Responsible business advocate Vicky Bowman talks to Frontier about the motives and risks of a new law issued by the junta for private security services.
By FRONTIER
In February the junta, known as the State Administration Council, enacted the Private Security Service Law. It offers a basis for foreign and domestic companies to provide security for buildings, events and commercial project sites in Myanmar, including with armed guards.
Several of the law’s provisions prompted alarm, particularly the requirement that privately hired guards cooperate with the regime in law enforcement and security operations. It also came only a few months after the junta said it was forming a high-level committee to consider a memorandum of understanding proposed by China on forming a joint venture security company.
The fate of this MoU is unclear. However, many interpreted the law as a means to get armed Chinese guards on the ground to protect Chinese investment sites, freeing up and potentially even assisting regime troops in their fight against resistance groups, and compromising Myanmar’s sovereignty.
Yet, the background and substance of the law have not been widely examined. To gain a deeper understanding, Frontier’s weekly discussion podcast What’s Happening in Myanmar spoke to Vicky Bowman. The former United Kingdom ambassador to Myanmar is director of the Myanmar Centre for Responsible Business, which in 2022 released a baseline study of private security companies using research done before the coup. The interview by podcast host Luke Corbin has been edited for length and clarity. Hear the full version here.
Could you start by explaining why MCRB did this report and what you learned about the private security sector in Myanmar?
In 2018 we established a working group based on something called the Voluntary Principles on Security and Human Rights, which is a global initiative. The group had oil and gas companies, a couple of mining companies, NGOs and embassies who were members of that initiative globally. One particular point the companies brought up was that private security companies existed in Myanmar but there was no regulation. One of my staff then happened to spot in the official Gazette that in early 2018, a committee was formed to set up that law. And earlier, I think around 2016, the Private Security Association had been founded by a group of local Myanmar companies at the encouragement of Colonel San Pwint, who was former military intelligence and at the time was working for [telecommunications company] Ooredoo as a security manager. He’d seen the sector grow, but without being regulated, and there were plenty of cowboys around.
We discovered the association had been looking at laws from Japan, India and Singapore. They’d been lobbying the Thura Shwe Mann-led [Legal Affairs and Special Cases Assessment] Commission but weren’t getting very far. I think a lot of the National League for Democracy MPs were suspicious of the whole sector because it was security and military related. But then suddenly all of that changed in late 2017 because former sports minister Tint San’s son, Phyo Ko Ko Tint San, was stopped at the Nay Pi Taw airport with a whole load of guns and drugs. And that led to the exposure of the fact that he’d been running a private security company, which was pretty much a gangster outfit. That then provoked the NLD government to make a move on the law and set up this committee, which was headed up by the deputy home minister.
So, to contribute to that, we decided to do our assessment. We started work on it in 2019 and found the main issues were around the labour rights of guards. They were underpaid, they were working double shifts, they had no security equipment, and they weren’t getting access to toilets, water and so on, which is very typical for the sector globally. Plus, the existing laws were just all over the place. There was no private security law, of course, but there were laws on weapons dating back to the 19th century. There was the companies law, which was quite modern, and which encouraged companies to register that they were doing security services, but many companies just ticked every single box on the list of “what are you going to do?” So, that didn’t really have much meaning.
There was a lot of stuff that we could see needed to be revised from a legal perspective, as well as from a labour rights and safety perspective. Another thing we looked at was the whole question around CCTV. Now that became a lot more interesting post-coup because CCTV cameras became both an asset and a liability, meaning they captured human rights abuses on camera. There was that very famous footage of the person being shot off their bike in Dawei by soldiers. But they were also used by the security forces to track down people who had been involved in demonstrations or who they wanted to arrest.
These things showed there was suddenly a heightened risk associated with private security, which is why we thought that it was still valid to publish the report, even though it’s a sensitive subject, particularly after the coup. We published it in February 2022 and did a little bit of work to follow up on it, but that was somewhat curtailed when I was suddenly arrested in August 2022 [and released in November of that year].
That reminds me of the Cybersecurity Law, which was developed before the coup but amended and enacted by the SAC quite recently. Why did the military adopt the Private Security Service Law only now?
I think it was kicking around within the Ministry of Home Affairs and within the private sector. My former colleague just did a review of all of the companies who have registered to do private security services since the coup and there’s a very significant number. When we did the report, there were maybe 150 companies but that’s now gone up to about 350. There’s been maybe 30 or 40 per year registering in the last four years. It’s a reflection of the fact that security has suddenly shot up the agenda, because crime is a major issue. We’ve seen various bank heists. We’ve seen people doing more to protect their property. So, there’s been a recognition of the growing need for this sector, and that it needs to be regulated.
However, what I think really prompted it, and this is me somewhat reading between the lines, is the Chinese companies involved particularly in the Kyaukphyu Deep Sea Port project [in Rakhine State], and in the existing oil and gas pipeline and terminal at Kyaukphyu. They clearly were extremely concerned about the arrival of the Arakan Army in that area and the potential for violence and the need to protect their site. So it looks like they proposed a memorandum of understanding to the SAC last year for what was reported as a joint venture security company. I think that this must have prompted the SAC to say, okay, we have this draft law that’s been floating around.
It’s better, I think, from their perspective, and from Myanmar’s perspective, to have a law that regulates all private security companies, including foreign ones, whatever their nationality, rather than something specific to the Chinese. And I think it’s better for the Chinese as well, because they were pretty misguided to think a joint venture company with the SAC was going to be a good thing. It would have immediately pulled any security guards into a position where they would be aligned with one of the combatants. And you would have thought that Chinese companies and the Chinese government would have learned from their experience in places like Letpadaung [a copper mine in Sagaing Region], where they had a partnership with MEHL [Myanma Economic Holdings Limited], the military-owned company, which really didn’t serve them well and created a lot of the human rights abuses we saw there in 2012. You would have thought they’d have learned from that. Clearly not. However, perhaps the SAC did.
So, we now have this law, which is well-drafted, especially compared to the cybersecurity law, which was so badly done. It looks like it’s been drafted very much based on laws in the region, like those in Singapore, Japan, India, and is relatively clear, although there are still a few unknowns. It applies to both private security companies and in-house private security if there’s more than 10 guards. Private security companies have to register and are subject to oversight. They have to train their guards. They have to provide information about the guards to a licensing authority. That’s all very standard practice for the sector, for example in a place like Singapore.
There are uncertainties about the law and how it will pan out. We don’t yet have the rules and regulations, and we don’t yet have a way for companies to register, so none have registered yet. There’s still a lot of work to do. The law unsurprisingly doesn’t include any mention of human rights, but most security laws in other countries don’t either. It’s not exactly part of their DNA, at least not on paper, although the right to life is a really significant human right. There’s a lack of details around things like training in the use of force, or training in gender-based violence, but that’s not to prevent them from coming in when things like training curricula and guidelines are developed. So, it opens up possibilities.
The biggest risk, I think, is one that predated the law. We found in our own assessment, and it’s now explicit within the law, that private security companies have a duty to help public security. Again, that is normal. You would find it in the UK, you’d find it in Singapore, you’d find it anywhere in the world, that if a crime has been committed, then companies or others have a duty to help the police or whoever it might be. However, this is somewhat sensitive in Myanmar given that crimes as defined by the SAC have a much wider remit than they do in other countries.
But I think, nonetheless, it is probably good to have it written in the law because it gives managers a firmer footing on which to work through their standard operating procedures. And it gives guards the ability to say, “you’ll need to talk to my manager about that”. Whereas, previously, you’d be more likely to see ex-colleagues sidling up to one another saying, “hey, you used to be in the police, tell us what went on there, tell us who the demonstrators are”, that kind of thing. So formalising it and making it something that’s top of a manager’s risk register may be better than the previous arrangements, which were completely informal but nonetheless still led companies to be potentially complicit in human rights abuses. I’m talking about companies thinking through issues like, do we need to record CCTV? The law could inspire the managers to think, what types of risks do we face? How do we plan for them? How do we deal with them when they emerge?
That’s a different perspective compared to most of the media coverage of the law and the MoU that preceded it. Do you share the concerns of human rights bodies and analysts that this new law will enable armed Chinese private security companies to establish themselves in Myanmar, supporting military rule and even fighting against revolutionaries?
I think, firstly, there is an element of, hello [US Secretary of State] Marco Rubio, look at us, China threat, China threat! Myanmar is suffering from the change in administration in the White House and, quite rightly, people think that the only way to get attention back to Myanmar is by citing a China threat. So that would be my first, somewhat cynical interpretation.
Secondly, I think it’s also a reflection of the fact that not many people have looked at this sector. We have, and have followed the development of this law for almost 10 years. Of the 15 or so registered foreign security companies we identified when we did the survey, two were Japanese and six were run by Westerners. There were about three companies that were identifiably Chinese, two of which we never saw any signs of. The only significant one was Frontier Services Group, which is one of the four or five Chinese security companies often mentioned in Belt and Road projects. So, they were definitely there but not dominant or particularly active in the market.
When I look at a revised list of companies, the number [of Chinese firms] is still minimal. Also, this is a law that does not purely enable Chinese armed guards, but which is regulating the whole sector. The vocabulary being used in media coverage is also part of the confusion, even at the international level, when it comes to distinguishing between mercenaries, private military companies and private security companies. In Myanmar, the word for mercenary is kye-za sit-tha. Kye-za also means professional, as opposed to amateur, while sit-tha means soldier. So, I find some of the coverage is a little bit confused around vocabulary and definitions.
The law specifies that not more than 25 percent of employees of a company can be foreign. That percentage is almost certainly taken from a similar ratio in the Myanmar Investment Law. So, it’s not like we’re suddenly going to get entire “armies” of Chinese coming in. But it will allow those projects in high risk areas to have specialist security support, which they may or may not have been able to source from the local market.
Now, it’s obviously something to watch. The security sector is high risk. In a conflict zone there’s always the risk of overstepping your neutrality as a private sector player and giving support to combatants, at which point you lose your protections under international humanitarian law. So, whether you’re a Chinese security company or any other security company or one of their clients, those are the kind of things you’re going to need to be very careful about, and where you need to think through and manage the risks.
Vicky Bowman CMG has been director of the Myanmar Centre for Responsible Business since 2013. She was second secretary to the British Embassy in Yangon from 1990 to 1993 and ambassador from 2002 to 2006.
What’s Happening in Myanmar is Frontier’s weekly English language podcast, where journalists and experts discuss what’s happening behind the headlines. Catch up on a wealth of episodes here or wherever you get your podcasts.
