On October 22, the Minister of Information Technology, Communication and Innovation (ITCI), Deepak Balgobin presented the Cybersecurity and Cybercrime Bill for the first time in Parliament. Focus on this new bill which debate in Mauritian society.
Strengthening cybersecurity in Mauritius
Firstly, the Cybersecurity and Cybercrime Bill aims to replace the Computer Misuse and CyberCrime Act 2003: the current law regulating Internet activities in Mauritius, which is now completely obsolete. Indeed, nowadays, with the emergence of social networks and new technologies, Mauritian society is facing new challenges around the Internet and cybersecurity. One example is the recent Telegram case, which highlighted the problem of revenge porn, which is becoming increasingly prevalent in Mauritius.
This bill is therefore an opportunity for Mauritian legislation to adapt to the new realities of cybercrime.
The Computer misuse and Cybercime Act already provided for fines of up to Rs 1 million and imprisonment for up to five years. In contrast, the new bill is intended to be tougher, with prison sentences approaching 25 years, and fines of up to Rs 2 million. In comparison, the French penal code, which also deals with cybercrime, provides for prison sentences of two to seven years. The fines vary between 60,000 and 300,000 euros.
This new law will take into account :
- Acts of cyber-harassment: will be punishable with a fine of Rs 1 million, or imprisonment up to 20 years.
- Terrorist acts: those found guilty of such practices may be fined not more than Rs 1 million or imprisoned for a maximum of 20 years.
- Cyber-extortion: any offender is liable to a maximum fine of Rs 1 million or imprisonment for a term not exceeding 20 years.
- Revenge porn: those who publish sexual photos or videos without the consent of the person involved will be liable to a fine of up to Rs 1 million and a maximum prison sentence of 20 years.
The National Cybersecurity Committee
The creation of a National Cybersecurity Committee is among the measures in the bill. The 13-member committee will be responsible for advising the government on cybersecurity and cybercrime. At the same time, it will have a duty to guide government policy in these areas. It will work closely with the institutions in charge of IT incidents, as well as with local and international authorities.
But this law is a challenge. Many believe that this is a way for the government to censor content on social networks. Section 23 (Failure to Moderate Undesirable Content) of the law is particularly criticized. For some, this is a filtering measure that seriously compromises freedom of expression. However, the most virulent criticisms are aimed at the severity of the sentences, which are considered to be exaggerated. In addition, the absence of a reference to industrial espionage in the bill is very unfortunate.
The Budapest Convention: a guarantee of individual liberties?
But the bill does state: ” increased compliance with the Budapest Convention on Cybercrime through the provision of additional criminal offences related to cybercrime and cybersecurity, improved investigation and increased international cooperation . This therefore means that the Cybersecurity and Cybercrime Bill remains along the lines of the Budapest Agreement signed by Mauritius in 2013. In sum, this ensures that this new law should not jeopardize the individual freedoms of Mauritians.