Tuesday, June 4, 2019
Challenges to Defining Cybercrime
Challenges to be Cyber curseWhat is Cybercrime?At this point of time there is no comm nonwithstanding agreed definition of Cybercrime. The atomic number 18a of Cybercrime is rattling broad and the skillful personality of the put d protest has make extremely difficult for g all overning to come up with a precise definition of Cybercrime. The British police stimulate specify Cybercrime as handling of whatever electronic estimator net overwork for crime and council of Europe has be Cybercrime as twain barbarous offence a implementst or with help of data transitionor network.The two definitions offered by the British police and council of Europe ar both really broad and they offer very little insight into the nature of plow which falls under the defined name. Most of us do a dull idea what Cybercrime heart and soul exactly it apprehendms that it is very to difficult to pinpoint the exact broadcast which foot be regarded as Cybercrime.For the purposes of t he dissertation, I shall attempt to come up with my own definition of Cybercrime the unattached definitions do non adequately explain the concept of Cybercrime.In parade to understand and provide better insight into nature of Cybercrime, it impart be a good idea to divide Cybercrime into two categories be provoke computers go off be ingestion in two ways to kick in Cybercrime.The early category will include crimes in which the computer was apply as tool to commit the offence. The computer has enabled criminals to use the engineering science to commit crimes much(prenominal) as fraud and copyright privacy. The computer tail be exploited just as an new(prenominal) technical device which tramp be exploited, for e.g. a name tail assembly be apply to verbally abuse roughlyone or stalk whateverone, someway the net understructure be used to stalk someone or verbally abuse someone.The second category will include offences which atomic number 18 committed with figure of damaging or modifying computers. In this category the drive of the crime is the computer itself, offences such as disregarding.Whichever categories the offence committed falls in, ultimately it argon us the humans who hasten to suffer the consequences of Cybercrime.Now we do that there be two ways in which the computer smoke be used to commit offences, my definition of Cybercrime would beIl solicit-ordered acts utilise the computer as instrument to commit an offence, or tar enamouring a computer network to damage or modifying computers for catty purposes nonwithstanding my definition can non be regarded as precise, as pointed earlier that due to the broad and technical nature of Cybercrime, it al nearly im assertable to come up with a precise definition. The term Cybercrime is a social term to describe criminal activities which take place in existence of computers it is non an established term within the criminal law.The fact that there is no legal definition of Cybe rcrime within criminal law makes the whole area of Cybercrime very complicated for continueed formerities and the general public, it creates confusion such as what constitutes as Cybercrime and if Cybercrime cannot be defined properly how will the dupes state the crime? The lack of proper definition style that mass of the Cybercrime which takes place is un inform as the dupes and the governance are not sure whether the conduct is a Cybercrime. It is estimated that 90% of the Cybercrime which occurs is unreported.Types of CybercrimeComputer can be used to commit various crimes, in order to deal a better understanding of Cybercrime we shall look at individually the types of crimes which are committed in the public of computers. It will not feasible to describe either type of Cybercrime which exists due to the word limit, we will hardly concentrate on crimes which are considered to be study(ip) threats to our certification. first Category dissemblerFraud can be defined as use of deception for draw or indirect financial or monetary gain. The earnings can be used as means targeting the victim by replicating real world frauds such as get abounding quick schemes which fatiguet exist, emails which demand an excess fee to be paid via confidence eyeshade to stop loss of run such as mesh or commiting. The increasing availability of the internet means that fraudsters can carry out fraudulent activities on a grand scale.Fraud is a traditional crime which has existed for centuries and internet is merely a tool by which the fraudsters actions are carried out. Fraud has become a full threat to e-commerce and some other online transactions. Statistics elicit that internet exclusively business coitusships for 3% of point of reference card fraud, recognise card fraud is one of the much difficult frauds to commit on the internet, however other forms of fraud such as phising are more easier to carry out use the internet and equally lucrative.Phi sing is a form of fraud which is rapidly increasing. Phising is when you get emails from commercial organizations such your bank and other financial institutions, they would ask you to update your details, emails look genuine and it is a scam to trick mess on well-favoured their details. There are no official figures available on phishing scams but on average I receive rough(predicate) 3 emails everyday intercommunicate me to update my bank account details.Recently there was email going around asking the staff members and students of LSBU to update their personal details, the email looked genuine but the ICT staff informed students/staff to ignore as it was a trick to gain personal development. Since the advancement of technology, it is has become easier and cheaper to communicate and fraudsters are also victorious advantage of technology because it is easier to exploit the internet and it is cheaper than other alternatives such as phone and postal mail.There are other forms of fraud such as sell fraud, it is when buy goods in auction and you turn over for the item but your item will never turn up.Fraud is one of the lucrative crimes on the internet experts suggest that it is more than trafficking drugs. The reasons why fraudsters like internet is becauseInternet has made mass communication easy and it is cheap, same email can be displace to millions of people very easily and cheaply with just one click of button.Majority of users do not nonplus adequate k todayledge on how technology works, this makes it easy for fraudsters to fool innocent people into taking an action such as giving their personal details.Internet users are considered nave in the sense that they cast too much belief in the information they receive via the internet, therefore, they do not take necessary steps to verify the information and often get tricked in handing out their credit card or personal details.Offences against person(s)Offence against a person can either be pers onal or mental, it is not feasible to cause direct physical harm to a person using a computer but it is possible to cause mental harm such as anxiety, mourning or psychological harm. It can be done by sending abusive or enceinte emails or posting derogatory information online. shuck is a crime which is done to harass another person repeatedly. As the number of user on the internet increased, the opportunities for abuse stick also increased. It is possible to use internet as a tool for sending abusive emails, leaving offensive messages on guestbooks, or posting misinformation on blogs. In some suit of clothess, cyberstalkers have morphed images of their victims onto pornographic images and consequently emailing the pictures to relative and work colleagues to cause embarrassment.There are mainly three reasons for committing a crime such as husk, master(prenominal) reason is commonly when relationships fail, former intimates usually target their ex-boyfriend/girlfriend to get revenge. Second reason for cyber stem is boredom some people usually pick haphazard people and target them by sending them abusive and threatening emails just for fun. Cyberstalkers take advantage of namelessness of the internet to cause detriment to their victims tone.Hate and racist pitch is also a form of crime which escalated since the introduction of the internet it can cause traumatic experience and mental distress to those who are targeted. Post 9/11, there have been galore(postnominal) websites set up to mock the theology Islam, such as www.laughingatislam.com, this website has been cause of distress to m both Muslims around the world.Sexual offencesThis category includes offences which have inner element, such as making undesired sexual approaches in call in-rooms and paedophiles harrasing children. Child pornography and child security transcription are one of the main concerns on the internet. Paedophiles are taking full advantage to exploit the technology for viewing and exchanging child pornography.Paedophiles use the internet to their advantage, they use chat rooms and other popular social networks such as facebook to entice and lure children into collision them. Many popular chat rooms such as MSN Chat and Yahoo chat have c retrogressd down their chat rooms to hold dear young children but closure of popular chat rooms have not stopped paedophiles from using less popular chat rooms and other social networks.Second categoryHacking related offencesHacking can be defined as gaining unauthorised access to a computer system. As soon as we hear the word hacking, we tend to think that it is a crime, it should be noted that hacking started of as register of skill to gain temporary access to computer systems. It was earlier an intellectual challenge than a criminal motive. only now, many hackers misuse their skills to shoot the breeze damage and destruction. Examples of hacking include stealing confident information such credit card deta ils.In a recent misfortune of hacking, Harriet Harman whose is a politician, taking part in upcoming elections. Her website was hacked and the blog section of her website encouraged the audience to voter turnout for Boris Johnson whose is a competitor of Harman Harriet. Boris Johnson has also complained that his email account was hacked recently. Most politicians believe that internet as a medium will be a major part of election campaigns and activities such as hacking can sabotage election campaigns by posting disinformation on candidates websites. computer virus and other spiteful ProgramsVirus is a malicious code or program that replicates itself and inserts copies or new versions onto other programs, affecting computer systems. Viruses are designed to modify computer systems without the consent of the owner or operator. Viruses are created to inflict senseless damage to computer system. It is a widely accepted perception that crime is committed in times economic distress. Cr iminals do not gain any monetary benefit it is simply done to show off their computer skills. Some computer viruses are failed programs or accidental muster outs. The most famous virus which was released is the I LOVE YOU virus or commonly known as the love bug. The virus damaged millions of computers worldwide it caused damage cost of $8.5bn, the author of the virus produces that it was released to impress his girlfriend.Legislation on CybercrimeIt is often believed that the internet is just like the wild watt where there no rules and regulations and people are acquit to carry out misbranded activities. Fortunately, this is not true at all there is legislation which exists to protect us from cybercrimes.Type of crimeLegislationFraudFraud mo 2006(Covers all types of possible frauds)Offences against person(s)The Public Order Act 1986(Hate speech)Sexual OffencesThe Protection of children Act 1978The Criminal arbiter Act 1988The Criminal Justice an Public Order Act 1988Sexual Offences Act 2003After carefully reviewing all pieces of legislations mentioned above, I can conclude by saying that legislation we have at the moment is adequate enough to protect us from any sort of traditional crime carried out using computers. There were few anomalies which have been removed now.AnomaliesThe Theft Act 1968 which previously brooded fraud has been replaced by Fraud Act 2006 to cover anomaly under the previous legislation. In the case of Clayman, it was held that it is not unlawful to defraud a computer the coquettes do not regard computers as deceivable as the process is fully automated. In theory if we apply the principle deriving from the Clayman case then it will not be unlawful to false credit card number when signing up for an online service such as subscription to a newsgroup or online gaming. There is only exception to this rule that it will not apply if deception involves licensed telecommunications services, such as dial-up chat lines pay-per-view TV.Se cond anomaly before us was that information was not regarded property. In the case of Oxford v Moss, in this case a student took a copy of forthcoming test from a lecturers desk and made a photocopy of that exam paper, it was held that the student cannot be charged under the larceny act as he did not ransack the owner of the asset, a copy had simply been taken. Computers only contain information, by applying the principle deriving from this case, it means that it is acceptable to print other peoples files as long they do not deprive the owner of the file by deleting it, one would only be leased if he/she steals trade secret or confidential information.Decisions in both cases mentioned above are absurd, both of them were decided in 1970s, the only possible reason for r all(prenominal)ing absurd decision could only be lack of knowledge on technology. previous legislation took into account the consequences of the fraudsters activities when deciding whether the conduct in question is an offence. The Fraud Act 2006 aims to prosecute the fraudsters on the basis of their actual conduct quite a than the consequences of their activities.How serious is the threat?In order to memorise the seriousness of the threat, it is important to look at the statistics available on cybercrime.Type of crimeNumber of cases reportedFraud299,000Offences against the person1,944000Sexual offences850,238Computer Misuse(Hacking)144,500Virus related incidents6,000000Total number of cases reported9,237738Source of statistics GarlikAccording to the figures, they were approximately 9.23 million incidents of cybercrime reported in the year 2006. Statistics show that 15% of the race of the UK was touch on by cybercrime in someway, after looking at these figures one can easily conclude that we are having an epidemic of cybercrime. These statistics could only the tip of the iceberg of the nub of cybercrime experts believe that real figure could be 10 times higher as cybercrime is massivel y under-reported.Reasons for under-reporting reporting any crime involves a three demo processThe conduct motivations to be observed.The conduct needs to categorised as criminal.The applicable politics need to be informed of the criminal conduct.A particular crime will not be reported if there is failure in any of the stages, therefore the relevant authorities will not take action against the criminal. There are certain factors which affect reporting of cybercrime, factors includeSometimes the criminal conduct is not noticed, internet fraud usually comprises of low-value transactions across a bulk body of victims, and victims are not always able to mend discrepancy in their bank accounts.Lack of cognisance means that the victims may not know whether the conduct in question is a crime. Victims of viruses dont see them as victims of crime, people tend to see viruses as technical issue, and therefore, the victim would believe that no one has broken the law.Most victims dont know which authorities they should contact to report cybercrime. constabulary officers have inadequate centre of resources and dont have the expertise to deal with cybercrime at the moment, therefore, move a formal complaint can be a difficult process. Once I tried reporting a cybercrime, a laptop was purchased on EBay but the seller took my money and never sent the laptop, this is a common case of auction fraud.I did try to make a complain, the whole process was extremely slow, the officer dealing with me had no suggestion what EBay is, I was able to register a complaint but it has been two years and my complain is however unresolved.Under-reporting is factor which contributes towards increase in cybercrime, under-reporting mean that criminals will have less fear of getting caught and therefore, they are more likely to commit illegal acts online. flocks attitude towards cybercrimeTraditional crimes such as murder, rape and robbery can have serious effects on the victims life in som e cases the victim may not be able to lead a normal life after being a victim of crime. In contrast to cybercrime, the impact is not that serious, majority of users have insurance against financial frauds, and frauds are usually of low-value.Viruses can easily be filtered using antivirus software. Other offences such as cyberstalking usually cause some anxiety and distress. Only crimes such as child pornography have a greater impact, it is the only the crime which can have a serious consequences on the victims life. A recent survey suggest that only 37% are afraid to use the internet after being a victim of crime, majority of the users do continue to use the internet after being a victim.Cybercrime and e-commerceCybercrime is a maturation concern for all of us, however, the effects of cybercrime are not hindering the growth of the internet, and the effects of cybercrime on the e-commerce have not been drastic. Financial transactions over the internet are on the rise, number of peop le using internet for shopping is increase day by day and over one third of population is using internet banking.One of the reasons why cybercrime turbinate out of control is the fact that it is very easy to commit if have the technical knowledge, all you need is a computer connected to the internet, the crimes on the internet are hard to detect. It can be committed from anywhere in the world, the criminal could sitting in Africa and targeting his victim in Australia. In the next chapter, we shall encounter the problems faced by authorities when investigating cybercrime.JurisdictionJurisdictional issues and the cyberspaceCyberspace is a world without defined boundaries anyone can access any website using his computer. It can very difficult to locate the source of crime in cyberspace because relative anonymity and as easy way to shield identity. Even if the relevant authorities are able to identify the source of crime, it is not always easy to prosecute the criminal.Double criminal ityWhen dealing cross frame in crime, it is imperative that both countries should lie with the conduct as illegal in both legal powers. The principle of picture criminality prohibits the extradition of a person, if the conduct in question is not recognized as a criminal offence by the country receiving the request for jurisdiction. pretend a point where a computer coder from Zimbabwe sends Barclays bank a virus which causes the computers in Barclays bank to malfunction, the bank cannot carry out their business for 1 hour and as a result they lose about $1 million worth of revenue. English authorities would want to extradite the offender to England so they could prosecute the offender. In an action for extradition, the applicant is inevitable to show that actions of the accused constitute a criminal offence exceeding a minimum aim of seriousness in both jurisdictions. imagine now that they are no laws on spreading viruses in Zimbabwe, therefore it will not possible to show of fenders action constitute as criminal behavior. If they are no laws regarding on cybercrime in Zimbabwe then he cannot be extradited and he will walk free after deliberately causing damage to Barclays bank. Cybercrime has an international dimension, it is imperative that legal protection is harmonised internationally. There are calm down about 33 countries such as Albania, Yugoslavia and Malta they have no laws on cybercrimes.If there are no laws then those countries are considered as computer crime havens. The culprit of I LOVE YOU virus which caused $8.5 billion worth damage was caught in Philippines but he could not be prosecuted as Philippines had no laws on cybercrime. Cybercrime is world(a) issue and the world will need to work together in order to tackle cybercrime.How real world crime dealt across borders?In relation to real world crime which transcended national borders, an idiosyncratic network of Mutual Legal Assistance Treaties(MLATs) bound various countries to assist each other in investigating real world crime, such as drug trafficking. If there was no treaty agreement between two countries then they would contact the relevant authorities to ask for assistance and obtain evidence, this instrument was sufficient in dealing with real world crime. This mechanism can only work if both countries have similar cybercrime laws if any country lacks cybercrime laws then the process would fail.How should Jurisdiction be approached in Cybercrime?In a case of cyberstalking, An Australian man was stalking a Canadian Actress. The man harassed the actress by sending unsolicited emails. Australian Supreme Court of Victoria held that crimes committed over the internet knows no borders and State and national boundaries do not concern them, therefore, jurisdiction should not be the issue. He was convicted. This case was straightforward as both nations recognise stalking as a criminal offence, however, there can be conflicts if both nations do not recognize the ac t as criminal.In Licra v Yahoo, cut courts tried to exercise jurisdiction over an American company. Yahoo was accused of Nazi memorabilia contrary to Article R645-1 of the french Criminal Code. Yahoo argued that there are not in breach of Article R645-1 as they were conducting the auction under the jurisdiction of USA and it is not illegal to sell Nazi memorabilia under the American law. In order to prove that Yahoo is subject American jurisdiction, they argued the following pointsYahoo servers are located in US territory.Services of Yahoo are primarily aimed at US citizens.According to the First Amendment to the United States Constitution, freedom of speech and expression is guaranteed and any attempt to enforce judgement which restricts freedom of speech and expression would fail for unconstitutionality.The court ruled that they have full jurisdiction over Yahoo becauseThe auction was open to worldwide bidders, including France.It is possible to view the auction in France, viewi ng and displaying Nazi memorabilia causes public pain sensation and it is offence to public nuisance under the french law.Yahoo had a customer base in France, the advertisements were in French. Yahoo did have knowledge that French citizens use their site therefore they should not do anything to offend French citizens.Yahoo ignored the French court ruling and kept saying that they French court does not have the right to exercise jurisdiction over an American company. Yahoo was warned that they would have to pay heavy fines if they dont comply. In the end Yahoo owners did comply with the judgement they had substantial assets in France which were at risk of being confiscated if they dont claim. The sole reason why French courts were able to exercise jurisdiction over Yahoo because it is a multinational company with large figurehead in France.Imagine instead of France, if the action would have been taken by courts of Saudi Arabia on auctioning playboy magazines, under the Saudi Arabi an Sharia law, it is illegal to view or buy pornography. Saudi Arabia court would have failed to exercise jurisdiction over Yahoo as they dont have any presence in Saudi Arabia but it was possible to view Yahoo auctions from Saudi Arabia.The case of Yahoo is a rare face where a court was able to exercise jurisdiction over a foreign company. In majority of the cases concerning individuals, courts trying to exercise jurisdiction over foreign elements are usually ignored. In the case of Nottinghamshire County Council v. Gwatkin (UK), injunctions were issued against many journalists to prevent them from publish disseminating a leaked report that strongly criticises the Councils handling of allegations of satanic abuse of children in the 1980s. Despite the injunctions, a report appeared on an American website. The website refused to respect the English jurisdiction as they argued that the report was a public document. The Nottinghamshire had no option then to drop the case.Cybercrime h as an international dimension. supranational law is complicated area, it can be very difficult to co-operate with authorities if there is no or weak diplomatical ties, for e.g. Pakistan and Israel have no diplomatic ties, if a situation arises where Israeli citizen hacks into State bank of Pakistan steals millions of dollars from the bank, in a situation like this, one easily assume that both countries would not co-operate with each other even though both countries recognise hacking as a offence but they do not have diplomatic ties with each other, most probably the hacker would get away with the crime.A case involving Russian hackers, they hacked into Paypal and stole 53,000 credit card details. Paypal is an American company. The Russian hackers blackmailed Paypal and asked for a substantial occur of money, they threatened they would publish the details of 53,000 credit card game if they do not receive the money.Russia and American both have signed extradition treaty but still Ru ssian authorities failed to take action, it is still not clear why they did not take appropriate action against the Russian hackers. Both nations struggled to gain jurisdiction over each other. FBI decided to take things into their own hands by setting up a secret operation, undercover agents posed as reprenstatives of a bogus security firm Invita. The bogus security firm invited the Russian hackers to USwith prospects of employment. When the interview for employment by the bogus firm Invita was being carried out, the Russian hackers were asked to display there hacking skills, one of the hackers accessed his own system in Russia to show off his skills, the FBI recorded every keystroke and later arrested the Russian hackers for multiple offences such as hacking, fraud and extortion. The keystrokes recorded were later used to hack into one of the hackers computer in Russia to access incriminating evidence. All this took place without the knowledge of Russian authorities.When Russian a uthorities came to know about whole incident, they were furious and argued that US misused their authority and infringing on another sovereign nations jurisdiction. Lack of co-operation in relation to jurisdiction can lead to serious problems between nations, in order to avoid such conflicts, there is need to hollo the jurisdiction issue and come up with a mechanism which ensures that countries co-operate with each other.Where is the Jurisdiction?In the real world crime, the conduct and the effect of the conduct are easy to pin down because we can visibly see the human carrying out the conduct and the effect of the conduct is also visible. The post of the offence and the location of the perpetrator can easily be identified. Imagine a situation in which a shooter in Canada shots an American across Niagara Falls, it is clear from the example that the conduct took place in Canada and the effect of the conduct took place in Canada.Cyberspace is not real, people say that events on cybe rspace occur everyplace and nowhere, a man disseminating a virus could release a virus which travel through servers of many antithetic country before reaching the victim, for e.g. a person makes a racist website targeting Jews in Malta, uploads the website on American servers and the website is available for everyone to see, a Jewish living in Israel comes across the website and gets offended.In a situation like this where would you kick in an action, should you bring an action in Malta because the perpetrator is based over there, would bring an action in America where the server is hosted or would bring the action in Israel where the victim is? There are specific laws regarding jurisdiction issues on the internet, the world is still struggling to come up with a origin which would solve the problem of jurisdiction. controlling or oppose Jurisdiction?The principle of negative jurisdiction occurs when no country is willing to exercise jurisdiction for a cybercrime. Cybercrime can have multiple victims in different countries the love bug caused damage in many different countries including USA, UK, France and Germany. If the damage is caused to multiple countries then who should claim jurisdiction over the cybercrime, should it by prioritised by the amount of damage suffered by each country. If the effected countries decide not to take action against the perpetrator because it is not in their best interest, the country may be occupied by other internal problems. If no country is willing to exercise jurisdiction over a cybercrime then the perpetrator would walk free.Positive jurisdiction is opposite of negative jurisdiction, how will the issue of jurisdiction be decided if more than two countries want to exercise tChallenges to Defining CybercrimeChallenges to Defining CybercrimeWhat is Cybercrime?At this point of time there is no commonly agreed definition of Cybercrime. The area of Cybercrime is very broad and the technical nature of the subject has made extr emely difficult for authorities to come up with a precise definition of Cybercrime. The British police have defined Cybercrime as use of any computer network for crime and council of Europe has defined Cybercrime as any criminal offence against or with help of computer network.The two definitions offered by the British police and council of Europe are both very broad and they offer very little insight into the nature of conduct which falls under the defined term. Most of us do a vague idea what Cybercrime means but it seems that it is very to difficult to pinpoint the exact conduct which can be regarded as Cybercrime.For the purposes of the dissertation, I shall attempt to come up with my own definition of Cybercrime the available definitions do not adequately explain the concept of Cybercrime.In order to understand and provide better insight into nature of Cybercrime, it will be a good idea to divide Cybercrime into two categories because computers can be used in two ways to commit Cybercrime.The first category will include crimes in which the computer was used as tool to commit the offence. The computer has enabled criminals to use the technology to commit crimes such as fraud and copyright privacy. The computer can be exploited just as another technical device which can be exploited, for e.g. a phone can be used to verbally abuse someone or stalk someone, someway the internet can be used to stalk someone or verbally abuse someone.The second category will include offences which are committed with intention of damaging or modifying computers. In this category the target of the crime is the computer itself, offences such as hacking.Whichever categories the offence committed falls in, ultimately it are us the humans who have to suffer the consequences of Cybercrime.Now we know that there are two ways in which the computer can be used to commit offences, my definition of Cybercrime would beIllegal acts using the computer as instrument to commit an offence, or ta rgeting a computer network to damage or modifying computers for malicious purposesEven my definition cannot be regarded as precise, as pointed earlier that due to the broad and technical nature of Cybercrime, it almost impossible to come up with a precise definition. The term Cybercrime is a social term to describe criminal activities which take place in world of computers it is not an established term within the criminal law.The fact that there is no legal definition of Cybercrime within criminal law makes the whole area of Cybercrime very complicated for concerned authorities and the general public, it creates confusion such as what constitutes as Cybercrime and if Cybercrime cannot be defined properly how will the victims report the crime? The lack of proper definition means that majority of the Cybercrime which takes place is unreported as the victims and the authorities are not sure whether the conduct is a Cybercrime. It is estimated that 90% of the Cybercrime which occurs is unreported.Types of CybercrimeComputer can be used to commit various crimes, in order to have a better understanding of Cybercrime we shall look at individually the types of crimes which are committed in the world of computers. It will not possible to describe every type of Cybercrime which exists due to the word limit, we will only concentrate on crimes which are considered to be major threats to our security.First CategoryFraudFraud can be defined as use of deception for direct or indirect financial or monetary gain. The internet can be used as means targeting the victim by replicating real world frauds such as get rich quick schemes which dont exist, emails which demand an additional fee to be paid via credit card to stop loss of service such as internet or banking. The increasing availability of the internet means that fraudsters can carry out fraudulent activities on a grand scale.Fraud is a traditional crime which has existed for centuries and internet is merely a tool by whic h the fraudsters actions are carried out. Fraud has become a serious threat to e-commerce and other online transactions. Statistics suggest that internet only accounts for 3% of credit card fraud, credit card fraud is one of the more difficult frauds to commit on the internet, however other forms of fraud such as phising are more easier to carry out using the internet and equally lucrative.Phising is a form of fraud which is rapidly increasing. Phising is when you get emails from commercial organizations such your bank and other financial institutions, they would ask you to update your details, emails look genuine and it is a scam to trick people on giving their details. There are no official figures available on phishing scams but on average I receive about three emails everyday asking me to update my bank account details.Recently there was email going around asking the staff members and students of LSBU to update their personal details, the email looked genuine but the ICT staff i nformed students/staff to ignore as it was a trick to gain personal information. Since the advancement of technology, it is has become easier and cheaper to communicate and fraudsters are also taking advantage of technology because it is easier to exploit the internet and it is cheaper than other alternatives such as phone and postal mail.There are other forms of fraud such as auction fraud, it is when buy goods in auction and you pay for the item but your item will never turn up.Fraud is one of the lucrative crimes on the internet experts suggest that it is more than trafficking drugs. The reasons why fraudsters prefer internet is becauseInternet has made mass communication easy and it is cheap, same email can be sent to millions of people very easily and cheaply with just one click of button.Majority of users do not have adequate knowledge on how technology works, this makes it easy for fraudsters to fool innocent people into taking an action such as giving their personal details. Internet users are considered nave in the sense that they have too much faith in the information they receive via the internet, therefore, they do not take necessary steps to verify the information and often get tricked in handing out their credit card or personal details.Offences against person(s)Offence against a person can either be physical or mental, it is not possible to cause direct physical harm to a person using a computer but it is possible to cause mental harm such as anxiety, distress or psychological harm. It can be done by sending abusive or threatening emails or posting derogatory information online.Stalking is a crime which is done to harass another person repeatedly. As the number of user on the internet increased, the opportunities for abuse have also increased. It is possible to use internet as a tool for sending abusive emails, leaving offensive messages on guestbooks, or posting misinformation on blogs. In some cases, cyberstalkers have morphed images of their v ictims onto pornographic images and then emailing the pictures to relative and work colleagues to cause embarrassment.There are mainly three reasons for committing a crime such as stalking, Main reason is usually when relationships fail, former intimates usually target their ex-boyfriend/girlfriend to get revenge. Second reason for cyberstalking is boredom some people usually pick random people and target them by sending them abusive and threatening emails just for fun. Cyberstalkers take advantage of anonymity of the internet to cause distress to their victims life.Hate and racist speech is also a form of crime which escalated since the introduction of the internet it can cause traumatic experience and mental distress to those who are targeted. Post 9/11, there have been many websites set up to mock the religion Islam, such as www.laughingatislam.com, this website has been cause of distress to many Muslims around the world.Sexual offencesThis category includes offences which have s exual element, such as making undesired sexual approaches in chat-rooms and paedophiles harrasing children. Child pornography and child protection are one of the main concerns on the internet. Paedophiles are taking full advantage to exploit the technology for viewing and exchanging child pornography.Paedophiles use the internet to their advantage, they use chat rooms and other popular social networks such as facebook to entice and lure children into meeting them. Many popular chat rooms such as MSN Chat and Yahoo chat have closed down their chat rooms to protect young children but closure of popular chat rooms have not stopped paedophiles from using less popular chat rooms and other social networks.Second categoryHacking related offencesHacking can be defined as gaining unauthorised access to a computer system. As soon as we hear the word hacking, we tend to think that it is a crime, it should be noted that hacking started of as show of skill to gain temporary access to computer sy stems. It was rather an intellectual challenge than a criminal motive. But now, many hackers misuse their skills to inflict damage and destruction. Examples of hacking include stealing confident information such credit card details.In a recent incident of hacking, Harriet Harman whose is a politician, taking part in upcoming elections. Her website was hacked and the blog section of her website encouraged the audience to vote for Boris Johnson whose is a competitor of Harman Harriet. Boris Johnson has also complained that his email account was hacked recently. Most politicians believe that internet as a medium will be a major part of election campaigns and activities such as hacking can sabotage election campaigns by posting disinformation on candidates websites.Virus and Other Malicious ProgramsVirus is a malicious code or program that replicates itself and inserts copies or new versions onto other programs, affecting computer systems. Viruses are designed to modify computer systems without the consent of the owner or operator. Viruses are created to inflict senseless damage to computer system. It is a widely accepted perception that crime is committed in times economic distress. Criminals do not gain any monetary benefit it is simply done to show off their computer skills. Some viruses are failed programs or accidental releases. The most famous virus which was released is the I LOVE YOU virus or commonly known as the love bug. The virus damaged millions of computers worldwide it caused damage worth of $8.5bn, the author of the virus claims that it was released to impress his girlfriend.Legislation on CybercrimeIt is often believed that the internet is just like the wild west where there no rules and regulations and people are free to carry out illegal activities. Fortunately, this is not true at all there is legislation which exists to protect us from cybercrimes.Type of crimeLegislationFraudFraud Act 2006(Covers all types of possible frauds)Offences against person(s)The Public Order Act 1986(Hate speech)Sexual OffencesThe Protection of children Act 1978The Criminal Justice Act 1988The Criminal Justice an Public Order Act 1988Sexual Offences Act 2003After carefully reviewing all pieces of legislations mentioned above, I can conclude by saying that legislation we have at the moment is adequate enough to protect us from any sort of traditional crime carried out using computers. There were few anomalies which have been removed now.AnomaliesThe Theft Act 1968 which previously covered fraud has been replaced by Fraud Act 2006 to cover anomaly under the previous legislation. In the case of Clayman, it was held that it is not unlawful to defraud a computer the courts do not regard computers as deceivable as the process is fully automated. In theory if we apply the principle deriving from the Clayman case then it will not be unlawful to false credit card number when signing up for an online service such as subscription to a newsgroup or online gaming. There is only exception to this rule that it will not apply if deception involves licensed telecommunications services, such as dial-up chat lines pay-per-view TV.Second anomaly before us was that information was not regarded property. In the case of Oxford v Moss, in this case a student took a copy of forthcoming exam from a lecturers desk and made a photocopy of that exam paper, it was held that the student cannot be charged under the theft act as he did not deprive the owner of the asset, a copy had simply been taken. Computers only contain information, by applying the principle deriving from this case, it means that it is acceptable to print other peoples files as long they do not deprive the owner of the file by deleting it, one would only be prosecuted if he/she steals trade secret or confidential information.Decisions in both cases mentioned above are absurd, both of them were decided in 1970s, the only possible reason for reaching absurd decision could only be lack o f knowledge on technology. Previous legislation took into account the consequences of the fraudsters activities when deciding whether the conduct in question is an offence. The Fraud Act 2006 aims to prosecute the fraudsters on the basis of their actual conduct rather than the consequences of their activities.How serious is the threat?In order to determine the seriousness of the threat, it is important to look at the statistics available on cybercrime.Type of crimeNumber of cases reportedFraud299,000Offences against the person1,944000Sexual offences850,238Computer Misuse(Hacking)144,500Virus related incidents6,000000Total number of cases reported9,237738Source of statistics GarlikAccording to the figures, they were approximately 9.23 million incidents of cybercrime reported in the year 2006. Statistics show that 15% of the population of the UK was affected by cybercrime in someway, after looking at these figures one can easily conclude that we are having an epidemic of cybercrime. T hese statistics could only the tip of the iceberg of the totality of cybercrime experts believe that real figure could be 10 times higher as cybercrime is massively under-reported.Reasons for under-reportingReporting any crime involves a three stage processThe conduct needs to be observed.The conduct needs to categorised as criminal.The relevant authorities need to be informed of the criminal conduct.A particular crime will not be reported if there is failure in any of the stages, therefore the relevant authorities will not take action against the criminal. There are certain factors which affect reporting of cybercrime, factors includeSometimes the criminal conduct is not noticed, internet fraud usually comprises of low-value transactions across a bulk body of victims, and victims are not always able to spot discrepancy in their bank accounts.Lack of awareness means that the victims may not know whether the conduct in question is a crime. Victims of viruses dont see them as victims of crime, people tend to see viruses as technical issue, and therefore, the victim would believe that no one has broken the law.Most victims dont know which authorities they should contact to report cybercrime. Police officers have inadequate amount of resources and dont have the expertise to deal with cybercrime at the moment, therefore, pursuing a formal complaint can be a difficult process. Once I tried reporting a cybercrime, a laptop was purchased on EBay but the seller took my money and never sent the laptop, this is a common case of auction fraud.I did try to make a complain, the whole process was extremely slow, the officer dealing with me had no clue what EBay is, I was able to register a complaint but it has been two years and my complain is still unresolved.Under-reporting is factor which contributes towards increase in cybercrime, under-reporting mean that criminals will have less fear of getting caught and therefore, they are more likely to commit illegal acts online.Pe oples attitude towards cybercrimeTraditional crimes such as murder, rape and robbery can have serious effects on the victims life in some cases the victim may not be able to lead a normal life after being a victim of crime. In contrast to cybercrime, the impact is not that serious, majority of users have insurance against financial frauds, and frauds are usually of low-value.Viruses can easily be filtered using antivirus software. Other offences such as cyberstalking usually cause some anxiety and distress. Only crimes such as child pornography have a greater impact, it is the only the crime which can have a serious consequences on the victims life. A recent survey suggest that only 37% are afraid to use the internet after being a victim of crime, majority of the users do continue to use the internet after being a victim.Cybercrime and e-commerceCybercrime is a growing concern for all of us, however, the effects of cybercrime are not hindering the growth of the internet, and the eff ects of cybercrime on the e-commerce have not been drastic. Financial transactions over the internet are on the rise, number of people using internet for shopping is increase day by day and over one third of population is using internet banking.One of the reasons why cybercrime spiraling out of control is the fact that it is very easy to commit if have the technical knowledge, all you need is a computer connected to the internet, the crimes on the internet are hard to detect. It can be committed from anywhere in the world, the criminal could sitting in Africa and targeting his victim in Australia. In the next chapter, we shall examine the problems faced by authorities when investigating cybercrime.JurisdictionJurisdictional issues and the cyberspaceCyberspace is a world without defined boundaries anyone can access any website using his computer. It can very difficult to locate the source of crime in cyberspace because relative anonymity and as easy way to shield identity. Even if th e relevant authorities are able to identify the source of crime, it is not always easy to prosecute the criminal.Double criminalityWhen dealing cross border crime, it is imperative that both countries should recognise the conduct as illegal in both jurisdictions. The principle of double criminality prohibits the extradition of a person, if the conduct in question is not recognized as a criminal offence by the country receiving the request for jurisdiction.Imagine a situation where a computer programmer from Zimbabwe sends Barclays bank a virus which causes the computers in Barclays bank to malfunction, the bank cannot carry out their business for 1 hour and as a result they lose about $1 million worth of revenue. English authorities would want to extradite the offender to England so they could prosecute the offender. In an action for extradition, the applicant is required to show that actions of the accused constitute a criminal offence exceeding a minimum level of seriousness in bo th jurisdictions.Imagine now that they are no laws on spreading viruses in Zimbabwe, therefore it will not possible to show offenders action constitute as criminal behavior. If they are no laws regarding on cybercrime in Zimbabwe then he cannot be extradited and he will walk free after deliberately causing damage to Barclays bank. Cybercrime has an international dimension, it is imperative that legal protection is harmonised internationally. There are still about 33 countries such as Albania, Yugoslavia and Malta they have no laws on cybercrimes.If there are no laws then those countries are considered as computer crime havens. The perpetrator of I LOVE YOU virus which caused $8.5 billion worth damage was caught in Philippines but he could not be prosecuted as Philippines had no laws on cybercrime. Cybercrime is global issue and the world will need to work together in order to tackle cybercrime.How real world crime dealt across borders?In relation to real world crime which transcende d national borders, an idiosyncratic network of Mutual Legal Assistance Treaties(MLATs) bound various countries to assist each other in investigating real world crime, such as drug trafficking. If there was no treaty agreement between two countries then they would contact the relevant authorities to ask for assistance and obtain evidence, this mechanism was sufficient in dealing with real world crime. This mechanism can only work if both countries have similar cybercrime laws if any country lacks cybercrime laws then the process would fail.How should Jurisdiction be approached in Cybercrime?In a case of cyberstalking, An Australian man was stalking a Canadian Actress. The man harassed the actress by sending unsolicited emails. Australian Supreme Court of Victoria held that crimes committed over the internet knows no borders and State and national boundaries do not concern them, therefore, jurisdiction should not be the issue. He was convicted. This case was straightforward as both n ations recognise stalking as a criminal offence, however, there can be conflicts if both nations do not recognize the act as criminal.In Licra v Yahoo, French courts tried to exercise jurisdiction over an American company. Yahoo was accused of Nazi memorabilia contrary to Article R645-1 of the French Criminal Code. Yahoo argued that there are not in breach of Article R645-1 as they were conducting the auction under the jurisdiction of USA and it is not illegal to sell Nazi memorabilia under the American law. In order to prove that Yahoo is subject American jurisdiction, they argued the following pointsYahoo servers are located in US territory.Services of Yahoo are primarily aimed at US citizens.According to the First Amendment to the United States Constitution, freedom of speech and expression is guaranteed and any attempt to enforce judgement which restricts freedom of speech and expression would fail for unconstitutionality.The court ruled that they have full jurisdiction over Yah oo becauseThe auction was open to worldwide bidders, including France.It is possible to view the auction in France, viewing and displaying Nazi memorabilia causes public nuisance and it is offence to public nuisance under the French law.Yahoo had a customer base in France, the advertisements were in French. Yahoo did have knowledge that French citizens use their site therefore they should not do anything to offend French citizens.Yahoo ignored the French court ruling and kept saying that they French court does not have the right to exercise jurisdiction over an American company. Yahoo was warned that they would have to pay heavy fines if they dont comply. In the end Yahoo owners did comply with the judgement they had substantial assets in France which were at risk of being confiscated if they dont claim. The sole reason why French courts were able to exercise jurisdiction over Yahoo because it is a multinational company with large presence in France.Imagine instead of France, if the action would have been taken by courts of Saudi Arabia on auctioning playboy magazines, under the Saudi Arabian Sharia law, it is illegal to view or buy pornography. Saudi Arabia court would have failed to exercise jurisdiction over Yahoo as they dont have any presence in Saudi Arabia but it was possible to view Yahoo auctions from Saudi Arabia.The case of Yahoo is a rare example where a court was able to exercise jurisdiction over a foreign company. In majority of the cases concerning individuals, courts trying to exercise jurisdiction over foreign elements are usually ignored. In the case of Nottinghamshire County Council v. Gwatkin (UK), injunctions were issued against many journalists to prevent them from publishing disseminating a leaked report that strongly criticises the Councils handling of allegations of satanic abuse of children in the 1980s. Despite the injunctions, a report appeared on an American website. The website refused to respect the English jurisdiction as they argued that the report was a public document. The Nottinghamshire had no option then to drop the case.Cybercrime has an international dimension. International law is complicated area, it can be very difficult to co-operate with authorities if there is no or weak diplomatic ties, for e.g. Pakistan and Israel have no diplomatic ties, if a situation arises where Israeli citizen hacks into State bank of Pakistan steals millions of dollars from the bank, in a situation like this, one easily assume that both countries would not co-operate with each other even though both countries recognise hacking as a offence but they do not have diplomatic ties with each other, most probably the hacker would get away with the crime.A case involving Russian hackers, they hacked into Paypal and stole 53,000 credit card details. Paypal is an American company. The Russian hackers blackmailed Paypal and asked for a substantial amount of money, they threatened they would publish the details of 53,000 credit cards if they do not receive the money.Russia and American both have signed extradition treaty but still Russian authorities failed to take action, it is still not clear why they did not take appropriate action against the Russian hackers. Both nations struggled to gain jurisdiction over each other. FBI decided to take things into their own hands by setting up a secret operation, undercover agents posed as reprenstatives of a bogus security firm Invita. The bogus security firm invited the Russian hackers to USwith prospects of employment. When the interview for employment by the bogus firm Invita was being carried out, the Russian hackers were asked to display there hacking skills, one of the hackers accessed his own system in Russia to show off his skills, the FBI recorded every keystroke and later arrested the Russian hackers for multiple offences such as hacking, fraud and extortion. The keystrokes recorded were later used to hack into one of the hackers computer in Russia to acc ess incriminating evidence. All this took place without the knowledge of Russian authorities.When Russian authorities came to know about whole incident, they were furious and argued that US misused their authority and infringing on another sovereign nations jurisdiction. Lack of co-operation in relation to jurisdiction can lead to serious problems between nations, in order to avoid such conflicts, there is need to address the jurisdiction issue and come up with a mechanism which ensures that countries co-operate with each other.Where is the Jurisdiction?In the real world crime, the conduct and the effect of the conduct are easy to pin down because we can visibly see the human carrying out the conduct and the effect of the conduct is also visible. The location of the offence and the location of the perpetrator can easily be identified. Imagine a situation in which a shooter in Canada shots an American across Niagara Falls, it is clear from the example that the conduct took place in C anada and the effect of the conduct took place in Canada.Cyberspace is not real, people say that events on cyberspace occur everywhere and nowhere, a man disseminating a virus could release a virus which travel through servers of many different country before reaching the victim, for e.g. a person makes a racist website targeting Jews in Malta, uploads the website on American servers and the website is available for everyone to see, a Jewish living in Israel comes across the website and gets offended.In a situation like this where would you bring an action, should you bring an action in Malta because the perpetrator is based over there, would bring an action in America where the server is hosted or would bring the action in Israel where the victim is? There are specific laws regarding jurisdiction issues on the internet, the world is still struggling to come up with a solution which would solve the problem of jurisdiction.Positive or Negative Jurisdiction?The principle of negative j urisdiction occurs when no country is willing to exercise jurisdiction for a cybercrime. Cybercrime can have multiple victims in different countries the love bug caused damage in many different countries including USA, UK, France and Germany. If the damage is caused to multiple countries then who should claim jurisdiction over the cybercrime, should it by prioritised by the amount of damage suffered by each country. If the effected countries decide not to take action against the perpetrator because it is not in their best interest, the country may be occupied by other internal problems. If no country is willing to exercise jurisdiction over a cybercrime then the perpetrator would walk free.Positive jurisdiction is opposite of negative jurisdiction, how will the issue of jurisdiction be decided if more than two countries want to exercise t
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.