The policy brief “The regulation of the Internet in Turkmenistan” analyses the discrepancies between the Internet governance legal framework and government practices in Turkmenistan. The law “On legal regulation of the Internet development and Internet services in Turkmenistan”, adopted in 2014, is the main document regulating the access to and the use of Internet services in Turkmenistan, including defining prohibited online content and activities.
The analysis identified that the legal framework has several progressive provisions that, in theory, should have improved the Internet availability in Turkmenistan. The law, for example, defines that the government must take measures to:
- ensure universal and equal access to the Internet, particularly to socially vulnerable groups;
- develop Internet infrastructure in rural, remote, and hard-to-reach areas;
- develop distance learning and digital literacy courses in public education facilities;
- facilitate remote work opportunities;
- develop websites of government agencies for citizens to receive updated information about the government work in all areas and at all levels;
- prevent unreasonable restrictions, unfair competition, and monopolisation in the telecommunications sector (Art. 7, 8).
Legal restrictions
At the same time, the legal framework contains provisions that do not align with Turkmenistan’s human rights commitments under international law. These provisions assign broad discretionary powers to the government in restricting access to information online on vague grounds (Articles 28, 29, and 30).
The framework also lacks clear mechanisms for independent judicial oversight to prevent abuse of authority and remedy and redress to the victims of such abuse. Provisions of particular concern include criminalisation of defamation against the president (imprisonment for 5 years), restrictions on access to information that denies traditional family values and provokes in children disrespect towards parents and family members, as well as liability for transferring rights to use the Internet services to third parties bypassing the Internet service operator (Turkmentelecom) and using uncertified encrypting means of information protection (i.e., VPNs).
Government practices
In practice, the government fails to implement the progressive provisions of the law; to the contrary, Turkmenistan is internationally considered as one of the world’s worst violators of freedom of expression and citizens’ digital rights and freedoms, including access to information of public relevance and importance. The access to the Internet is monopolised by the state-owned Turkmentelecom and is slow, expensive, and unreliable. Turkmenistan has the lowest Internet penetration rate in the region, which is far behind the global average.
The government’s online portals and services are substandard and minimal and do not provide citizens with access to many legal documents and detailed and accurate information about the government’s work, undermining government transparency and accountability.
The authorities also carry out internet shutdowns and major network disruptions, throttling, carpet blocking of websites and entire subnets, and scale-up repressions toward the users of VPNs and other circumvention tools.
State Cybersecurity Service
The State Cybersecurity Service under the Turkmenaragatnashyk Agency is believed to be the main government agency implementing widescale restrictions on access to the Internet. The agency was established in 2019 when the government adopted the Law on Cybersecurity, which statedly aims to protect the country’s cyber-sovereignty and its critical information and communications infrastructure and to combat cybercrime and other illegal activities on the Internet. Since then, the Cybersecurity Service has reportedly signed memorandums with the cybersecurity services of Kazakhstan, Uzbekistan, Azerbaijan, and Turkey to strengthen collaboration and acquire foreign technology for online mass surveillance, inspection, and blocking.
There is an absolute lack of credible publicly available information about the Cybersecurity Service, its structure, functional mandate, authority, and competencies. The government has still not made public any legal documents (laws and sub-laws) related to its work and structure; the Service does not have a website and does not publish annual reports about its activities, for example, reports on cybersecurity incidents, which raises serious concerns about its public accountability and adherence of its practices to international human rights standards.
The government also does not maintain a publicly accessible register of blocked websites, which makes it difficult to evaluate the extent of internet censorship in Turkmenistan. There are no legal mechanisms to become notified of being blocked and challenge government decisions. Finally, in 2022, the government proposed the creation of an autonomous national digital network, causing legitimate fears of further informational isolation of the country and its people.
Recommendations for the government of Turkmenistan:
- make all legal documents (laws, sub-laws, state programs, directives, and regulations) related to Internet governance publicly available, including the State Cybersecurity Program for 2022-2025, the Law on Cybersecurity (2019), the Regulation on the State Cybersecurity Commission, and normative acts detailing the structure and the mandate of the State Cybersecurity Service;
- amend the laws regulating the access to and use of Internet and online services to bring them in line with recognized international human rights standards, such as the International Covenant on Civil and Political Rights; establish a clear legal basis for any blocking measures – measures must pursue a legitimate aim and be proportionate to the legitimate aim pursued;
- ensure that any restricting measures on access to and the use of the Internet undergo proper judicial oversight to prevent abuse of authority;
- decriminalise defamation as per international human rights standards, amending Art. 30 of the law on Internet regulation and Art. 188 of the Criminal Code;
- remove liability for the use of uncertified circumvention tools;
- ensure the transparent and publicly accountable work of the State Cybersecurity Service; publicly divulge information about its authority, competencies, objectives, and providers of equipment and technical assistance – the Service must provide annual public reports about its work and procurements;
- establish and maintain an up-to-date and publicly accessible register of blocked websites, detailing on what ground and on whose behalf specific web resources in the list had been blocked.
