The case for data driven analysis for cybercrime regulation

Given the growing internet penetration rates over the last few years throughout a diverse set of developing countries (also known as the ‘Global South’), different issues are arising in regards to the expansion of traditional “real life” activities to cyberspace, including commerce, education, and mass media.

Crime does not constitute an exception for these practices and there are certainly lots of undesirable behavior that can originate on the Internet. These actions should be punished in order to prevent such antisocial conduct.

Some antivirus and Internet security companies along with cyber security consultants are regularly talking to the press and other industries about the increased security risks associated with the Internet and the need to legislate for new criminal offenses related to cybercrime.

However, regulating cybercrime can seriously affect our ability to exercise fundamental rights such as freedom of expression, privacy or access to knowledge.

Anti-hacking laws can lead us to cases such as Aaron Swartz’s, where he was about to face a trial and the possibility of prison time because of a mass download of scholarly papers, some of them already in the public domain. Identity theft regulations can lead authorities to prosecute social network parody accounts or other legitimate exercises of the right to freedom of expression. Cybersecurity and state secrecy laws can lead to the prosecution of whistleblowers whose contribution to the public interest tends to outweigh any possible damage.

However, as I already suggested, some companies and consultants have an economic interest in documenting and presenting distorted cybercrime numbers. They are not alone. Many banks and other industries are pushing for stricter and wider cybercrime laws, since this allows them to alleviate the burden of keeping their clients’ data and assets safe from intrusions.

The lack of reliable data on many developing countries is also a major issue when dealing with cybercrime policy. There is a need for reliable statistics on the exact damage of these crimes in order to be able to review or create cybercrime policy from a solid standpoint.

That is where civil society, such as NGOs, research centers and think tanks have the responsibility to get involved in the discussion, to ensure that decisions being made are in line with fundamental rights, and with a solid empirical base. In Derechos Digitales, with the help of the Cyber Stewards Network, we have been mapping criminal laws while also collecting and processing data on cybercrime prosecution and conviction rates to come forward with data driven analysis of these regulations.

Fostering human rights in cyberspace is an increasingly difficult task, considering all economic and political interests that are entering the debate. In that context, collecting and having reliable data to inform public policy decisions is becoming increasingly important to maintain a free and open internet, where the exercise of fundamental rights is at its center, and not a mere commodity to be traded with other private interests.

About Francisco Javier Vera Hott

Francisco Javier Vera Hott is a Chilean lawyer. He works on human rights and regulation issues in Chile and Latin America, and does policy and advocacy work with ONG Derechos Digitales, where he is the Director of Projects; and with Access, where he is the senior policy analyst for Latin America. Among his main interests are copyright, data protection and cybercrime. He is a member of the Cyber Stewards Network.