Accessing bank data crime through the use of various information technology in Saudi law - Dissertation Example

?Accessing bank data crime through the use of various information technology in Saudi law Introduction & Purpose: The past several decades have witnessed a series of technological innovations, which are now used widely across all sectors. Gadgets and electronic equipments such as cell phones and computers, have now acquired greater power especially with the advent of internet, thus broadening the alternatives available at the disposal of the consumers. However, the same has also led to a simultaneous rise in data crimes, and identity thefts have increased manifold. The ‘playing field’ for criminals has also widened, opening up newer avenues for committing virtual crimes; thus replacing unpleasant physical encounters with cyber crimes (Yusuf 2003). For instance, prior to the computerization of banks, most of the bank frauds or thefts involved armed robberies and breaking into banks causing physical injury to people and considerable damage to property. Today, the criminals use internet to break into customers’ accounts and steal their identities for withdrawing cash, thus only causing monetary damage. The tools available at the disposal of such criminals have also risen considerably with the advent of information technology, where frauds and thefts can easily be committed from the comforts of one’s own home (Forder, Quirk, 2001; Kono et al, 2002). The fact that computers and internet have made life easier for customers in the banking sector, with services enabled through technology such as ATMs, internet banking, and bank by phone services, cannot be denied. However, at the same time, the complexities of bank-related crimes have also increased substantially and simultaneously. It has posed newer challenges for law enforcement agencies to monitor and control such crimes, making it practically mandatory for the law makers to enact new cyber laws; and their officers to gain and be proficient in computer science / forensics. As humans grow more and more dependent on technology, it is highly likely that computer related crimes would increase simultaneously (Lee, Lee, & Kim, 2007). Hence, the appropriate enactment and application of laws and effective use of technology are the only tools to combat and address such crimes with utmost efficiency. Furthermore, it is also equally important, rather imperative, for customers to understand and be aware of such crimes so as to secure their bank accounts from such fraudulent practices (Sathe, 1999; Salvatore, 2006; Jaffer, 2005; Laforet 2008; Dar and Presley 2003). This paper seeks to discuss, analyze and recommend ways to combat the challenges posed by technology enabled crimes within the banking sector, and use the same as an effective means of securing and preventing bank data thefts. Meaning and Definitions of key terms used: Data: According to Article 1 (3) of the Anti Cyber Crime Law, the term ‘data’ refers to “Information, commands, messages, voices, or images which are prepared or have been prepared for use in computers. This includes data which can be saved, processed, transmitted, or constructed by computers, such as numbers, letters, codes, etc.” Thus with reference to banks and for the purpose of this study, data thefts refers to the theft of all or any of the above mentioned data by use of information technology. Significance: This study would help in identifying the various ways in which data thefts occur in banks and raise awareness on the issue. Furthermore, it is intended to highlight the many ways in which technology can be used to counter such crimes, and address them through effective application of technology (Zheng and Ni, 2006). This study would also include various recommendations to reduce such thefts through network security; ensure greater protection of customers’ data by using tools which would prevent the cyber criminals from hacking and other similar ID related frauds. Thus, help the banks in improving its productivity as well as profitability by offering secure transactions. Scope of study: This study aims to highlight the occurrence of data thefts in banks and the significance and role played by information technology to combat such crimes. In order to establish and substantiate the arguments / hypothesis, presented in the paper, it would be divided into three key sections focusing on: analyzing the relationship between technology and bank related crimes – which in turn would highlight the many ways in which technology facilitates data thefts in banks; establish, on the basis of studies, the significance of developing and implementing appropriate control measures such as the manner in which technology can be used to control and prevent such data thefts; and lastly to suggest / recommend ways in which the same can be prevented. It will also include the impact of culture and cultural acceptance on technology acceptance (Lee, Lee, & Kim, 2007; Robinson, 2000). Methodology For the purpose of this study, a qualitative research methodology will be used whereby literature review of various researches conducted in the past, on the subject would be discussed and analyzed and recommendations would then be drawn on the observations made therein. A qualitative research is a type of scientific research methodology which systematically describes the manner in which a certain phenomenon is experienced by people. It tends to offer almost accurate information regarding the issue itself, as well as various contrasting opinions, and beliefs. Data will be collected through qualitative research and through observations made in the literature review. This is a descriptive research where an existing phenomenon, in this case, the occurrence of bank data thefts, is described and the occurrence of the same is reaffirmed through research, and at the same time recommends solutions to resolve the various issues and challenges faced by banks. The data will be collected through direct observation, as well as through literature review and case studies. Direct observation, refers to a system whereby the researcher describes a given phenomenon as it is observed by him/her as a non-participant. Such a study would help in reinforcing various theories and lay a foundation on which recommendations and observations can be based. According to Marshall & Rossman (2010, Pp.71): "The discussion of a study's significance for theory is often an intellectual odyssey, which the researcher can pursue more fully in the review of related literature" Thus, the methods selected for the purpose of this study, would help in substantiating the arguments put forward in the paper, and approach the area of study more effectively. Although descriptive research has various advantages it has various shortcomings as well. For instance, the range of data available for study are limited hence the range and scope of the study is restricted as well. Also, since it involves observational methods, the researchers are often accused of being biased. Furthermore, the methods of collecting data in a qualitative research are highly labor intensive in the sense that it is a rigorous activity, and hence lacks reproduction and tends to succumb to generalization. However, the advocates of such a method argue that the shortcomings or drawbacks of qualitative research methodology are such that they can be easily avoided or overcome. For instance, according to Nicholas and Pope (1995), there are various techniques available to improve the quality of search and hence increase the validity and credibility of the research findings. They developed a methodological check list to assist the researcher in ascertaining whether their research lacks on any front. Legal Aspects: Saudi Law and UK Law related to data crime thefts In order to substantiate the claims made and enhance the validity of the research question, it is extremely vital to present a comparison of the various laws enacted to prevent data crime thefts. For the purpose of this paper, a comparison will be made between Saudi Law and UK law related to data crime thefts in banks. However, comparison statistics with regard to different countries could prove to be quite tricky, since the definition of such crimes may differ from country to country, thus making such a comparison a difficult task. Today, due to the rapid development of technology, the I.T. enabled communication has increased and expanded greatly, leading to a development of a vast, widely dispersed and coordinated network. This has enabled the service organizations such as banks to operate at a faster and better speed and increase customer satisfaction, albeit at an increased security risk. For instance, during the 9/11 terrorist attack in the U.S. the terrorists used sophisticated technology to execute banking transactions, which included the use of machines and equipments bought from European countries for manufacturing cards and exploit the electronic data from stolen credit cards. Such data was also easily available and hence obtained from the card accounts by merely surfing the internet using popular search engines (Aubrey, 2004). The Kingdom of Saudi Arabia is an economically rich nation with robust banking system. The laws related to banking have seen a steady development and are observed to be progressive in nature, although there is excessive interference by the government. The banking system in Saudi Arabia is regulated by the Saudi Arabia Monetary Fund where most of the crimes are dealt with under the Shariah law (Al Hamidy, 2009). The data crime thefts fall under the category of e-Banking, which is loosely defined under the Saudi Banking law, as any transaction occurring over the internet, i.e. without physically visiting the branch. The banks are expected to review their banking risk management policies from time to time and update them periodically which involve implementing effective security controls for all their e-banking transactions and products. Identity theft has become one of the most common and oft-repeated crimes in the financial industry. Thus as a response, to avoid and prevent such crimes, the UK has enacted several data protection laws under the Data Protection Act, which lays down concise guidelines regarding such a crime. However, the laws in UK and Saudi Arabia are relatively similar on a broader level i.e. both intend to curb such crimes through implementation of strict laws, there are specific differences between the two on the basis of definitions and types of laws used. For instance, the Saudi law includes the Shariah law along with other laws which are enacted to protect and prevent data crimes, while in the UK there is only one type of law which is implemented by the government and is applicable to all banking institutions across the country. Moreover in the UK, the government has also set up a Home Office Identity Fraud Steering Committee to combat data crimes, and created a website for the same i.e. www.identity-theft.org.uk (Biegelman, 2009). It has been observed that with the development and advancement of technology, crimes related to data thefts especially within the realm of banking has increased manifold and the instances of stolen bank cards (i.e. credit and debit cards) have multiplied over the years. Moreover the incidences of phishing attacks to steal data belonging to customers are on the rise (Wild et al., 2011). Chapters: Chapter 1: Banking security and Saudi Law- This chapter will include an overview of the current situation of Saudi law with regard to security in banks. It will include a discussion regarding the measures taken to ensure security of data and a critical review of the security systems currently employed in banks, to avoid data thefts; its effectiveness and loopholes. Chapter 2: ICT initiatives in Saudi and its impact on Banking – This chapter will discuss the relationship between technology and banking as well as the impact of technology on banking in Saudi. It will include an overview of the manner in which technology has facilitated ease in banking operations and how the same has led to a rise in thefts, frauds and misappropriate of data with regard to banking operations. Chapter 3: Measures and Prevention - This chapter will include the measures and techniques which could be applied effectively for preventing crimes related to banking and data thefts or the identity thefts. It will also include a comprehensive discussion of the various ways in which data thefts can be prevented and the appropriate measures which can be taken by the banks as well as at the national level to deter criminals from accessing bank data through fraudulent means. Chapter 4: Conclusion and Recommendations – This chapter will finally conclude with a summary of the literature review and a brief description of various views mentioned and discussed in the above sections. It will also include a list of recommendations which can be incorporated at various levels to improve the existing policies and strategies employed to prevent bank data crime. References: Dar, H, and Presley, J. 2003. ‘Islamic Banking’. In Mullineux, A. and Murinde, V. eds. Handbook of International Banking. Cheltenham: Edward Elgar Publishing. Forder, J., Quirk, P., (2001). Electronic commerce and the law, Willey Publications, Pp. 1 - 10 Kono, T., Paulus, C. G., Rajak, H., (2002). Selected legal issues of e-commerce, Kluwer Law International Publication, Pp. 140 - 146 Jaffer, S., ed. 2005. Islamic Retail Banking and Finance: Global Challenges and Opportunities. London: Euromoney Books Laforet, S. 2008, ‘Chinese Consumers’ Attitudes and Adoption of Online and Mobile Banking’. In De Pablos, P. and Lytras, M. eds. The China Information Technology Handbook. New York: Springer. Lee, K. S., Lee, H. S., & Kim, S. Y., 2007, ‘Factors Influencing the Adoption of Mobile Banking. Journal of Internet Banking and Commerce, 12(2). Marshall, C., Rossman, G. B., (2010). Designing qualitative research, SAGE Publication Robinson T.,2000, 'Internet banking, still not a perfect marriage?' , Information week, 17(4), 104-106. Salvatore, D. 2006. Managerial Economics in a Global Economy 6th Edition. Oxford: Oxford University Press Sathe, . 1999, ‘Adaoption of Internet Banking by Australian Customers: An Empirical Investigation’. International Journal of Bank Marketing.17(7), 324-334 Yusuf, S. 2003. ‘Globalisation and the Challenge for Developing Countries’, Journal of African Economies 12: 35-72. Zheng, P and L. Ni, 2006. Smart Phone and Next Generation Mobile Computing. San Francisco: Morgan Kaufman. Aubrey, S. M., (2004). The new dimension of international terrorism, vdf Hochschulvrlag AG Publication, Pp. 229 Al Hamidy, A., (2009). Banking sector issue in Saudi Arabia, Saudi Arabian Monetary Agency Report, B15, Pp. 67 Biegelman, M. T., (2009). Identity theft handbook: Detection, prevention and security, Wiley Publishers Wild, C., Weinstein, S., MacEwan, N., Geach, N., (2011). Electronic and mobile commerce law: An analysis of trade, finance, media and cybercrime in the digital age. University of Hertfordshire Press, Pp. 320-323 Read More