In the name of combating disinformation, hate speech, and cyber threats, governments across the Asia-Pacific (APAC) region are tightening their grip on online expression.

In recent months, debates around the regulation of online platforms have increased within the region with the adoption or proposal of several important and controversial pieces of legislation in this area. In many cases, new regulations have triggered significant criticism among civil society, experts, and international bodies.

In this post, I will try to critically present the mentioned legal and regulatory trends based on recent research activities in this area, as well as exchanges with civil society, media actors, regulators, and government officials during my recent visits to Nepal, Bangladesh, Maldives, and India. These missions were part of my ongoing collaboration with international organizations and donors such as UNESCO or the UK Foreign, Commonwealth and Development Office, and my direct engagement with local think tanks such as The Dialogue in India or Netra News in Bangladesh.

It is important to note that, quite often, lawmakers in APAC countries have justified these legal developments as taking inspiration from the general principles established within the European Union through the Digital Services Act (DSA), thus becoming manifestations of the so-called Brussels effect. This effect refers to DSA’s influence as a model for other regions of the world, a notion actively promoted by European institutions themselves.

However, many specialists have cautioned that while the DSA presents an interesting model with new rights for users and obligations for platforms (covering areas including transparency, accountability, redress mechanisms, etc.), the law was also designed with European rule of law safeguards, checks and balances, and the characteristics of the European human rights framework in mind. Furthermore, the DSA also includes new tools and mechanisms (for example, the obligation for platforms to undertake risk assessment and establish mitigation measures) that have yet to be adequately tested.

The truth is that the slate of APAC laws and regulations examined below often affect, either directly or indirectly, the free dissemination of content online. They also impose obligations and legal duties for online platforms, which may transform them into privatized enforcers of censorship and instruments for delegated political control. These legal frameworks frequently violate national constitutional provisions protecting the right to freedom of expression and directly contradict basic international human rights standards.

It is also important to emphasize that such restrictive legal frameworks often conflict with the very dynamic digital communications landscape in their respective countries. The use of digital tools has not only enabled unprecedented access to information or the capacity of individuals to disseminate information themselves, but it has also reduced the interference typically exerted by powerful media organizations and governments with authoritarian impulses. However, these changes have also triggered the establishment of restrictive measures and controls by national authorities.

New Laws, New Restrictions: The APAC Legislative Wave

As we highlighted in a recent edition of our The Free Flow newsletter, several APAC countries have either passed or are considering legislation that would impose sweeping and often restrictive controls on online speech, including a new Social Media Bill currently under discussion in Nepal, the enforcement of a new social media licensing framework in Malaysia via amendments to the Communications and Multimedia Act (CMA) of 1998, the adoption of a new cybercrime law in Pakistan (via the amendment of the Prevention of Election Crimes Act (PECA) of 2016), the hurried passing of a new Online Safety Act (OSA) in Sri Lanka in 2024, as well as discussions around changes to liability exemption principles as part of a future new Digital India Act (DIA).

Furthermore, and despite the promising new landscape after the July Uprising in Bangladesh, the approval of a new Cyber Protection Ordinance dated 24 December 2024 has caused significant concern for human rights organizations, activists, and media actors for allowing the prosecution and jailing of citizens who "hurt religious sentiments." The law also empowers the Bangladesh Telecommunication Regulatory Commission (BTRC) to remove or block content that may undermine "national unity," "economic activity," "security," "defense," "religious values," or "public order," and permits warrantless searches, seizures, and arrests, among other measures that significantly violate international human rights standards.

The Expanding Use of Internet Control and Shutdowns

Many countries in the APAC region do not face significant technical challenges, such as a lack of connectivity or the absence of proper Internet infrastructure. Instead, these nations have enacted legislation and practices that often involve blocking or throttling Internet access, as well as restricting access to specific services and applications, such as TikTok, in some areas. These restrictions are frequently implemented without a clear and predictable legal framework and by authorities that do not necessarily have a clear competence in this area.

Consequently, many governments in the region are resorting to controlling the Internet infrastructure as a tool to control and suppress online speech (this has been the case, to different extents, in countries such as China, India, Cambodia, Myanmar, and Bangladesh, among others). It is essential to emphasize that, according to several international human rights documents, cutting off access to the Internet or parts of it for whole populations or segments of the public can never be justified, including on public order or national security grounds. Likewise, in a report issued in 2017, the UN Special Rapporteur on Freedom of Opinion and Freedom of Expression underscores that network shutdowns invariably fail to meet the standard of necessity.

Platforms as Censors

Secondly, many countries in the APAC region count on extensive legislation that allows governments and regulatory bodies to request the blocking or removal of content deemed illegal or harmful. These requests can target not only Internet Service Providers (ISPs) but also other intermediaries, such as social media platforms and messaging apps. Additionally, hosting services may also be required to actively monitor content to detect and tackle undesirable expressions according to local laws. Quite often, these expressions are identified using very vague and general legal provisions, with the interpretation and enforcement delegated to non-independent and politically appointed bodies, sometimes referred to as “councils” or “commissions”, which are largely dependent on government influence.

This situation creates a significant risk because private companies become the primary arbiters of lawful or non-harmful speech in the absence of proper ex-ante judicial oversight and limited ex-post judicial review. The threat of severe penalties in cases of inappropriate enforcement exacerbates this risk and potentially leads to over removal of content, negatively impacting freedom of expression. Countries embracing such dynamics to some extent include India, Singapore, Indonesia, Thailand, and Malaysia.

Thirdly, and connected to the above, a robust system of intermediary liability exemptions promotes responsible content moderation by platforms while also preventing excessive restrictions on users’ freedom of expression. This principle has also been incorporated into the legislation and jurisprudence of some countries in the APAC region (the main example being India).

However, most countries lack a clearly defined and predictable intermediary liability framework as an essential pre-condition to protect speech rights and avoid forms of “collateral censorship.” Additionally, in the case of India, the country has evolved from being a regional example of well-constructed conditional liability exemptions to a case of progressive introductions of carveouts via regulatory instruments or guidelines.

Laws That Silence, Not Safeguard

In addition to these issues, over the past decade, various countries in the APAC region have increasingly adopted laws that directly restrict online content. These restrictions are often justified by the need to protect national and cyber security, maintain national cohesion, safeguard election processes, or ensure the integrity of information systems.

But, in many cases, these laws have been used — or rather misused — to control and limit the activities of civil society organizations, hinder the work of investigative journalists, and repress opposition movements. Typically, these restrictions take the form of criminal provisions and cover areas such as “fake news,” hate speech, anti-state behavior, public order, religious feelings, extremism, propaganda against the State, sedition, extremism, lèse majesté (a.k.a. defamation of the monarchy), national security, incitement to public panic, and many others. Such provisions are often drafted based on extremely vague and broadly interpretative terms, while their enforcement usually takes place within a context of lack of transparency, accountability, due process, and proper redress mechanisms.

Also, in countries such as Malaysia and potentially Nepal, online platforms are required to obtain specific licenses from national authorities in order to operate. These licensing regimes go beyond the mere registration or authorization of economic activities and, therefore, introduce a series of specific elements and requirements that the relevant authorities must evaluate for online platforms to function.

Those same authorities also have the power to decide on the renewal or cancellation of the license, always based on criteria that tend to be extremely vague and open to interpretation. It is clear that subjecting social media platforms and messaging applications to a ‘traditional’ media licensing system, along with the constant threat of being banned, suspended, or facing an uncertain renewal process, further opens the door to government control of speech and excessive content removal.

Finally, APAC countries have also implemented specific cybersecurity legislation and regulations that allow access to personal data, interception of communications, and seizure of equipment without adequate legal certainty, independent judicial oversight, or proper safeguards and redress mechanisms. These laws often fail to provide adequate protection for privileged communications and journalistic activities, which depend on secure access to confidential sources.

It is clear that the APAC region is currently witnessing the emergence of new laws and regulations aiming at equipping governments, regulators, and various law enforcement bodies with powerful tools to control and restrict online activities. These initiatives fundamentally respond to the need to maintain and tighten up State control over the public sphere, particularly when it comes to the activities of media, individuals, and groups disseminating messages diverging from the official mainstream discourse.

New regulations are also tied to historical legal frameworks, some of which date back to colonial times, that establish harsh penalties for crimes related to defamation, rebellion, sedition, attacks on institutions, and breaches of official secrets. Today, most APAC governments and legislators justify tougher restrictions and controls by citing the need to combat disinformation, prevent election interference, address hate speech, enhance cybersecurity, and protect various national interests. This new form of digital authoritarianism employs sophisticated techniques that rely not only on advanced control and surveillance technologies but also on the delegation of enforcement powers to private entities, which can be influenced by various formal and informal mechanisms of co-optation.

Learning from the EU’s Mistakes and Lessons

In this context, examining comparative regulatory models can be helpful in understanding different experiences and discovering new solutions to emerging problems. The Digital Services Act (DSA) serves as a significant example, as it is the first legal framework that systematically and comprehensively addresses platform design, curation, and moderation measures rather than focusing solely on the removal of individual content or user behavior. This framework imposes obligations on platforms to improve transparency regarding their content moderation practices, algorithmic decision-making, and due diligence processes.

However, it is important to acknowledge that the DSA may also raise doubts and criticisms regarding its practical implications and potential shortcomings in terms of effective implementation. It is important to promote a proper understanding of a model that, as mentioned above, requires certain institutional, economic, and social conditions to be properly implemented. Furthermore, it is essential to understand that selectively picking or adapting only certain aspects of any comparative experience might trigger the exact opposite effects and legitimize measures that contradict the fundamental principles of democratic regulation of online speech.

Joan Barata is a Senior Fellow at The Future of Free Speech and a Fellow of the Program on Platform Regulation at the Stanford Cyber Policy Center. He works on freedom of expression, media regulation, and intermediary liability issues.