s233 Communications and Multimedia Act 1998

Can the police ask for our passwords? What if we forget them? Experts weigh in after Patrick Teoh’s Facebook insult case

I was asked by The Malay Mail to comment on laws relating to request of passwords of computer devices and online accounts and also the arrest of Patrick Teoh, a veteran radio personality. Patrick had allegedly posted certain disparaging comments about the Crown Prince of Johor and was arrested by the police for doing so. His remanded was extended because, among others, he had forgotten his email password.

Datuk Joshua Kevin, Rajsurian Pillai, Fong Choong Fook and I were interviewed by The Malay Mail. My answers are reproduced below with some modifications. The full answers can be viewed at The Malay Mail’s website.

Can the police search my phone and ask for my passwords?

….

Specifically on passwords, lawyer Foong Cheng Leong confirmed that authorities can request for passwords as part of investigations to allow for digital forensic tests to be conducted on the device, in order to obtain sufficient evidence to prove their case in court.

“It is generally to determine whether a particular message or conduct originated from that device.

“The authorities are given the power to do so for most offences, including in Patrick Teoh’s case which falls under the Communications and Multimedia Act 1998,” said Foong, who is co-deputy chair of the Bar Council’s Cyber Law Committee. Teoh’s case was probed under Section 233 of the CMA.

Under Section 249 of the Communications and Multimedia Act 1998 (CMA) which is similar to the Criminal Procedure Code’s Section 116B, police investigators who are conducting a search are to be given access to computerised data, with access again defined as including passwords, encryption codes, decryption codes, hardware or software.

While the term “computerised data” in both the CPC’s Section 116B and the CMA’s Section 249 is not defined, Foong confirmed that this would apply to passwords to social media accounts, email accounts, log-in passwords for computers, and codes to unlock a smartphone’s screen.

What happens if I refuse to reveal my passwords?



For those who refuse to give their passwords to digital devices or social media accounts to the police during investigations, Foong pointed out that such action may be considered a crime.

“A refusal to comply with the search may amount to an offence under, among others, Section 186 of the Penal Code i.e. voluntary obstruction of a public servant’s duty to discharge of his public functions.

“If it’s a search warrant by the Court, it may amount to contempt of court. However, such affected person may apply to set aside the Court warrant,” he said.

When asked whether the right to privacy or data protection could be cited to refuse the giving up of such passwords to investigators, Foong said that such rights are generally not taken into account during a search and seizure but noted a High Court case [Chong Chieng Jen v. Mohd Irwan Hafiz Md Radzi & Anor [2010] 1 CLJ 355] where the judge had said the court should consider the right to privacy when issuing a search warrant.

Asked if an individual could provide the password only for the investigation period for investigations with their presence, Foong said the device would generally be taken and sent to another department for forensic tests and the person being investigated is “generally not given the right to sit and watch how the investigation is done”.

“Further, the right to do search and seizure is very wide. They can search the entire computer for all relevant information,” he said, adding that a person who was investigated could opt to sue later on if the search was wrongfully done.

What if I forget my passwords?

Foong said it is a reasonable scenario for anyone to have forgotten their passwords to online accounts as passwords could be saved by the internet browser on a device, adding that authorities could in such cases still access the online account if they have access to the computer which were used to access the account.

“This is because that person’s computer generally would have saved the password unless that person has set it to do otherwise,” he said.

Foong highlighted however that even if an individual refuses to or is unable to furnish passwords to online accounts, they may still find that they are considered under the law as the publisher of the content of an offence unless they can prove they are not the publisher.

“The accused may take the position that they were not the originator of the message or did not do the act and there is no electronic evidence to prove that.

“Nevertheless, the prosecution may still rely on the presumption of publication under Section 114A of the Evidence Act 1950. The presumption of publication provides that a person deemed to be a publisher of a content unless proven otherwise by him or her,” he said.

Cops can’t simply check your phones, says ex-IGP

I was quoted by FreeMalaysiaToday regarding newspaper reports about the Deputy Home Minister Azis Jamman’s answer in Parliament regarding police powers to inspect public’s mobile phone. He was reported to have said that police personnel are allowed to inspect public’s mobile phone at any time and on what reasonable ground that allows such action.

For the purpose of clarification, the Honourable Deputy Minister’s answer is reproduced in full below (see Hansard 18 November 2019):-

Pihak PDRM menggunakan peruntukan di bawah Seksyen 233, Akta Komunikasi dan Multimedia Tahun 1998, Akta 588 bagi memeriksa telefon bimbit seseorang semasa menjalankan siasatan dan semasa melaksanakan tugas menjaga ketenteraman awam.

Menerusi seksyen ini adalah menjadi satu kesalahan sekiranya seseorang menyalahgunakan kemudahan rangkaian atau perkhidmatan rangkaian telekomunikasi bagi tujuan seperti menghantar komunikasi yang lucah, sumbang, palsu, mengancam atau jelik sifatnya dengan niat untuk menyakitkan hati, menganiaya, mengugut atau mengganggu orang lain.

Melalui seksyen ini, mana-mana pegawai polis boleh mengambil tindakan dengan menyemak apa-apa kemudahan rangkaian atau perkhidmatan rangkaian termasuklah telefon bimbit milik orang yang disyaki melakukan kesalahan di bawah seksyen ini. Selain itu, mana-mana pegawai polis juga boleh mengambil tindakan bagi maksud pemeriksaan apa-apa kemudahan rangkaian atau perkhidmatan rangkaian termasuklah telefon bimbit mengikut peruntukan Seksyen 103, 104 dan 106, Kanun Tatacara Jenayah Akta 593 – di bawah 12 – Tindakan Pencegahan Oleh Polis.

In response to the newspaper reports, I said in FreeMalaysiaToday’s article-

Lawyer Foong Cheng Leong acknowledged that the CMA (Communications and Multimedia Act 1998) allows for searches without warrants, but said this can only be done by an officer above the rank of inspector.

He said a search without a warrant could be done if the officer had reasonable cause to believe that a delay in obtaining a search warrant would adversely affect the investigation or that evidence would be tampered with, removed, damaged or destroyed*.

In such cases, he said, the police could have the phone taken away and inspected later, and refusal to cooperate could see a person being charged with obstruction**.

“A person found guilty is liable to a fine not exceeding RM20,000, imprisonment for a term not exceeding six months or both.”

But he, too, said the power to confiscate or check a person’s phone must be tied to an investigation, and that the police cannot randomly ask for an individual’s phone and check it.

* S. 248 of the Communications and Multimedia Act 1998
** S. 253 of the Communications and Multimedia Act 1998

The Deputy Minister later clarified that the police’s power to request or seize a person’s mobile phone is limited to a suspect and involved in any pending investigation, and not the the general public randomly.

Bread & Kaya: 2018 Malaysia Cyber-law and IT Cases PT3 – Cyber-crimes and -offences

By Foong Cheng Leong
May 3, 2019

  • Laws introduced to regulate e-hailing services
  • Sexual grooming enters the books as a new offence 

IN THIS third of a four-part series, I will discuss cyber-crime cases and other cyber offences.

Communications and Multimedia Act 1998

The establishment of Cyber Courts in the Kuala Lumpur Sessions Court saw the growth of judgements relating to the Communications and Multimedia Act 1998.

In Pendakwa Raya lwn Dato’ Mohd Zaid Bin Ibrahim (Kuala Lumpur Criminal Sessions Court Case No. 63-003-12/2015), the learned Sessions Court Judge gave a comprehensive judgement regarding a charge under s. 233(1)(a) of the Communications and Multimedia Act 1998.

The accused, a former Minister of Law, was charged for publishing a statement which is offensive in nature on his blog with an intent to annoy another person. The statement consists of a transcript of the accused’s speech given at a luncheon relating to the conduct of the then Prime Minister Najib Razak.

The learned Sessions Court Judge acquitted the accused at the prosecution stage based on the following grounds, among others:-

(1) In determining whether the article is offensive in nature, the article must be examined as a whole and not by looking in a few paragraphs or words. This is because the accused was charged for uploading the article and thus the entire article is considered as offensive in character. The prosecutor cannot pick and choose the relevant paragraphs or words favourable to them and conclude that the article is offensive in character.

(2) The learned Sessions Court Judge looked into the object of the Communications and Multimedia Act 1998 set out in s.3 of the said Act. One of the objectives of the Act is to promote a civil society where information-based services will provide the basis of continuing enhancements to quality of work and life. The learned Sessions Court Judge also considered that the said Act addressed the issue of censorship where nothing in the said Act shall be construed as permitting the censorship of the Internet.

(3) None of the Prosecution’s witnesses stated that they found that the entire article is offensive in character. Two (2) of the prosecution’s witnesses referred part of the article and not the whole article. In fact, the complainant’s police report against the accused had only stated that the article is seditious in nature which is different from offensive in character.

(4) Such article must be examined and not taken without further examination without critical thinking. This is one of the objectives that s. 3 of the said Act seeks to achieve. The attitude of receiving news blindly should be avoided and the new culture in accordance with the purpose and objective of the said Act ought to be promoted.

(5) In respect of the element “with intent” to annoy another person, the learned Sessions Court Judge held that that intent has to be proved and no evidence has been adduced to prove the same. As for the element “annoy another person”, the learned Sessions Court Judge found that the complainant did not feel annoyed when he read the article. The learned Sessions Court Judge held that annoyance or anger or dissatisfaction would appear spontaneously when the article is read. The learned Sessions Court Judge found that the article is intended for blog readers to garner support for what it is written for i.e. to give support to Prime Minister Dr Mahathir.

(6) The charge is defective as the prosecution failed to state clearly in the charges sheet who is the person intended to be annoyed by the accused when the article was uploaded. The charge sheet had only stated “with the intent to annoy another person”. The person in the charge sheet must be named clearly.

(7) The Prosecution should have also called the person intended to be annoyed by the article to testify whether the victim felt annoyed by the article. Without evidence from the victim, the Court is left wondering whether the victim felt annoyed by the article.

In Sivarasa Rasiah v Pendakwa Raya (Kuala Lumpur Criminal Sessions Court Case No. 63-001-04/2016 & 63-002-04/2016, Criminal Application No: 64-085-07/2016) and Premesh Chandran a/l Jeyachandran v Pendakwa Raya (Kuala Lumpur Criminal Sessions Court Case: WA-64-155-12/2017), the two accused were charged under s. 233(1) of the Communications and Multimedia Act 1998. They filed an application to refer a few constitutional issues to the High Court pursuant to s. 30 of the Courts of Judicature Act 1964 on the ground that s. 233(1) of the Communications and Multimedia Act 1998 is in contravention of Article 8 and 10(2)(a) of the Federal Constitution.

The Prosecution raised a preliminary objection against this application on the ground that s. 233(1) of the Communications and Multimedia Act 1998 is settled and not in contravention of the Federal Constitution. The same Sessions Court Judge dismissed the application on the ground that the case of Nor Hisham Osman v PP [2010] MLJU 1429 has already determined that s. 233(1) of the Communications and Multimedia Act 1998 is reasonable and not unconstitutional.

Fortunately for the two accused, the charges were withdrawn against them after the change of Government after the 14th General Election.

Sedition – Sex bloggers on trial

In Lee May Ling v Public Prosecutor & Another Appeal [2018] 10 CLJ 742, the Appellant, also known as Vivian of the Alvivi duo, was found guilty by the Sessions Court for an offence under s. 4(1)(c) of the Sedition Act 1948 and sentenced to an imprisonment term of five (5) months and twenty (22) days.

Vivian and her co-accused, Alvin Tan, had published a picture of themselves with the words “Selamat Berbuka Puasa (dengan Bak Kut Teh. wangi,enak, meyelerakan!!!) with the Halal logo on the Facebook page “Alvin and Vivian-Alvivi”.

She appealed against her conviction and sentence. There was also a cross-appeal by the prosecution against the inadequacy of sentence meted out by the Sessions Court Judge.

The co-accused absconded through the trial and was absent until the conclusion of the trial.  

The High Court dismissed the appeals. The learned Judge found that Vivian and Alvin Tan had a common intention to publish the picture, and that Vivian was a willing participant. Although no one saw Alvin or Vivian posting the picture, the learned Judge also made an inference from the evidence showing that the picture was kept in Alvin’s notebook and the Facebook page was registered in the name of Alvin and Vivian.

The High Court however substituted the sentence of five (5) months and twenty (22) days imprisonment with a fine in the sum of RM5,000 in default, imprisonment of six (6) months. The High Court in the same vein dismissed the prosecution’s appeal on the inadequacy of the sentence.

Official Secrets Act 1972 – Liability for receiving forwarded messages

Last year, I reported that one Subbarau @ Kamalanathan (Pendakwa Raya v Subbarau @ Kamalanathan (Court of Appeal Criminal Appeal No. N-06B-55-09/2016) was charged in the Sessions Court under s. 8(1)(c)(iii) of the Official Secrets Act 1972 (OSA 1972) for having possession in his Samsung mobile phone soft copies of 2014 UPSR examination papers.

In the same year, the Court released two more judgements relating to the possession of Ujian Penilaian Sekolah Rendah (UPSR) examination papers which they had received via forwarded messages on WhatsApp.

In Pendakwa Raya lwn Uma Mageswari A/P Periasamy @ Mayandy (Kuala Kangsar Sessions Court Criminal Case No. 61-1-11-2014) and Pendakwa Raya v Anparasu al Kadampiah (Kuala Kangsar Sessions Court Criminal Case No. 61-2-11-2014), the two school teachers were charged with possession of a few pages of examination papers for Ujian Penilaian Sekolah Rendah (UPSR) for Science 018 under s. 8(1)(c)(iii) of the Official Secrets Act 1972. Both were acquitted as the photographs of the examination papers were forwarded to them and stored automatically on their mobile phones, and they had no use for them, among others.

The prosecution of persons who possess information received via forwarded messages is a dangerous precedent. The law should make exception to those who had not knowingly received such information and chose not to delete those information thereafter.

Online and phone scams – Scammer or victim?

Online and phone scams have become common in Malaysia. The authorities had been tracking and arresting these scammers but many of them are based outside Malaysia. Instead, these scammers use the services of Malaysians, whether knowingly or not, to receive and dissipate money.

In Pendakwa Raya lwn Charles Sugumar a/l M. Karunnanithi (Kota Bharu Magistrate Court Kes Tangkap No: MKB (A) 83-43-02/2016), the accused was charged under s. s. 424 of the Penal Code for dishonestly concealing money of a scam victim in his bank account knowing that the said money does not belong to him. The victim had befriended a person by the name of Alfred Hammon from UK through Facebook. Alfred Hammon then made the victim transfer money to the accused’s bank account on the pretence that he needed the money to cash his cheque of three million dollars. Alfred Hammon promised that he will return the money together with interest. However, after transferring the money, the victim realised that she was scammed.

The accused claimed that he is not part of the scam and that when he was working as a tour driver, he was requested by his customer to receive money on the customer’s behalf. The accused claimed that he did it to give his customer the best service so that he can attract more customers. He said that he was informed by the customer that the customer’s friend had to transfer money to him so that the customer can continue his tour in Malaysia. The accused said that he did not make any remuneration or commission from that assistance.

The Magistrate acquitted the accused as the Magistrate found that, among others, the accused’s evidence is consistent and he is a credible witness. The Magistrate agreed that the accused was made a scapegoat by the customer who took advantage of his goodness and sincerity in giving the best service as a tour driver.

In Pendakwa Raya lwn Sabariah Binti Adam (Magistrate Court Criminal Trial No. 83RS – 206 – 08 / 2016), the accused was charged with two counts of knowingly concealing stolen property, an offence under s. 414 of the Penal Code. The victim was duped by a Facebook user by the name of Nasir to bank in her money into the accused’s bank account. The accused claimed that she was a victim of the same trumpery scheme and not the perpetrator. She has no control and custody over her bank account. The Court however drew inference that an account holder must be held responsible for all transaction initiated or authorised using her account number including transaction by another person whom the account holder has given permission to. The Court sentenced the accused twelve (12) months imprisonment for each charge.

However, in Pendakwa Raya lwn Hasimah Binti Aziz (Kuala Lumpur Criminal Sessions Court Case No. WA-62CY-052-08/2017), the accused was charged under s. 4(1)(b) of the Computer Crimes Act 1997 for allowing access without authorisation to her Maybank bank account and thereafter assist a scam against the complainant.

The complainant was tricked into transferring money to the accused to pay for charges to release a present purportedly sent by a person she knew from Facebook. The investigating officer found that the accused had given her automatic teller machine (ATM) card to a person she knew from Facebook. That person claimed he could not open a bank account in Malaysia.

The Court held that based on the evidence produced, it is clear that the complainant and accused were online scam victims themselves. The accused was deceived into giving her account number, ATM card and PIN number. The complainant on the other had was deceived into paying courier charges, among others. If detailed investigation was made, the main character of the scam would be revealed. There was no attempt to obtain the CCTV recording of who had taken the money from the ATM machine. The bank officer had testified that CCTV recording are stored by the bank for three (3) months. If the CCTV recording was obtained, it would reveal who had used the ATM card.

Sexual grooming – A new offence

In Syed Naharuddin Bin Syed Hashim v Etiqa Takaful Berhad (Award No.: 3143/2018), the Claimant was dismissed after the Company received an anonymous email alleging that the Claimant had been operating as a sexual predator and targeting girls as young as thirteen-years-old.

The anonymous author also alleged that the Claimant, using the pseudonym, “KBoy”, carried out his meetings with girls. It was also alleged that the Claimant’s conversations had been recorded and featured in an undercover expose by the Star newspaper team of journalists know as STAR R.AGE Team. An investigation by the Company revealed that there were two video recordings featuring K-Boy which had been uploaded onto the STAR R.AGE online website and the videos had gone viral on YouTube. The Claimant admitted that he was the individual in the video.

The Industrial Court held that the actions of the Claimant can amount to a sexual communication under the Sexual Offences Against Children Act 2017. The facts of the case which are largely admitted to by the Claimant, are that he communicated with the intended “victim” in social media and then met up with the person (who informed him that she was a young girl of 15). The setting, the time and the locale were such that a person of his standing in society and representing an insurance company should have been wary of. Further, the conversations were explicitly related to sex and sexual exploits which a man of his age has no business to discuss with a young lady, notwithstanding her real age.

The Court found that the termination was with just cause or excuse and the Claimant’s case is therefore dismissed.

E-hailing services – Naughty GrabCar driver

In Pendakwa Raya lwn Muhamad Izuwan Bin Kamaruddin (Mahkamah Magistrate Ampang No Kes: 85-55-09/2017, 83JS-16-09/2017 dan 83-780-09/2017), a GrabCar driver was charged under ss. 323, 354 and 506 of the Penal Code for assaulting his passenger. He pleaded guilty and was sentenced to a total of 3 years and five (5) months.

In deciding the sentence, the learned Magistrate took into account of the negative effect on the e-hailing provider GrabCar which may cause difficulty to female passengers to trust a GrabCar driver. The learned Magistrate imposed a deterrence sentence to send a message to all drivers so that they will drive ethically and treat their passengers with respect and not take advantage of then.

On another note, the Commercial Vehicle Licensing Board (Amendment) Act 2017 and Land Public Transport (Amendment) Act 2017 came to force on 12 July 2018.

These new laws introduced the licensing of intermediation business. Intermediation business is defined as “business of facilitating arrangements, booking or transactions of e-hailing vehicle (pursuant to the new amendment to CVLBA) and for the provision of land public transport services (pursuant to the new amendment to LPTA). These amendments were introduced to regulate e-hailing services such as Grab and also e-hailing vehicles.

Part 4 which focuses on commercial cases will be published on May 10.

First published on Digital News Asia on 3 May 2019

Bread & Kaya: 2018 Malaysia Cyber-Law And IT Cases – Fake News, Private Information & Instant Messaging

THE change of Government after the 14th General Election saw changes to our sphere of cyber and IT laws. The new Government withdrew numerous charges under s.233 of the Communications and Multimedia Act 1998, especially against those who had allegedly spoke against the previous Government.

The Anti-Fake News Act 2018 that was introduced before the 14th General Election was quickly shipped away by the House of Representatives via The Anti-Fake News (Repeal) Bill 2018, but was thwarted by the Senate. One person has been charged and sentenced under this Act.

There has also been an array of interesting cyber- and IT-related cases in our Courts.

An employee was dismissed from his job as his conduct could amount to sexual grooming under the Sexual Offences Against Children Act 2017. His action was recorded and featured in an undercover expose by the Star newspaper team of journalists know as The STAR R.AGE Team.

We saw the first decision on the liability of online service providers i.e whether they are liable for trademark infringement for the sale and advertisement of their Merchants’ products published on their website.

We also saw a greater adoption of the electronic service of Court documents. In 30 Maple Sdn Bhd v Noor Farah Kamilah Binti Che Ibrahim (Kuala Lumpur High Court Suit No: WA-22IP-50-12/2017), the Intellectual Property High Court granted an application to serve a Writ and Statement of Claim via email and WhatsApp messenger after it could not locate the Defendant at her last known address.

Traditionally, when a Defendant cannot be located, a Plaintiff would normally ask the Court to allow a notice relating to the lawsuit to be published in the newspaper, among others. The current Rules of Court 2012 does not expressly recognise the electronic service of Court documents notwithstanding that people are more mobile these days. Furthermore, the chance of being able to communicate with someone online is much higher than in person.

PKR communications director and Member of Parliament for Lembah Pantai, Fahmi Fadzil’s civil suit against the Malaysian Communications and Multimedia Commission and Nuemera (M) Sdn Bhd (Ahmad Fahmi Bin Mohamed Fadzil v Suruhanjaya Komunikasi dan Multimedia & Anor (Kuala Lumpur Sessions Court Suit No. WA-A52-2-02/2018)) for allegedly failing to protect his personal data which resulted in the leakage of his personal data together with the personal information of 46.2 million mobile subscribers has now been settled. This was one of Malaysians’ biggest data leaks. However, the terms of settlement were not disclosed.

Nevertheless, the lawsuit by Nuemera (M) Sdn Bhd against Malaysian Communications and Multimedia Commission (Nuemera (M) Sdn Bhd v Malaysian Communications and Multimedia Commission(Kuala Lumpur High Court Originating Summons No. WA-24NCC(ARB)-14-04/2018)) over its suspension of their services to the Commission due to the data leakage is pending before the Court of Appeal (Civil Appeal No. W-01(NCC)(A)-318-05/2018). The details of the lawsuit are unknown as the Court documents have been sealed by the Court.

I will summarise all these over four articles as part of my yearly tradition of what happened in the preceding year.

Anti-Fake News Act 2018 – Taking down fake news

The Anti-Fake News Act 2018 was quickly passed by the previous Government prior to the 14th General Election.

According to the explanatory note of the Anti-Fake News Bill 2018, the law was introduced to seek to deal with fake news by providing for certain offences and measures to curb the dissemination of fake news and to provide for related matters. As technology advances with time, the dissemination of fake news becomes a global concern and more serious in that it affects the public.

The Act seeks to safeguard the public against the proliferation of fake news whilst ensuring that the right to freedom of speech and expression under the Federal Constitution is respected. The provision on the power of the Court to make an order to remove any publication containing fake news serves as a measure to deal with the misuse of the publication medium, in particular social media platforms. With the Act, it is hoped that the public will be more responsible and cautious in sharing news and information.

S.4 of the Anti-Fake News Act 2018 makes it is an offence for any person who, by any means, maliciously creates, offers, publishes, prints, distributes, circulates or disseminates any fake news or publication containing fake news.

“Fake news” is defined as any news, information, data and reports, which is or are wholly or partly false, whether in the form of features, visuals or audio recordings or in any other form capable of suggesting words or ideas.

It was reported that one Salah Salem Saleh Sulaiman was charged and punished under s. 4(1) of the Anti-Fake News Act 2018, which carries a punishment of up to six years in prison and a fine of up to RM500,000, for maliciously publishing fake news in the form of a YouTube video under the user name Salah Sulaiman. He pleaded guilty and was sentenced to a week’s jail and fined RM10,000.

Online news portal, Malaysiakini.com, tried to challenge the constitutionality of the Act but failed in the High Court. In Mkini Dotcom Sdn Bhd v Kerajaan Malaysia & Anor (Kuala Lumpur Judicial Review Application No. WA-25-111-04/2018), Justice Azizah Nawawi held that the application should be dismissed as neither Malaysiakini nor its reporters had been charged under the law. She allowed the objection by the Government to refuse the leave application as the applicant is not adversely affected and the action is premature. Malaysiakini appealed to the Court of Appeal (Civil Appeal No. W-01(A)-399-06/2018) but the appeal was subsequently withdrawn.

As soon as Pakatan Harapan took over the Government, the Anti-Fake News (Repeal) Bill 2018 was introduced to repeal the Anti-Fake News Act 2018. The explanatory note of the Bill stated that fake news may be dealt with under existing laws such as the Penal Code, the Printing Presses and Publications Act 1984 and the Communications and Multimedia Act 1998. As such, the Act is no longer relevant. The House of Representatives passed the said Bill. However, the Senate rejected the Bill. As of the date of this article, the Anti-Fake News Act 2018 still stands.

Family disputes

Private Information – Leaked nudes

As video recording and photography become easily accessible, our Courts are now stating to deal with electronic files containing intimate and/or private materials.

In Datuk Wira S.M Faisal Bin SM Nasimuddin Kamal v Datin Wira Emilia Binti Hanafi & 4 Ors[2018] 7 CLJ 290, the 1st Defendant, the ex-wife of the Plaintiff, had taken into possession mobile phones and USB Flash Drives belonging to the Plaintiff. It was alleged that one of the flash drives contains files which featured intimate and/or private audio-visuals.

The Plaintiff sued the 1st Defendant and her other family members for the return of the devices. The High Court held that there had been no denial that the devices belonged to the Plaintiff. In view of the aforesaid, the High Court ordered the return of the devices.

In M v S (Joint Petitioners) (Sabah and Sarawak High Court), the High Court had to deal with the expungement of nude pictures allegedly of the wife. The husband and wife were fighting over the custody of their children. Custody was earlier granted to the husband and the wife applied to vary the custody order.  

In opposing the application, the husband exhibited in his affidavit nude photographs of the wife taken from her computer and hand phone without her consent and stated she is a “wild woman” and an unfit mother. The wife applied to expunge several paragraphs and related nude pictures in the said affidavit under Order 41 Rule 6 of the Rules of Court 2012.

The High Court found that the wife did not release the pictures into the public domain. She had stored them privately in her hand phone and laptop computer. It is the husband who accessed them without her permission and gave access to others including law firm staff and court staff by exhibiting them in the affidavit in opposition without any sort of censoring whatever.

Thus, the exhibition of the said pictures of the wife in the affidavit in opposition was a gratuitous and malicious act to embarrass and humiliate her. The exhibition of the uncensored pictures in the husband’s affidavit was therefore scandalous and oppressive. Under these premises, the discretionary power vested in the court under Order 41 rule 6 of the Rules of Court 2012 should come to the aid of the wife.

The High Court also held that, in this day and age, private intimate photographs of a person stored in the computer or handphone should not suggest that person in question is immoral or an unfit parent.

Instant messaging – “WhatsApping” your children

In Lee Chui Si v Teh Yaw Poh (Sabah & Sarawak High Court Divorce Petition No. KCH-33JP-234/7-2017), the High Court found ways to soften the blow of a divorce by introducing the use of electronic messaging. The husband and wife fought over the custody of their children but two of their children do not wish to see their father.

Nevertheless, the learned Judge was of the view that a window of opportunity should be left open for the father to make amends to his two children. As such, in lieu of physical access, access to their father can be given by way of communicating with them via mobile phones (WhatsApp, phone calls, SMS or WeChat). In view of the present strained relationship between the two children and their father, the communication between them should be limited in the early stage and the Judge limited it to one phone call not exceeding ten minutes and two text messages a week. If the said two children respond and feel comfortable with communicating with their father, the number of phone calls and texting can be more than what the court has decreed.

Part 2 which focuses on cyber-defamation will be published on April 26

First published on Digital New Asia on 19 April 2019.

Bread & Kaya: Dear Attorney General Tommy Thomas, we need to speak about our Malaysia cyberlaw and IT laws reforms

By Foong Cheng Leong | Jun 22, 2018

– Act is clearly against the very fundamental principal of “innocent until proven guilty”
– Need law to curb creation of fake news, especially if created to stoke racial or religious sentiments

Repeal of 114A of Evidence Act 1950

WHEN s. 114A was introduced in the Parliament in 2012, a protest was held by netizens to urge the Government to repeal s. 114A. The #stop114A campaign was held and Malaysia had it first Internet Blackout Day to protest this section.

S. 114A provides for three circumstances where an Internet user is deemed to be a publisher of a content unless proven otherwise by him or her. The relevant section, namely s. 114A(1), states that “A person whose name, photograph or pseudonym appears on any publication depicting himself as the owner, host , administrator, editor or sub-editor, or who in any manner facilitates to publish or re-publish the publication is presumed to have published or re-published the contents of the publication unless the contrary is proved”.

In simple words, if your name, photograph or pseudonym appears on any publication depicting yourself as the aforesaid persons, you are deemed to have published the content. So, for example, if someone creates a blog with your name, you are deemed to have published the articles there unless you prove otherwise. If you have a blog and someone posts a comment, you are deemed to have published it.

Subsection (2) provides a graver consequence. If a posting originates from your account with a network service provider, you are deemed to be the publisher unless the contrary is proved. In simple terms, if a posting originates from your TM Unifi account, you are deemed to be the publisher. In the following scenarios, you are deemed to be the publisher unless you prove the contrary:-

(1) You have a home network with a few house mates sharing one internet account. You are deemed to be the publisher even though one of your house mates posts something offensive online.
(2) You have wireless network at home but you did not secure your network. You are deemed to be the publisher even though someone “piggybacks” your network to post something offensive.
(3) You have a party at home and allows your friends to access your PC or wireless network. You are deemed to be the publisher even though it was a friend who posted something offensive.
(4) Someone use your phone or tablet to post something offensive. You are deemed to be the publisher.

As for subsection (3), you are presumed to have published a content if you have custody or control of any computer which the publication originates from. Here, you are deemed to be the publisher so long your computer was the device that had posted the content. If someone “tweetjacks” you or naughtily updates your Facebook with something offensive, you are deemed to be the publisher unless you prove otherwise.

Clearly, it is against our very fundamental principal of “innocent until proven guilty”.

Position of intermediaries (e.g. platform providers)

Currently, many platform providers are vulnerable to be sued or charged in Court for what their users do. For example, an online forum owner would be liable for publishing defamatory statements made by their users pursuant to s. 114A of the Evidence Act 1950. Online marketplace operators may also be sued because their users sold counterfeit products.

It would be ideal for the Government to induce new laws to protect such platform providers but also the punish errant platform providers. For example, a one-strike or three-strikes rule. Under such proposed one-strike rule, an aggrieved person may file a complaint against the platform provider to remove certain postings. If the platform providers remove such posting within a specific time, the platform provider should be absolved from liability. However, if it fails to do so, it will be liable for the acts of its users.

S. 43H of the Copyright Act 1987 is a good example on how to deal with intermediary’s liable in respect of copyright infringement.

In this regard, the Sedition (Amendment) Act 2015, which is not in operation yet, should be repealed. The said amendment creates, among others, liability on website operators such as online forums, online news portals, and even Facebook page/ group owners. [Read http://foongchengleong.com/2015/04/bread-kaya-how-the-new-sedition-act-affects-netizens/]

Specific laws to govern blocking of websites or other electronic platforms.

All blocking orders should be made public and their detailed reasons to block websites. Currently, there is no public list other than one independently maintained by Sinar Project and reasons given are usually one-liners (e.g. in breach of s. 233 of the Communications and Multimedia Act 1998).

However, there could be specific websites which need not be reviewed due to national security issue, among others. As we all know, blocked websites can still be accessed via other means.

Blocking orders should also be made by the Courts rather than the arbitrary decision of the Minister. The current s. 263 of the Communications and Multimedia Act 1998 is used by the Ministry of Communications and Multimedia to direct internet service providers to block platforms in order to prevent the commission or attempted commission of an offence under any written law of Malaysia. In the past however, we have seen websites being blocked due to political reasons e.g. medium.com and bersih.org.

The Anti-Fake News Act 2018 and Sedition (Amendment) Act 2015 have provisions for websites to be blocked by way of application to the Court. All these blocking order sections and s. 263 of the Communications and Multimedia Act 1998 should be replaced with one single law to govern blocking of electronic platforms.

The law should also allow any person such as users of the platforms to challenge any blocking orders. When the previous Government decided to block medium.com, as far as I know, the site owners did not file any challenge in Court to unblock their website. Many netizens were denied access to informative and educational content from medium.com. There were no specific laws allowing them to challenge the block. They were also unsure if they could meet the threshold to file an action for judicial review.

Specific channels to allow litigants to obtain information about wrongdoers

In the present case, a person who wishes to obtain information about another person, for example another Facebook user who had defamed or harasses him, would need to go through a long and expensive process to obtain such information. Normally these wrongdoers will use platforms provided by foreign companies to attack another user.

It would be ideal if a straight forward process be made to such person to obtain such information. For example, filing a request to the Government for it to request the same from the platform providers.

SS. 211 and 233 of the Communications and Multimedia Act 1998

S. 233 of the Communications and Multimedia Act 1998 (which is similar to s. 211) has been used by the previous administration against dissent. The Bar Council has called for the repeal of Section 233(1)(a) of the Communications and Multimedia Act 1998 as it is a serious encroachment on the freedom of speech and expression guaranteed by Article 10(1)(a) of our Federal Constitution. I concur with the Bar Council on this.

However, I suggest that new laws be introduced to stop contents which can cause hatred and disturbance about certain individuals or organisations. We cannot have people sending fake messages which can cause a riot, for example.

Anti Fake News Act 2018

Many calls have been made to repeal the Anti Fake News Act 2018, which came into operation weeks before the 14th General Election. One person has been sentenced and many have been investigated for spreading fake news. Prime Minister Dr Mahathir Mohamad has confirmed that this Act will be repealed.

Notwithstanding such calls to repeal the law, I am of the view that there should be laws to curb the creation of fake news especially those created to stoke racial or religious sentiments. Note that s. 233 of the Communications and Multimedia Act 1998 requires a communication to target a certain person. Fake news may not necessary be targeting a certain person. It could target a race and a place, for example.

Revamp of the Admissibility of Electronic Evidence

Currently, almost every document printed by a computer is admissible under s. 90A of the Evidence Act 1950. This section should be examined to define clearly on what admissible and not admissible.

The Court’s electronic system should also be upgraded to allow the admissible of all forms of electronic media such as songs, videos and animated files. Currently, lawyers have to burn those evidence in a CD to be filed in Court. This defeats the open justice system where all Court proceedings are accessible to the public.

[Postscript] In addition, the Court’s file search system should also be updated. Currently it allows a user to conduct a file search for 30 minutes (per ticket) via its slow system. It loads page by page and one cannot download all the documents at one go. It should be revamped to allow a user to download the entire file with one single fee.

Laws to protect netizens

New laws should be introduced to criminalise cyberbullying, stalking and harassment. It is noted that this type of acts these days are not made directly against a person.

Government should also study the criminalisation of maintaining cybertroopers. Many organisations in the world including Governments use the services of cybertroopers to attack individuals. They would send threatening, harassing or annoying messages, posting private information of that individual and create fake content about that individual.

Lastly, what we need is meaningful and effectively consultation with the Government. The previous administration had basically shoved us with laws with little consultation. I remember when our #Stop114A team went to meet the then Deputy Minister of Law, V.K Liew, to hand in our petition to repeal s.114A, he said that the Bar Council needs professional advice. I trust that the new Government will make a wise choice in deciding the right people for the right job.


First published on Digital News Asia on 22 June 2018

Bread & Kaya: 2017 Cyberlaw cases Pt3 – sexual offences against children and computer crimes

By Foong Cheng Leong | Mar 30, 2018
– Sending death threats using someone else’s mobile phone is not OK
– 2018 will mark interesting year for cyber related cases including Uber driver suing Uber

THE first statute in Malaysia to use the term “social media” is part of the law designed to protect children against sexual offences and not any computer crimes related or media related law.

At the same time a bank officer got into hot soup for using their superior’s email account and password. Let’s go through these cases now.

Crime

Sexual Offences Against Children Act 2017

The Sexual Offences Against Children Act 2017 was introduced to address the seriousness of sexual offences committed against children in Malaysia. The ultimate object of the proposed Act is to provide for better protection for children against sexual offences and to safeguard the interest and well-being of children and to provide effective deterrence.

One of the laws introduced is the law against child grooming. S. 12 of the Act states that child grooming is an offence punishable with imprisonment of no more than 5 years and liable for whipping. The Act specifically stated that the following amounts to child grooming :-

(a) A communicates with Z, a child via social media by pretending to be a teenager and develops a love relationship with Z with the intention of using Z in the making of child pornography. A never meets Z. A is guilty of an offence under this section .

(b) A communicates with Z, a child via e-mail and befriends Z with the intention that A’s friends C and B could rape Z. A never meets Z. A is guilty of an offence under this section.

This law is also the first statute in Malaysia to use the words “social media”.

Last year, we were anticipating the amendments of the Communications and Multimedia Act 1998. However, the amendments never came. Nevertheless, numerous people were investigated under s. 233 of the Communications and Multimedia Act 1998. Notably, in the case of Mohd Fahmi Redza Bin Mohd Zarin Lawan Pendakwa Raya dan Satu Lagi Kes (Kuala Lumpur Criminal Application No. 44-103-08/2016), the accused was charged under s. 233 of the Communications and Multimedia Act 1998 for publishing an offensive Instagram posting using the username kuasasiswa. The accused filed an application to strike out the charge on the grounds that:-

– s. 233 of the Communications and Multimedia Act 1998 is unconstitutional and/or ultra vires in view of Article 5(1), 8 and 10(1)(a) of the Federal Constitution
– the charge against him acts as and/or has the characteristic of a censorship and therefore in contravention of the objectives of the CMA according to s. 3(3) of the CMA; and
– the charge against the accused is defective as it does not have the details of the parties that were offended by his acts.

The Public Prosecutor applied to have the matter heard before the Federal Court in respect of the issues on the constitutionality of s. 233 of the CMA (in accordance with ss. 30 and 84 of the Courts of Judicature Act 1964. Upon hearing the parties, the High Court referred the matter to the Federal Court for the latter to decide on the following question:-

Whether Section 233(1)(a) of the Multimedia and Communication Act (Act 588) is Inconsistent with Article 5(1), 8 and 10(1)(a) of the Federal Constitution?

However, the Federal Court dismissed the application for non-compliance of the Courts of Judicature Act 1964 (Federal Court Criminal Application No. 06-04-04/2017(W)).

In Nik Adib Bin Nik Mat v Public Prosecutor (Rayuan Jenayah No 42S(A)-39-7/16), the accused was charged under s.233(1)(a) of the Communications and Multimedia Act 1998 for sending indecent and false photos of cabinet leaders titled “Pesta Bogel” on Facebook. He was also charged under s. 5(1)(a) of the Film Censorship Act 2002 for possession of 883 pieces of pornographic videos in his laptop. The Session Court sentenced him to the maximum sentence of 1 year imprisonment for the first offence and another 1 year imprisonment for the second offence.

On appeal, the High Court Judge stated that “cyber offences are serious offences especially the offence at hand, as those offensive materials could be easily disseminated to the public at large within seconds at a touch of a button” and agreed with the Sessions Court Judge that public interest is of paramount importance and should supersede the interest of the accused.

However, the learned High Court Judge was of the view that personal interest of the accused should not be disregarded at all and thus, allowed the appeal against the sentence. The learned High Court Judge took into account the grounds submitted by the accused and held that the misdirection of Session Court on imposing maximum sentence for the first offence warrants the appellate intervention and a special consideration ought to be given so that he can mend his ways and “turn over a new leaf”.

The High Court substituted the original sentence with 1 week imprisonment and a fine of RM3,000 in default 3 months imprisonment for the first charge and for the second charge, a fine of RM10,000 in default 1 ½ years imprisonment.

In Pendakwa Raya v Dato’ Dr Ahmad Ramzi Bin Ahmad Zubir (Rayuan Jenayah No. T-09-15-01/2014), the Respondent was charged with criminal defamation after he had sent text messages containing death threats to various individuals using another person’s (SP5) mobile phone number via an online platform registered in the name of a colleague of the Respondent (SP16). The said online platform allows users to broadcast SMS to numerous mobile numbers via the Internet. The Respondent had changed the sender’s mobile phone to SP5’s mobile number. The Respondent’s convicted by the Sessions Court but his conviction was overturned by the High Court.

On appeal, the Court of Appeal restored the conviction. In the grounds of judgment, the Court of Appeal discussed on the method used to determine whether the SMS was sent by the Respondent. The investigation had showed that the internet protocol address that was used to send the SMS was registered to the Respondent’s internet account. The MAC Address found was the same MAC Address of the Respondent’s router. According to the evidence provided by Cyber Security Malaysia, a MAC Address is a unique number provided by the Internet Service Provider and in order to connect to the Internet, it must be done through a router.

In Pendakwaraya v Charles Sugumar a/l M. Karunnanithi (Mahkamah Majistret Kota Bharu Kes Tangkap No: MKB (A) 83-43-02/2016), the accused was charged under s. s. 424 of the Penal Code for dishonestly concealing money of a scam victim in his bank account knowing that the said money does not belong to him. The victim had befriended a person by the name of Alfred Hammon from UK through Facebook. Alfred Hammon then made the victim transfer money to the accused’s bank account on the pretence that he needed the money to cash his cheque of US$3 million. Alfred Hammon promised that he will return the money together with interest. However, after transferring RM36,300 the victim realised that she was scammed.

The accused claimed that he is not part of the scam. The accused claimed that when he was working as a tour driver, he was requested by his customer to receive money on the customer’s behalf. The accused claimed that he did it to give his customer the best service so that he can attract more customers. He said that he was informed by the customer that the customer’s friend had to transfer money to him so that the customer can continue his tour in Malaysia. The accused said that he did not gain any remuneration or commission from that assistance.

The Magistrate acquitted the accused as the Magistrate found that, among others, the accused’s evidence is consistent and is a credible witness. The Magistrate agree that the accused was made a scapegoat by the customer who took advantage of his goodness and sincerity in giving the best service as a tour driver.

Computer Crimes Act

In Rose Hanida Binti Long lwn Pendakwa Raya (Kuala Lumpur High Court Criminal Appeal No. 42K–(115–124)-09/2016), the appellant was charged under the Computer Crimes Act 1997 (unauthorised access to computer material with intent to facilitate the commission of an offence involving fraud or dishonesty or which causes injury) and s. 420 of the Penal Code (for cheating) for making false claims to his employer, a bank, by using his superior’s account and password to without his superior’s knowledge. She was initially sentenced by the Sessions Court with 4 years of imprisonment and fine of RM260,000 in default of 15 months jail. She appealed the sentence but withdrew it later. Notwithstanding that it had been withdrawn, the High Court Judge exercised his revisionary powers and enhanced the sentence to 6 years and fine of RM260,000 in default of 15 months jail due to the seriousness of the offence.

In Kangaie Agilan Jammany lwn PP [2017] 1 LNS 1640, the accused was charged under s. 5(1) of the Computer Crimes Act 1997 for making modification of the contents of Air Asia’s flight booking system without authorisation. The accused had allegedly used the function “move flight function” in those unauthorised transactions to change, among others, the flight details and customers’ emails for the purpose of notification. The said function is a critical function to allow authorised staff to make changes so that no charges are made to customers.

The accused was given an ID ‘6954’ and password to access Air Asia flight booking system but he had limited access to it. Thus, one of the witnesses, SP4, had given his ID and password to the accused after the accused had requested for it on the ground that the latter is unable to access to the system using his own ID. SP4 did not know that the accused had misused his account. The accused had then used the said account to help his family members and friends to get cheaper flight tickets, among others. Air Asia alleged that it had lost about RM229,100.42 due to the accused’s actions.

In the system log, it was found that the accused had changed the flight schedule and also that there were a few customer email notifications which involved the agent code 6954 which had made the flight changes. Further, there was an incident whereby SP4 was asked by the accused to provide his new password after it had been changed.

The Sessions Court found the accused guilty and had applied the statutory presumption under s. 114A of the Evidence Act 1950 after the accused could not rebut the evidence that the agent code 6954 belongs and used by him.

Under 114A of the Evidence Act 1950, a person is deemed to be a publisher of a content if it originates from his or her website, registered networks or data processing device of an internet user unless he or she proves the contrary. In 2014, this new law sparked a massive online protest dubbed the Malaysia Internet Blackout Day or also the Stop114A.

On appeal, the High Court concurred with the Sessions Court Judge. The High Court Judge also held that s. 114A of the Evidence Act 1950 applies retrospectively notwithstanding that the offence was committed prior to the enforcement of s. 114A as the presumption did not alter the original subject matter and even includes the same subject matter that did not prejudice the accused before and after. In other words, without using such presumption, the Prosecution would still have to prove that the Accused was the person who used his ID and password to access the employer’s system had committed an offence to change the flight schedule without authorisation. On the contrary also by applying the presumption of the law, the Prosecution will still have to prove that the accused alone has a specific ID and password to access the system.

Closing

2018 will mark another interesting year for cyber related cases. In late 2017 and early 2018, the following cases have been filed:-

– A Uber driver sued Uber Malaysia Sdn Bhd for non payment of his fees. The interesting question in this case would be whether Uber Malaysia Sdn Bhd is liable to pay such fees or one of Uber’s foreign entities.
– In the Intellectual Property Court of Kuala Lumpur, a brand owner had filed a law suit for trade mark infringement against a web hosting company for hosting a website that sold counterfeit products. The interesting question in this case is whether a webhoster is liable for what their subscribers do.
– In the same Court, a brand owner had also filed a law suit for trade mark infringement against online marketplace operator for using the brand owner’s registered trade mark and allowing their users to sell unauthorised products. The interesting question in this case is whether an online marketplace operator is liable for what their users do on their platform and in particular case, for selling unauthorised products.
– The same Court also granted an application to serve a Writ and Statement of Claim via email and WhatsApp messenger after it could not locate the Defendant at her last known address. Traditionally, when a Defendant cannot be located, Plaintiff would normally ask the Court to allow a notice relating to the lawsuit to be published in the newspaper, among others. We will see more and more substituted service applications to be served electronically.
PKR communications director Fahmi Fadzil filed a civil suit against the Malaysian Communications and Multimedia Commission and Nuemera (M) Sdn Bhd for allegedly failed to protect his personal data which resulted in the leakages of his personal data together with personal information of 46.2 million mobile subscribers. This was one of Malaysians’ biggest data leak.

Finally, the recent introduction this month of the Anti-Fake News Bill 2018 is too important for me to leave till next year to comment!

The word “fake news” is defined as any news, information, data and reports, which is or are wholly or partly false, whether in the form of features, visuals or audio recordings or in any other form capable of suggesting words or ideas.

The law applies to fake news concerning Malaysia or the person affected by the commission of the offence is a Malaysian citizen. Any person who, by any means, knowingly creates, offers, publishes, prints, distributes, circulates or disseminates any fake news or publication containing fake news commits an offence and shall, on conviction, be liable to a fine not exceeding RM500,000 or to imprisonment for a term not exceeding 10 years or to both.

The Court may also order the accused to make an apology. Interestingly, the new law allows civil action to be initiated by a person affected by the fake news publication for an order for the removal of such publication. I will write further on this new law on a separate article. [Postscript: The Anti Fake News Act 2018 is now in force effective from 11 April 2018]


First published on Digital News Asia on 30 March 2018

Bread & Kaya: Are WhatsApp admins going to jail?

Bread & Kaya: Are WhatsApp admins going to jail?

By Foong Cheng Leong | May 02, 2017

– Two key elements in s. 233 are not fulfilled by a group chat admin
– To use s. 114A to attach liability on a group chat admin is stretching s. it too far

I REFER to the recent news reports stating that the Honourable Deputy Communications and Multimedia Minister Jailani Johari announced that group chat admins can be held accountable under the Communications and Multimedia Act 1998 (CMA) if they fail to stop the spread of false news to its members.

With due respect to the Honourable Deputy Ministry, the CMA, in particular s. 233 of the CMA, does not attach any liability to an admin of a group chat admin for spreading “false news”.

For ease of reference, I reproduce s. 233 of the Act:-

233 Improper use of network facilities or network service, etc

(1) A person who-

(a) by means of any network facilities or network service or applications service knowingly-

(ii) initiates the transmission of,

any comment, request, suggestion or other communication which is obscene, indecent, false, menacing or offensive in character with intent to annoy, abuse, threaten or harass another person; or

(b) initiates a communication using any applications service, whether continuously, repeatedly or otherwise, during which communication may or may not ensue, with or without disclosing his identity and with intent to annoy, abuse, threaten or harass any person at any number or electronic address,

commits an offence.

(2) A person who knowingly-

(a) by means of a network service or applications service provides any obscene communication for commercial purposes to any person; or

(b) permits a network service or applications service under the person’s control to be used for an activity described in paragraph (a),

commits an offence.

(3) A person who commits an offence under this section shall, on conviction, be liable to a fine not exceeding fifty thousand ringgit or to imprisonment for a term not exceeding one year or to both and shall also be liable to a further fine of one thousand ringgit for every day during which the offence is continued after conviction.

The offence under s. 233(1) of the CMA is committed by a person who uses any network facilities or network service or applications service knowingly makes, creates or solicits and initiates the transmission of an offensive communication with intent to annoy, abuse, threaten or harass another person. Two key elements in s. 233 are not fulfilled by a group chat admin namely “knowingly make or initiates the offensive communication” and “with intent to annoy, abuse, threaten or harass another person”.

As for s. 233(2), liability is only attached to a person who knowingly provide or permits an applications service to provide any obscene communication for commercial purposes. This is also not applicable to the present case.

It is noted that s. 114A of the Evidence Act 1950 provides for three circumstances where an Internet user is deemed to be a publisher of a content unless proven otherwise by him or her. The relevant section, namely s. 114A(1), states that “A person whose name, photograph or pseudonym appears on any publication depicting himself as the owner, host , administrator, editor or sub-editor, or who in any manner facilitates to publish or re-publish the publication is presumed to have published or re-published the contents of the publication unless the contrary is proved”.

In simple words, if your name, photograph or pseudonym appears on any publication depicting yourself as the aforesaid persons, you are deemed to have published the content.

To use s. 114A to attach liability on a group chat admin is stretching s. 114A too far. It must be highlighted that s. 114A was introduced to “provide for the presumption of fact in publication in order to facilitate the identification and proving of the identity of an anonymous person involved in publication through the internet” (Explanatory Statement of Evidence (Amendment) (No. 2) Bill 2012). Common sense would dictate that a group chat admin is not a publisher of their member’s messages.

In fact, in the Delhi High Court case of Ashish Bhalla vs Suresh Chawdhury & Ors, the Court held that:-

Similarly, I am unable to understand as to how the Administrator of a Group can be held liable for defamation even if any, by the statements made by a member of the Group. To make an Administrator of an online platform liable for defamation would be like making the manufacturer of the newsprint on which defamatory statements are published liable for defamation. When an online platform is created, the creator thereof cannot expect any of the members thereof to indulge in defamation and defamatory statements made by any member of the group cannot make the Administrator liable therefor. It is not as if without the Administrator‟s approval of each of the statements, the statements cannot be posted by any of the members of the Group on the said platform

Perhaps the Honourable Deputy Minister should clarify which section in the CMA attaches liability to a group chat admin to avoid further confusion and panic to group chat admins.


First published on Digital News Asia on 2 May 2017.

Bread & Kaya: The law and the Sweet Young Malaysian Girls blog

The law and the Sweet Young Malaysian Girls blog
Nov 29, 2013

– Netizens are riled up over the blog that posted pictures of young Malaysian girls, many of them minors
– Determining which laws could be applied against the blogger in question is however a challenge

Bread & Kaya by Foong Cheng Leong

I AM sure many of you have read of the recent ruckus over the Sweet Young Malaysian Girls blog. It’s a blog which featured a compilation of pictures of young Malaysian girls that has now been deleted.

Fellow netizen Harinder Singh had exposed the person allegedly behind the blog (let’s call him the SYMG Blogger). You can read all about it at Harinder’s blog.

I must highlight that a person should not accuse someone of a crime or a wrongdoing without evidence, as it is defamatory. Such a person may claim that someone else has proven the crime or wrongdoing, but in the event that such person is sued in court, he will need to prove the crime or wrongdoing (i.e. to prove that it is true).

In the event that the person who exposed the crime or wrongdoing refuses or fails to attend court, the defendant may not be able to sustain his defence.

Furthermore, the law on electronic evidence in Malaysia is still developing. Many types of electronic evidence (such as emails or printouts) are ruled inadmissible by our courts. In this regard, to be on the safe side, if you can’t prove it, don’t repeat it.

Many people have asked me what the victims can do, in particular the girls who had had their pictures posted on the blog. Some are of the view that no crime had been committed and that the girls can only sue the person behind the blog for copyright infringement (i.e. a civil wrong).

Some proposed invasion of privacy. However, if the pictures were taken from blogs or social media accounts of the victims and were easily accessible, there may not be an action for invasion of privacy.

It also may not be an offence under Section 233 of the Communications and Multimedia Act 1998, which provides that a person commits an offence if he or she posts any content that is either indecent, obscene, false, menacing, or offensive in character with the intention to annoy, abuse, threaten or harass any person.

In this present case, the contents of the blog do not seem to indicate such an intention.

If the images were taken and posted on the blog without permission, the person would be infringing the right of a copyright owner. But note that copyright generally belongs to the photographer and not the person(s) featured in a picture unless the person(s) in the picture had commissioned the photographer.

Therefore, the victims may not have the right to sue the owner of the blog … unless it is a selfie!

Nevertheless, the Copyright Act 1987 provides for criminal sanctions against copyright infringers. Section 41(1)(c) of the Copyright Act 1987 makes it an offence to infringe a person’s copyright. This provision is normally used against people who sell pirated movie and music and recently, website owners who host pirated movies and songs.

However, this provision is wide enough to cover pictures. It is possible to prosecute a person for distributing pictures of others without permission, especially when it involves a massive number of pictures. Any person convicted under this provision is liable to fine of no less than RM2,000 and no more than RM20,000 for each infringing copy, or imprisonment not exceeding five years.

The SYMG Blogger may be possibly be charged under s. 41(1)(c) of the Copyright Act 1987 (and if so, he could have set a new legal precedent in Malaysia!)

Nevertheless, SYMG Blogger may claim a defence of fair dealing under the Copyright Act 1987. He may claim that the blog was created for the purpose of research. Thus, this probably explains the ‘social experiment’ explanation he has been trying to pull.

Whether he will succeed in this defence would depend on whether it is genuine research or merely an afterthought.

Notwithstanding the above, there were naked pictures of young girls in the blog. It is certainly an offence to post obscene pictures online (Section 292 of the Penal Code).

Then there is a question on whether reproducing an image which had already been reproduced in another page (e.g. by way of re-blogging) amounts to publication. If we follow Malaysian laws, reproducing an image through re-blogging is a publication of the image by the person who re-blogged it.

Unfortunately, I have been informed that none of the victims have made a police report. I am told that some girls do not want their parents to know. Unless a police report is made, the police will not start investigations.

Without a complainant, it will be very difficult for the Attorney-General’s Chambers to prosecute the case.



First published on Digital News Asia on 29 November 2013.

Bread & Kaya: Sharing images of crime victims

Bread & Kaya: Sharing images of crime victims

Nov 01, 2013

– No doubt the dissemination of gruesome images is distasteful and disrespectful of victims and their families
– However, when the MCMC cited legislation against it, the industry regulator may have been stretching it

Bread & Kaya by Foong Cheng Leong

IT was with great interest that I read the following Facebook posting by industry regulator the Malaysian Communications and Multimedia Commission (MCMC):

Assalamu’alaikum dan Selamat Sejahtera,

Orang ramai dinasihatkan untuk tidak menyebarkan gambar dan rakaman CCTV pembunuhan kejam seorang pegawai bank atau gambar-gambar mangsa di mana-mana media sosial seperti Facebook dan Whatsapp .

Jika anda telah berbuat demikian sila padamkan post tersebut. Ini adalah untuk menghormati mangsa dan keluarga beliau. Ia mungkin juga mengakibatkan gangguan emosi kepada orang ramai terutamanya kanak-kanak.

Kami telah pun meminta kerjasama YouTube untuk mengeluarkan video berkenaan dengan seberapa segera.

Untuk makluman, penyebaran gambar dan video sebegini adalah suatu kesalahan di bawah Seksyen 211 dan 233 Akta Komunikasi dan Multimedia 1998. Jika didapati bersalah, denda yang dikenakan tidak melebihi RM50,000 dan satu tahun penjara atau kedua-duanya sekali.

Sekian, terima kasih

In brief, the MCMC stated that the dissemination of gruesome images or video recordings of crime victims is an offence under the ss. 211 and 233 of the Communications and Multimedia Act 1998 (CMA). Reference was made to the CCTV recording of the deadly shooting of Ambank officer Norazita Abu Talib.

There is no doubt that the dissemination of such gruesome recordings and images is distasteful and disrespectful of the victim and her family. But for the MCMC to state that it is an offence under ss.211 and 233 of the CMA is stretching the applicability of these laws too far.

For there to be an offence under s. 233 of the CMA, the case of PP v Rutinin Bin Suhaimin has clearly set out that the following ingredients must be proven:

– The accused person initiated the communication in question.
– The communication in question is either indecent, obscene, false, menacing, or offensive in character; and
– The accused had intention to annoy, abuse, threaten or harass any person.

Section 211 of the CMA is similar to s. 233 of the CMA.

A person who posted the offensive materials must have the intention to annoy, abuse, threaten or harass any person. I doubt the people who have shared such images or recording had such intentions. Perhaps bloggers or portals that had done so had the intention to gain more visitors. Or perhaps some netizens share them to satisfy the morbid curiosities of other netizens.

But certainly this is not an intention to annoy, abuse, threaten or harass any person.

In short, the dissemination of gruesome recording and images is not an offence under ss.211 and 233 of the CMA unless it was disseminated with an intention to annoy, abuse, threaten or harass any person.

No doubt it is a calamity to have images of your late loved ones being disseminated online; but there are other laws to govern the dissemination of such information. Section 292 of the Penal Code makes it an offence to disseminate obscene material. The person who caused the leak of gruesome image (e.g. autopsy pictures) could be subject to a civil suit for negligence.

Even the soon-to-be introduced law s. 203A of the Penal Code, which punishes, among others, a civil servant for disclosing information obtained by him in his performance of his functions with a fine of not more than RM1 million (US$317,000), or imprisonment for a term which may extend to one year, or both.

However, I do not think that Parliament should introduce a law to curb the dissemination of gruesome recording of victims, especially if there are benefits of doing so. For example, for education purposes (e.g. study of forensic science) or even to highlight the extent of injuries suffered by inmates due to alleged police brutality.

The purpose of this article is not to justify the dissemination of gruesome images or videos but to highlight the extent of our laws. The MCMC should ensure that its statement, in particular, the last paragraph, is accurate and not leave room for misinterpretation.


First published on Digital News Asia on 16 August 2013

GE13: Online campaigns get nasty

I was quoted by The Star in their article “GE13: Online campaigns get nasty” on 12 April 2013.



PETALING JAYA: Online campaigning has gone nasty in the run-up to the May 5 general election with cyber troopers from both sides of the political divide going beyond mudslinging at times.

The fight tends to get ugly with vulgar words used freely, sometimes crossing the boundary of racial and religious sensitivity as rival cyber troopers vie to influence public perception.

Both Barisan Nasional and Pakatan Rakyat have accused each other of paying cyber troopers to attack their opponents on social networks.

One example which a non-governmental organisation complained about was the case of pro-opposition cyber troopers uploading a photograph of a woman online last month accompanied by harsh and vulgar comments.

The woman, who is a committee member of the Malaysian Youth Rights Movement, was also threatened with gangrape and murder over her stand on some issues.

Deputy Higher Education Minister Datuk Saifuddin Abdullah condemned the strategies being employed by cyber troopers, saying “they put too much focus on attack”.

“In the long run, these strategies won’t work. The people will start reading these comments and say you are insulting my intelligence’,” said Saifuddin.

Outgoing Jelutong MP Jeff Ooi denies that there are cyber troopers on his party’s payroll, and called for politicians to make a stand against the current tactics employed by cyber activists.

“We (politicians) should not be seen to be condoning abusive commentaries. We have to call a spade a spade. If it were to come from my party, we would have to put them under restraint,” said Ooi.

Supt Ahmad Noordin Ismail from the cyber crime department of the police’s Commercial Crime Unit said nabbing cyber troopers and cyber bullies can be complicated due to a lack of evidence.

“People can make these comments and remove them easily,” he said.

Digital News Asia executive editor A. Asohan said he expected the mud-slinging, and warned that things would get worse as polling day nears.

“The real dirty play will come from the Internet. You will see a lot of accusations flying back and forth while paid bloggers will go on the warpath,” he added.

However, he believed people are smarter these days and would not be easily taken in by what was being posted on Websites.

MCA Youth new media bureau head Neil Foo agreed that it was not a healthy trend for both sides to have a go at each other in an unruly manner.

He said he always reminded the MCA cyber warriors and supporters to be polite, argue based on facts and not be too emotional.

He admitted that there are some who got carried away when egged on by other cyber troopers.

“I’ll ask them to watch the words they use. There should not be any vulgarity or personal attacks. They should stick to the facts,” he said.

Action can be taken against people who post offensive comments online, Kuala Lumpur Bar IT committee chairman Foong Cheng Leong said.

Under Section 233 of the Communications and Multimedia Act, those found guilty of harassing or being offensive online can be fined a maximum of RM50,000 or jailed up to a year or both, he noted.

The same clause also provides that a further fine of RM1,000 can be levied daily during which the offence is continued after conviction.

Foong strongly felt that “while people are free to express their opinions, they should not defame or attack others maliciously”.

Universiti Sains Malaysia psychologist Dr Geshina Ayu Mat Saat said cyber bullies, who preyed on their victims often perceived they had the right to bully.

“They have this sense of entitlement, whereby their way is the best and people should follow them. Their perception is also very lopsided based on their own personal experience and expectations,” she said yesterday.

Dr Geshina Ayu said these bullies were more daring online as they felt that they could get away with it.

“But they failed to realise they are bound by the law, even online,” she said.

1 2  Scroll to top