S114a evidence act

Netizens v the Government

2012 saw the intensified battle between netizens and the authorities. The former desires protection of their right to freedom of expression and anonymity whereas the latter desires control and governance. Through this battle, the authorities introduced many new legislations to govern the use of internet.

In July 2012, the Malaysian Government enforced s. 114A of the Evidence Act 1950 (114A). Under 114A, a person is deemed to be a publisher of a content if it originates from his or her website, registered networks or data processing device of an internet user unless he or she proves the contrary. This new law sparked a massive online protest dubbed the Malaysia Internet Black Out Day or also the Stop114A. Protesters replaced their Facebook and Twitter profile picture with the Stop114A banner whereas website operators displayed the Stop114A banner on their websites. Within two days, the Stop114A Facebook gained 43,000 likes from 400 likes (currently 49,000). It is probably one of Malaysia’s most successful online campaigns.

On the business side, the Association of the Computer and Multimedia Industry of Malaysia (Pikom), who represents the information and communications technology (ICT) industry in Malaysia, backed calls for a review of 114A whereas the Federation of Malaysian Manufacturers (FMM) has expressed concerns over the recent inclusion of 114A and its impact on businesses.

Interestingly, the Malaysian Government passed the Cyber Centre and Cyber Cafe (Federal Territory of Kuala Lumpur) Rules 2012 and Consumer Protection (Electronic Trade Transactions) Regulations 2012. The former requires any person operating a cybercafé and cyber centre to maintain a customer entry record and a record of computer usage for each computer whereas the latter requires online business owners and operators to provide their full details, terms of conditions of sale, rectification of errors and maintenance of records.

Philippines netizens also protested against their newly introduced cyberlaw. In October 2012, Philippines passed the Cybercrime Prevention Act of 2012 with the aim to prevent cybersex, online child pornography, identity theft and spamming. However, under the new act, a person found guilty of libellous comments online, including comments made on social networks such as Facebook and Twitter or blogs, could be fined or jailed. In protest against the new law, anonymous activists hacked into government websites, journalists have held rallies and many Facebook users have replaced their profile picture with a black screen. Protesters say the new law could be used to target government critics and crack down on freedom of speech.

Japan netizens on the other hand had milder protest against a new law that makes Japan-based internet users who download copyright infringing files. Violators will face up to two years in prison or fines of up to two million yen. In July 2012, about 80 masked people, calling themselves allies of the global hacker group Anonymous, picked up litter in Tokyo Saturday as a sign of protest.

In early 2012, China required users of the popular microblogging platform, Weibo, to register their real names. Subsequently, later in the year, China legalized the deletion of posts or pages which are deemed to contain “illegal” information and required service providers to hand over such information to the authorities for punishment.

On a brighter note, the South Korean Constitutional Court ruled that a law requiring South Koreans to use their real names on Internet forums was unconstitutional. The Court said that the requirement amounts to prior censorship and violated citizens’ privacy.

In the United States, a handful of US states, including Illinois, California and Maryland, passed laws making it illegal for employers to ask for potential employees’ Facebook or other social media passwords.

A person who retweets a defamatory tweet is potentially liable for defamation. In the UK, Lord McAlpine (Robert Alistair McAlpine) a former politician who worked for Margaret Thatcher, announced his intention to pursue action against 10,000 Twitter users for defamation including those who had retweeted the defamatory tweets. In this case, Lord Alphine was linked by some social media users after BBC News reported that a senior politician was involved child sex abuse. Interestingly, these users may apologize to Lord McAlphine by completing a form downloadable from his solicitors’ website!

In the UK, it is an offence to publish the identity of victims of certain offences which include rape. Footballer Ched Evans was convicted by the Court for rape of a 19 years old woman. The woman’s name was circulated on social networking sites, including Twitter and Facebook, after Evans’ conviction. 9 people were fined after admitting to revealing online the identity of the woman.

Meanwhile back home, the Kota Kinabalu High Court overturned Rutinin Bin Suhaimin’s acquittal for posting an “annoying” comment on the Sultan of Perak’s website. Rutinin was charged under s. 233 of the Communications and Multimedia Act 1998. The Sessions Court had earlier acquitted him without calling for his defence because, among others, the prosecution failed to prove that Rutinin was the person who posted the insulting comment. The Court held that, although 114A of the Evidence Act 1950 is not applicable because the alleged offending act was committed before the enforcement date of 114A, the circumstantial evidence is sufficiently strong to conclude that the accused had used the internet account that was registered in his name at the material time.

The developments in 2012 show the involvement of the authorities in clamping down the notion of the Internet being the Wild, Wild West. However, such clap down must be monitored by netizens.

In December 2012, the International Telecommunication Union (ITU) brought together regulators from around the world to re-negotiate a decades-old communications treaty. Google and 1000 over organizations around the world claimed that some governments want to use the closed-door meeting to increase censorship and regulate the Internet and had started an online campaign.

At the end of the closed-door meeting, 89 countries including Malaysia signed the treaty, while 55 countries said they would not sign or that additional review was needed.

With the new technology, websites and novel functions, all Governments will have to step out their game to protect the rights of netizens and businesses. New laws must not be onerous but in the same time protect victims of cybercrimes and preserve the right of freedom of expression.



This article was supposed to be published in the Putik Lada of The Star Newspaper. It was also supposed to be the 2013 installation of my yearly social media update articles. Unfortunately, The Star Newspaper discontinued the Putik Lada column before my article could be published.

GE13 Candidates and 114A

Published on LoyarBurok on 16 April 2013.



I am no expert in election laws but GE13 Candidates should take note of this. If you are running a blog, I suggest you moderate or close the comments section until and after the 13th General Election.

The reason why I say so is because s.114A(1) of the Evidence Act 1950 and the Election Offences Act 1954. S. 114A(1) provide the following:

“A person whose name, photograph or pseudonym appears on any publication depicting himself as the owner, host, administrator, editor or sub-editor, or who in any manner facilitates to publish or re-publish the publication is presumed to have published or re-published the contents of the publication unless the contrary is proved”.
In simple words, if your name, photograph or pseudonym appears on any publication depicting yourself as the aforesaid persons, you are deemed to have published the content unless you prove otherwise.

Also, if you have in any manner facilitated to publish or re-publish the publication, you are presumed to have published the content of the publication.

This means that website owners are deemed to be publishers of contents of a publication although the author of the publication is someone else.

Further, it is not possible for website owner to prove that he is not a publisher due to the wording of the section i.e. the words “in any manner facilitates to publish or re-publish the publication”. By providing a virtual platform, the website owners facilitate to publish or re-publish a publication.

In this regard, you will potentially commit an election offence if someone posts a comment which falls within the scope of corrupt practice. If found guilty of an election offence, the election of a candidate will be declared void (s. 32 of the Election Offences Act 1954).

What I have mentioned is not without basis. A similar scenario had happened after the 12th General Elections. In Kho Whai Phiaw v Chong Chieng Jen (Election Petition No.: 26-01-2008-I), an elector in the Bandar Kuching constituency presented an election petition to have Mr. Chong Chieng Jen’s (representative of the Democratic Action Party (DAP)) election declared void.

The elector sought to have Mr Chong’s election avoided on the ground that the latter had engaged in the corrupt practice of (i) undue influence and (ii) bribery, to procure his victory in the election. The elector alleged, among others, that a letter from one Mr Smith published on the comment section of Mr Chong’s blog site is said to contain certain threatening statement. The elector alleged that Mr Chong had exercised undue influence over the non-Muslim voters in the Bandar Kuching constituency through Mr Smith’s letter appearing on his blog site.

Fortunately for Mr Chong, the High Court held that Mr Smith’s letter was posted by one commentor by the name “Responsible Christian Voter” (‘RCV’). Mr. Smith was the author of the letter and it was RCV who published that letter through Mr Chong’s blog site. The Court held that Mr Chong is therefore not the publisher of the letter. The case is later upheld by the Federal Court. (see Kho Whai Phiaw v Chong Chieng Jen [2009] 3 CLJ 201)

But Mr Chong’s case is pre-114A case. If s. 114A applies, Mr Chong is considered as the publisher of the letter as his blogsite had facilitated the publication of the letter. Mr Chong could potentially commit an election offence if 114A applies. That is the effect of 114A. It creates liability on a virtual platform provider.

This, of course, is not tested in our Courts yet. One may argue that it is the blogsite provider (e.g. Google who owns Blogger.com) but this is only provided that such blog is hosted by such blogsite provider.

Nevertheless, as an abundance of caution, GE13 candidates should close their blog comments section to avoid such actions. Interestingly, Mr Chong’s blogsite has closed its comments section.

A Facebook Page is also another concern. It may be arguable to say postings made by users on a Facebook page is not published by the Facebook page administrator as it appears on a separate page. (Illustrated below).

However, Facebook comments appearing together with the postings by the Facebook administrator (illustrated below) is different. It is arguable that such comments are published by the Facebook page owner.

With this risk of having an election declared void, I hope that the new Parliament will relook into 114A when it convenes in the future.

It’s time to #stop114A.

Bread & Kaya: Attention e-commerce businesses: Fraud, the law and you

My Bread & Kaya’s second column was published on Digital News Asia on 29 January 2013.


Attention e-commerce businesses: Fraud, the law and you
Jan 29, 2013

– A new law to protect users of online trading portals goes into effect July 1
– While it may cost them a bit, operators of such businesses will have to comply

Bread & Kaya by Foong Cheng Leong

E-COMMERCE is booming in Malaysia. Euromonitor International estimated that Internet retailing in Malaysia reached RM842 million (US$268.3 million) in 2011; Goldman Sachs forecasts that e-commerce in Malaysia is projected to hit RM3.4 billion (US$1.1 billion) this year with a 30% year-on-year growth.

Notwithstanding such growth, online fraud is rampant in Malaysia. If you scour our online auction or listing websites, you’ll find many dodgy sellers and buyers selling or offering to buy products and services.

But the long arm of the law recently caught Mohd Yunus Jan Muhammad for approaching six victims who had advertised to sell their gadgets through an Internet trading portal, by posing as a customer and setting up appointments. At these meetings, he would grab the merchandise and flee. He was sentenced to one year’s jail. The Court also fined and imposed a whipping on Mohd Yunud.

Sometime in 2011, the Ministry of Domestic Trade, Co-operatives and Consumerism proposed that the Electronic Commerce Act 2006, an act that regulates online commercial transactions, be amended to regulate the online market place industry. I am told that consultation was held with the industry and I understand that some industry players had taken steps to lobby against the amendment.

In April 2012, its minister Datuk Seri Ismail Sabri Yaakob announced that the amendment would ensure that electronic transactions could be done in a safer and secured environment.

The law came about in the form of the Consumer Protection (Electronic Trade Transactions) Regulations 2012 (“Regulation“), a regulation under the Consumer Protection Act 1999.

The Regulation will be in force on July 1, 2013. Under this Regulation, an online marketplace operator is required to, among others, provide their full details, terms of conditions of sale, rectification of errors and maintenance of records.

The new law applies to two (2) types of persons namely:

– A person who operates a business for the purpose of supply of goods or services through a website or in an online marketplace (“Online Business Owner“). “Online marketplace” means a website where goods or services are marketed by third parties for the purpose of trade. This may include your typical blog shops and sellers with accounts with eBay, Lelong and Mudah online stores.

– A person who provides an online marketplace (“>Online Marketplace Operator“). This may include group buying websites operators such as GroupOn, auction and listing websites such as eBay, Lelong and Mudah, and online shopping websites where third party products as sold such as Zalora.

Online business owners

Under the Regulation, Online Business Owners shall disclose on the website where the business is conducted and the following information, failing which the operator commits an offence.

  • The name of the person who operates a business for the purpose of supply of goods or services through a website or in an online marketplace, or the name of the business, or the name of the company.
  1. The registration number of the business or company, if applicable.
  2. The e-mail address and telephone number, or address of the person who operates a business for the purpose of supply of goods or services through a website or in an online marketplace.
  3. A description of the main characteristics of the goods or services.
  4. The full price of the goods or services including transportation costs, taxes and any other costs.
  5. The method of payment.
  6. The terms and conditions.
  7. The estimated time of delivery of the goods or services to the buyer.

Any person who discloses or provides the above information that he knows or has reason to believe is false or misleading, commits an offence.

Online Business Owners shall also:

  • – provide the appropriate means to enable the buyer to rectify any errors prior to the confirmation of the order made by the buyer; and
  • – shall acknowledge receipt of the order to the buyer without undue delay.

The order and the acknowledgement of receipt shall be deemed to have been received by the person who operates a business for the purpose of supply of goods or services through a website or in an online marketplace and the buyer, respectively, when the person and the buyer are able to access to such order and the acknowledgement of receipt.

The Online Marketplace Operator shall take reasonable steps to keep and maintain a record of the names, telephone numbers and the address of the person who supplies goods or services in the online marketplace, for a period of two years, failing which an offence is committed.

In addition to the terms and conditions, Online Business Owners and Online Marketplace Operators must comply with the Notice and Choice Principal provided by Personal Data Protection Act 2010 by inserting a privacy notice, in the National and English languages, on their website before the collection of any personal data.

Extra costs for businesses

Although this law seeks to protect consumers from unscrupulous traders, the introduction of this new law increases the startup costs and cost of operation of an e-commerce business.

Engaging lawyers to draft terms and conditions for e-commerce businesses can be expensive. But it is something any e-commerce business should invest in to protect themselves and their users.

The new law doesn’t specify in detail how the terms and conditions should be. Therefore, one can have a very simple set of terms and conditions.

Alternatively, one may opt to adopt the terms and conditions of other e-commerce businesses provided that one is well versed in drafting and amending agreements. But one should take note that every set of terms and conditions is customized for specific businesses.

It would be ideal if we have affordable online services to draft terms and conditions and privacy policies for SMEs (small and medium enterprises) like SnapTerms, which allows start-up companies the opportunity to customize their website’s terms and conditions without having to pay the fees typically associated with having the documents drafted by a lawyer.

But one must bear in mind that SnapTerms is a service provided by people who are well versed in the laws of their country and perhaps not Malaysia.

To digress a little, e-commerce businesses should also protect their intellectual property such as their trademarks, copyright and patents. These rights are registerable and one can protect these rights in Malaysia by filing them with the Intellectual Property Corporation of Malaysia or MyIPO.

Other than that, it is pertinent to protect your brand from being taken in well-known social media websites like Facebook and Twitter. You can use Knowem to check for the use of your brand, product, personal name or username instantly on over 550 popular and emerging social media websites.

Closing

The introduction of laws to track and record Internet transactions is nothing new. Last year, Section 114A of the Evidence Act 1950 and Cyber Centre and Cyber Cafe (Federal Territory of Kuala Lumpur) Rules 2012 were introduced to track and record such transactions.

These laws will not be the last. I foresee that many more such laws will be introduced in the near future.

Download:
Consumer Protection (Electronic Trade Transactions) Regulations 2012

Anonymity, is your time up?

A. Asohan, my fellow comrade from the Stop 114A Committee, quoted me in his article in Digital News Asia regarding internet anonymity. I am an advocate of privacy rights and to me certainly would extend to online privacy. We now live in a world where enterprises are hungry for personal data to be exploited commercially. It can trace, among others, your habits, preferences and history.

Anonymity, is your time up?

 A. Asohan
Oct 26, 2012

 

Anonymity has a rich tradition and can be essential for some forms of online discourse

  • Yet it can be easily abused – should sites like DNA require identification for posting comments?

WE start, with a nod to Dickens, with a tale of two lawyers, both speaking about the contentious amendment to the Evidence Act 1950 that the Malaysian Government has bulldozed through.

The Government first said the law was formulated to bolster prosecution against online defamation and sedition – it later changed its tune to say it was to tackle terrorism and cybercrimes – by making it tougher for online commentators to hide behind anonymity.

[Further analysis of the wording in the legislation however suggests that it would actually encourage anonymity by making all parties up and down the online access supply chain legally liable and presumed guilty.]

In one forum discussion on the Evidence (Amendment) (No2) Act 2012, or Section 114A, Foong Cheng Leong, co-chair of Kuala Lumpur Bar Information Technology Committee, while acknowledging the mischief that anonymous commentators can cause, said that most Malaysians prefer to comment and engage anonymously.

“Clearly we all want to be anonymous online, in order to protect ourselves,” he said.

I was one of the panelists in that discussion, which was moderated by Jacqueline Ann Surin, co-founder and the editor of The Nut Graph. We had worked in The Star together, and I just muttered to her, “Not me,” and she nodded, “Not me either.”

Sure, we old-school journalists may not have understood the concept of personal branding in today’s online world, but we’ve always known about the value of our bylines. A journalist’s byline is our mark – it tells you who we are and what we stand for. Why would we want to hide it behind a shield?

We trust ourselves to be able to be critical without being defamatory, to be able to call a spade a spade without resorting to name-calling, to get to the heart of the matter without the need to insult.

In all my online interactions – whether it is on tech or political sites, whether it is on forums dedicated to role-playing games or my beloved and oh-so-depressing Liverpool Football Club, on my Facebook and Twitter accounts – I use my real name. My thoughts and what I believe in are part of my identity; they make up who I am.

So I never needed to shield myself behind anonymity. Not that I can’t see its value either. Another lawyer at yet-another forum discussion on Section 114A, K. Shanmuga, Member of the Malaysian Bar, pointed out that there is a rich and respected tradition of anonymity in political discourse, dating back a few centuries.

Without going into details, much of British political satire depended on anonymity – or more accurately, pseudonymity, where an assumed name or pseudonym was used instead of the author’s real name. In literature, women had to use male pseudonyms to be taken seriously, let alone get published.

The Federalist Papers, a collection of essays promoting the ratification of the US Constitution, was published anonymously, but was actually written by Alexander Hamilton, James Madison, and John Jay.

“Satirists such as Jonathan Swift and Alexander Pope published anonymously, often for legal and political reasons,” Robert Folkenflik, emeritus professor of English at UC Irvine, writes in theLos Angeles Times.

“Anonymity protected Swift from arrest when a reward was offered for the author of his Drapier’s Letters, pamphlets advising the Irish not to take copper half-pence from England. The novels of Daniel Defoe, Samuel Richardson, Laurence Sterne, Tobias Smollett and Fanny Burney were all anonymous,” he adds.

Whistleblowers and inside sources require anonymity to protect themselves when they reveal information of public interest, especially in Malaysia, where the authorities prefer to shoot the messenger rather than prosecute the perpetrator.

So, granted, anonymity has its place in discourse. But it should never be taken as an excuse to be a jerk. In many cases, anonymous online commentators take it as their due, and end up only proving John Gabriel’s “Greater Internet F***wad Theory,” pardon the language [or the asterisks, rather].

Not just in Malaysia, but throughout the greater online world, there has been a growing movement against anonymity – especially when there is no need for it. And yes, you can criticize the Malaysian Government and some of its decisions without being seditious or defamatory, as Digital News Asia founder Karamjit Singh did when he described the proposed Budget 2013’s RM200 smartphone rebate as stupid.

Social media networks like Facebook and LinkedIn have helped prepare us for this. When you think about it, social media loses at least half its value you don’t use your real identity.

Indeed, Facebook marketing director Randi Zuckerberg believes that putting an end to anonymity online could help curb cyber bullying and harassment.

“I think anonymity on the Internet has to go away,” she said during a panel discussion on social media hosted byMarie Claire magazine, The Huffington Post reports. “People behave a lot better when they have their real names down. … I think people hide behind anonymity and they feel like they can say whatever they want behind closed doors.”

Google began cleaning up YouTube’s comments section by encouraging users to post their real names, taken from their Google+ account — since Google requires the real name of someone signing up for a Google+ account,PCWorld reported.

Google’s former chief executive officer and current executive chairman Eric Schmidt has gone on record to describe online anonymity as “dangerous.”

“Privacy is incredibly important,” he said, adding, “Privacy is not the same thing as anonymity.” He went on to saythat “if you are trying to commit a terrible, evil crime, it’s not obvious that you should be able to do so with complete anonymity.”

We have had discussions about anonymity in our comments sections at DNA recently. When we launched the site in May, it was important to us that DNA provided a platform for insightful, interesting, honest and critical conversation about the tech ecosystem.

I am happy to say that has been the case, at least most of the time. When we noticed some “this sux” and “that sucks” comments coming in, we implemented “ground rules,” advising readers that we will delete comments that do not abide by them.

There have been some that have breached this, but we haven’t yet taken the prerogative to remove them, since such strident calls for attention have largely been drowned by the more intelligent conversations going on around them.

But lately, we’ve noticed what can only be described as “questionable comments” being posted in stories about entrepreneurs and startups in our Sizzle/ Fizzle/ Slow Burn section. “Questionable” because they were posted by “silhouettes” and/ or had content which made sense only if they came from the competitors of the companies in question.

That’s just not cricket. It’s sock puppetry of a different nature or name, but smelling just as foul. And we also realized that as we cover more companies, and as the start-up space here becomes more mature and crowded, as companies vie not so much on different ideas, but on different implementations of essentially the same idea, the competition is only going to get stiffer, and perhaps uglier.

And such foul play may find expression in our comments section.

We don’t want that to happen. One way of preventing this is to make identification a prerequisite for posting comments. We are loath to do so, but will take what action is needed to preserve the integrity of the site, and the generally high level of discourse that takes place here.

But we would like to hear from you, dear readers. Tell us if you would support such a move if it came to the crunch, and why; or if not, why not. Give us the pros and cons. Let’s hear from you.

And yes, you can do so anonymously, if you prefer. 🙂

When I said, “Clearly we all want to be anonymous online, in order to protect ourselves”, it wasn’t referring to the right of anonymity to posting comments and opinions online. I wasn’t referring to the right of anonymity in the narrow sense.

To me, the right of anonymity is the right to control your information online. I don’t want to be posting my full name online. I don’t want my potential clients to be googling my name to find pictures of me partying in my heydays. I would like to use an online pseudonym on Twitter and blog so that, among others, potential clients/employers/competitors don’t know what I do daily, who my family members are etc.

I think the video below summarises the problem without the right of anonymity.

The video above basically shows a gifted clairvoyant who finds out about numerous information above a few people he met. The gifted clairvoyant can be seen “reading” those people’s lives accurately.

[Read below for spoiler]

It was later shown that the gifted clairvoyant had a team of people scouring the Internet for information of those people.

拉昔巴星:114A苛刻‧應有更多機制保護無辜

I was quoted in Sin Chew newspaper regarding the weakness of S. 114A Evidence Act 1950.

拉昔巴星:114A苛刻‧應有更多機制保護無辜
2012-10-24 08:22
布城23日訊)今年8月1日通過的證據法令114A條文,雖然經過總檢察署多次召開閉門會議討論,但仍無法消除各界人士對此條文的爭議。

應站在公眾立場考慮

【新潮】就像沒有一個女人會嫌自己瘦一樣,從來沒有一個男人會嫌自己的“小弟弟”過大。

大馬律師公會刑事法委員會主席拉昔巴星認為,檢察司應該站在公眾的立場考慮,而114A條文中應該有更多的防禦機制來保護無辜的人。

“但反過來想想,如果114A條文需要更多的保護機制以免錯誤使用的話,那為甚麼我們還要保留這樣的一個條文呢?”

他今日受邀在總檢察署主辦的114A研討會的發言時,提出上述看法。

總檢察署沒收財產(forfeitureof property)單位主任安森在回應其論點時多次強調,114A條文雖是以事實推定(presumption of fact),但若沒有其他證據支持,這也是無法入罪的。

他指出,事實推定並非法律新詞,根據基本常識判斷的情況也不只是應用在114A的情況中。

“像在一個人身上搜出大量毒品,我們也會推定他是販毒者。”

採用事實推定不恰當

對此,拉昔巴星反駁道,在114A中採用事實推定並不恰當,毒品不容易取得,栽贓嫁禍相當困難。

“但我們可以輕易地取得某人的手機發出誹謗性、煽動性言論陷害他人,而如果這個人根本不記得誰碰過自己的手機而無法找到時間證人,那他就被無辜冤枉了。”

他強調,資訊科技的發展如此迅速,設立114A條文是非常苛刻(Draconian)的。

針對拉昔巴星對114A的批判,他解釋,檢察司在收集證據時會考慮到當時的情況與背景才做出推斷。例如某人用電腦發出誹謗言論,但他所使用的電腦並非他專屬,那這項證據將非常薄弱,不足以提控某人。

“嚴峻的情況便需要採取苛刻的管制方法。”

瑪麗亞特:事實推定更易取真相

專精於知識產權與知識管理的律師瑪麗亞特認為,事實推定是為了更易取得真相。

“事實推定不是自動發生的,檢察司需要蒐集證據,確定器材的所有人後,才由被告舉證保全自己的清白。但就算某人被證實為發出訊息的器材的所有人,他也未必有罪。

單是這一項證明是無法讓他入罪的。”

但她指出,如果沒有114A條文的話,主控官同樣能夠援引114條文提控被告,而他們也能夠取得同樣的成果。

瑪麗亞特也是論壇的3名嘉賓之一,她認為大馬律師公會代表的立場強硬,但他們以公眾利益出發為考量,情有可原。

但她也認為,各方的爭議在於對114A條文有所誤解,他們必須詳細解讀整個證據法令,才能瞭解為甚麼要有114A條文。

“114A比114條文更明確,是因網絡上有人採用匿名方式犯罪而設的,但這項條文中並沒有列明只限用於資訊科技中。”

研討會分2部份進行

這場由總檢察署舉辦的研討會共分兩個部份進行,前半部為安森與扎布里講解114A條文的應用,以及數碼鑑證科無法找出電腦罪案兇手的困境,後半部則由三位論壇嘉賓針對114A的爭議發表看法。

研討會獲得來自律師、大學代表以及電訊服務供應商的響應,出席者近百人,會場幾乎座無虛席。

吳文徉:被告者難證明清白

出席研討會的律師吳文徉指出,以一名律師的立場來看,被告一旦被證實為通訊器材的持有者,如何證明自己的清白對他們而言是困難的,因為一般人大多不具法律常識。

而雖然無辜者事後可能因為證據不足而不被提控,事實推定指他涉罪的話,已經足以導致讓此人名譽受損。

馮正良:危害資訊科技發展
114A應取消或重擬

吉隆坡律師公會資訊工藝委員會主席馮正良認為,114A條文應該被取消或撤回重擬,因為它將危害資訊科技的發展。

他指,用戶創建內容(user-generatedcontent)的網絡平台依賴網民評論和留言來獲得瀏覽率,繼而獲得廣告收入。

他舉例,一家拍賣網站裡若有人蓄意誹謗某一個賣家,在114A條文下,該賣家可以向承載這個信息的網站提出訴訟,無辜的網站管理員就得舉證以保清白。

“誰還敢讓別人在自己網站上留言?被誹謗的人可能會趁機向較富有網站管理人要求賠償,而不是追究真正的誹謗者。”

馮正良也說,以往可以匿名留言的選項在許多網站都被取消了,若繼續推行這條例,網民恐怕會被迫提供更多個人資料,才能註冊成為網站用戶來留言和評論。但這不會減低網站管理人惹官司的可能性。

“我們可以參考澳洲的版權法,即在可能被控上法庭前,發出警告,並賦予人們要求管理員撤下誹謗性信息,三次警告後就能採取法律途徑來解決。”

扎布里:檢舉網絡罪案
數碼鑑證不能找出‘兇手’

大馬電子保安機構(Cyber Security Malaysia)數碼鑑證組高級官員扎布里在114A條文研討會上說,在檢舉網絡罪案時,數碼鑑證不能當結論性證據,因為它只能找出“凶器”,而非找到“兇手”。

“找到發放誹謗性或不實信息的產品後,還要證明產品的主人就是發送者,這環節很困難,所以我們處理的7個網絡罪案訴訟中,有5宗個案是不成立的。”

他也說,該機構進行調查時有辦法取得用戶的瀏覽歷史、網絡談話記錄、緩衝文件(Cache File)及網絡帳號等。

可透過數碼鑑證證明清白

扎布里指出,有的人因為電腦中毒或遭駭客入侵,利用自己的電子產品或賬戶散播誹謗性言論而遭提控,也可以透過數碼鑑證來證明自己是清白的。

“一旦我們發現被告的電子產品有被外界入侵的跡象,我們將告知檢控官說證據太薄弱,建議他們不要檢控。”

他解釋,該機構在追縱信息源頭時,如果最後找到的是如網咖、嘛嘛檔或餐廳等公共的代理伺服器(Proxy Server),調查已經無法繼續。

“所以114A條文其實是檢察司最後的王牌,在我們無法繼續追查時,要求電子產品或網站的主人來證明自己清白,才不會讓網絡罪犯逃之夭夭,繼續幹案。”

(星洲日報)

Internet Freedom Under Threat in Malaysia?

I was interviewed by Asia Calling, a news portal produced by award-winning Indonesian radio news agency KBR68H since 2003. KBR68H is Indonesia’s first and only independent national radio news agency. Established in April 1999, today KBR68H produces 9 hours a day of information and education based programming to over 750 radio stations and 22 million regular listeners across Indonesia and Asia, making it by far the biggest radio network in the country.
 
Produced in English, Asia Calling is today translated into 10 Asian languages and broadcast by 321 radio stations throughout the region.

Tuesday, August 14th.

Listen

Download Podcast

Is Internet freedom under threat in Malaysia?

That’s the question many Malaysians are asking when a new section was introduced to the Evidence Act in April.

It basically creates a legal presumption that a person is the author of any content if it appears in his registered network or computer.

This means, a cafe owner could be hauled to court for publishing defamatory statements online even if he’s merely providing free Wi-Fi to customers.

Clarence Chua examines the implications that this new law may have on internet users in Malaysia.

Around 45 websites and popular blogs in Malaysia went black in protest as Abigail de Vries from the Center for Independent Journalism explains.

“To protest against this law we are organizing an internet blackout day. We are getting news sites, very prominent bloggers, one, either up-load a pop-up window that explains why this website is being blacked out or two, if you have Facebook or Twitter, to change your profile pictures to black.”

The new section 114A automatically assumes that a person is the publisher of any content as long as it appears in that person’s network or computer, unless the contrary is proved.

I met up with the Kuala Lumpur Bar Information Technology Committee Co-Chairperson Foong Cheng Leong at a recent forum on Internet Freedom.

He says the section shifts the burden of proof to the accused.

“There are 3 types of burden, they have shifted it. First of all is the website owners, publisher, they’re all the same thing. You’re deemed to be the publisher. And secondly is that if the content comes from your phone or your device, you are deemed the publisher. And the third one, if it comes from your internet account, then you’re deemed to be the publisher. So in normal law, if you want to assert something you have to prove it, now it’s the other way round. Now the defendant has to prove it.”

In other words, you’ll be held responsible if someone posts something on your Facebook wall or leaves a defamatory comment on your blog.

And the section is so wide that the presumption also applies to owners of cafes who provide free wi-fi to customers.

Foong says that’s bad for business.

“Websites make money through traffic. No traffic, no advertisement, no money. If you look at Facebook, all they provide is a platform. The contents are generated by users. And if Facebook wants to come to Malaysia, they won’t, because of this law. They surely don’t want to be liable to what their users say.”

Many free speech activists feel that the government is backtracking on its earlier promise not to censor the internet.

In the 1990s, Prime Minister Mahathir Mohamad launched the Multimedia Super Corridor or MSC to develope the country’s internet communication technology sector.

Fahri Azzat is from the NGO, Malaysian Centre for Constitutionalism and Human Rights.

“Mahathir said that there would be no censorship of the internet. This was subsequently reflected in the MSC Malaysia Bill of Guarantees, Item 6 where they actually said they wanted to be a regional leader in intellectual property and cyber laws. This has been statutorily encoded in the Multimedia and Communications Act, where in section 3(3) they even go and provide that no provision in that Act should be construed as allowing internet censorship.”

The government says this is necessary to combat terrorism and cyber crimes since the Internal Security Act, which allows detention without trial, had been repealed.

The controversial amendment was tabled by de facto Law Minister Nazri Aziz and was passed in April this year.

But Fahri Azzat says he fails to see the link between the new section and threat of terrorism.

Instead, he says that shifting the burden of proof threatens individual rights.

“The reason simply because of that, because it is about the protection of the individual against the state. That has always been the burden of proof; it is for the government to prove it. If there isn’t that necessity to prove, it opens the door for tyranny. And we usually do not have access to the machinery to do this, we do not have the funds to do this, we are almost as good as being convicted.”

But lawyer Faisal Moideen argues that the presumption of “fact of publication” is not the only element to prove one guilty in court.

“Even without this amendment, in any trial or proceeding the evidential burden will shift from time to time from the prosecution to the defendant, vice versa. It shifts the evidential burden. But even if you fail to other elements of the crime still must be proven and that burden remain with the prosecution, remains with the plaintiff. Malaysia is one of the more active users in social media, so it’s a timely law. I can understand the concern but being in legal practice, I look at it as a procedural matter. It doesn’t create a new offence. It doesn’t attach a liability, it’s only a presumption as to the fact of publication.”

One day after the Internet Blackout Day, Prime Minister Najib Razak directed the Cabinet to review the amendment.

But until it is repealed or amended, the accused still has to prove that he’s not guilty.

So is Malaysia planning to go back on its promise on internet censorship?

Judging from the number of blacked out blogs and websites many active Internet users certainly think so.
 

Section 114A, Evidence Act 1950: Its Impact on Your Business

I will be speaking at Federation of Malaysian Manufacturers’ (FMM) event on 114A below.


Click on image for larger view

Understand the impact of Section 114A on your business and learn about network security and content filtering to protect your business.
Date : October 30, 2012
Time : 08:30 AM – 02:00 PM
Venue : Kuala Lumpur – Wisma FMM, Bandar Sri Damansara
Country : Malaysia

THIS SEMINAR IS FOR YOU IF YOUR COMPANY:
– Provides free Wi-Fi in its premise
– Opens its website to public comments, e.g. online forums
– Has e-commerce sites
– Engages with customers via social networks e.g. Facebook, Twitter and blogs
– Allows your employees to access, from office computers, social media sites or post comments on public forums

WHO SHOULD ATTEND
CEOs, Managing Directors, General Managers, IT Managers

DATE, TIME & VENUE
Tuesday, 30 October 2012 | 8.30 am – 2.30 pm
Wisma FMM, No. 3 Persiaran Dagang PJU 9, Bandar Sri Damansara, 52200 Kuala Lumpur

PROGRAMME

08:30 Registration
09:00 Opening Remarks
by YBhg Datuk Paul Low
FMM Vice President
Session 1: About Section 114A
09:10 Section 114A of Evidence Act, 1950
by Mr Lim Chee Wee
President, Malaysian Bar
09:40 Government’s Perspective of Section 114A Evidence Act 1950
by Attorney General’s Chambers*
10:10 Questions & Answers
10:30 Networking Coffee Break
Session 2: Section 114A and Your Business
10:50 Section 114A and My Business
by Mr Jahabar Sadiq
CEO, Malaysian Insider
11:20 Section 114A and Social Media Tools
by Mr Foong Cheng Leong,
Co-Chairman, KL Bar Information Technology Committee
11:50 Questions & Answer
Session 3: Protecting Your IT Network Against Section 114A Violations
12:10 Preventing Violations Against Section 114A Through Secured Cloud Gateway
by Mr KY Lee, Regional Director-ASEAN,Zscaler
12:40 Regain Visibility and Control – How to securely manage your workforce
by Mr Victor Lo, Senior Regional Manager, Technical Services, Trend Micro Inc.
13:10 Questions & Answer
13:30 Lunch / End of Programme

* invited

PARTICIPATION FEES
FMM Members: RM 200  |  Non-Members: RM 260
Includes lunch and refreshments

SPEAKERS’ PROFILE Download

For more information, please visit http://www.fmm.org.my/

What the hack happened?

The Star quoted me in the following article on 19 August 2012:-

Sunday August 19, 2012

What the hack happened?
By LISA GOH
lisagoh@thestar.com.my

Losing your personal particulars to hackers can lead to financial losses, heartaches, loss of reputation – and sometimes friends, too.

IT starts out so innocently. A simple vote request by an acquaintance for a competition on Facebook; one click and law student Sharlyn J. discovers she has been hacked and locked out of all her social media accounts emails, Facebook, Twitter, Skype and MSN Messenger.

“I clicked on the link and a new window popped up. It looked exactly like Facebook – the colour and the fonts – but I didn’t double check the URL. That was my mistake.

“The site required me to type in my email address and password. I was a little reluctant at first but the girl kept pleading for me to vote for her so in the end, I did. Right after that, I knew something was wrong. I got locked out of all my accounts,” says Sharlyn, 19, of the incident last May.

If that wasn’t bad enough, within the hour, she received a text message that said “Hi Sharlyn. Your full name is , your IC number is , your IP address is , you are a student at college etc.” The hacker demanded money in exchange for getting her accounts back.

Gone in a second: It’s a nightmare for anyone who has discovered that his or her personal particulars have gone into the wrong hands.
“He/she even said I’m not asking for much, just RM300. You can report to the police, but there’s no point. I can’t be tracked.’

“That person had all my personal particulars. I was really freaked out. I had just started college and was living on my own. What if he had my home address as well?”

Failing to get a response from Sharlyn, the hacker then sent another text message, offering her a discount of RM150.

“I called my mum and told her what happened. I was really scared but I ignored him. I lodged a police report and opened new accounts the next day to tell all my friends to delete the old ones,” she says.

However, even weeks on, the hacker was still assuming her identity and chatting with her friends – as she found out later. She never got any of her accounts back.

In other instances, the identity thief doesn’t come to you for money. He goes to your friends, as local film producer Wendy Wong discovered.

Early last month, Wong sent her notebook for servicing. After getting her notebook back two weeks later, her problems started. When she logged into her email account, there was a prompt saying that the account was in use.

She didn’t think much of it, but then came phone calls asking if she was all right and if she was stranded in Spain.

Her email account had been hacked. Assuming her identity, the hacker emailed all her contacts to tell them she had lost her wallet and asked them to send money so she could settle her hotel bill in Spain. The hacker asked her contacts to send her RM10,929 (2850) via Western Union to an address in Madrid.

“I was in Kuala Lumpur all the while. Good thing some of my friends called me to check before sending money over. I had friends who were already planning to transfer the money,” Wong says, adding that she was alerted of the situation by an mStar journalist who had called her to ask if she was indeed stranded in Spain.

Several attempts to change her password failed as the hacker made repeated assaults on her account. Wong has since lodged a police report and alerted the customer service of her email account provider.

“This has affected my reputation. Those who know me well would know I would never go around asking people for money. But what about those I have just met, or are just starting a business partnership with? What would they think of me?”

For that reason, Wong held a press conference early this month to clear her name and to alert all her contacts of her predicament.

“It’s not so easy for me to just get another email address as that’s where my contacts reach me. But it looks like I don’t really have much choice now,” she laments.

When it comes to hacking and identity theft, the most important thing is doing everything you can to make sure it doesn’t happen in the first place. – Nigel Tan

Symantec Malaysia systems engineering director Nigel Tan says that when it comes to identity theft, more often than not, it’s an opportunistic crime, and it’s a two-step process.

“Someone steals your personal information, then uses that information to impersonate you to commit fraud. It’s important to understand this two-step approach, because your defences also must work on both levels,” says Tan, who is Symantec’s principal consultant for Asia South.

According to the Symantec Internet Security Threat Report for the year 2011, a total of 232 million identities were breached worldwide, and of that, 80.5% were by hackers.

In 2011, the Malaysian Communications and Multimedia Commission (MCMC) recorded a total of 199 hacking complaints, and six identity theft complaints. For this year up till Aug 9, MCMC recorded 141 hacking complaints, with no identity thefts as yet.

Under the law, hacking itself is an offence under the Computer Crimes Act 1997, says KL Bar Information Technology Committee co-chairman Foong Cheng Leong.

Section 4 of the Act, for example, finds “unauthorised access with intent to commit or facilitate commission of further offence” a crime, whereby a person convicted could be liable to a fine not exceeding RM150,000, or to imprisonment for a term not exceeding 10 years, or both.

Further offences, such as cheating, can be pursued under the Penal Code, Foong explains. Victims can also file civil suits if the perpetrator is known to them.

However, identity theft could prove to be more than a mere inconvenience for victims, in light of Section 114A of the Evidence Act 1950, as it holds the account owner responsible for any material published from his/her account, “unless the contrary is proved”.

This amendment to the Act, passed in Parliament in April this year, drew heavy objections from various quarters.

On Thursday, Information, Communications and Culture Minister Datuk Seri Dr Rais Yatim announced that the Cabinet has decided to maintain it.

Hacker’s victim: Wong is worried that her reputation may have been marred by the stranger’s doings.

But what drives hackers to hack and steal another person’s identity?

Where previously the motive would have been to gain fame, Tan says more often than not these days, it’s for financial benefits. Social media sites have also not been spared.

“Hackers want to get into the social media because they want to exploit that circle of trust. When you see an email or link sent by someone you know, you’re more likely to respond,” he says.

His advice?

“Never ever click on links. Open a new browser and type in the URL. If you get a phone call from a bank saying your account has some issues, and they require your personal information, hang up and call the bank directly and ask them if they really have a problem with your account,” he says. (Refer to chart for more Do’s & Don’ts.)

He also advocates using different passwords for different accounts and changing them regularly (once every 90 days is ideal). Using the two-factor identification facility (where both a password and a code sent to your mobile is needed to access an account) where available would also act as a deterrent.

“It’s important to understand how easily personal data is linked these days. Information that can be easily found on Facebook can include your place of birth, your mother’s name and other personal details. And these are usually the security questions banks use.

“Personal information flows so easily from one thread to another, and hackers are always waiting to exploit that,” he says.

And sometimes, it’s all a matter of being aware of the personal information you give out. “When a site or a person (even in legitimate circumstances) asks you for certain personal information, just stop and just ask yourself, Do they really need that information and am I comfortable in giving that information?’

Give it some consideration, and if you don’t think they do, then don’t give it. “When it comes to hacking and identity theft, the most important thing is doing everything you can to make sure it doesn’t happen in the first place.”

‘Guilty until proven innocent’ law applies to Umno Youth in Facebook probe

I was quoted by Malaysia Insider on this article regarding the applicability of S. 114A of the Evidence act 1950 on the incident regarding UMNO Youth’s Facebook page.

‘Guilty until proven innocent’ law applies to Umno Youth in Facebook probe

By Ida Lim
August 22, 2012

KUALA LUMPUR, Aug 22 — The burden of proof is on Umno Youth to show that it is not the publisher of controversial remarks suggesting that a vote for Pakatan Rakyat (PR) will result in Christianity becoming the country’s official religion, due to recent amendments to the Evidence Act, lawyers have said.

Umno Youth has claimed that the person who put up the poster with the controversial remarks was “unauthorised” to do so and that the page was not its official Facebook page.

The poster, which was uploaded last Saturday and taken down the same day, appeared to suggest that votes for federal opposition Pakatan Rakyat (PR) will cause Islam to be replaced by Christianity as the country’s official religion.

It had read: “Jika anda setuju untuk jadikan KRISTIAN sebagai agama rasmi persekutuan Malaysia, teruskan sokongan anda kepada Pakatan Rakyat. (If you agree to make CHRISTIANITY the official religion of the federation of Malaysia, continue supporting Pakatan Rakyat.) ‘God bless you my son’.”

If Umno Youth is brought to court over the “unauthorised” Facebook post, it would be the test case for the newly-enforced Section 114A of the Evidence Act that has already seen widespread opposition from the public.

Section 114A makes even coffee shops offering free Wi-Fi services liable for any defamatory or criminal acts of customers using computers at their premises.

The new law creates a presumption that any registered user of network services is presumed to be the publisher of a publication sent from a computer linked to that network service, if he cannot show otherwise

The Section also provides that any “person whose name, photograph or pseudonym appears on any publication depicting himself as the owner, host, administrator, editor or sub-editor, or who in any manner facilitates to publish or re-publish the publication is presumed to have published or re-published the contents of the publication unless the contrary is proved.”

Civil liberties lawyer Syahredzan Johan told The Malaysian Insider that Section 114A would impose a presumption that Umno Youth had published the poster, but notes that “this factual presumption is not tested in court” yet.

“But say, for whatever reason, Umno Youth is charged under the Sedition Act for promoting ill will between the Muslim and Christian communities, the factual presumption would operate,” Syahredzan said.

“All the prosecution would need to prove is that the Umno Youth is stated to be the owner or administrator of the Facebook page,” he said, noting that it is “quite easy to do so” as the page “represents itself as Umno Youth’s”.

Once that is proven, Umno Youth would be “presumed to be the publisher of the post” and would then need to “rebut this presumption”, he added.

“This is a perfect example of the absurdity and injustice of Section 114A in operation.”

The prime minister had on Twitter last week said his Cabinet would review the law after several organisations ― including the Malaysian Bar ― chose to black out their websites to signal their opposition to the law.

A day later, however, Information, Communications and Culture Minister Datuk Seri Dr Rais Yatim announced that the law will stay.

Foong Cheng Leong, the Kuala Lumpur Bar IT committee co-chair, agreed with Syahredzan, saying that “if we follow (Section) 114A, looking at subsection 1, it seems that the presumption of fact is that Umno Youth is the publisher of the poster.”

He said there is an “impression that it’s a legitimate Pemuda Umno page”, saying that the Facebook page, which has over 50,000 “likes”, features Umno Youth’s logo and the party president Datuk Seri Najib Razak’s photograph.

Foong said that Section 114A is unclear on a number of things, saying that it “does not say when the presumption is rebutted.”

“We don’t know if a police report is sufficient to rebut the presumption,” he said, saying that “we’re left at the unknown stage.”

“Can the media go and tell everybody that Pemuda Umno is the publisher of the poster? Can the media publish it as fact because in the law it’s presumed as fact?” he asked.

When asked if there was any law for Umno Youth to fall back on in court, the lawyer said there is “no exemption under (Section) 114A” and “the only thing they can do is come out with proof it’s not them.”

Lawyer Faisal Moideen shared Foong’s view, saying that “making a police report may not be enough because it seems to be a bare denial.”

However, he defended the law and stressed that it does not impose a presumption of guilt but only the presumption of fact of publication.

“At the end of the day, it doesn’t mean they have committed a crime,” he said, adding that “it takes more than just publication to make a person guilty.”

Based on his reading of the law, he said “you don’t have to show who did it, you have to show you didn’t publish it” to rebut the presumption.

Tweetjacked

This article appeared on Rage following my interview with The Star.

Tweetjacked

By KEVIN TAN and PHYLLIS HO

alltherage@thestar.com.my

ONE fine day, Chee Yun Sam, a 22-year-old model, started getting a barrage of angry tweets and messages from his friends.

Apparently, Chee had posted something rather racist on his Twitter account, and a lot of people weren’t taking too kindly to it.

Only problem was – and you guessed it – he had no idea what he had supposedly posted.

Chee had become a victim of “tweetjacking”, the popular new prank that’s making stuff like wedgies and the ol’ chalk-on-the-chair trick like SO last millennium.

What happened was a friend of Chee’s managed to get his hands on his smartphone, and used Chee’s Twitter account to post a joke.

That’s how most tweetjacks happen. You “hijack” someone’s Twitter account (or Facebook) and post something embarrassing, making it seem like it came straight from the account holder.

It’s usually innocent stuff, like confessions of love for a mutual friend (or Rebecca Black, which is equally embarrassing), or probably something gross like “I smell my socks every morning”.

But unfortunately for Chee, his friends didn’t just post some innocent joke.”It wasn’t a laughing matter at all,” he said. “My friend posted something that was quite racist. And people didn’t know I was being tweetjacked! Some of them took it really seriously and were very upset.”

While we at R.AGE always love a good, harmless prank (like the time we moved Sharmila Nair’s car to a different basement level. That sure taught her not to leave her keys lying around…), it seems tweetjacking, Facebook-jacking (which goes by a rather more unsavoury term on the Internet) and all kinds of social media-jacking can quite easily get out of hand.

And given how integral social media has become to so many of our lives and careers, your next tweetjack might not turn out to be so funny after all.

Protect yourself!

Denielle Leong, 18, has been Facebook and Twitter-jacked many times by her college buddies and even her boyfriend.

“Well on Facebook you’d normally see pretty disgusting stuff like ‘I like to lick my armpits’. Or sometimes it’ll be openly praising someone who is hot. It’s very different on Twitter, for some reason,” she said.

On Twitter, her account has been hijacked by her friends several times to post some flirtatious tweets, which obviously led to some rather awkward responses from her male friends.

“Some people really do retweet and buy everything they see, even the most random things. It just shows how people online are so gullible,” she said.

But probably the main reason why social media hijacking is becoming so common, is simply because the opportunities are everywhere now. An idle smartphone at a party, a Facebook account logged-on at the college library, an iPad that isn’t password protected… They’re all hijacks waiting to happen.

Despite having been hijacked so many times, Leong admits that she doesn’t always log off her accounts after using them on laptops and computers. She might be making herself a prime target for another prank, but she says she doesn’t mind – as long as it’s nothing harmful.

Lawyer Foong Cheng Leong, 31, the Kuala Lumpur Bar Council’s IT committee co-chairman, agrees that social media-jacking is actually “harmless”.

The problem is – as it is with all pranks – some people tend to go overboard, inadvertently posting things that are too sensitive, or sometimes even unlawful. “Publishes that are unlawful include posts that are deemed as defamatory, seditious, obscene, malicious – the breaking of the law in section 233 of Communication and Multimedia act,” said Foong.

Basically that means if you post something as part of a tweetjack that breaks those laws, you – and the friend whose account you jacked – could potentially face a fine of up to RM50,000, a jail sentence of up to one year, or both.

And with the recent amendments to the Evidence Act, Foong says that social media users should protect their accounts and monitor their publishes even more carefully. “Now, all the more young people have to be aware of their publishes, because every post will hold the publisher (account owner) accountable,” he said. “Only the account owners will be considered as the publisher until proved otherwise.

“That’s when tweet-jacking can be a problem – if the tweetjacker does not own up and admit that he or she is the person who published the (unlawful) post,” he added.

But even if you aren’t breaking the law, a social media hijacking can still do a lot of damage. Imagine for instance, if your employer stumbles upon a tasteless joke on your Facebook or Twitter account.

Joshua Desmond, 26, who, funnily enough, works as a social media planner in a digital advertising firm, was the victim of one particularly tasteless tweetjacking.

“I don’t get tweetjacked very often, but it happens from time to time,” said Desmond. “The tweets are normally just for laughs.”

But then one day, the stuff got real.

A friend used Desmond’s account to make a joke about his sexuality, which most of his followers understood to be a tweetjack. But there was one friend who didn’t get the joke, and decided to tell Desmond’s parents about it.

“My dad just rang me up one day and asked me about it, and he sounded very serious,” said Desmond. “I still remember how upset he was when he called me.

“Even after I convinced them it was only a prank, they were still upset and told me not to let it happen again. It wasn’t something funny to them at all.”

Password protection

Apart from the odd prank that gets really embarrassing, or the unlawful post that could get you in trouble with the law, social media hijacking could also put your personal safety at risk.

Foong advises people to keep personal information like house addresses, mobile phone numbers, and PIN numbers off social media, because if someone was able to hijack your account to make a silly joke, someone could also potentially access that information for something more malicious altogether.

In any case, it’s important to not only protect your smartphones and to always log out from your social media accounts, but also to make sure you have a safe password.

According to Foong, there is actually a rather common set of passwords which people tend to choose from.

“Many people use common passwords like ‘abc123’, and those passwords are easy to crack,” said Foong. “Believe it or not, the most common password in the world is ‘password’.”

Unfortunately, Sarenraj Rajendran, 22, an American Degree Programme student, had to learn that lesson the hard way.

One of Sarenraj’s friends somehow managed to guess his Facebook password, but that wasn’t such a big deal. Things turned ugly when he found out that Sarenraj used the same password for his Internet service account.

As a prank, the friend made all kinds of changes to his account settings, and even purchased some upgrades – additional email storage and an online anti-virus package. They were only 17 back then.

“I got to know about it when my ‘hijacker’ friend went around telling other friends, and even presented the proof of purchase to brag about what he had done.”

Social media expert David Lian, the Asia Pacific Digital Lead of PR agency Text 100, says the integration between all the different forms of social media makes these hijackings potentially much more damaging.

“These days, all your social networks are connected. Facebook, Foursquare, Instagram… Even your email addresses. If someone has access to one of your accounts, they could easily have access to all your accounts.

“They could even have access to credit card information on some of these applications,” said Lian.

The problem with us running this story, of course, is that people now know that “Tweet-jacking may not be dangerous if people know the limit. But at the end of the day, everyone should prevent themselves from the risk of the dangers of it. This really taught me to really be careful when it comes to protecting my personal social media. I can’t let things like that happen again,” said Chee.

1 2 3  Scroll to top