Using fake names on social network sites like Facebook and MySpace to commit a crime could mean extra jail time in Costa Rica, if a new Internet fraud bill before the Legislative Assembly passes.
Criminals who use online pseudonyms or other people’s identities to commit crimes could be punished by an additional three to 10 years in prison, said Luis Antonio Barrantes, a former legislator and the bill’s co-author.
The bill was drafted to protect Web users against Internet fraud, sexual predators and other cybercrimes.
“Currently there are no laws [in Costa Rica] that punish misuse of the Internet,” Barrantes said. “We are trying to crack down on fraud.”
The bill passed a first debate in the assembly on Nov. 30 with 32 lawmakers voting in favor. But opposition lawmakers said the bill violates citizens’ privacy rights, and sent it to the Constitutional Chamber of the Supreme Court (Sala IV) for review. A court ruling is pending.
Barrantes hopes the legislation will become a model for other countries to follow.
Posting to social network sites under a fake name would not become illegal unless a separate crime was committed, he said.
José Francisco Correa, regional manager of MediaGurú, a San José-based media analysis firm, is skeptical about how the bill would be enforced should it become law.
“It’s very common for people to have multiple profiles on social network sites,” he said. “It’s one thing to regulate it and another to actually control it. I see this as very complicated.”
Correa said he is also concerned that the bill is too vague about which crimes would be included. “I’m not a lawyer, but after reviewing it, I’m worried that [the section outlining crimes] isn’t specific enough,” he said.
The Internet fraud bill would also criminalize hacking into financial systems, disseminating Internet viruses and committing acts of online espionage.
For Barrantes, protecting financial institutions is a key aspect of the bill, as banks here lose millions of colones each year due to online fraud.
“It’s one of the reasons why more financial services aren’t offered online,” he said. “[Banks] don’t want to expose their clients to that kind of risk.”
Under the proposed legislation, hacking public information systems and databases at banking and financial institutions would result in up to 10 years in jail.
Some assembly members are concerned that in the bill’s current form, sentencing guidelines are too severe.
“We can’t think that extreme penalties will solve the problem,” said Juan Carlos Mendoza, the Citizen Action Party’s leader in the assembly. “As it stands, the law is very oppressive and doesn’t consider alternative forms of punishment that might be more effective.”
He added, “We do need to regulate Internet fraud, but we don’t need to go to extremes to do so.”
The assembly’s single Broad Front Party member, José María Villalta, said the bill is too intrusive and would violate online users’ rights to privacy.