Comparative Cybercrime Laws - Research Paper Example

 Comparative Cybercrime Laws "It is not the function of Government to keep the citizen from falling into error; it is the function of the citizen to keep the Government from falling into error." Robert H. Jackson (1892-1954), U.S. Judge Comparative Law: Introduction Comparative law has been defined as a study of differences and similarities between the laws of different countries and regions around the world. Theoretically speaking, it is the academic study of legal systems by comparison with each other, and has a convention going back over long periods of time such as a century. In recent times, the comparative law entails study of the different legal systems in existence in the world, including the international law, socialist law, constitutional law, cyber law, civil law, common law, Islamic law, Chinese law, and Hindu law. Over the years the study of comparative law has achieved pragmatic substance for two reasons. To start with, the “global village” or the increased globalization of world trade, involving the need to engage in commerce with nations with unfamiliar legal systems. For another thing, the codification of multilateral associations like the European Union, the African Union, or the Arab League has demanded harmonization of laws of their member states. Moreover, there are publications and Internet resources that assemble legal materials from several jurisdictions, without necessarily undertaking comparisons, but they can be seen as “tools of the trade” for comparative lawyers (Norman 2006). Over the last 100 years, comparative law has emancipated into several distinct branches such as comparative criminal law, comparative tax laws, comparative civil law, comparative administrative law, comparative trade laws, comparative commercial law, comparative cyber laws, comparative Intellectual Property Law, comparative constitutional law, and comparative constitutional law. Montesquieu's comparative law According to the prevalent view, Montesquieu is regarded as the 'father' of comparative law. His comparative approach is obvious in the following excerpt from Chapter III of Book I of his masterpiece, De l'esprit des lois: "[The political and civil laws of each nation] should be adapted in such a manner to the people for whom they are framed that it should be a great chance if those of one nation suit another. They should be in relation to the nature and principle of each government; whether they form it, as may be said of politic laws; or whether they support it, as in the case of civil institutions. They should be in relation to the climate of each country, to the quality of its soil, to its situation and extent, to the principal occupation of the natives, whether husbandmen, huntsmen, or shepherds: they should have relation to the degree of liberty which the constitution will bear; to the religion of the inhabitants, to their inclinations, riches, numbers, commerce, manners, and customs." Also, in Chapter XI (entitled 'How to compare two different Systems of Laws') of Book XXIX he advises that 'to determine which of those systems [i.e. the French and English systems for the punishment of false witnesses] is most agreeable to reason, we must take them each as a whole and compare them in their entirety.' Yet another excerpt where Montesqieu's comparative approach is evident is the following one from Chapter XIII of Book XXIX: 'As the civil laws depend on the political institutions, because they are made for the same society, whenever there is a design of adopting the civil law of another nation, it would be proper to examine beforehand whether they have both the same institutions and the same political law.' Applicability of the Comparative Concepts The applicability of comparative concepts is still an open question posed to the discipline of comparative law. Comparative concepts are concepts that are applied in micro-comparative research. They provide with criteria on the basis of which the rules of different legal systems may be compared. There are different forms of comparative concepts; their relative usefulness in comparative law is examined here. The important distinction between functional or sociological concepts on the one hand and non-functional or immanent concepts on the other is made. (Laer 1998). Cybercrime: Meaning and Overview Cyberspace is a term that was coined by William Gibson in his 1984 novel "Neuromancer" and is now used to describe the entire spectrum of computer networks and associated activities that take place over computers and their interconnected networks which in their largest manifestation form the internet. This ‘virtual space’ has no national or jurisdictional boundaries since its ether resides in and interacts with the network of hundreds of thousands if not millions of computers and users at the same time (Jamil 2006) A crime that is committed through the use or aid of any communication device such as the telephone line, the mobile network, or the Internet is termed as Cybercrime. Examples of cybercrime include copyright crimes, authorized access, denial-of-service, telecom fraud, spamming, and proliferation of computer virus and malicious code. An international legal definition is cybercrime that is used by most of the countries in Europe and North America as well as South Africa and Japan was agree in the Convention on Cybercrime that entered into force on 1st July 2004 (Adamski 1998). The cybercrimes are spreading at a great speed around the world. Research has illustrated that a new cybercrime registers every 10 seconds in the Great Britain. Computer hackers struck 3.24 million times during 2006 (Wall 2007). Proliferation of Cybercrime The investigations carried out by US Federal Bureau of Intelligence (FBI) reflected a worldwide explosion in cyber fraud. In 2006, the latest year for which data is available, complaints to the FBI's Internet Crime Complaint Center dipped 10 percent to 207,492, but total losses by individuals rose 8 percent, to $198.4 million (National Public Radio 2008). Other data released by Federal Bureau of Intelligence (FBI) depict an interesting trend in the spread of cybercrime in the United States. Globalization of cybercrimes The explosive growth of the Internet worldwide and computer crimes have created new-fangled international dimensions that were never heard of in the past. New issues such as harmonization of countries' criminal laws; locating and identifying perpetrators across borders; and securing electronic evidence of their crimes are now commonly faced by law enforcers around the world. Complex jurisdictional issues arise at each step. Several law enforcing agencies are now cooperating with each other in order to address global threats related to computer crime. The following information of the international efforts on prevention of cybercrimes has been retrieved from the Computer Crime & Intellectual Property Section, United States Department of Justice: The G8 (Group of 8) and the G8's Subgroup on High-Tech Crime On May 10-11, 2004, US government representatives with the Ministers for Justice and Home Affairs from the G8 countries (Canada, France, Germany, Italy, Japan, Russia, and the United Kingdom) and with the European Commissioner for Justice and Home Affairs. There were four primary topics of discussion: prevention of terrorism and serious criminal acts; border and transportation security; combating cybercrime and enhancing cyber-investigations; and fighting foreign official corruption and recovering stolen national assets. Cybercrime Convention On November 23, 2001, in Budapest, Hungary, the United States and 29 other countries signed the Council of Europe Cybercrime Convention, the first multilateral instrument drafted to address the problems posed by the spread of criminal activity on computer networks. The Cybercrime Convention requires parties to establish laws against cybercrime, to ensure that their law enforcement officials have the necessary procedural authorities to investigate and prosecute cybercrime offenses effectively, and to provide international cooperation to other parties in the fight against computer-related crime. OECD Guidelines for Cryptography Policy In early 1996 the Organization for Economic Cooperation and Development (OECD) initiated a project on cryptography policy by forming the Ad hoc Group of Experts on Cryptography Policy Guidelines. The Ad hoc Group was charged with drafting Guidelines for Cryptography Policy (Guidelines) to identify the issues which should be taken into consideration in the formulation of cryptography policies at the national and international level. The Ad hoc Group had a one year mandate to accomplish this task and it completed its work in December 1996. Thereafter, the Guidelines were adopted as a Recommendation of the Council of the OECD on 27 March 1997. Comparison of CYBERCRIME LAWS in various countires Over the years cyber laws have been bifurcated in various branches such as internet laws, cyber commerce (trading) laws, intellectual property laws, cyber/computer piracy laws, cyber privacy laws, identification-theft laws, pornography laws, hacking and spamming laws, etc. It is, therefore, almost impossible to compare all cyber laws in one paper due to time constraints. Hence, the researcher has decided to compare cyber consumer protection and e-fraud laws in three the Netherlands, the United States, and Australia. E-Fraud Protection in the Netherlands In 2004, the Dutch spent around € 1.5 billion on purchasing goods through the internet. Compared with the year 2003, this means an increase of 30%. Almost 4 million Dutch made online purchases in 2004. On average, their purchases were an amount of € 424, € 60 more when compared to the year 2003. This rise is caused by an increase in the sale of travel arrangements, flight tickets and insurance via the internet (Thuiswinkel 2004). In this contribution, we describe the legal framework that governs online purchases by consumers. This legal framework mainly protects the interests of the consumer. dutch legal framework on e-fraud protection In general, the purchase of goods is governed by the Dutch Civil Code (‘DCC’). The DCC provides for various mandatory rules which govern consumer purchases in particular. Online purchases are characterized by the ‘distance’ between buyer and seller. Buyer and seller do not meet each other and the buyer does not have the opportunity to inspect the goods prior to the conclusion of a purchase agreement. For distance purchases a specific set of rules is laid down in Section 9A of Book 7, DCC. This section basically implements the EC Directive on the protection of consumers in respect of distance contracts (97/7/EC).1 The aforementioned Section 9A gives the online consumer various rights which he does not have in relation to a traditional purchase. Likewise, the seller has various obligations which he does not have outside the scope of a distance sale. The most important right granted to online consumers is a cancellation right, i.e. the right to rescind online contracts for convenience. If the offering party has not provided the consumer with certain information, the period within which the cancellation right can be exercised is extended to three months. In the event of cancellation the consumer is only liable for the cost of returning the goods. The offering party must return all payments made by the consumer. The cancellation right does not apply to all online purchases of consumer products. No right of cancellation for convenience is granted with respect to, amongst others, audio and music CD’s and computer programs if the seal has been broken, newspapers and perishable products. Furthermore, certain types of purchases are entirely excluded from this specific consumer protection. For instance, a consumer who purchased a product through an online auction cannot invoke this protection. The consumer who purchases services online has, in principle, the same protection as the purchaser of goods, albeit that certain services such as financial services are excluded from this protection (Section 7:46 e DCC) (J. van den Brande & D.C. Elzinga, 2007). E-Fraud Protection in the United States of America Most traditional remedies are available and new uses have been found for some torts originally designed to deal with other types of wrong-doings. At the federal level, Section 5 of the Federal Trade Commission Act declares that unfair methods of competition in or affecting commerce, and unfair or deceptive acts or practices in or affecting commerce, are unlawful and gives the Federal Trade Commission (FTC) the task of preventing most businesses that are not otherwise regulated, from using unfair methods of competition in or affecting commerce, and unfair or deceptive acts or practices in or affecting commerce. Additionally, other specific traditional protections such as the Magnusson Moss Act and the Fair Credit Reporting Act apply to computer transactions equally as to other types of transaction. More recently, the Computer Fraud and Abuse Act has made illegal certain actions in respect of computers used in interstate or foreign commerce. The Federal Bureau of Investigation and the National White Collar Crime Center have set up an Internet Fraud Complaint Center in Morgantown West Virginia to which Internet fraud complaints may be submitted online. Also at the federal level, and also at the state law level, interesting use has been made of the anti-dilution provisions of the trademark law. At the state law level, the tort of trespass to chattels has suddenly become much more important than in the past. The Computer Fraud and Abuse Act The Computer Fraud and Abuse Act has made illegal certain actions in respect to "protected computers", which are defined as being computers used in interstate or foreign commerce or communication or computers used exclusively by financial institutions or the United States Government or computers used by financial institutions or the United States Government, albeit not exclusively, where the act in question affects use by or for a financial institution or the United States Government. Among the acts covered are: intentionally accessing and gaining information from any protected computer if the conduct involved any interstate or foreign communication or any information contained in a financial record of a financial institution or a credit card issuer; knowingly and with intent to defraud accessing a protected computer and thereby furthers the intended fraud and obtains something of value worth more than $5,000 in any one year period; knowingly causing the transmission of a program, information, code or command and as a result of such conduct intentionally causes damage without authorization to a protected computer; intentionally accessing a protected computer and thereby causing damage; and knowingly and with intent to defraud trafficking in any password or similar information through which a computer may be accessed without authorization. Among additional crimes covered by the Act are various unauthorized actions taken against U.S. Government computers. The statute has been used in the prosecution of, for example, the originator of the Melissa virus, computer hackers who hacked into AT&T and others' teleconferences to obtain credit card information, hackers who hacked into U.S. Government and NATO websites. Additionally, the statute has been invoked to bring civil actions against website operators who intentionally placed "cookies" on visiting users' computers without the user's consent or beyond the scope of the consent granted for purpose of monitoring their web activity. E-Fraud Protection laws in Australia Traditionally, there have been requirements at law for certain documents to be in writing and to be signed. There were also legal impediments preventing electronic documents and digital signatures from meeting these requirements. The Electronic Transactions Act 1999 (Cth) and corresponding state and territory acts (some of which are yet to be enacted as set out below at “Sources of Law”) aim to remove some of these legal impediments. The Act is based upon the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce. The Act adopts the following principles: * Functional equivalence - as far as possible, paper based commerce and electronic commerce should be treated equally by the law; and * Technology neutrality - the law should not discriminate between different forms of technology. E-commerce Protection The main issues arising for formation and administration of credit contracts on the internet are essentially the same issues which arise for all online contracts: (a) ensuring that the identity of the consumer is properly ascertained; (b) ensuring that the consumer has properly understood the terms and conditions of the contract; (c) ensuring that the consumer has undeniably accepted the terms and conditions; and (d) ensuring that the consumer has undeniably received copies or notices where the Credit Code requires these to be given. The Electronic Transaction Acts (when all in force) will ensure that electronic signatures are valid and that certain information and notices can be given electronically. As at March 2001, it appears that the sending of default notices under the Credit Code will be exempted from the operation of the Electronic Transaction Acts. Electronic communication An electronic communication is: * a communication of information in the form of data, text or images by means of guided or unguided electromagnetic energy; or * a communication of information in the form of speech by means of guided or unguided electromagnetic energy, where the speech is processed at its destination by an automated voice recognition system. Keeping electronic records If a Commonwealth law requires information to be recorded in writing, an electronic record will satisfy the requirement if at the time of recording the information it was reasonable to expect the information would be readily accessible for subsequent reference. If the use of a particular kind of data storage device is required, that must be used. If a Commonwealth law requires a written document to be kept for a particular period, an electronic version of that document will satisfy the requirement if the above conditions are met and the method for recording it assures the integrity of the information contained in the document. If a Commonwealth law requires an electronic communication to be kept for a particular period, a person retaining that information in electronic form will satisfy the requirement if all of the above conditions are met. Records must also be kept identifying the origin, destination, time of sending and time of receipt of the electronic communication. Comparative analysis of Cyber Consumer Protection and e-commerce laws in the Netherlands, the United States, and Australia The criteria used in the Netherlands and Australia and in the United States to establish the proper forum when parties come from diverse jurisdictions are significantly different. The United States has developed a series of tests that evaluate a defendant's contact with a state to determine if jurisdiction is proper. Recently, courts have applied these tests to Internet disputes. In contrast, rules of extraterritorial jurisdiction among countries of the European Union can be found in the Brussels Convention. JURISDICTION The Northlands and the United States use significantly different models to determine the proper forum between parties from diverse jurisdictions. The limits of extraterritorial jurisdiction in the United States were developed over the last fifty years through a series of cases, culminating in a flexible, fact-specific test that was easily applied to the Internet. In contrast, Member-States of the European Union base extraterritorial jurisdiction, with respect to citizens of other Member-States, on the Brussels Convention. Because the Convention delineates the contours of European extraterritorial reach in explicit terms, EU governments have found it difficult to apply to Internet transactions. The United States, in contrast to the Netherlands and Australia, does not use a "mechanical" test that defines the competent jurisdiction every time a contract is entered into between parties of diverse jurisdictions. Rather, a "realistic approach" is applied, which takes into consideration the "negotiations, contemplated future consequences, the terms of the contract, and the course of dealing between the parties." There are two basic requirements U.S. courts must consider before exercising jurisdiction over a non-resident. First, the jurisdictional claim must be consistent with the forum-state's long arm statute. Second, the long arm statute must comport with the due process requirement of the Constitution. According to the Brussels Convention, persons domiciled in an EU or Commonwealth member state may be sued in the courts of another Member State. In commercial contracts the plaintiff normally sues in the "place of performance of the obligation in question." "[I]n matters relating to tort, [jurisdiction is proper] in the courts for the place where the harmful event occurred; "Where [a person] is one of a number of defendants, [he may be sued] where any one of them is domiciled." Comparison While the rules of jurisdiction in the United States and in the Netherlands and Australia are significantly different, the results are similar with respect to consumer purchases. Generally, Australian and U.S. courts favor the consumer's forum. The differences between the two systems are obvious. With respect to consumer contracts under the Brussels Convention, there is a great deal of emphasis upon the consumer's side of transaction In contrast, American courts under the "minimum contacts" analysis, look to the actions of the supplier. Moreover, the Brussels Convention sets forth a well-defined standard that leaves little room for debate; if it is a consumer contract, the consumer chooses the forum. Under American jurisprudence, courts are required to make a factual inquiry as to the sufficiency of the contacts and the reasonableness of exercising jurisdiction over a non-resident. At this point in the comparison, one might assume that the European retailers are at a disadvantage when compared to their American counterparts because consumers may choose their own forum. However, when one compares the practical effect of the "minimum contacts" analysis and the Brussels Convention, it becomes obvious that both favor the consumers' forum to a similar extent. Bibliography 1. Adamski A. 1998, ‘Crimes Related to the Computer Network. Threats and Opportunities: A Criminological Perspective’ Helsinki, Finland: European Institute for Crime Prevention and Control, affiliated with the United Nations (HEUNI). Available at 2. Ardalan, Davar & Krantz, Laura and Bergal, Jenni (ed.), “Cyber Sleuths Zero In as Web Fraud Takes Toll”, 2008, National Public Radio. May 5, 2008. Available at 3. Charles de Secondat, Baron de Montesquieu, 1914. The Spirit of Laws, Translated by Thomas Nugent, revised by J. V. Prichard. Based on a public domain edition published in by G. Bell & Sons, Ltd., London. 4. C.J.P. van Laer. August 1998, ‘The Applicability of Comparative Concepts’, vol 2.2 Electrocnic Journal of Comparative Law, [Online], May 5, 2008. Available at 5. Computer Crime: International, Computer Crime & Intellectual Property Section, United States Department of Justice, May 5, 2008. available at 6. J. van den Brande & D.C. Elzinga, 2007, Cyber Consumer Protection and Fair Trading in the Netherlands, vol. 11.1 Electronic Journal of Comparative Law. Available at 7. Norman, Paul. April 2006, ‘Comparative Law’, Hauser Global Law School Program, New York University School of Law, [Online], May 5, 2008. Available at 8. Thuiswinkel Market Monitor, 2004. Blauw Research. 9. Wall, D.S., 2007, ‘Cybercrime: The transformation of crime in the information age’, Cambridge: Polity. 10. Zahid U. Jamil, 2006, “Paper on Cyber Law”, Presented at the 50th Anniversary Celebrations of the Supreme Court of Pakistan, International Judicial Conference Read More