Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa.

The increase in cyberattacks against the Middle East in the last few years has pressured Jordan and other nations to better secure their infrastructures.

The Jordan flag with 2 computer mice on it
Source: Mykhailo Polenok via Alamy Stock Photo

The Jordanian government has passed a new cybercrime law despite global criticism over its content and the relatively rapid speed at which it was approved.

Jordan's new cybercrime law follows the release of several related cybercrime policies over the past decade but is more detailed and concise in proactively addressing vulnerabilities and cybercrime activity and punishment in the country.

The new law comes amid the backdrop of increased attacks against the Middle East over the last few years. At this stage, it is not clear what impact the law will have on securing Jordan's infrastructure and organizations. Much of the reaction to it has surrounded freedom of speech and human rights.

What Does the Law Address?

The original bill was created in order to address the security ramifications of the rapid development in the field of information technology, and to create a legal system in Jordan for those acts "that are carried out by electronic means and the punishment of their perpetrators in order to achieve public and private deterrence."

Jordan's Prime Minister Bisher al Khasawneh has defended the bill, citing a sixfold increase in online crimes in the nation, according to Reuters.

The majority of the 41 articles in the bill detail certain types of cybercrime and the specific financial penalties and prison time associated with those crimes.

For example, Article 4 claims that whoever enters or connects to the information network without authorization and has access to data or information there could face between six months and three years in prison, and a fine of between 2,500 and 25,000 dinars.

There is a further punishment of "temporary work" to anyone charged with damaging, destroying, or modifying data or information.

Another piece of the bill, Article 12, has caused some controversy among human rights groups, who contend that it contains vague language that threatens privacy. Article 12 states that anyone who "circumvents the protocol address" could face a fine of 2,500 to 25,000 dinars and imprisonment for a period of no less than six months. On this point, Human Rights Watch said this could involve the use of VPNs, anonymous proxies, and even the Tor browser. Human Rights Watch said that would force individuals to choose between keeping their identity secure and being able to express their opinions freely online.

The new law also raised concern over accountability. Article 25 says the person responsible for the management of the website or social media platform, or in charge of any account, public page, group or channel, "shall be responsible for the illegal content."

Why So Controversial?

A joint statement by Human Rights Watch, Access Now, Article 19, and 11 other organizations said the bill has several provisions threatening freedom of expression, the right to information, and the right to privacy, as well as tightening government control over the Internet. The groups also claimed the bill will introduce new controls over social media, weaken online anonymity, hamper free expression and access to information, and increase online censorship.

Meantime the European Union says it recognizes and supports Jordan's objective to create a strong legislative framework to deal with and counter cybercrime efficiently, but it contends that some of the provisions of the new cybercrime law depart from international human rights standards and could result in limiting freedom of expression online and offline.

Liz Throssell, the United Nations' spokesperson for the UN High Commissioner for Human Rights, said countries indeed need to take steps to combat cybercrime, but protecting security online and ensuring online freedoms must be treated as complementary goals.

The draft legislation of the bill was presented to the Jordanian Parliament on July 15, was quickly passed by parliament on Aug. 2 and approved by the King on Aug. 12. UN's Throssell said this rapid ascent "raises concerns about transparency and participation."

About the Author(s)

Dan Raywood, Senior Editor, Dark Reading

With more than 20 years experience of B2B journalism, including 12 years covering cybersecurity, Dan Raywood brings a wealth of experience and information security knowledge to the table. He has covered everything from the rise of APTs, nation-state hackers, and hacktivists, to data breaches and the increase in government regulation to better protect citizens and hold businesses to account. Dan is based in the U.K., and when not working, he spends his time stopping his cats from walking over his keyboard and worrying about the (Tottenham) Spurs’ next match.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights