There has been a huge influx of laws being proposed and/or passed in many countries around the world concerning online freedom. The excuse to justify these draconian laws has always been to "protect children" or to "counter illicit activity". Malaysia is no exception as there has been a wave of censorship in recent months over here. It is well known for being the country with the most number of takedown requests on TikTok for twelve months and counting.

Any of these can happen (if not already) to your country as well. I will be listing them chronologically as to what is happening over here.

Social Media Licensing

On 1 August 2024, all social media and messaging platforms are required to apply for a license to operate here. This includes the likes of Meta, TikTok, X, Telegram and Discord (edit: full list here). The licensing requirement will take effect on 1 January 2025 and will be enforced on platforms with at least 8 million registered users in Malaysia. This basically means the government has full control over what these platforms are doing, much like the FINAS licensing for video content creators which luckily was never enforced.

For now this does not affect Hive yet as we have nowhere near that amount of users globally. However if this threshold is being lowered (or removed) in the future to a point where it meets the requirement, or if we ever grow to that scale, who will be liable for the licensing requirement? Witnesses? Frontends? No one knows.

DNS Redirect

The Malaysian government tried to ban public DNS servers (i.e. 1.1.1.1 and 8.8.8.8) by redirecting all DNS requests to the one controlled by the government. It was rolled out quietly without any announcement until it was noticed by SinarProject on 6th August 2024 on two ISPs. However that didn't generate much outrage until 5th September 2024 when someone found a section of the FAQ in one of the ISPs that all service providers must implement it by 30th September.

There were reports of many sites being affected including the Cloudflare dashboard. It did not matter whether the DNS queries were encrypted or not as all of them were intercepted (much worse than a plain DNS hijacking). Strangely it did not affect techcoderx.com Hive API node that uses Cloudflare Tunnels as it was still accessible by both me (without VPN) and my uptime monitor hosted outside of the country. This was rolled back within a few days thanks to all the backlash.

I had no idea what was going on back then as I was busy with HiveFest preparation at that time. Full details can be read in the Reddit megathread.

Who is the "authorized officer"?

About a week ago, a new amendment to the MCMC Act was passed. The thing that caught my eye was the following:

82. Clause 106 seeks to amend section 248 of Act 588 to also empower an authorized officer to enter the premises without warrant in the circumstances specified in the section. Currently, only a police officer not below the rank of Inspector may enter the premises without warrant.

Who exactly is the so-called "authorized officer" that can now perform warrantless searches? The definition in the original text that is "any public officer or officer appointed by the Commission and authorized in writing by the Minister".

This amendment grants sweeping powers for the commission to enter premises, perform searches and seizures without any warrant under the section 247 of the Act.

At the same time there's a new law that allows the commission to also arbitrarily decide what can or cannot be posted or accessible online for any reason they choose.

Both laws were passed by a mere 59 votes for, 40 against, 1 abstention and the other 122 being absent. This is plain ridiculous that a super-minority (26.57% of 222) can get laws passed, something completely unthinkable in blockchain governance even on the most centralized DAOs.

You know it is that bad when Louis Rossmann posted multiple videos about your country.

Implications

In the context of Hive, the worst that can happen is an attempt to ban Hive in Malaysia by blocking public frontends and known API nodes just because a Hive user has posted something that the government does not like even when they are lawful. They have done something similar to a competitor in the past when Hive (along with the former blockchain) did not exist yet.

As for me personally, there is nothing much I can do other than to move to another jurisdiction entirely, which as I mentioned above, the same things can happen in the new country. Just hosting the witness and API servers offshore is insufficient to protect myself from any legal issues. Feel free to leave your thoughts in the comments below.