Paulo Barbosa
The government is speeding up the legislative process for a new cybersecurity law which has been scheduled for the second half of 2018. A public consultation on the proposed bill was held from December 11 to January 24.
The bill has some good ideas, such as the requirement for purchasers of telephone SIM cards in Macau to provide their ID, which could help to identify genuine users and avoid phone scams.
But there are concerns about the protection of personal information. In preparation for the new regulations, the Judiciary Police (PJ) has indicated its intention to recruit a small army of computer experts to enforce the law.
According to the consultation paper, the PJ will coordinate a Cybersecurity Incident Alert and Response Center, which will deal with cybersecurity incidents. It will reportedly focus on implementing preventive measures and monitoring digital traffic metadata.
The Secretary for Security, Wong Sio Chak, has made several assurances that surveillance operations under the future law would be for the purpose of “detecting any irregularity in the flow of data” and “would not involve access to any personal information.”
Wong also said that in order to obtain security-encrypted content posted online – such as in situations involving suspected criminal acts – public departments would first be required to obtain judiciary approval before decoding the online material for investigation.
As the Macau Portuguese and English Press Association (AIPIM) pointed out in a letter this January to Wong Sio Chak, “the crux of the question here lies in the blurred boundary between having access to digital metadata and the content of the same data or communications.” In the letter, AIPIM disagreed with the PJ’s proposed role as coordinator of the center.
“Criminal police investigations being led by the Public Prosecutions Office and interfering in citizens’ private lives solely as a result of a court order are fundamental pillars of the Macau SAR’s constitutional law and criminal procedure,” the letter read.
Does the Macau citizenry really believe that the dozens of computer experts that are being hired by the PJ will only look at metadata? It’s hard to fathom. Metadata can tell who speaks to whom, but not what is spoken.
Besides these questions, there is the need to reflect on the usefulness of a surveillance apparatus such as the one about to be created in Macau.
States worldwide are spending disproportionate amounts of money on surveillance operations. The more transparent ones, like that of the US, have made those figures public. Back in 2010, Washington spent USD80 billion on intelligence operations. To put this in proportion, the US Education Department budget that same year was USD66 billion, while the Environmental Protection Agency spent USD10.5 billion.
Moreover, is most of the data gathered by these surveillance operations useful in preventing any criminal activity? Many observers don’t believe so.
A recent South China Morning Post feature had some interesting remarks about this subject, with which I agree: “From Washington, Moscow and Beijing to Tokyo, governments will continue to squander money on espionage and counter-espionage. It is a great shame for taxpayers – most of these operations are so secretive that they are not accountable to the public nor subject to supervision. They are inherently wasteful and do not always serve the greater good of all. If deployed elsewhere, even a fraction of the resources would solve many problems we are facing today.”
*’We have a right to know’
No Comments