Asia Pacific News
23 November 2003
New laws allowing Singapore to launch pre-emptive strikes against computer hackers have raised fears that Internet controls are being tightened and privacy compromised in the name of fighting terrorism.
The city-state’s parliament has approved tough new legislation aimed at stopping “cyberterrorism,” referring to computer crimes that are endanger national security, foreign relations, banking and essential public services.
Security agencies can now patrol the Internet and swoop down on hackers suspected of plotting to use computer keyboards as weapons of mass disruption.
Violators of the Computer Misuse Act such as website hackers can be jailed up to three years or fined up to 10,000 Singapore dollars (5,800 US).
But a vocal opposition fear the law will be abused.
“It could be misused to invade into the privacy of citizens to gather information,” said Sinapan Samydorai, president of Think Centre, a civil liberties group. He said the new laws could be used as an “instrument of oppression” by the government.
An online poll by popular Internet portal Yahoo Singapore showed that 70 percent of respondents felt the new laws gave the authorities too much power, and they were afraid they were being watched.
But the Ministry of Home Affairs told AFP that “any measures to be deployed will be non-intrusive in nature.”
“For example, any scanning programme deployed will not intrude into a subscriber’s personal computer. It will only scan the Internet passively to determine vulnerabilities in the affected network,” a spokeswoman said.
Any private information about “law-abiding citizens” security agencies may come across in their hunt for hackers will be protected, she added.
The new measures have been likened by critics to the Internal Security Act, which has been used to detain political dissidents and radicals without trial.
Ho Peng Kee, Senior Minister of State for Law and Home Affairs, said the new powers will be used sparingly, and warned that online saboteurs can be as dangerous as suicide bombers.
“Instead of a backpack of explosives, a terrorist can create just as much devastation by sending a carefully engineered packet of data into the computer systems which control the delivery of an essential service, say for example, a power station, thus causing it to malfunction,” Ho said in parliament this month.
Ho said the authorities had noted a marked increase in successful hacking activities, from 10 cases in 2000 to 19 cases in 2001, 41 cases in 2002, and 24 cases in the first half of 2003 alone.
“The number of unsuccessful attempts is probably many times more,” Ho said.
Ho vowed that the new powers will only be invoked in case of an “imminent” threat to security.
Singapore has detained more than 30 alleged members of the Jemaah Islamiyah, said to be the Southeast Asian wing of the al-Qaeda network behind the September 11, 2001, attacks in the US, and is a staunch American ally. It has stepped up security on all fronts for fear of an attack.
Reporters Without Borders, a Paris-based media watchdog, called for an independent body to check the use of the additional Internet security powers.
“Even if the fight against cyber-crime has become essential, it should not justify the granting of extraordinary powers to governments,” said Robert Menard, secretary-general of RSF.
Experts quoted by Singapore’s Computer Times noted that the new laws will not be able to stop overseas-based hackers, or truly fanatical operators.
Kit Yau, a Hong Kong-based analyst with technology research group IDC, said Singapore should spell out how the new laws are to be implemented in order to allay public fears.
“This is part of the government’s job of providing security, but you have to make people know what is going on, what are the limitations,” she said.