Question

Question 3 (20 marks)
(a) What are the differences in nature between cyber security and crime versus other kinds of crimes or other kind of police. (10 marks)
(b) What are the possible difficulties for imposing regulation to cyber crime? (10 marks)

Answer 1

Cybercrime law includes laws related to computer crimes, internet crimes, information crimes, communications crimes, and technology crimes. While the internet and the digital economy represent a significant opportunity, they’re also an enabler for criminal activity. Cybercrime laws are laws that create the offences and penalties for cybercrimes.

Cybercrime describes:

• crimes directed at computers, data or information communications technologies (ICTs), and
• crimes committed by people using computers or ICT.

Cybercrime is a global problem, which requires a coordinated international response. We help organisations comply with the regulatory requirements that come out of cyber laws.

(a) Cybercrime as a separate entity to traditional crime, it is carried out by the same types of criminals for the same type of reasons.

These hackers are professional thieves, criminal gangs, disgruntled employees, professional competition, activists, disillusioned youth and state adversaries. They have the same motivations as traditional criminals such as boredom and vandalism, ideological or political support, malice or revenge, monetary gain through extortion or sale of illegally obtained data, terrorism or notoriety and sensationalism.

Following are the differences between cyber crime and other kinds of crime:-

• Scale:- Attacks can be conducted on a scale not possible in the physical world. A traditional bank robber may only be able to hit one or two banks a week, a cyber-attack can target 100’s if not 1000’s of sites at once.
• Reach:- Attacks can be performed from anywhere in the world; they can be performed anonymously and within jurisdictions where the consequences of those actions may not, or cannot, be addressed by the criminal justice system. Attackers are also able to extract far more data digitally than would ever be possible in the physical world. For example 1 gigabyte of data is approximately 4,500 paperback books. Think of how many gigabytes of data is held on a system, hackers can extract this within a matter of minutes.
• Speed :- Attacks are conducted at machine speed; a criminal can write a piece of code that can target multiple sites in minutes.
• Perception and media effect:-  There is another part of the cyber threat to be considered, the public and media perception of cyber crime. When large financial institutions have been hacked the media has often wholly apportioned blame to the organisations rather than the criminals, this would not be the case in a physical bank robbery.

​​​​​​​

(b) The world of cyber crime is more complicated. There are too many cybersecurity incidents and too little law enforcement resources available to keep up with the crime. To add more complexity to the issue, there are jurisdictional boundaries that prevent criminals from being prosecuted.

The challenges faced by mankind which makes cybercrimes intractable are discussed as follows:-

1. Identity of cybercriminals. There is no easy means of identifying who is doing what and where is a user of the Internet is situate at any point in time; the global information system is free and there is no perquisite that needs to be fulfilled, before a user can login to connect with anywhere and anyone across the globe. Thus, the unfettered freedom of information and communication enables the cybercriminals to hide their identity using different telecommunications gadgets so as to make it impossible to trace the online Internet Protocol (IP) address of any user. Further, if the IP address of a cybercriminal were traced to a particular location, the next hurdle cannot be scaled as the identity of a cybercriminal is undisclosed to the owner or operator of Internet service provider.
2. Jurisdictional challenges. One of the challenge to enforcement of cybercrime laws is jurisdiction. Taking into cognizance the time tested principles of state independence, sovereignty and territorial integrity, each nation-state of the world, have the authority to make laws binding on things and all persons within its geographical entity, called a country. For the above stated reason of nation-states making laws on the same matter from different jurisdictions, conflict of laws is unavoidable. Jurisdiction may be defined as the power of a court or judge to entertain an action, petition or proceedings. A distinction ought to be made between the use of the term jurisdiction in extra-territorial and intra-territorial situations. While intra-territorial competence of a court concerns the authority of a court to hear and determine an issue upon which its decision is sought, the significance of extra-territorial competence of a court comes into focus when its judgment is sought to be enforced outside the forum.
3. Extradition processes challenge. The word extradition is an amalgamation of two French words viz. ex - which means “out” and tradition - “deliverance.” It is the process of returning somebody accused of a crime by a different legal authority for trial or punishment. 10 Extradition has also been defined as the surrender by one state to another of a person accused of committing an offence in the latter. A casual glance at the definition of extradition as above, would ordinarily raises the hope that, if a person is alleged to have committed a cybercrime in one jurisdiction and escapes to another country, all that needs to be done by the country where the cybercriminal is domiciled is expeditiously return the said criminal to the requesting country, to face trial, however, in practice, this is not so because of the principle of state independence and sovereignty earlier stated before now. UInder international law, there is no instrument that imposes on sovereign nations an obligation to automatically return cybercriminals for trial. In effect, countries where cybercriminals are situate, for different reasons, more often than not, refuse to extradite cybercriminals and this development, present an insurmountable challenge to the enforcement of cybercrime laws across the globe. One of the biggest hurdles to extradition of criminals to requesting states is the “unruly legal horse” called jurisdiction; jurisdiction is often invoked by countries to deny extradition especially if the requested state have jurisdiction to try criminals, who is a national of the requested state; as such, the requesting state have no choice than abide with that decision not to commence extradition. By this development, the object of criminal justice as in the enforcement of applicable cybercrime law is defeated by the legal hurdle placed in the part of justice by law. Quite a number countries having in their laws, jurisdiction to conduct trials over their nationals for offences committed abroad includes but not limited to: Austria, Brazil, The Czech Republic, France, Germany, and Japan. This paper is cognizant of the controversy surrounding the propriety of conducting trials by countries regarding their nationals for crimes committed abroad and feels that it is most unlikely that justice can hardly be done which of course compound the enforcement of cybercrime laws.
4. The challenge regarding the nature of evidence. The other impediment to the enforcement of cybercrime laws is the nature of evidence available in the custody of prosecution and the admissibility of same, during the course trial of cybercriminals. Evidence is that which tends to prove the existence of some fact. It may consist of testimony, documentary evidence, real evidence and when admissible. The law of evidence comprises all the rules governing the presentation of facts and proofs in proceedings before a court, including in particular the rules governing the admissibility of evidence and the exclusionary rules . Evidence could take any form such as circumstantial, conclusive, direct, extrinsic, primary, secondary etc. but the purview of evidence with respect cybercrimes is application of science to decide questions arising from crime or litigation known as forensic.
5. Cost, time and efforts incurred in investigation and prosecution. The nature of evidence, that is, forensic, needed in the prosecution of cybercrimes, the cost of same as a scientific crime solving approach as opposed to gathering of evidence in terrestrial crimes is not particularly cheap because of the high-tech equipment, materials and expertise involved to carry out such investigations.In cases where a criminal is wanted extraterritorially, many issues crops up which represents additional costs in the investigation of the cybercrime and these includes air travels where it is expedient that investigators have to be physically present in another jurisdiction, and where not, telephones and Tele-conferences, are not avoidable because investigators need to interact in other jurisdictions so as to effectively pool efforts together to unravel cybercrime; and such interactions between investigators, it must be noted, is not that easy due to time differences. Further, with respect to different jurisdictions is the issue of language barrier, thus where Chinese investigators must work with English counterparts, language differences occasion problems which must be sorted out by translators at additional cost ditto where there is need for exchange of documents, same must be translated thus warranting extra cost.
6. Lack of adequate legislation and ineffective ones where extant. The enforcement of cybercrime laws have largely been hampered due to inadequate legislations and the ineffectiveness of same where there are extant laws in place for cybercrimes. According to the United Nations, 32 there are 193 Full UN Members, 2 Observer States and 6 States with partial recognition, making a total of 201 countries in the world. Out of this number, only about 79 countries (Ajayi, 2015), the majority being in Western Europe comprising 47 countries, have laws specifically enacted for cybercrimes; a simple inference that could be drawn from above data is that less than 40% of countries in the world have laws forbidding cybercrime. Given the scenario of lack of relevant legislations specifically in place for cybercrime, it goes without saying that the development tantamount to giving cybercriminals a license to operate freely without fear but rather with impunity. It is instructive to note that even where there are legislations on cybercrimes, the provisions of the said extant laws are not severe enough to deter cybercriminals from their illegal acts. From all the foregoing, it is apparent that the state of the law is not punitive enough and by so doing, even if the extant laws are enforced, it would make little or no impact on the cybercriminals as the laws cannot possibly deter criminals from their illegal acts.

The problem of crime conducted over the Internet is a vexing one for its victims and for law enforcement. It is easier to commit a crime using the Internet than it is to punish the perpetrator of the crime. As a result, governments must develop new ways to prevent and punish Internet crime. This will involve new legislation as well as new applications and amendments for existing laws. At the same time, it is important that law enforcement efforts not impede lawful conduct by companies or individuals. Sometimes the government's purposes run counter to those of the business community, as in the case of encryption. Companies would like to have sound encryption technology to protect Internet transactions. The government, however, is concerned such technology will allow criminal activity to escape detection. There are also serious privacy and free speech concerns on which government and individuals may take different positions. Regulating Internet crime effectively will require continued development of laws and enforcement practices.