The attempt to make ISPs (Internet Service Providers) criminally liable for their users' breach of name suppression orders is unjust and unworkable.
The Criminal Procedure (Reform and Minimisation) Bill is an omnibus bill that makes significant changes to the New Zealand criminal justice system. In its attempt to reform and streamline, it weakens the right to a jury trial, takes away the right to silence and forces defendants to help the Police make the case against them.
It also changes the law around name suppression. While we support the attempt to make name suppression harder to get, we have serious concerns about the attempt to make ISPs liable for breaches of name suppression online. Read section 216 of the proposed law and then consider some of these questions:
"ISP" is defined to include people who provide Internet as well as anyone who hosts material on a website.
Q. Why do they use the term "ISP" when the definition very clearly shows that anyone who runs a website will be classed as an ISP?
The ISP/website owner is liable to a fine of up to $100,000 if they have 'reason to believe' that some material on that website breaches a suppression order.
Q. Is an anonymous email adequate reason to believe? What about email from a stranger? A customer? A lawyer?
Q. Does this mean that the ISP/website owner has a duty to monitor news media to find out what information has been suppressed?
Q. Does this mean that the ISP/website owner must actively monitor user-created content (such as forums) to check for suppressed material?
There is no way to find out what information is suppressed.
Q. If you were about to publish something about a court case and you wanted to know if any of it was suppressed, how would you find out?
Q. If the courts than change the order how will the ISP/website owner know to undelete the material?
Some people have suggesting fixing the bill by creating a register of suppression orders.
Q. Who would be allowed to have access to this register of suppressed information?
Q. If all ISPs/website owners might be liable won't they all need access to the list? In which case won't everyone who wants to know who was charged just register as a website owner?
The ISP/website owner can protect themselves from liability by deleting the material or blocking access to it.
Q. If you were an ISP/website owner and someone accused one of your users of breaching a name suppression order and you were going to be criminally liable if you made the wrong call... what would you do?
Q. Can an article that includes clues to the information breach a suppression order? How much legal training does the average ISP worker or website owner receive?
Q. How is an ISP meant to delete a comment from a customer's online forum when it might not even have an account on that forum software? Do they have to take down the entire site?
Q. How is an ISP meant to remove an article from a customer's server they host when they might not even have access to administer the server? Do they have to shutdown the server thereby possibly taking down many websites?
Q. If an ISP/website owner disconnects a customer server, are they liable for damages caused to the customer's business?
There is no penalty for falsely claiming that information is suppressed.
Q. If you were charged in court and refused name suppression, what's to stop you sending takedown notices to ISPs saying that you were granted suppression and they need to remove your name from the article?
Q. How would an ISP know if this person was telling the truth or not?
The law has no effect on material hosted overseas.
Q. What's to stop someone creating suppressednames.blogspot.com and anonymously posting suppressed information there, where the NZ courts couldn't do anything about it?
Q. Is there any point removing suppressed information considering that it will have already gone out to Twitter, RSS feed readers, the Google cache and other places?
Drop ISP liability from the Bill
We think the proposed law is both technically and legally ridiculous.
- It is unacceptable to force ISPs and website owners to make complex legal decisions about the actions of others at the threat of 6 months jail or a $100,000 fine if they get it wrong.
- It is unacceptable that this Bill will mean that anyone can claim that some information is suppressed and that there is no way for the liable person to check.
We recommend that section 216 of the Criminal Procedure Reform Bill be deleted in its entirety. The ease of publishing in the Internet age may mean that it's already too late for suppression orders, but as the conviction of Cameron "Whaleoil" Slater shows, current law already provides sufficient protection for the current regime.
Get your submission in by Feb 18th.