IT com­pa­nies see bugs in new law de­signed to pro­tect from un­rea­son­able po­lice searches

Kyiv Post Legal Quarterly - - Contents - By kras­nikov@kyiv­

If you want to know about pres­sure on busi­nesses by law en­force­ment in Ukraine, just ask a techie.

IT firms have for years borne the brunt of il­le­gal and in­tru­sive searches by law en­force­ment agen­cies. Po­lice have of­ten con­fis­cated their com­put­ers and servers – the bread and but­ter of their busi­nesses – par­a­lyz­ing their op­er­a­tions.

The grounds for the searches are of­ten shaky: Ukraine’s law en­force­ment claimed that the most re­cent searches of IT firms were re­quired be­cause they sus­pected some com­pa­nies had been in­volved in ei­ther mis­ap­pro­pri­a­tion of govern­ment data, co­op­er­at­ing with Rus­sia, or em­bez­zle­ment.

Although po­lice only searched a few firms in 2017, at least 30 have suf­fered in­tru­sive vis­its by law en­force­ment over the last three years, putting the In­te­rior Min­istry and Security Ser­vice of Ukraine, or SBU, who con­ducted the searches, at log­ger­heads with the man­agers of top tech com­pa­nies. Many IT com­pa­nies threat­ened to quit Ukraine. Some did.

The main prob­lem, ac­cord­ing to tech busi­ness peo­ple, is that the SBU and In­te­rior Min­istry of­fi­cers were far too heavy-handed – the con­fis­ca­tion of servers, of­fice equip­ment and even per­sonal lap­tops de­prived com­pa­nies of vi­tal in­for­ma­tion, halt­ing their op­er­a­tions in some cases, and thus cost­ing them money and their busi­ness rep­u­ta­tion.

None of the searches have ever led to any known crim­i­nal charges. In fact, some of the firms that were searched have won cases against the law en­force­ment agen­cies’ ac­tions, while oth­ers are wait­ing for their cases to go to court.

New rules The new law re­quires in­ves­ti­ga­tors car­ry­ing out searches of busi­nesses to video­tape their ac­tions, and those be­ing searched can also record the search.

Searches can only be car­ried out un­der a war­rant. Lawyers have to be present. In­ves­ti­ga­tors un­der most cir­cum­stances are pro­hib­ited from seiz­ing orig­i­nal doc­u­ments or hard­ware – in­clud­ing servers, per­sonal com­put­ers and smart­phones – and may only make copies of data, un­der the su­per­vi­sion of a tech­ni­cal ex­pert. Also, the law for­bids the re-open­ing of cases.

The highly an­tic­i­pated law has been given a cau­tious re­cep­tion by the tech in­dus­try.

Dmytro Ovcharenko, vice pres­i­dent of Ukraine’s IT As­so­ci­a­tion, said he has al­ready spot­ted some bugs.

While po­lice are for­bid­den from seiz­ing servers and com­put­ers – the main gripe of the IT com­pa­nies – there are ex­cep­tions. If the po­lice are un­able to make copies of the in­for­ma­tion they need, they can still con­fis­cate the hard­ware in which the data is stored, Ovcharenko said. More­over, hard­ware can be con­fis­cated if the po­lice de­ter­mine that they need it for a foren­sic ex­am­i­na­tion.

On top of that, there’s no clear def­i­ni­tion of words like “com­puter” and “server” in Ukrainian leg­is­la­tion, mean­ing the au­thor­i­ties might be tempted to cre­atively in­ter­pret the new law.

Nei­ther is there any men­tion of how searches will be funded: to make video record­ings and copy data, the po­lice will have to have the re­quired equip­ment and spe­cial­ists on hand – and that’s ex­pen­sive. Ovcharenko said he doubts that the govern­ment will al­lo­cate enough money for this pur­pose. Scared clients IT is one sec­tor where the govern­ment re­ally has to get it right if it wants Ukraine’s im­age to shine.

The in­dus­try ac­counts for 3 per­cent of Ukraine’s gross do­mes­tic prod­uct. It earned more than $2 bil­lion from ex­ported goods and ser­vices in 2016, ac­cord­ing to the Na­tional Bank of Ukraine.

In the past, un­law­ful searches scared off po­ten­tial in­vestors and forced some of the coun­try’s best tech pro­fes­sion­als to seek a qui­eter life abroad.

Ovcharenko re­called how po­lice once raided a Kharkiv-based IT com­pany – ap­par­ently by mis­take. They “ag­gres­sively” searched their premises and scared a for­eign client, who af­ter­wards an­nulled a $1 mil­lion con­tract.

“We sim­ply don’t know how many po­ten­tial in­vestors have looked at this sit­u­a­tion and de­cided that it’s not worth do­ing busi­ness with a Ukrainian com­pany,” Ovcharenko said.

He sug­gested mak­ing it a crim­i­nal of­fense to vi­o­late the rules for con­duct­ing a search, since “no­body needs rules if no­body’s held ac­count­able for breach­ing them.”

No one’s sa­cred But Vi­talii Vla­siuk, the co-founder of law firm epravo, said that the law is good for busi­ness in gen­eral. He points out that not all busi­nesses are per­fect ei­ther. While a lot of at­ten­tion is fo­cused on the ac­tions of law en­force­ment, few ques­tions are asked about the le­git­i­macy of some of the IT com­pa­nies’ ac­tiv­i­ties.

Some searches of com­pa­nies by law en­force­ment are jus­ti­fied, Vla­siuk said.

“No busi­ness is sa­cred. If a com­pany is en­gaged in gam­bling un­der the guise of ‘game de­vel­op­ment’ or chan­nels rev­enue to sup­port ter­ror­ists, then there is no point (in com­plain­ing),” Vla­siuk told the Kyiv Post, say­ing that he knew of such cases.

He said IT com­pa­nies should co­op­er­ate more with law en­force­ment, and in­form po­lice if they no­tice any il­le­gal ac­tiv­ity in the in­dus­try. In­for­ma­tion tech­nol­ogy firms have suf­fered in­tru­sive searches by law en­force­ment agen­cies for years. Tech busi­nesses com­plain that the po­lice lack proper train­ing – they use out­dated meth­ods, usu­ally seiz­ing per­sonal com­put­ers in­stead of copy­ing the in­for­ma­tion.

Newspapers in English

Newspapers from Ukraine

© PressReader. All rights reserved.