Jordan has recently passed a controversial cybercrime bill in response to a significant increase in cybercrime in the country over the past three years. However, this new legislation has raised concerns among human rights advocates. The bill defines various types of digital crimes and assigns punishments to each, including fines, temporary work, and even prison time. One particular article in the bill, Article 12, has sparked controversy as it could potentially penalize individuals for using VPNs, anonymous proxies, or the Tor browser to maintain online anonymity.
According to Dark Reading, human rights activists argue that this provision could hinder freedom of expression and the right to privacy. They believe that it may prevent individuals from freely expressing their opinions online without fear of retribution. Organizations such as Human Rights Watch, Access Now, and Article 19 have joined forces to issue a statement expressing their concerns. They believe that the new law threatens freedom of expression, the right to information, and the right to privacy. They also worry that it could enable increased government control and censorship on the internet.
Liz Throssell, the United Nations’ spokesperson for the UN High Commissioner for Human Rights, has also commented on the new law, emphasizing the importance of both fighting cybercrime and maintaining individual freedoms. Throssell raised questions about the transparency of the legislative process in Jordan, as the cybercrime bill quickly moved from draft to passage.
In another development, US government agencies have jointly issued guidance on preparing for the transition to post-quantum cryptographic (PQC) standards. The US Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the National Institute of Standards and Technology (NIST) have published a fact sheet urging organizations, particularly critical infrastructure operators, to develop a Quantum-Readiness Roadmap. The fact sheet emphasizes the impacts of quantum capabilities and encourages organizations to conduct inventories of quantum-vulnerable assets and apply risk assessments and analysis.
As reported by Executive Gov, the agencies recommend that organizations prioritize their most sensitive and critical assets. They highlight the importance of early planning, as cyber threat actors may already be targeting data that will require protection in the future. Rob Joyce, director of cybersecurity at NSA, emphasized the need for public-private partnerships in the testing and integration of these new cryptographic standards. He stated that the transition to a secured quantum computing era requires extensive collaboration between the government and industry.
Experts from DigiCert, Amit Sinha (CEO) and Tim Hollebeek (Industry and Standards Technical Strategist), have commented on the guidelines, highlighting the significance of the draft standards in the seven-year process to replace existing cryptographic algorithms with quantum-safe alternatives. Sinha urged organizations to build a centralized record of their cryptographic assets and prepare for adopting these new algorithms once the standards are finalized. Hollebeek emphasized the collaborative effort required to update internet protocols with quantum-safe algorithms.
Furthermore, Chris Hickman from Keyfactor discussed the implications of post-quantum readiness, particularly regarding supply chain security. Hickman encouraged organizations to include post-quantum readiness in their supply chain risk assessments, ensuring that all components in the supply chain, including hardware and software, are prepared for the threats of quantum computing. He suggested that organizations should consider looking for suppliers who have a plan for post-quantum cryptography if their current suppliers do not.
Lastly, the US Office of the National Cyber Director (ONCD) has extended the deadline for public comment on cybersecurity regulations harmonization. ONCD invited public comment on the opportunities and obstacles related to harmonizing cybersecurity regulations, and the deadline has been extended from September 15th to October 31st. The challenge of understanding the implications of regulatory overlap is complex, and ONCD is seeking input from the public to ensure effective harmonization of cybersecurity regulations.
In conclusion, Jordan’s new cybercrime bill has prompted concerns among human rights advocates due to its potential impact on freedom of expression and privacy. In the United States, government agencies are urging organizations to prepare for the transition to post-quantum cryptographic standards. This transition requires collaboration between the government and industry, as well as careful planning and risk assessments. Furthermore, there is an extended deadline for public comment on harmonizing cybersecurity regulations in the US to address challenges related to regulatory overlap. These developments highlight the ongoing efforts to address cybersecurity challenges and maintain individual rights and privacy in an increasingly digital world.