The Human Impact of International Cybercrime Laws

By Christian Ohanian

Christian Ohanian is a Senior Fellow with the Tech, Law, and Security Program at American University Washington College of Law. Previously, he was an Assistant General Counsel with the National Security Agency (NSA).

OPINION — At the age of seven, my great-grandfather was one of the few members of his family to survive the Armenian Genocide. As a small child, he spent the years that followed living in refugee camps in the deserts of Mosul and a village outside of Baghdad.

During World War I, as the atrocities that would come to be known as the Armenian Genocide unfolded, the world was not without notice. Even with significant efforts from the Ottoman Government to deny reporters access to the relevant areas, The New York Times still published 145 stories about the massacres in 1915 alone. Information sharing concerning the refugee situation, especially following the end of the war, helped enable governments and humanitarian organizations to assist the survivors. 

In many regions today, if my great-grandfather had been faced with the same circumstances, it is unclear what might have been. Many governments are exercising ever greater control over their society’s digital ecosystem. As that happens, the ability to receive, understand, and act on important information, including details relating to conflict zones and victimized populations, becomes more challenging.

To effectuate this control, governments leverage technical measures to limit the ability of their citizens to share and receive information. But new laws, especially those ostensibly designed to fight the ever-growing challenge of cybercrime serve as powerful and complementary tools that can be used to influence and limit an individual’s willingness and ability to share meaningful information and ideas.

These laws are often deliberately constructed with broad and vague language, potentially applicable to a wide range of conduct, bolstering a government’s ability to target a variety of online speech and activity.  And capitalizing on the legitimate need for more refined strategies to combat the global cybercrime ecosystem, governments can cloak efforts to criminalize online expression about critical issues of public concern in the guise of new cybercrime laws.

In that vein, the Kingdom of Jordan established – within the past year – a new cybercrime law that enables the government to prosecute individuals for several speech-related crimes, including sharing content that is considered by the government to be “false news.”


It’s not just for the President anymore. Cipher Brief Subscriber+Members have access to their own Open Source Daily Brief, keeping you up to date on global events impacting national security.  It pays to be a Subscriber+Member.


As these dynamics play out in countries across the globe, the United Nations just approved the first global treaty addressing cybercrime. 

The multi-year negotiation of this treaty has seen wide ranging proposals, seeking to criminalize everything from cybercrimes with broad international consensus, such as “illegal access” to a computer system, to conduct that has no real connection to concrete information security challenges, such as “incitement to subversive or armed activities” and the online distribution of materials related to “extremism.”  

While the final draft of the treaty – adopted recently – lacks some of these problematic provisions – it remains equipped with language that raises human rights, due process, and privacy concerns as it could be used to target freedom of expression and the free flow of information in connection with investigating conduct that is not connected to the security of our digital ecosystem.


The Cipher Brief Threat Conference is happening October 5-8 in Sea Island, GA. The world’s leading minds on national security from both the public and private sectors will be there. Will you? Apply for a seat at the table today.


Decisions to leverage the law to stifle the free flow of information can have significant negative effects across a range of areas and domains. Critical information concerning important public health developments may not reach global health professionals in a timely manner.   Data concerning economic dynamics may not reach markets. Cybersecurity threat information, including time-sensitive data concerning pervasive and undiscovered vulnerabilities may not reach cybersecurity researchers and defenders with enough time to effectively defend critical networks and systems. And information about devastating human rights crises may never escape the orbit of a country’s digital domain.

While the free exchange of information is certainly no guarantee of finding and implementing solutions to costly global problems, without it – there is no possibility to do so.  

When I think of the factors that helped my family survive, the right people receiving the right information at the right time, was certainly one of them. When we consider efforts to establish new laws that might be used to stifle the free flow of information – even when the goals of such an initiative seem noble – we must remember the damage that may come from depriving ourselves of the information we need to understand the world around us.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. 

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field?  Send it to [email protected] for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business. 


Related Articles

Search

Close