Cyber Laws - Part I
Transcript of Cyber Laws - Part I
CYBER LAWS
JUDE JERRY SALMON I
FRAMEWORK
Cyber Crimes & Cyber laws Need for Cyber Laws Cyber Security - International Legal
Landscape - National Legal Approaches - Multinational Organizations - Practical Considerations Cyber Security – Indian Initiatives - Recommendations Conclusion
CYBER CRIMES
"Computer or Cyber crimes are considered as illegal, unethical or unauthorized behavior of people relating to the use of Computer Systems and Networks”
Interference with lawful use of a computer Dissemination of offensive materials Threatening communications Forgery/counterfeiting Fraud Cyber Warfare
CYBER LAWS
Cyber Law is the law governing Cyber space
Cyber law encompasses laws relating to: - Cyber Crimes - Electronic and Digital Signatures - Intellectual Property
- Data Protection and Privacy
NEED FOR CYBERLAWS
Intangible dimension of Cyber Space Boundary Independent Anonymity Open to participation for all Gigantic traffic volumes every second The development of cyber law is
fundamental to determining conduct in cyberspace
UNITED STATES
Computer Fraud and Abuse Act ,1984 Federal Information Security
Management Act Graham-Leach-Bliley Financial Services
Modernization Act,1999 Homeland Security Act (Cyber Security
Enhancement Act),2002 Patriot Act of 2001 US – CERT, 2003
EUROPEAN UNION
Council Framework Decision on Combating Cyber terrorism of 2002
Council Framework Decision on attacks against information systems of 2005
Directives - Critical Infrastructure Protection - ISP liability - Personal Data Protection
Council of Europe
Convention on the Prevention on Terrorism,2005 CoE Convention on Cybercrime,2001
- Substantive Criminal Law
- Procedural Law
CC provides for countries: - Coherent national approach to legislation on
cybercrime
- Harmonization of criminal law provisions on cybercrime with those of other countries
- Legal and institutional basis for international Legislative and judicial cooperation with other parties
ITU
ITU Global Cyber Security Agenda (GCA) ITU Child Online Protection (COP) ITU Regional Cyber Security Networks Pacific Computer Emergency Response
Team (Pacific CERT) International Multilateral partnership
Against Cyber Threats (IMPACT)
INTERPOL
Interpol coordinates its activities through National Central Bureaus in individual countries
Global Protocol on Cyber security and Cybercrime
Working Party on Information Technology Crime
Computer Emergency Response Team (CERT)
Coordination with ASEANAPOL & EUROPOL
UNITED NATIONS
Resolution on Cyber security and the protection of Critical Information Infrastructures – 2003
Developments in the Field of Information and Telecommunications in the Context of International Security
Resolution on Combating the Criminal Misuse of Information Technology
UNCITRAL UNGIS
Group of Eight (G8)
Senior Experts Group on Transnational Organized Crime & Subgroup on High-Tech Crime
1997 Principles & Action Plan to Combat High-Tech Crime
1999 Principles on Trans-border Access to Stored Computer Data
Recommendations for Tracing Networked Communications Across National Borders
24/7 Points of Contact
Practical Considerations
International dialogue on cyber governance, crime and security is imperative, long over due and still embryonic
Law enforcement exercises its functions in foreign jurisdiction only with consent of foreign government
If evidence (or criminal) is located in another country, need to have the assistance of criminal law enforcement in that country for extradition
Criminals have become proficient at routing through countries, finding open proxies, botnets, etc.
Practical Considerations
Digital divide between nation-states Cyber security challenges involve a
spectrum ranging from the state level to non-state groups to individuals
At present there is no consensus on what constitutes an act of war in cyberspace
Coalescing common rules will be long and arduous
RECOMMENDATIONS
International Cooperation: Extradition Spontaneous Information Sharing Expedited Preservation of Stored Computer
Data Expedited Disclosure of Preserved Traffic Data Accessing of Stored Computer Data Real-time Collection of Traffic Data Interception of Content Data 24/7 Network
THANK YOU