A new report from SMEX examines the vague legal framework of device seizures in Lebanon that security agencies have exploited to target protesters in violation of their privacy rights.
This statement was originally published on smex.org on 1 February 2021.
We have witnessed in the last couple of years a striking increase in the number of devices seized by security agencies in Lebanon, a phenomenon that became more pronounced following the October 2019 uprising. When it comes to these seizures, the legal framework is vague and often exploited or circumvented since it is subject to many unlawful practices by the authorities.
Lebanon has signed numerous international treaties with privacy implications. Moreover, the Lebanese constitution protects the right to privacy, albeit not explicitly. However, the right to privacy was guaranteed by the Constitutional Council in a decision that dates back to 1999.
At the national level, the criminal procedure code, modified in 2001, enables the examining magistrate to order device seizures. Law 140 for the protection of the secrecy of communications, adopted by the Cabinet in 2009, adds another administrative authorization, permitting certain branches of the executive branch to order these seizures. This law also adds conditions to be respected: the decision needs to be taken in cases of extreme urgency and needs to be written and justified. The E-transactions Law and Personal Data, passed in 2018, transfers the authority to search and seize devices in investigations from the examining magistrate to the public prosecution without any “limitations.”
During the October Uprising, security agencies arrested protesters and frequently seized their devices, which constitutes a breach of privacy and an infringement on basic rights. In response to these seizures, a circular was issued by the General Prosecutor on December 3, 2019. The circular emphasizes the detainees’ basic rights and reminds of the “constitutionality” of the right to privacy especially when it comes to devices, however, it does not effectively rein in the search and seizure of devices.
The Lebanese legal framework is vague and not suitable for the protection of privacy rights. Concerning device seizures, the authority to permit the seizure and the search lies in the hands of the judiciary (examining magistrate) or the Administration (Law 140). Since the E-transactions law in 2018, the public prosecutor has the authority to order a seizure too. We still do not have relevant jurisprudence when it comes to the subject. Currently, the Lebanese authorities do not value freedom of expression and privacy rights. This could lead to increased surveillance and indicate the transformation of the Lebanese state into a police state. We provide the following recommendations:
- Amend Article 123 of the E-transactions and Personal Data Law to add restrictions on personal device searches similar to the restrictions included in Law No. 140/1999. This aims to subject the search of devices to the procedures related to the search of private communications, rather than the search of objects.
- Request the general prosecutor to issue clear instructions on conditions for device searches and seizures that respect the principles of legality, necessity, and proportionality of the infringement on privacy.
- Transfer the authority for judicial orders exclusively to the examining magistrate, also known as the investigative judge, because the public prosecutor is still a party in litigation, which could lead to biased orders
- Develop accountability mechanisms to ensure that security agencies are respecting laws and regulations.
- Continue the fight for defense rights, and the enforcement of Article 47 Criminal Procedures Code in front of all jurisdictions.
- Phones and other devices should not be taken when individuals are summoned for questioning unless there is a judicial order.
To download the full report, click here.