CYBER LAWS

JUDE JERRY SALMON I

FRAMEWORK

Cyber Crimes & Cyber laws Need for Cyber Laws Cyber Security - International Legal

Landscape - National Legal Approaches - Multinational Organizations - Practical Considerations Cyber Security – Indian Initiatives - Recommendations Conclusion

CYBER CRIMES

"Computer or Cyber crimes are considered as illegal, unethical or unauthorized behavior of people relating to the use of Computer Systems and Networks”

Interference with lawful use of a computer Dissemination of offensive materials Threatening communications Forgery/counterfeiting Fraud Cyber Warfare

CYBER LAWS

Cyber Law is the law governing Cyber space

Cyber law encompasses laws relating to: - Cyber Crimes - Electronic and Digital Signatures - Intellectual Property

- Data Protection and Privacy

NEED FOR CYBERLAWS

Intangible dimension of Cyber Space Boundary Independent Anonymity Open to participation for all Gigantic traffic volumes every second The development of cyber law is

fundamental to determining conduct in cyberspace

UNITED STATES

Computer Fraud and Abuse Act ,1984 Federal Information Security

Management Act Graham-Leach-Bliley Financial Services

Modernization Act,1999 Homeland Security Act (Cyber Security

Enhancement Act),2002 Patriot Act of 2001 US – CERT, 2003

EUROPEAN UNION

Council Framework Decision on Combating Cyber terrorism of 2002

Council Framework Decision on attacks against information systems of 2005

Directives - Critical Infrastructure Protection - ISP liability - Personal Data Protection

Council of Europe

Convention on the Prevention on Terrorism,2005 CoE Convention on Cybercrime,2001

- Substantive Criminal Law

- Procedural Law

CC provides for countries: - Coherent national approach to legislation on

cybercrime

- Harmonization of criminal law provisions on cybercrime with those of other countries

- Legal and institutional basis for international Legislative and judicial cooperation with other parties

ITU

ITU Global Cyber Security Agenda (GCA) ITU Child Online Protection (COP) ITU Regional Cyber Security Networks Pacific Computer Emergency Response

Team (Pacific CERT) International Multilateral partnership

Against Cyber Threats (IMPACT)

INTERPOL

Interpol coordinates its activities through National Central Bureaus in individual countries

Global Protocol on Cyber security and Cybercrime

Working Party on Information Technology Crime

Computer Emergency Response Team (CERT)

Coordination with ASEANAPOL & EUROPOL

UNITED NATIONS

Resolution on Cyber security and the protection of Critical Information Infrastructures – 2003

Developments in the Field of Information and Telecommunications in the Context of International Security

Resolution on Combating the Criminal Misuse of Information Technology

UNCITRAL UNGIS

Group of Eight (G8)

Senior Experts Group on Transnational Organized Crime & Subgroup on High-Tech Crime

1997 Principles & Action Plan to Combat High-Tech Crime

1999 Principles on Trans-border Access to Stored Computer Data

Recommendations for Tracing Networked Communications Across National Borders

24/7 Points of Contact

Practical Considerations

International dialogue on cyber governance, crime and security is imperative, long over due and still embryonic

Law enforcement exercises its functions in foreign jurisdiction only with consent of foreign government

If evidence (or criminal) is located in another country, need to have the assistance of criminal law enforcement in that country for extradition

Criminals have become proficient at routing through countries, finding open proxies, botnets, etc.

Practical Considerations

Digital divide between nation-states Cyber security challenges involve a

spectrum ranging from the state level to non-state groups to individuals

At present there is no consensus on what constitutes an act of war in cyberspace

Coalescing common rules will be long and arduous

RECOMMENDATIONS

International Cooperation: Extradition Spontaneous Information Sharing Expedited Preservation of Stored Computer

Data Expedited Disclosure of Preserved Traffic Data Accessing of Stored Computer Data Real-time Collection of Traffic Data Interception of Content Data 24/7 Network

THANK YOU