that are part of well – functioning democracy and the rule of law. For instance, access to the Internet by press houses and the general public has become paramount and tool to bring both public and private sectors into account which is in the best uptake of all. According to Lessig ‘Architecture- technology -, laws, and customs maintain and respect whatever balance has been struck [ in real space]. As we construct and inhabit cyberspace communities, we will have to make and maintain similar bargain – though they will be embodied in software and electronic access control rather architectural arrangement’ (Lessig, 1999, p. 89). Having said that technology plays a major and significant role in governing and shepherding the cyberspace, it is highly recommended to the law-making arm of the Liberian government and its policymakers to consider while introducing a cyberlaw a technological element and training component for the law enforcement agencies. Thus, the distance between the blue-printed law and its implementation will be significantly reduced. Hence, it will be results-focused cyber legislation.
As the law does, social norms and practices do also play a major role in regulating behaviors of the people both online and offline. Hence, incorporating and formalizing some of those practices in cyber laws, legislation and policies will be a sort of deterrent and mitigating factor of cybercrimes and misuses of computer and its derivatives. In some high-tech societies, such Singapore, the system does not undermine the power of social norms to modify the behavior of the Internet (Jin-Cheon, 2009). This measure is a very effective tool for socially -oriented offenses such as revenged porn and spreading illicit videos on the public social media which is not meant for those materials. However, if Liberia, while considering the passage of her cyberlaw regards this aspect with a legislative backing could address many malpractices online that might go unregulated by the existing conventional laws. Nevertheless, there will be a dramatic reduction on illicit practices on the Internet (public sites and social media that are not designed for such) if the societal consensus accepts to shame and criticize anyone who misuses the Internet without any repercussion to those who shame the misusers of the cyberspace. According to the Professor Lessig, ‘A norm governs socially salient behavior, deviation from which makes you socially abnormal’ (Lessig, 2006, p. 340)
With the evolution, revolution, and prevalence of online engagement, the issues of cyberpiracy and intellectual property (IP) infringement have become simplest and easiest to be achieved by online violators and perpetrators of IP right and other Internet-connected crimes. However, it never a right option to unjustifiably deny people to have an access to the Internet and its contents as the accessibility is embodied with lots of socioeconomic and political dividends. Nevertheless, it is a business-imperative and intellectually-imperious to regulate the cyberspace to protect ISPs through market regulation. This can only be done through a proper cyberspace legislation and laws. For instance, music and movie industries will boom if there is a law protecting and incentivizing against online intellectual properties infringement. This has effectively worked in countries. According to (Jiow, 2013) the Business Software Alliances of Singapore encourage whistleblowers with a reward of exposing piracy activities online which has resulted falling the rate over the years. (Jiow, 2013)
Liberia Must Consider the Enactment of a Cyberlaw
The late 1990s and the first decade of this millennium experienced a massive convergence between the law and Information Technology (IT). It started as a course at the many law schools in advanced and high-tech nations in the United States, Europe, Asia and in several African countries. As figure of the Internet users increases and gradual migration of lots of human to human interactions move online, many nations begin to design policies and introduce laws and regulations aiming at addressing some legal issues that arise by the usage of the Internet which could not be easily managed by traditional off-cyberspace laws. Besides, at the multinational level, there have been quite a number of international conventions and regional and continental initiatives that encourage legislators in their respective nations to enact laws to govern and regulate cyberspace. The African Union has called her member states in the Convention on Cyber Security and Personal Data Protection of 2012 to promoting Cybersecurity and Combating Cybercrime. Article 25 encourages the African nations to legislate laws against cybercrime which is a portion of the cyber law. Therefore, in order Liberia to secure online transactions and protect its sensitive information as a nation, the enactment of cybersecurity law will be a bold step. It is also encouraged to observe its international obligation by enacting such a law as required by the 2012 AU Convention on Cyber Security.
Things to be Highly Regarded
With all that has been stated about the significance of cyberlaw in terms of its pivotal role to deter and mitigate misuse of computers and other electronic devices against the public, businesses and individuals, it has to be borne in mind that the law should not be designed and drafted in a way to downplay on other democratic norms and fundamental freedoms. For example, the freedom of the press should not be injured or restricted without any democratic and fair justification. The rationale behind this comment is that politicians in some jurisdictions have taken advantage of cybercrime laws to unjustifiably limit freedom of the press and other mains through which the public official can be brought to account. For instance, article 24 of the Nigerian Cybercrime Act of 2015 has been criticized by many activists for being a guise to salient bloggers, journalists and limit the freedom of expression in general. This is to many critics, in clear contradiction of article 39 of the Nigerian Constitution which guarantees freedom of expression (Nkanga, 2016). Therefore, cyber law is a very important legal piece to make the Internet safer palace but it should not be used to circumvent democratic norms without any legitimate justification. This must be regarded had Liberia decided to enact its cyberlaw.
It is indisputable fact that Information Technology has terraformed and changed the lifestyle of many people. Thus, the situation requires the changes in norms and regulation of the society’s attitudes towards Information Technology (IT) and Information Communication Technology(ICT). Three decades ago, our personal data and interactions with the government and the businesses were paper-based. Nonetheless, as a result of the Internet revolution and widespread of personal computers and smartphones, online and cyber-based transactions have significantly overtaken conventional offline transactions and communications. Hence, electronic banking, social media engagement, online businesses, E-governance and E-learning to state but a few are being massively and vigorously used by many people and institutions in Liberia. Yet, there has been less policy and legislative initiatives to address this new inevitable tool of communication (people to people, people to institutions and institutions to institutions). Therefore, enacting specialized cyber laws in Liberia will be a preventive and curative measure many extrajudicial activities that occur online. This move is being initiated by many advanced nations as developing ones. Nigeria, Tanzania, South Africa, Ghana, the United States, the United Kingdom, Singapore, Malaysia are some jurisdictions that legislated specialized cyber laws. Therefore, it is a hoped and anticipated for the government of Liberia to consider and follow the suit because of its business and security imperatives. Finally, this paper believes that the wisdom of politicians at the both Houses of Senate and Representatives and other stakeholders to throw their wise attention to this socioeconomic and security issues of our country,
Ph.D. Student in Law at Ahmad Ibrahim Faculty of Law IIU Malaysia
Trained Internet Policy Researcher by IPO, University of Pennsylvania
Founder and Executive Director of the Africa Institute for Development Research (AIDER)