
Cyber Policing Laws Advance Across Continents, Testing Privacy and Oversight Boundaries
Sweden, Malaysia, Indonesia and Bangladesh are each expanding state powers to access digital systems and disrupt online crime, triggering debates over transparency, free expression and operational resilience.
Governments on three continents are moving to equip law enforcement with new powers to infiltrate encrypted devices, intercept internet traffic and delete illegal content, marking a legislative pivot toward proactive cyber policing. In Stockholm, a government inquiry proposed a law allowing police, customs and the security service to hack into information systems in order to alter, block or erase data to prevent or interrupt crimes carrying a minimum one-year sentence. The Swedish justice minister described the tool as a “game-changer” and said the government aims to have legislation in place within a year, though the proposal would not take effect until mid-2027 and would be time-limited to five years. In Kuala Lumpur, parliament passed the Cybercrimes Bill 2026 by voice vote, replacing a 1997 statute with broader provisions covering digital fraud, identity theft and manipulated content, and empowering investigators to obtain both traffic data and the contents of communications from service providers.
In Jakarta, the debate has centred on process rather than operational detail. A deputy speaker of the House of Representatives’ Commission I insisted that the Cybersecurity and Resilience Bill is not intended to restrict free expression or conduct excessive surveillance, but civil society organisations, including the cyber unit of the Nahdlatul Ulama-affiliated GP Ansor, have sharply criticised the closed-door drafting. They argue that a law that will serve as the legal foundation for Indonesia’s digital ecosystem must be opened to public scrutiny before enactment, and have called for mandatory incident reporting, supply-chain security standards and a risk-based national cybersecurity framework. The government has not yet released the draft text, and the bill remains under committee review.
In Dhaka, the information minister framed the issue in existential terms, telling an audience at the Ansar and Village Defence Force headquarters that securing computer systems against hackers is now more urgent than guarding a company safe or a thousand-mile border. He cited the theft of central bank funds as evidence of how digital manipulation can disrupt national security, and praised the launch of a new digital platform for the paramilitary force as part of a broader government information-management strategy. The remarks signal that Bangladesh, too, is embedding cyber defence into its national security architecture, though no specific legislative proposal was announced.
Viewed from Kuala Lumpur, the gap between statutory ambition and operational reality is already visible. Malaysia’s Cyber Security Act 2024 was hailed as a milestone, yet a recent compromise of multiple government portals through a known, patchable vulnerability exposed what analysts describe as a persistent governance deficit. The incident illustrates that even robust legislation cannot enforce patch discipline or asset visibility, and that compliance audits often become procedural theatre rather than genuine risk reduction. The same tension is likely to shadow the new Cybercrimes Bill, which grants extensive investigative powers but whose safeguards, according to the deputy prime minister, will rely on strict legal procedures and a system of checks and balances that have yet to be tested in practice.
Sweden’s proposal now goes out for consultation, with the government signalling urgency. The Malaysian bill awaits royal assent and the drafting of implementing regulations. In Indonesia, the parliamentary working committee has not set a date for public release of the draft, while GP Ansor continues to press for a participatory process. The common thread across these jurisdictions is a recognition that legacy legal frameworks are inadequate for the speed and scale of digital threats, but the diverging approaches to transparency and oversight will determine whether the new powers are perceived as legitimate shields or as instruments of unchecked state reach.
How the same story is told elsewhere.
2 editorial groups · 4 languages
Sweden is advancing a proposal to give police the power to hack into devices and disrupt crimes in cyberspace. Current legal tools are seen as severely limited, and the reform is framed as a pragmatic catch-up with operational needs.
In Southeast Asia, new cyber laws in Malaysia and Indonesia are stirring heated debate. While the need for regulation is acknowledged, concerns are mounting over broad state powers, potential misuse to silence dissent, and weak implementation that undermines the legislation.
Broaden your view
Trump Debuts Qatar-Gifted Air Force One Amid Bipartisan Ethics Scrutiny
10 languages · 26 outlets
From Economy & MarketsBYD Poised to Reclaim Global EV Crown as Chinese Wave Reshapes Auto Markets
3 languages · 13 outlets
From TechnologyIndia freezes WhatsApp username rollout, extends scrutiny to Telegram and Signal
4 languages · 16 outlets