Amidst concerns by the industry stakeholders about the possible impact on digital economy, the government has already worked out fresh amendments to be incorporated into the recently introduced Online Safety Act.
Speaker Mahinda Yapa Abeywardena gave his ascent to the new law passed in Parliament. The government proceeded with the enactment of the new law despite criticism from various corners including the industry stakeholders who argued that the new law borders on the infringement of freedom of expression and will have an impact on digital economy in the future.
The Act provides for the establishment of a Commission which is empowered to issue directives to persons, internet service providers or internet intermediaries, who have published or communicated or whose service has been used to communicate any prohibited statement. It can notice any internet service provider or internet intermediary to disable access to an online location which contains a prohibited statement by the end users in Sri Lanka or to remove such prohibited statement from such online location.
In the backdrop of mounting criticism, an official of the Public Security Ministry said new amendments had been worked to be referred to the Cabinet for approval in another two weeks’ time.
The official said the government completed the consultation process with the industry stakeholders- Google, Yahoo, Meta, X, Amazon etc.
“We will proceed with the incorporation of the new amendments after Cabinet approval,” he said.
The government can no longer disregard the industry's viewports, it means. According to the UN, digital advances can support and accelerate the achievement of each of the 17 Sustainable Development Goals – from ending extreme poverty to reducing maternal and infant mortality, promoting sustainable farming and decent work, and achieving universal literacy.
The COVID-19 pandemic accelerated the digital transformation and changed the way societies and businesses function forever. Digital platforms mainly with support from social media and tech companies, including Meta, Google, AWS, Microsoft etc helped businesses in Sri Lanka during the pandemic, enabling them to overcome lockdowns through remote work and online operations.
Therefore, Sri Lankan businesses, especially SMEs benefitted from digital platforms to carry out their sales and operations during this period. Currently, the digital economy in Sri Lanka is estimated to be around US $ 3.5 billion or 4.37 per cent of GDP, with exports at around US $ 1.25 billion. The Government plans to elevate this figure to 15 per cent of GDP by 2030 and thereby increase the digital economy contribution from US $ 3.5 Billion to US $ 15 billion.
However, the digital economy targets can only be achieved if there are mechanisms to make Sri Lanka an attractive destination for digital investments. Since we cannot provide tax breaks and other financial incentives, the only option is to make it attractive through policy initiatives which are compatible with global standards.
Over the years, Sri Lanka has adopted digital laws and policies, which are compatible with international standards. The Electronic Transactions Act was amended in 2017 to align with the UN Electronic Communications Convention (the gold standard for digital transactions & digital commerce), making Sri Lanka the first country in South Asia to achieve this standard.
In 2015 Sri Lanka was able to join the Budapest Cybercrime Convention because our Computer Crimes Act (2007) was formulated in line with International standards. The Payment and Settlement Systems Act (2005), which is the framework governing digital payments, is also based on a global standard, enabling Sri Lanka to become the second in Asia to adopt real-time online payments and settlements. All these laws were drafted adopting an open transparent process.
The Computer Crimes Bill (2005) was referred to a Special Standing Committee of Parliament after the debate (without putting it into second reading), which resulted in the Bill being comprehensively reviewed with stakeholders and experts.
Most recently the Personal Data Protection Act (2022), the first legislation of its kind to be adopted in South Asia, followed an open and transparent process. The Drafting process which started in January 2019 ensured that every version of the Bill was published online.
However, concern is raised that the Online Safety Act is not based on a global best practice and does not follow a transparent consultation process. Therefore, the Act requires further review by experts, not only from a legal perspective but from a Technology perspective.
According to the experts, the basic amendments proposed by Public Security Ministry and the Attorney General does not make it implementable and workable, because the SC determination does not address implementation aspects.
Some of the offences in the Act violate Articles 17 & 19 of ICCPR (International Covenant on Civil and Political Rights).
Even if those provisions are amended, it must be noted that the evidence required to successfully prosecute those offences are not in Sri Lanka.
Therefore, electronic evidence needs to be obtained from tech companies. This requires Sri Lanka to have a successful international cooperation regime with tech companies. Therefore, it has to be amended in cooperation with tech companies.
Making amendments to the Act in a rush without a consultative process will not create a conducive framework, where digital platforms and other tech companies will have the confidence to invest in Sri Lanka to enable us achieve the digital economy targets.
This bill also impacts the implementation aspects of the Data Protection Act No 9 of 2022 given the sweeping powers vested in the new Commission.