The Online Safety Advocacy Group (OSAG) stands united with people in Malaysia in the fight against serious online harms while protecting our fundamental right to freedom of expression from being unjustly and unnecessarily suppressed.

The occurrence of cyberbullying and the proliferation of child sexual abuse material must be prevented and addressed swiftly whenever it occurs.

To achieve this, some new laws may need to be created, and some existing laws may need to be improved to ensure non-arbitrary application and effective redress.

However, what must be avoided and wholly rejected are any attempts to:
The government has announced its intention to enact anti-cyberbullying amendments to the Penal Code and an Online Safety Bill 2024 (OSB).

In that regard, members of the OSAG were invited to several stakeholder briefings organised by the Law Minister’s office and the Legal Affairs Division under the Prime Minister’s Department (BHEUU).

In these briefings, we were heartened by the government’s commitment to address a serious issue of public concern, but we are alarmed by some of the solutions that the government intends to propose.

As a result, the OSAG submitted a two-part Memorandum to BHEUU laying out the group’s feedback, concerns and recommendations to the government’s proposed laws (OSAG Memorandum).

To date, we await word from BHEUU as to whether our feedback and recommendations have been noted and incorporated into the government’s Bills.

We are also waiting to receive and provide consultation on the final version of the government’s Bills before they are tabled in Parliament.

Our concerns, as expressed in the OSAG Memorandum to the government, include the following:

1. The government needs to have broader and more thorough consultations with all key
stakeholders


The government’s entire process of crafting these new laws and briefing stakeholders has been rushed and one-way.

Many critical stakeholders - especially those representing the rights of children, women, and persons with disabilities on the ground - were either excluded or underrepresented. Notably, we are unaware if there has been any meaningful consultation with children, who are often the most affected by child sexual abuse material, online bullying and other harms.

The urgency of addressing online safety cannot justify bypassing a thorough and inclusive consultation process.

Only through an inclusive approach can the government ensure that the laws effectively address the real needs of all affected parties while balancing and protecting our fundamental rights.

As such, we urge the government to delay the introduction of any legislation until comprehensive and meaningful consultations are held.

2. The government must be transparent about all laws it intends to enact on online harms

We have not been consulted on any other laws that the government intends to enact or amend, ostensibly to curb “harmful” online content.

Stakeholders must be informed of all legislation and regulations that the government intends to enact, and how they interrelate, to understand the crosscutting consequences of multiple laws, obligations, and offences on the public.

3. Cyberbullying should not be addressed in the Penal Code

The government’s intention to include anti-cyberbullying offences in the Penal Code will lead to a duplication of offences, an example being the existing offence of criminal intimidation. Instead, laws against cyberbullying should be placed in separate, specialised legislation and should meet the following three criteria:

(a) Clearly distinguish between adults and children regarding liabilities, safeguards, repercussions, and enforcement measures. Children lack mature judgement and often do not appreciate the potential harm of their online activities. As such, peer-to-peer cyberbullying by children should primarily be addressed through non-punitive redress mechanisms using preventative, educative and restorative approaches, and laws must be carefully designed to avoid criminalisation of children.

(b) Clearly define the related harm. Broad and vague definitions of harmful content should be avoided, as they can be misused to stifle freedom of expression. We propose that the definition of cyberbullying should include the element of potentially severe physical, mental, emotional, or sexual harm to another person.

(c) Ensure that the sanctions are necessary and proportionate to the related harm. We must avoid disproportionately severe penalties, where criminal sanctions are seen as the default, or only, means of redress. For instance, preventive and rehabilitative measures should be included in line with international human rights standards.

4. Online scams should not be included in the OSB

Content related to online financial scams should be dealt with separately and not be included in the OSB, as it intersects with cybercrime and cybersecurity, which involve different regulatory authorities and require greater involvement with law enforcement in physical and digital spaces.

The recent amendments to the Penal Code sections 424A, 424B, 424C and 424D on online financial scams already address similar offences.

5. The definition of harmful content in the OSB must meet the standard “three-part test”

In Malaysia, there are multiple past and current examples where existing laws that restrict the right to freedom of expression have been misused to curb and clamp down on legitimate speech and expression, not because what was said or expressed rises to the level of a crime, but simply because it offended those with power.

Where this has occurred, there are no guardrails in place to ensure that those who have misused such power will be held accountable.

With Malaysia’s historical record in mind, the OSAG urges the government to ensure that the new online safety laws will not be misused in such a manner. To ensure that misuse cannot happen, any restrictions on the right to freedom of expression, which includes how “harmful content” will be defined in the proposed new laws, must meet the international and domestic standard “three-part test”, namely, they must be:
6. Limit online service providers’ duty to remove “harmful content”, and adopt “safety by design”

We propose that online service providers should only be required to remove or make inaccessible two critical categories of “harmful content”: child sexual abuse material and non-consensual dissemination of intimate images (including sexualised deepfakes).

We advocate for the OSB to adopt the approach of “safety by design”, where the focus is on prevention by anticipating, detecting, and eliminating online harms before they occur.

Towards the protection of children in particular, this would include design features to limit children’s exposure to harmful content, including explicit adult content, cyberbullying content, and content that incites selfharm.

It would also include making available a child-friendly reporting mechanism, including a single unified hotline, taking into account age, gender, language, disability, etc, so that child victims or children at risk know where to report and can report without fear.

7. Establish an independent commission to enforce the Online Safety Act

For an online content-regulatory scheme to have legitimacy, it must be overseen by an independent regulator, that is, a regulator free from political or commercial interference.

We strongly advise against entrusting the enforcement of the Online Safety Act to the Ministry of Communications or the Malaysian Communications and Multimedia Commission (MCMC). At present, the MCMC lacks independence and the necessary expertise to manage online safety effectively.

For MCMC to operate as an independent, transparent, unbiased and accountable regulatory body, it would need to undergo a structural overhaul to ensure its roles and responsibilities under the Online Safety Act are separated from its existing functions under the Malaysian Communications and Multimedia Commission Act 1998 and the Communications and Multimedia Act 1998.

As such, we recommend that an independent, multi-stakeholder Commission with the necessary technical capacity be established and granted the autonomy and power to oversee and enforce the Online Safety Act.

An independent body, including representatives from civil society and experts, would ensure fair and transparent enforcement, balancing public safety with the protection of human rights.

This body should be empowered to regulate social media companies and internet service providers, ensuring users' rights to privacy and free speech are safeguarded.

In conclusion, the OSAG urges the government to ensure that any regulatory framework effectively  safeguards children and society at large while being sensitive to potential overreach that could stifle public discourse, infringe on privacy, or limit access to information.

Achieving this balance is essential for a safe and open digital environment where children and society are protected while fundamental freedoms are upheld.



Issued by the Online Safety Advocacy Group, comprising the following civil society organisations (CSOs)
and individuals working on the issues of freedom of expression, child rights, gender equality, and
women’s rights:


1. Centre for Independent Journalism (CIJ)
2. Justice for Sisters
3. KRYSS Network
4. Childline Foundation
5. Protect and Save the Children (PS The Children)
6. End CSEC Network Malaysia (ECPAT Malaysia)
7. CRIB Foundation (Child Rights Innovation & Betterment)
8. Voice of the Children
9. Kemban Kolektif
10. Women’s Centre for Change (WCC)
11. Monsters Among Us (MAU)
12. Sarawak Women for Women Society (SWWS)
13. Association of Women Lawyers (AWL)
14. Johor Women’s League (JEWEL)
15. Women’s Aid Organisation (WAO)
16. Sisters in Islam (SIS)
17. Sinar Project
18. Maha Balakrishnan