GLOBAL RESILIENCY……….

CYBER-LAW AND ITS IMPACT ON CYBER-CRIME 

WHITE PAPER - SPRING 2010

ABSTRACT

Issues with respect to the proper ownership and jurisdiction of information contained on the internet have set the stage for an ongoing legal debate over Cyber-Law and its impact on Cyber-Crime.Enhanced Global Cyber-Security and proposed governing regulations are not a luxury, but a necessity, for today’s business and government entities which operate in real time environments. An amazing amount of information flows through cyberspace at speeds never before imagined, with hundreds of millions of various types of transactions executed and communications received immediately after they are initiated by senders across the world.

Cyber-Law is a new concept which encompasses a variety of legal issues related to use of communicative, transactional, and distributive aspects of networked information devices and technologies the Internet. Actually, this field is so new, that it is more a form of regulation and compliance than that of an actual set of laws. Many of the leading discussion topics include intellectual property, freedom of expression, jurisdiction, E- commerce, business ethics and individual privacy.  This paper will address the implementation of Cyber-Law and the impact it has on Cyber-Crime across an international community.    

INTRODUCTION

One of the major obstacles inherent in Cyber-Law is whether to perceive the Internet as a physical location with defined boundaries (such as in the case of any public or private sector entity) or to treat it as if it were an island unto itself and therefore free of regulatory jurisdiction. Many in the field of information and cyber technology feel that it is better to treat the internet as a separate self regulated community. 

Their contention is that increased governmental regulations from the outside will distort and paralyze the true example of “Cyber-expression.” Their assumption is that an individual should have the right to freely create and disseminate information throughout the internet without fear of reprisal or intrusion.Proponents of a more coordinated approach, stress that there should be a compromise between the free expression of individual ideas and the importance of specific information. Data contained in a single transaction could be covered by various wide ranging sets of regulations and thereby set the stage for excessive legal debates. Within the realm of self expression and regulatory compliance, lies the constant threat of cyber crime, for which there is little or no global governance, standardization and compliance regarding the cyber-abyss which we call the internet.Cyber crimes are those harmful acts committed from or against a computer or network and differ from most standard criminal acts.

Cybercrimes are relatively easy to commit since they generally require few resources, but have the potential to cause grievous damage to a system or network. Additionally, they can be committed in an otherwise “non-jurisdictional” fashion, whereby the perpetrators do not need to be physically present to initiate the illegal act.Examples of this would be the legality of informational websites from one country to another, as well as multiple telecommunications providers. Many of these so called “informational sites” are nothing more than filters whereby business or personal information is collected and then utilized by the host entity without the subscriber’s knowledge.

Due to the lack of a uniform and structured jurisdictional code, individuals within the legal community are left to continue to grapple with the issue of ownership, compliance and accountability.The anonymity equated with cyberspace has allowed this new generation of “cyber-criminal” to realign and re-direct information from one location to another while utilizing fabricated VPN addresses. These supposed secure addresses are utilized by an individual or group to extract both personal and financial information from unsuspecting clients. Any unscrupulous person with an internet connection has the potential to become an “internet predator” with the capability to reach an audience of millions with little-to-no effort.

According to a 2009 study conducted by McAfee, It is estimated that this form of data theft costs global businesses as much as $1trillion dollars annually due to security breaches in their IT infrastructure. The backbone must be continually be repaired and upgraded to combat the constant attacks upon each individual network.The information contained in the report, entitled “Unsecured Economies: Protecting Vital Information”, is based on a survey of more than 800 chief information officers based in the United States, UK, Germany, Japan, China, India, Brazil and Dubai.Those responding to the survey estimated that globally they sustained $4.6 billion in losses due to the pilfering of data from their network and spent another $600 million in strengthening their IT infrastructure. 

The report contained an alarming contrast and noted that newly emerging countries are spending substantial amounts of money on upgrading and protecting their financial and intellectual resources than their Western business counterparts.Countries such as China, Australia, Singapore, Iran, Saudi Arabia, and Tunisia,  have drawn a line in the sand by incorporating a filtering system which strains unwanted information from the internet.  This in one regard restricts access to certain forms of information, yet provides an additional layer of protection from predatory attacks.This tightening of access to certain types of information brings to light new questions of state sponsored censorship, but, provides enhanced security against continued cyber attacks. But, without a set of standardized rules and regulations regarding cyber based data transfers, the continued potential for cyber-security threats continues to grow which can further impact the ability of individual security managers and IT professionals to effectively battle against cyber-criminals whose sole purpose is to destroy the global economy.

On March 23, 2010, U.S. Senators Kirsten Gillibrand (D-NY) and Orrin Hatch (R-UT)  introduced the International Cybercrime Reporting and Cooperation Act -- a new bill designed to discourage global cybercrime and foster a new global effort of cooperation among international cybercrime law enforcement agencies.  This new legislation that would require the U.S. government to monitor the current cybercrime indices of other countries and deliver assistance and/or sanctions to those countries based on the findings. Also, it will require the president to provide a global assessment, identify threats from abroad, work with other countries to crack down on their own cyber criminals, and urge the President to cut off U.S. assistance and resources for countries that refuse to take responsibility for cyber-security. Incidentally, it may be noted that Malaysia has seen an increase in cyber related crime from 2007 through 2009 and has documented over 4,000 complaints which are mostly tied to hacking, fraud, viruses and denial of service. Alarmingly, most cases of cybercrime go unreported and few in number are ever fully investigated or prosecuted. 

Though currently, 45 countries have some type of cyber laws or regulations in place, the threat of full prosecution in less than substantial.  With limited resources and staffing, most international enforcement agencies have partnered with local law enforcement to combat the constant attack from cyber-criminals which ties directly to the more alarming threat of cyber-terrorism. 

SUMMARY

With these continued threats, the laws governing such acts have not kept up with the growth of the internet and it still remains a huge challenge to garner a coordinated effort among the major industrial nations to effectively produce a set of comprehensive regulations and laws which will address the coordinated attacks by cyber enemies who are intent on destroying current global information infrastructures and financial networks.