Cyber crime regulation

NEED The criminal abuse of information technology and the necessary legal response are issues that have been discussed ever since technology was introduced. Over the years, various solutions have been implemented at the national and regional levels. One of the reasons why the topic remains challenging is the constant technical development, as well as the […]

by Khushbu Jain - December 11, 2021, 10:40 am

NEED

The criminal abuse of information technology and the necessary legal response are issues that have been discussed ever since technology was introduced. Over the years, various solutions have been implemented at the national and regional levels. One of the reasons why the topic remains challenging is the constant technical development, as well as the changing methods and ways in which the offences are committed. The reliance on traditional theories, could not help combat cybercrime, and new laws and enforcement measures are required to address them. The Information Technology Act 2000 and amendments thereafter were not drafted with an eye on the level of involvement of computers that we see today in crimes. The legislation lacks when combating new age computer crimes.

DIFFERENCE OF CYBER LEGISLATION FROM CONVENTIONAL LAWS & LEGISLATIONS:

Computer crimes are ‘inherently different’ from other criminalities, and therefore they constitute a new category of criminal conduct. Nonetheless, the traditional laws were drafted long before the appearance of computers, and were drafted without any prediction of the involvement of computers. Therefore, the inadequacy of traditional criminal law in cyber context, the various reactions to computer crimes of individual states, to protect the financial interests, and to enhance the national security it is imperative to have/ to enact a new statute to keep up with the developments of technology and related crimes.

4 IMPORTANT QUESTIONS:

This brings to considering the four aspects:

Do we need cyber-specific legislation to regulate cybercrime?

If we do need this specific legislation, what adequate and systematic approaches can this legislation take to determine and regulate cybercrime?

What principles are sufficient and appropriate to determine jurisdiction over cybercrime?

What is the function and influence of the Convention on Cybercrime in shaping appropriate legislation and fostering international cooperation against cybercrime?

PROBLEMS FACED IN COMBATING CYBERCRIME

The Technology Era we are in and risks associated with it requires developing various strategies aimed at reducing the risk posed by cyber wrongdoing, and legislation is an indispensable part of their strategy. For effective legislation in tackling cyber wrongdoing, especially when it comes to combating cybercrime below mentioned issues/ problems needs attention.

The first problem faced by criminal law systems is that existing criminal offences fail to cover the newly emerged forms of cyber wrongdoing.

The second problem is that even where there are cyber-specific offences on the statute books, the transitional nature of cybercrime can blur their scope. ‘Criminal sanction is the most drastic of the State’s institutional tools for regulating the conduct of individuals,’ thus the scope of criminal law must intentionally be limited. However, criminal provisions with such ‘intentionally’ limited scope soon become outdated when faced with the rapid evolution of cybercrime. Developments in computers themselves can serve as an example. In the field of cybercrime legislation, the concept of the computer undeniably enjoys a central position;

The third aspect is that the transnational nature of cybercrime confounds traditional principles of jurisdiction. Not only is there an issue of which country has the authority to prosecute, but also the question of which country has priority to prosecute if more than one country claims jurisdiction. Stories are often reported in newspapers in which an actor from country A commits cybercrime in country B by hacking into a computer located in country C. In such a case, which country has the jurisdiction to prosecute the actor and bring them to trial?

Lastly, cybercrime also presents problems at the international level. Namely, cross-border cybercrime manifests the inconsistencies of laws and regulations across state boundaries. Cybercrime is national: making it an offence by nature something which national legislation should govern. However, it also has international consequences: a country’s position as regards cyber laws or lack of cyber laws can have a considerable impact on other countries.

International Dimensions:

Cybercrime often has an international dimension. For example, emails with illegal content, illegal financial transactions etc often pass through a number of countries during the transfer from sender to recipient, or illegal content is stored outside the country. Within cybercrime investigations, close cooperation between the countries involved is very important. The existing mutual legal assistance agreements (with some states) are based on formal, complex and often time-consuming procedures, and in addition often do not cover computer-specific investigations. Setting up procedures for quick response to incidents, as well as requests for international cooperation, is therefore vital.

EXCHANGE OF INFORMATION: (AT NATIONAL LEVEL AND INTERNATIONAL LEVEL)

1. Each State party shall consider analysing, in consultation with relevant experts, trends with respect to cyber crimes in its territory, as well as the circumstances in which such offences are committed.

2. The States parties shall consider disseminating statistics and analysis concerning cyber crimes with a view to developing, to the extent possible, common definitions, standards and methodologies, including best practices to prevent and combat such offences, and share them with one another and through international and regional organizations.

3. Each State party shall consider monitoring its policies and practical measures to combat cyber crimes, as well as assessing their effectiveness.

COOPERATION BETWEEN LAW ENFORCEMENT AGENCIES:

In a National Context:

At times, several agencies are involved in dealing with a single cybercrime or incident and therefore it becomes imperative that a close cooperation and coordination is maintained between different agencies involved in such a case, with the aim of increasing the efficiency of law enforcement action to combat the cyber offences.

AT INTERNATIONAL LEVEL

State parties shall cooperate closely with one another, acting according to their respective domestic legal and administrative systems, with the aim of increasing the efficiency of law enforcement action to combat the cyber offences. For example, State parties shall take effective measures aimed at:

a) strengthening or, where necessary, establishing channels of communication between their competent authorities, agencies and services to ensure secure and rapid exchange of information about all aspects of the offences covered by this Convention, including, if the States parties concerned deem it appropriate, links with other criminal activities;

b) cooperation with other States parties in conducting investigations in relation to the offences covered by this Convention for the purpose of establishing:

i) the identity, whereabouts, and activities of persons suspected of involvement in such offences or the whereabouts of other persons involved;

ii) the movement of proceeds of offences or property derived from the commission of such offences;

iii) the movement of property, instruments, equipment, or other means used or intended for use in the commission of such offences;

c) transferring items that were used to commit offences, including instruments of offence; items that were acquired as a result of offences or as a reward for them, or items that the offender received in exchange for items acquired in this way; and items that may serve as evidence in a criminal case;

CONCLUSION:

The range of technology-enabled crime is always evolving, both as a function of technological change and in terms of social interaction with new technologies. With each preceding year, new trends in computer crime and cybercrime continue to be discovered in the 21st century. The first decade of the new millennium was dominated by new, highly sophisticated methods of committing crimes, such as “phishing”, and “botnet attacks”, and the emerging use of technology that is more difficult for law enforcement to handle and investigate, such as “voice-over-IP(VoIP) communication” and “cloud computing”. It is not only the methods that changed, but also the impact. As offenders became able to automate attacks, the number of offences increased. Responding to the growing challenges and nuances, it is high time that India enacts separate cybercrime legislation on high priority keeping in mind, at the national level, the limited coverage of traditional criminal provisions, the transitional nature of cybercrime, and the conflicts arising from jurisdictional issues are the main problems and At the international level, the inconsistencies among national legislations and non-existence of specific global treaty which need attention. The legislation should cover aspects related to newage cyber crimes, punishments, jurisdiction and cross border understanding on combating cybercrime for ensuring a safe, secure, resilient, vibrant, & trusted cyberspace.

(Khushbu Jain is advocate practicing in Supreme Court and Partner of law firm Ark Legal)