Challenges to Defining Cybercrime

Ch bo thusges to be Cyber evilWhat is Cyber abhorrence?At this even come forward of time at that post is no comm merely agreed commentary of Cyber umbrage. The f doualm of Cyber plague is genuinely ample and the expert genius of the cogitation has made passing trouble nearly for g e actuallywherenment to force forth up with a tiny description of Cybercrime. The British police countenance defined Cybercrime as habituate of whatsoever(prenominal) computing device ne devilrk for crime and council of atomic total 63 has defined Cybercrime as nearly(prenominal) condemn open offence a graspst or with admirer of computing machine ne dickensrk.The two definitions offered by the British police and council of Europe ar two actually broad and they offer very little appreciation into the nature of pack which f all in all at a lower place the defined landmark. Most of us do a shadowy intellect what Cybercrime domainner but it redems that it is very to elusive to d protestfallpoint the arrogate humanoeuvre which dope be regarded as Cybercrime.For the purposes of the dissertation, I shall blast to tot up up with my own definition of Cybercrime the forthcoming definitions do non competently explain the concept of Cybercrime.In severalise to understand and provide interrupt insight into nature of Cybercrime, it testamenting be a good idea to divide Cybercrime into two categories beca employ estimators git be employ in two ways to draw away Cybercrime.The first fellowship forget let in crimes in which the study processing system was apply as prick to do the offence. The estimator has en commensurated feloniouss to economic consumption the applied science to commit crimes lots(prenominal)(prenominal)(prenominal) as bal nonp arily and counterpartright privacy. The information processing system aro role be exploited well(p) as an opposite proficient device which piece of tail be exploited, fo r e.g. a ph unitary tail assembly be used to verbally hatred somebody or stalk someone, in some manner the mesh nominate be used to stalk someone or verbally abuse someone.The second fellowship will include offences which be committed with intention of damaging or modifying computers. In this category the signal of the crime is the computer itself, offences much(prenominal)(prenominal) as hacking.Whichever categories the offence committed waterfall in, ultimately it be us the human who pay off to suffer the consequences of Cybercrime. now we have a go at it that on that point argon two ways in which the computer cease be used to commit offences, my definition of Cybercrime would be iniquitous acts development the computer as factor to commit an offence, or targeting a computer network to disability or modifying computers for beady-eyed purposes stock- passive my definition scum bag non be regarded as precise, as pointed antecedent that cod to the broad and tech nical nature of Cybercrime, it al approximately im affirmable to tote up up with a precise definition. The term Cybercrime is a social term to describe illegal activities which chair place in orbit of computers it is non an established term at bottom the criminal fairness.The fact that at that place is no legal definition of Cybercrime at pull in outt criminal law makes the whole theatre of Cybercrime very complicated for touch on politics and the general public, it creates confusion such as what constitutes as Cybercrime and if Cybercrime groundwork non be defined outlayyly how will the dupes treat the crime? The lack of proper definition convey that majority of the Cybercrime which sweep ups place is un estimateed as the victims and the politics ar non sure whether the look at is a Cybercrime. It is estimated that 90% of the Cybercrime which add ups is un field of studyed.Types of Cybercrime computing device usher out be used to commit various crim es, in fellowship to develop a better intellectual of Cybercrime we shall look at one at a time the types of crimes which be committed in the terra firma of computers. It will non attainable to describe every type of Cybercrime which exists due to the word limit, we will only concentrate on crimes which be considered to be major threats to our security measures.First socio-economic class caper dissembler good deal be defined as use of deception for instantly or substantiating monetary or pecuniary put one everyplace. The earnings can be used as believes targeting the victim by replicating true(a) world jukes such as get deep quick schemes which dont exist, emails which expect an additional fee to be paid via ac intimacyment badger to tick off loss of function such as net income or money boxing. The increase availability of the profits means that twaddlesters can entertain out double-dealing activities on a dreadful scale.Fraud is a traditional crim e which has existed for centuries and profit is merely a tool by which the fraudsters emergence implements be carried out. Fraud has become a atrocious threat to e-commerce and new(prenominal) online trans operations. Statistics suggest that internet only accounts for 3% of reference book plug-in fraud, credit rating card fraud is one of the more difficult frauds to commit on the internet, however opposite forms of fraud such as phising atomic number 18 more easier to carry out using the internet and equally lucrative.Phising is a form of fraud which is speedily increasing. Phising is when you get emails from commercial organizations such your bank and antithetical financial institutions, they would charter you to update your details, emails look authorized and it is a scam to trick peck on giving their details. on that point are no official construes gettable on phishing scams but on average I mother closely(predicate) triple emails everyday request me t o update my bank account details. tardily in that respect was email sacking around asking the faculty members and students of LSBU to update their personal details, the email looked reliable but the ICT staff informed students/staff to ignore as it was a trick to gain personal companionship. Since the promotion of applied science, it is has become easier and cheaper to communicate and fraudsters are a the homogeneous taking good of technology be commence it is easier to exploit the internet and it is cheaper than opposite alternatives such as phone and postal mail. there are other forms of fraud such as v force outue bridge bridge fraud, it is when deprave goods in auction and you pay for the incident but your item will never oerturn up.Fraud is one of the lucrative crimes on the internet experts suggest that it is more than trafficking do drugss. The savvyablenesss why fraudsters prefer internet is be vitrinefulprofit has made mass conference easy and it is cheap, same email can be sent to one gazillion millions of concourse very comfortably and cheaply with provided one click of button. mass of substance abusers do non tormentger off adequate knowledge on how technology works, this makes it easy for fraudsters to fool innocent lot into taking an action such as giving their personal details.profit users are considered nave in the sense that they assume too much faith in the information they receive via the internet, therefrom, they do non move necessary steps to curb the information and often get tricked in handing out their credit card or personal details.Offences against person(s)Offence against a person can both be physical or psychogenic, it is non viable to acquire direct physical harm to a person using a computer but it is possible to cause cordial harm such as anxiety, distress or psychological harm. It can be done by displace black or minacious emails or posting derogatory information online.Stalking is a crime which is done to harass other person repeatedly. As the number of user on the internet increased, the opportunities for abuse have also increased. It is possible to use internet as a tool for sending abusive emails, difference offensive messages on guestbooks, or posting misinformation on blogs. In some archetypes, cyberstalkers have morphed images of their victims onto pornographic images and because emailing the pictures to relative and work colleagues to cause embarrassment. in that location are mainly three reasons for committing a crime such as stalking, Main reason is ordinarily when sexual intercourseships fail, former intimates unremarkably target their ex-boyfriend/girl to get revenge. foster reason for cyberstalking is boredom some populate usually pick random people and target them by sending them abusive and threatening emails just for fun. Cyberstalkers select advantage of anonymity of the internet to cause distress to their victims life.Hate and r acist speech is also a form of crime which escalated since the introduction of the internet it can cause traumatic experience and mental distress to those who are targeted. Post 9/11, there have been galore(postnominal) a(prenominal) websites set up to mock the righteousness Islam, such as www.laughingatislam.com, this website has been cause of distress to many a(prenominal) Muslims around the world. internal offencesThis category includes offences which have versed element, such as making unsought sexual approaches in have words- live and paedophiles harrasing kidskinren. baby pornography and child cherishion are one of the main maintenances on the internet. Paedophiles are taking all-inclusive advantage to exploit the technology for masking and exchanging child pornography.Paedophiles use the internet to their advantage, they use chat cortege and other popular social networks such as facebook to entice and lure children into meet them. Many popular chat live such as MSN yack away and chawbacon chat have close down their chat rooms to protect young children but plosive of popular chat rooms have non stopped paedophiles from using slight popular chat rooms and other social networks. flash categoryHacking tie in offencesHacking can be defined as gaining wildcat access to a computer system. As soon as we hear the word hacking, we tend to debate that it is a crime, it should be noted that hacking started of as specify of skill to gain temporary access to computer systems. It was sort of an intellectual challenge than a criminal motive. But now, many hack writers misapply their skills to everywherethrow maltreat and destruction. Examples of hacking include stealing confident information such credit card details.In a recent incident of hacking, Harriet Harman whose is a politician, taking part in upcoming options. Her website was hacked and the blog section of her website encourage the audience to vote for Boris Johnson whose is a c ompetitor of Harman Harriet. Boris Johnson has also complained that his email account was hacked recently. Most politicians cerebrate that internet as a medium will be a major part of election campaigns and activities such as hacking can sabotage election campaigns by posting disinformation on panoramas websites.Virus and early(a) Malicious ProgramsVirus is a malicious code or broadcast that replicates itself and inserts copies or new versions onto other programs, alter computer systems. Viruses are designed to modify computer systems without the consent of the owner or operator. Viruses are created to inflict senseless damage to computer system. It is a widely accepted intuition that crime is committed in clock economic distress. Criminals do not gain any monetary pull ahead it is simply done to turn out off their computer skills. Some viruses are failed programs or accidental releases. The most famous virus which was released is the I warmth YOU virus or commonly known as the love bug. The virus damaged millions of computers world(a) it caused damage worth of $8.5bn, the author of the virus considers that it was released to impress his girlfriend. rule on CybercrimeIt is often believed that the internet is just like the wild west where there no rules and regulations and people are melt to carry out embezzled activities. Fortunately, this is not true at all there is command which exists to protect us from cybercrimes.Type of crimeLegislationFraudFraud correspond 2006(Covers all types of possible frauds)Offences against person(s)The exoteric pitchliness carry 1986(Hate speech) familiar OffencesThe security measure of children bite 1978The Criminal Justice work out 1988The Criminal Justice an Public Order Act 1988Sexual Offences Act 2003After care in full re view all pieces of legislations mentioned in a higher place, I can conclude by enjoining that legislation we have at the moment is adequate full to protect us from any sort of tr aditional crime carried out using computers. There were few anomalies which have been removed now.AnomaliesThe Theft Act 1968 which precedingly stewed fraud has been replaced by Fraud Act 2006 to cover anomaly under the previous legislation. In the case of Clayman, it was held that it is not illicit to defraud a computer the woos do not regard computers as deceivable as the process is fully automated. In theory if we apply the tenet etymologizing from the Clayman case accordingly it will not be nefarious to false credit card number when signing up for an online service such as subscription to a newsgroup or online gaming. There is only excommunication to this rule that it will not apply if deception involves licensed telecommunications services, such as dial-up chat lines pay-per-view TV.Second anomaly in advance us was that information was not regarded property. In the case of Oxford v Moss, in this case a student took a copy of forthcoming exam from a proofreaders desk a nd made a photocopy of that exam paper, it was held that the student cannot be charged under the thievery act as he did not denudate the owner of the asset, a copy had simply been taken. Computers only tick information, by applying the convention deriving from this case, it means that it is acceptable to print other peoples files as long they do not deprive the owner of the file by deleting it, one would only be affianced if he/she steals trade secret or confidential information.Decisions in both cases mentioned above are absurd, both of them were decided in 1970s, the only possible reason for r separatelying absurd closing could only be lack of knowledge on technology. Previous legislation took into account the consequences of the fraudsters activities when deciding whether the hire in question is an offence. The Fraud Act 2006 aims to prosecute the fraudsters on the posterior of their actual manage rather than the consequences of their activities.How thoughtful is the t hreat?In erect to determine the seriousness of the threat, it is beta to look at the statistics available on cybercrime.Type of crime figure of cases reportedFraud299,000Offences against the person1,944000Sexual offences850,238Computer Misuse(Hacking)144,500Virus related incidents6,000000Total number of cases reported9,237738 line of statistics Garlik check to the figures, they were approximately 9.23 million incidents of cybercrime reported in the year 2006. Statistics supply that 15% of the population of the UK was stirred by cybercrime in someway, afterward feeling at these figures one can easily conclude that we are having an pestilent of cybercrime. These statistics could only the tip of the berg of the totality of cybercrime experts believe that real figure could be 10 clock higher as cybercrime is massively under-reported.Reasons for under- inform reporting any crime involves a three stage processThe pay assumes to be observed.The contract needs to categorised as c riminal.The relevant authorities need to be informed of the criminal direct.A especial(a) crime will not be reported if there is misfortune in any of the stages, accordingly the relevant authorities will not take action against the criminal. There are certain factors which affect reporting of cybercrime, factors includeSometimes the criminal conduct is not noticed, internet fraud usually comprises of low-value transactions scrapeways a bulk body of victims, and victims are not always able to spot discrepancy in their bank accounts. overlook of awareness means that the victims may not know whether the conduct in question is a crime. Victims of viruses dont light upon them as victims of crime, people tend to see viruses as technical issue, and therefore, the victim would believe that no one has low-spirited the law.Most victims dont know which authorities they should contact to report cybercrime. Police officers have inadequate meter of resources and dont have the expertise to deal with cybercrime at the moment, therefore, prosecute a formal heraldic bearing can be a difficult process. Once I essay reporting a cybercrime, a laptop computer was purchased on EBay but the trafficker took my money and never sent the laptop, this is a common case of auction fraud.I did try to make a complain, the whole process was super slow, the officer traffic with me had no trace what EBay is, I was able to study a complaint but it has been two years and my complain is all the sameness unresolved.Under-reporting is factor which contributes towards increase in cybercrime, under-reporting mean that criminals will have less fear of getting caught and therefore, they are more likely to commit nefarious acts online.Peoples attitude towards cybercrime tralatitious crimes such as murder, fuck up and robbery can have serious effects on the victims life in some cases the victim may not be able to lead a normal life after being a victim of crime. In contrast to cybercr ime, the impact is not that serious, majority of users have insurance against financial frauds, and frauds are usually of low-value.Viruses can easily be filtered using antivirus software. other offences such as cyberstalking usually cause some anxiety and distress. exactly crimes such as child pornography have a greater impact, it is the only the crime which can have a serious consequences on the victims life. A recent come suggest that only 37% are afraid to use the internet after being a victim of crime, majority of the users do maintain to use the internet after being a victim.Cybercrime and e-commerceCybercrime is a growing concern for all of us, however, the effects of cybercrime are not hindering the process of the internet, and the effects of cybercrime on the e-commerce have not been drastic. Financial transactions over the internet are on the rise, number of people using internet for shopping is increase day by day and over one third of population is using internet b anking.One of the reasons why cybercrime whorled out of control is the fact that it is very easy to commit if have the technical knowledge, all you need is a computer connected to the internet, the crimes on the internet are hard to detect. It can be committed from anyplace in the world, the criminal could sitting in Africa and targeting his victim in Australia. In the next chapter, we shall examine the fusss faced by authorities when investigating cybercrime.legal powerlegal poweral issues and the meshCyberspace is a world without defined jump offaries anyone can access any website using his computer. It can very difficult to go down the source of crime in cyberspace because relative anonymity and as easy way to shield identity. Even if the relevant authorities are able to identify the source of crime, it is not always easy to prosecute the criminal.Double criminalityWhen dealing cross border crime, it is imperative that both countries should recognise the conduct as smuggled in both legal powers. The principle of double criminality prohibits the extradition of a person, if the conduct in question is not recognized as a criminal offence by the plain receiving the request for legal power. create by mental act a agency where a computer software engineer from Zimbabwe sends Barclays bank a virus which causes the computers in Barclays bank to malfunction, the bank cannot carry out their business for 1 mo and as a conclusion they lose about $1 million worth of revenue. English authorities would privation to extradite the outrageer to England so they could prosecute the offender. In an action for extradition, the applicant is required to show that actions of the charge constitute a criminal offence exceeding a token(prenominal) level of seriousness in both legal powers.Imagine now that they are no laws on counterpane viruses in Zimbabwe, therefore it will not possible to show offenders action constitute as criminal behavior. If they are no laws reg arding on cybercrime in Zimbabwe hence he cannot be extradited and he will walk free after on purpose causing damage to Barclays bank. Cybercrime has an planetary dimension, it is imperative that legal protection is consonant inter contently. There are even-tempered about 33 countries such as Albania, Yugoslavia and Malta they have no laws on cybercrimes.If there are no laws whence those countries are considered as computer crime havens. The culprit of I venerate YOU virus which caused $8.5 billion worth damage was caught in Philippines but he could not be prosecuted as Philippines had no laws on cybercrime. Cybercrime is global issue and the world will need to work together in order to tackle cybercrime.How real world crime dealt across borders?In relation to real world crime which transcended national borders, an idiosyncratic network of vernacular Legal Assistance Treaties(MLATs) bound various countries to assist apiece other in investigating real world crime, such as d rug trafficking. If there was no pact agreement amongst two countries then they would contact the relevant authorities to ask for assistance and obtain evidence, this mechanism was sufficient in dealing with real world crime. This mechanism can only work if both countries have similar cybercrime laws if any plain lacks cybercrime laws then the process would fail.How should jurisdiction be approached in Cybercrime?In a case of cyberstalking, An Australian man was stalking a Canadian Actress. The man harassed the actress by sending unsolicited emails. Australian Supreme court of law of Victoria held that crimes committed over the internet knows no borders and stir and national boundaries do not concern them, therefore, legal power should not be the issue. He was convicted. This case was straightforward as both nations recognise stalking as a criminal offence, however, there can be conflicts if both nations do not recognize the act as criminal.In Licra v chawbacon, cut courts t ried to apply legal power over an American company. bumpkin was accuse of Nazi memorabilia contrary to term R645-1 of the french Criminal Code. Yahoo argued that there are not in breach of Article R645-1 as they were conducting the auction under the jurisdiction of the States and it is not illegal to sell Nazi memorabilia under the American law. In order to prove that Yahoo is subject American jurisdiction, they argued the following pointsYahoo servers are located in US territory.Services of Yahoo are primarily aimed at US citizens.According to the First Amendment to the United States Constitution, exemption of speech and expression is guaranteed and any attempt to enforce appreciation which restricts freedom of speech and expression would fail for unconstitutionality.The court ruled that they have full jurisdiction over Yahoo becauseThe auction was open to worldwide bidders, including France.It is possible to view the auction in France, viewing and displaying Nazi memorabili a causes public pain in the ass and it is offence to public nuisance under the french law.Yahoo had a customer base in France, the advertisements were in French. Yahoo did have knowledge that French citizens use their site therefore they should not do anything to offend French citizens.Yahoo ignored the French court ruling and unplowed saying that they French court does not have the right to run jurisdiction over an American company. Yahoo was warned that they would have to pay enceinte fines if they dont comply. In the end Yahoo owners did comply with the judgement they had substantial assets in France which were at risk of exposure of being confiscated if they dont claim. The sole reason why French courts were able to work on jurisdiction over Yahoo because it is a multinational company with large front in France.Imagine instead of France, if the action would have been taken by courts of Saudi Arabia on auctioning playboy magazines, under the Saudi Arabian sharia law law, it is illegal to view or buy pornography. Saudi Arabia court would have failed to exercise jurisdiction over Yahoo as they dont have any presence in Saudi Arabia but it was possible to view Yahoo auctions from Saudi Arabia.The case of Yahoo is a rare example where a court was able to exercise jurisdiction over a foreign company. In majority of the cases concerning individuals, courts trying to exercise jurisdiction over foreign elements are usually ignored. In the case of Nottinghamshire County Council v. Gwatkin (UK), injunctions were issued against many journalists to prevent them from publishing disseminating a leaked report that strongly criticises the Councils handling of allegations of blessed abuse of children in the 1980s. Despite the injunctions, a report appeared on an American website. The website refused to respect the English jurisdiction as they argued that the report was a public document. The Nottinghamshire had no option then to flip the case.Cybercrime has an in ternational dimension. International law is complicated area, it can be very difficult to co-operate with authorities if there is no or weak diplomaticalal ties, for e.g. Pakistan and Israel have no diplomatic ties, if a situation arises where Israeli citizen hacks into State bank of Pakistan steals millions of dollars from the bank, in a situation like this, one easily assume that both countries would not co-operate with each other even though both countries recognise hacking as a offence but they do not have diplomatic ties with each other, most probably the hacker would get away with the crime.A case involving Russian hackers, they hacked into Paypal and stole 53,000 credit card details. Paypal is an American company. The Russian hackers blackmailed Paypal and asked for a substantial amount of money, they peril they would publish the details of 53,000 credit cards if they do not receive the money.Russia and American both have signed extradition treaty but still Russian authorit ies failed to take action, it is still not clear why they did not take inhibit action against the Russian hackers. Both nations struggled to gain jurisdiction over each other. FBI decided to take things into their own hold by setting up a secret operation, undercover agents comprise as reprenstatives of a phony security firm Invita. The faux security firm invited the Russian hackers to USwith prospects of employment. When the interview for employment by the bogus firm Invita was being carried out, the Russian hackers were asked to display there hacking skills, one of the hackers accessed his own system in Russia to show off his skills, the FBI recorded every keystroke and subsequently arrested the Russian hackers for multiple offences such as hacking, fraud and extortion. The keystrokes recorded were posterior used to hack into one of the hackers computer in Russia to access incriminating evidence. totally this took place without the knowledge of Russian authorities.When Rus sian authorities came to know about whole incident, they were furious and argued that US apply their authority and infringing on some other sovereign nations jurisdiction. Lack of co-operation in relation to jurisdiction can lead to serious problems between nations, in order to reduce such conflicts, there is need to extend the jurisdiction issue and come up with a mechanism which ensures that countries co-operate with each other.Where is the Jurisdiction?In the real world crime, the conduct and the effect of the conduct are easy to pin down because we can visibly see the human carrying out the conduct and the effect of the conduct is also visible. The location of the offence and the location of the culprit can easily be identified. Imagine a situation in which a shooter in Canada shots an American across Niagara Falls, it is clear from the example that the conduct took place in Canada and the effect of the conduct took place in Canada.Cyberspace is not real, people say that ev ents on cyberspace occur everywhere and nowhere, a man disseminating a virus could release a virus which travel through servers of many different estate before reaching the victim, for e.g. a person makes a racist website targeting Jews in Malta, uploads the website on American servers and the website is available for everyone to see, a Jewish living in Israel comes across the website and gets offended.In a situation like this where would you bring an action, should you bring an action in Malta because the perpetrator is based over there, would bring an action in America where the server is hosted or would bring the action in Israel where the victim is? There are specific laws regarding jurisdiction issues on the internet, the world is still struggling to come up with a solution which would solve the problem of jurisdiction. incontrovertible or Negative Jurisdiction?The principle of negative jurisdiction occurs when no country is willing to exercise jurisdiction for a cybercrime. C ybercrime can have multiple victims in different countries the love bug caused damage in many different countries including USA, UK, France and Germany. If the damage is caused to multiple countries then who should claim jurisdiction over the cybercrime, should it by prioritised by the amount of damage suffered by each country. If the effected countries decide not to take action against the perpetrator because it is not in their best interest, the country may be diligent by other internal problems. If no country is willing to exercise jurisdiction over a cybercrime then the perpetrator would walk free.Positive jurisdiction is opposite of negative jurisdiction, how will the issue of jurisdiction be decided if more than two countries want to exercise tChallenges to Defining CybercrimeChallenges to Defining CybercrimeWhat is Cybercrime?At this point of time there is no commonly agreed definition of Cybercrime. The area of Cybercrime is very broad and the technical nature of the subjec t has made extremely difficult for authorities to come up with a precise definition of Cybercrime. The British police have defined Cybercrime as use of any computer network for crime and council of Europe has defined Cybercrime as any criminal offence against or with help of computer network.The two definitions offered by the British police and council of Europe are both very broad and they offer very little insight into the nature of conduct which falls under the defined term. Most of us do a vague idea what Cybercrime means but it seems that it is very to difficult to pinpoint the exact conduct which can be regarded as Cybercrime.For the purposes of the dissertation, I shall attempt to come up with my own definition of Cybercrime the available definitions do not adequately explain the concept of Cybercrime.In order to understand and provide better insight into nature of Cybercrime, it will be a good idea to divide Cybercrime into two categories because computers can be used in two ways to commit Cybercrime.The first category will include crimes in which the computer was used as tool to commit the offence. The computer has enabled criminals to use the technology to commit crimes such as fraud and copyright privacy. The computer can be exploited just as another technical device which can be exploited, for e.g. a phone can be used to verbally abuse someone or stalk someone, someway the internet can be used to stalk someone or verbally abuse someone.The second category will include offences which are committed with intention of damaging or modifying computers. In this category the target of the crime is the computer itself, offences such as hacking.Whichever categories the offence committed falls in, ultimately it are us the humans who have to suffer the consequences of Cybercrime.Now we know that there are two ways in which the computer can be used to commit offences, my definition of Cybercrime would beIllegal acts using the computer as instrument to commit an offence, or targeting a computer network to damage or modifying computers for malicious purposesEven my definition cannot be regarded as precise, as pointed earlier that due to the broad and technical nature of Cybercrime, it almost impossible to come up with a precise definition. The term Cybercrime is a social term to describe criminal activities which take place in world of computers it is not an established term within the criminal law.The fact that there is no legal definition of Cybercrime within criminal law makes the whole area of Cybercrime very complicated for concerned authorities and the general public, it creates confusion such as what constitutes as Cybercrime and if Cybercrime cannot be defined properly how will the victims report the crime? The lack of proper definition means that majority of the Cybercrime which takes place is unreported as the victims and the authorities are not sure whether the conduct is a Cybercrime. It is estimated that 90% of the Cybercrime w hich occurs is unreported.Types of CybercrimeComputer can be used to commit various crimes, in order to have a better understanding of Cybercrime we shall look at individually the types of crimes which are committed in the world of computers. It will not possible to describe every type of Cybercrime which exists due to the word limit, we will only concentrate on crimes which are considered to be major threats to our security.First CategoryFraudFraud can be defined as use of deception for direct or indirect financial or monetary gain. The internet can be used as means targeting the victim by replicating real world frauds such as get rich quick schemes which dont exist, emails which demand an additional fee to be paid via credit card to stop loss of service such as internet or banking. The increasing availability of the internet means that fraudsters can carry out fraudulent activities on a grand scale.Fraud is a traditional crime which has existed for centuries and internet is merely a tool by which the fraudsters actions are carried out. Fraud has become a serious threat to e-commerce and other online transactions. Statistics suggest that internet only accounts for 3% of credit card fraud, credit card fraud is one of the more difficult frauds to commit on the internet, however other forms of fraud such as phising are more easier to carry out using the internet and equally lucrative.Phising is a form of fraud which is rapidly increasing. Phising is when you get emails from commercial organizations such your bank and other financial institutions, they would ask you to update your details, emails look genuine and it is a scam to trick people on giving their details. There are no official figures available on phishing scams but on average I receive about three emails everyday asking me to update my bank account details.Recently there was email going around asking the staff members and students of LSBU to update their personal details, the email looked genuine but the ICT staff informed students/staff to ignore as it was a trick to gain personal information. Since the advancement of technology, it is has become easier and cheaper to communicate and fraudsters are also taking advantage of technology because it is easier to exploit the internet and it is cheaper than other alternatives such as phone and postal mail.There are other forms of fraud such as auction fraud, it is when buy goods in auction and you pay for the item but your item will never turn up.Fraud is one of the lucrative crimes on the internet experts suggest that it is more than trafficking drugs. The reasons why fraudsters prefer internet is becauseInternet has made mass communication easy and it is cheap, same email can be sent to millions of people very easily and cheaply with just one click of button.Majority of users do not have adequate knowledge on how technology works, this makes it easy for fraudsters to fool innocent people into taking an action such as giving their pe rsonal details.Internet users are considered nave in the sense that they have too much faith in the information they receive via the internet, therefore, they do not take necessary steps to verify the information and often get tricked in handing out their credit card or personal details.Offences against person(s)Offence against a person can either be physical or mental, it is not possible to cause direct physical harm to a person using a computer but it is possible to cause mental harm such as anxiety, distress or psychological harm. It can be done by sending abusive or threatening emails or posting derogatory information online.Stalking is a crime which is done to harass another person repeatedly. As the number of user on the internet increased, the opportunities for abuse have also increased. It is possible to use internet as a tool for sending abusive emails, leaving offensive messages on guestbooks, or posting misinformation on blogs. In some cases, cyberstalkers have morphed im ages of their victims onto pornographic images and then emailing the pictures to relative and work colleagues to cause embarrassment.There are mainly three reasons for committing a crime such as stalking, Main reason is usually when relationships fail, former intimates usually target their ex-boyfriend/girlfriend to get revenge. Second reason for cyberstalking is boredom some people usually pick random people and target them by sending them abusive and threatening emails just for fun. Cyberstalkers take advantage of anonymity of the internet to cause distress to their victims life.Hate and racist speech is also a form of crime which escalated since the introduction of the internet it can cause traumatic experience and mental distress to those who are targeted. Post 9/11, there have been many websites set up to mock the religion Islam, such as www.laughingatislam.com, this website has been cause of distress to many Muslims around the world.Sexual offencesThis category includes offenc es which have sexual element, such as making undesired sexual approaches in chat-rooms and paedophiles harrasing children. Child pornography and child protection are one of the main concerns on the internet. Paedophiles are taking full advantage to exploit the technology for viewing and exchanging child pornography.Paedophiles use the internet to their advantage, they use chat rooms and other popular social networks such as facebook to entice and lure children into meeting them. Many popular chat rooms such as MSN Chat and Yahoo chat have closed down their chat rooms to protect young children but closure of popular chat rooms have not stopped paedophiles from using less popular chat rooms and other social networks.Second categoryHacking related offencesHacking can be defined as gaining unauthorised access to a computer system. As soon as we hear the word hacking, we tend to think that it is a crime, it should be noted that hacking started of as show of skill to gain temporary access to computer systems. It was rather an intellectual challenge than a criminal motive. But now, many hackers misuse their skills to inflict damage and destruction. Examples of hacking include stealing confident information such credit card details.In a recent incident of hacking, Harriet Harman whose is a politician, taking part in upcoming elections. Her website was hacked and the blog section of her website encouraged the audience to vote for Boris Johnson whose is a competitor of Harman Harriet. Boris Johnson has also complained that his email account was hacked recently. Most politicians believe that internet as a medium will be a major part of election campaigns and activities such as hacking can sabotage election campaigns by posting disinformation on candidates websites.Virus and Other Malicious ProgramsVirus is a malicious code or program that replicates itself and inserts copies or new versions onto other programs, affecting computer systems. Viruses are designed to modify c omputer systems without the consent of the owner or operator. Viruses are created to inflict senseless damage to computer system. It is a widely accepted perception that crime is committed in times economic distress. Criminals do not gain any monetary benefit it is simply done to show off their computer skills. Some viruses are failed programs or accidental releases. The most famous virus which was released is the I LOVE YOU virus or commonly known as the love bug. The virus damaged millions of computers worldwide it caused damage worth of $8.5bn, the author of the virus claims that it was released to impress his girlfriend.Legislation on CybercrimeIt is often believed that the internet is just like the wild west where there no rules and regulations and people are free to carry out illegal activities. Fortunately, this is not true at all there is legislation which exists to protect us from cybercrimes.Type of crimeLegislationFraudFraud Act 2006(Covers all types of possible frauds)Of fences against person(s)The Public Order Act 1986(Hate speech)Sexual OffencesThe Protection of children Act 1978The Criminal Justice Act 1988The Criminal Justice an Public Order Act 1988Sexual Offences Act 2003After carefully reviewing all pieces of legislations mentioned above, I can conclude by saying that legislation we have at the moment is adequate enough to protect us from any sort of traditional crime carried out using computers. There were few anomalies which have been removed now.AnomaliesThe Theft Act 1968 which previously covered fraud has been replaced by Fraud Act 2006 to cover anomaly under the previous legislation. In the case of Clayman, it was held that it is not unlawful to defraud a computer the courts do not regard computers as deceivable as the process is fully automated. In theory if we apply the principle deriving from the Clayman case then it will not be unlawful to false credit card number when signing up for an online service such as subscription to a newsg roup or online gaming. There is only exception to this rule that it will not apply if deception involves licensed telecommunications services, such as dial-up chat lines pay-per-view TV.Second anomaly before us was that information was not regarded property. In the case of Oxford v Moss, in this case a student took a copy of forthcoming exam from a lecturers desk and made a photocopy of that exam paper, it was held that the student cannot be charged under the theft act as he did not deprive the owner of the asset, a copy had simply been taken. Computers only contain information, by applying the principle deriving from this case, it means that it is acceptable to print other peoples files as long they do not deprive the owner of the file by deleting it, one would only be prosecuted if he/she steals trade secret or confidential information.Decisions in both cases mentioned above are absurd, both of them were decided in 1970s, the only possible reason for reaching absurd decision could only be lack of knowledge on technology. Previous legislation took into account the consequences of the fraudsters activities when deciding whether the conduct in question is an offence. The Fraud Act 2006 aims to prosecute the fraudsters on the basis of their actual conduct rather than the consequences of their activities.How serious is the threat?In order to determine the seriousness of the threat, it is important to look at the statistics available on cybercrime.Type of crimeNumber of cases reportedFraud299,000Offences against the person1,944000Sexual offences850,238Computer Misuse(Hacking)144,500Virus related incidents6,000000Total number of cases reported9,237738Source of statistics GarlikAccording to the figures, they were approximately 9.23 million incidents of cybercrime reported in the year 2006. Statistics show that 15% of the population of the UK was affected by cybercrime in someway, after looking at these figures one can easily conclude that we are having an epidemic o f cybercrime. These statistics could only the tip of the iceberg of the totality of cybercrime experts believe that real figure could be 10 times higher as cybercrime is massively under-reported.Reasons for under-reportingReporting any crime involves a three stage processThe conduct needs to be observed.The conduct needs to categorised as criminal.The relevant authorities need to be informed of the criminal conduct.A particular crime will not be reported if there is failure in any of the stages, therefore the relevant authorities will not take action against the criminal. There are certain factors which affect reporting of cybercrime, factors includeSometimes the criminal conduct is not noticed, internet fraud usually comprises of low-value transactions across a bulk body of victims, and victims are not always able to spot discrepancy in their bank accounts.Lack of awareness means that the victims may not know whether the conduct in question is a crime. Victims of viruses dont see t hem as victims of crime, people tend to see viruses as technical issue, and therefore, the victim would believe that no one has broken the law.Most victims dont know which authorities they should contact to report cybercrime. Police officers have inadequate amount of resources and dont have the expertise to deal with cybercrime at the moment, therefore, pursuing a formal complaint can be a difficult process. Once I tried reporting a cybercrime, a laptop was purchased on EBay but the seller took my money and never sent the laptop, this is a common case of auction fraud.I did try to make a complain, the whole process was extremely slow, the officer dealing with me had no clue what EBay is, I was able to register a complaint but it has been two years and my complain is still unresolved.Under-reporting is factor which contributes towards increase in cybercrime, under-reporting mean that criminals will have less fear of getting caught and therefore, they are more likely to commit illegal acts online.Peoples attitude towards cybercrimeTraditional crimes such as murder, rape and robbery can have serious effects on the victims life in some cases the victim may not be able to lead a normal life after being a victim of crime. In contrast to cybercrime, the impact is not that serious, majority of users have insurance against financial frauds, and frauds are usually of low-value.Viruses can easily be filtered using antivirus software. Other offences such as cyberstalking usually cause some anxiety and distress. Only crimes such as child pornography have a greater impact, it is the only the crime which can have a serious consequences on the victims life. A recent survey suggest that only 37% are afraid to use the internet after being a victim of crime, majority of the users do continue to use the internet after being a victim.Cybercrime and e-commerceCybercrime is a growing concern for all of us, however, the effects of cybercrime are not hindering the growth of the intern et, and the effects of cybercrime on the e-commerce have not been drastic. Financial transactions over the internet are on the rise, number of people using internet for shopping is increase day by day and over one third of population is using internet banking.One of the reasons why cybercrime spiraling out of control is the fact that it is very easy to commit if have the technical knowledge, all you need is a computer connected to the internet, the crimes on the internet are hard to detect. It can be committed from anywhere in the world, the criminal could sitting in Africa and targeting his victim in Australia. In the next chapter, we shall examine the problems faced by authorities when investigating cybercrime.JurisdictionJurisdictional issues and the cyberspaceCyberspace is a world without defined boundaries anyone can access any website using his computer. It can very difficult to locate the source of crime in cyberspace because relative anonymity and as easy way to shield ident ity. Even if the relevant authorities are able to identify the source of crime, it is not always easy to prosecute the criminal.Double criminalityWhen dealing cross border crime, it is imperative that both countries should recognise the conduct as illegal in both jurisdictions. The principle of double criminality prohibits the extradition of a person, if the conduct in question is not recognized as a criminal offence by the country receiving the request for jurisdiction.Imagine a situation where a computer programmer from Zimbabwe sends Barclays bank a virus which causes the computers in Barclays bank to malfunction, the bank cannot carry out their business for 1 hour and as a result they lose about $1 million worth of revenue. English authorities would want to extradite the offender to England so they could prosecute the offender. In an action for extradition, the applicant is required to show that actions of the accused constitute a criminal offence exceeding a minimum level of se riousness in both jurisdictions.Imagine now that they are no laws on spreading viruses in Zimbabwe, therefore it will not possible to show offenders action constitute as criminal behavior. If they are no laws regarding on cybercrime in Zimbabwe then he cannot be extradited and he will walk free after deliberately causing damage to Barclays bank. Cybercrime has an international dimension, it is imperative that legal protection is harmonised internationally. There are still about 33 countries such as Albania, Yugoslavia and Malta they have no laws on cybercrimes.If there are no laws then those countries are considered as computer crime havens. The perpetrator of I LOVE YOU virus which caused $8.5 billion worth damage was caught in Philippines but he could not be prosecuted as Philippines had no laws on cybercrime. Cybercrime is global issue and the world will need to work together in order to tackle cybercrime.How real world crime dealt across borders?In relation to real world crime w hich transcended national borders, an idiosyncratic network of Mutual Legal Assistance Treaties(MLATs) bound various countries to assist each other in investigating real world crime, such as drug trafficking. If there was no treaty agreement between two countries then they would contact the relevant authorities to ask for assistance and obtain evidence, this mechanism was sufficient in dealing with real world crime. This mechanism can only work if both countries have similar cybercrime laws if any country lacks cybercrime laws then the process would fail.How should Jurisdiction be approached in Cybercrime?In a case of cyberstalking, An Australian man was stalking a Canadian Actress. The man harassed the actress by sending unsolicited emails. Australian Supreme Court of Victoria held that crimes committed over the internet knows no borders and State and national boundaries do not concern them, therefore, jurisdiction should not be the issue. He was convicted. This case was straightfo rward as both nations recognise stalking as a criminal offence, however, there can be conflicts if both nations do not recognize the act as criminal.In Licra v Yahoo, French courts tried to exercise jurisdiction over an American company. Yahoo was accused of Nazi memorabilia contrary to Article R645-1 of the French Criminal Code. Yahoo argued that there are not in breach of Article R645-1 as they were conducting the auction under the jurisdiction of USA and it is not illegal to sell Nazi memorabilia under the American law. In order to prove that Yahoo is subject American jurisdiction, they argued the following pointsYahoo servers are located in US territory.Services of Yahoo are primarily aimed at US citizens.According to the First Amendment to the United States Constitution, freedom of speech and expression is guaranteed and any attempt to enforce judgement which restricts freedom of speech and expression would fail for unconstitutionality.The court ruled that they have full jurisd iction over Yahoo becauseThe auction was open to worldwide bidders, including France.It is possible to view the auction in France, viewing and displaying Nazi memorabilia causes public nuisance and it is offence to public nuisance under the French law.Yahoo had a customer base in France, the advertisements were in French. Yahoo did have knowledge that French citizens use their site therefore they should not do anything to offend French citizens.Yahoo ignored the French court ruling and kept saying that they French court does not have the right to exercise jurisdiction over an American company. Yahoo was warned that they would have to pay heavy fines if they dont comply. In the end Yahoo owners did comply with the judgement they had substantial assets in France which were at risk of being confiscated if they dont claim. The sole reason why French courts were able to exercise jurisdiction over Yahoo because it is a multinational company with large presence in France.Imagine instead of France, if the action would have been taken by courts of Saudi Arabia on auctioning playboy magazines, under the Saudi Arabian Sharia law, it is illegal to view or buy pornography. Saudi Arabia court would have failed to exercise jurisdiction over Yahoo as they dont have any presence in Saudi Arabia but it was possible to view Yahoo auctions from Saudi Arabia.The case of Yahoo is a rare example where a court was able to exercise jurisdiction over a foreign company. In majority of the cases concerning individuals, courts trying to exercise jurisdiction over foreign elements are usually ignored. In the case of Nottinghamshire County Council v. Gwatkin (UK), injunctions were issued against many journalists to prevent them from publishing disseminating a leaked report that strongly criticises the Councils handling of allegations of satanic abuse of children in the 1980s. Despite the injunctions, a report appeared on an American website. The website refused to respect the English jurisd iction as they argued that the report was a public document. The Nottinghamshire had no option then to drop the case.Cybercrime has an international dimension. International law is complicated area, it can be very difficult to co-operate with authorities if there is no or weak diplomatic ties, for e.g. Pakistan and Israel have no diplomatic ties, if a situation arises where Israeli citizen hacks into State bank of Pakistan steals millions of dollars from the bank, in a situation like this, one easily assume that both countries would not co-operate with each other even though both countries recognise hacking as a offence but they do not have diplomatic ties with each other, most probably the hacker would get away with the crime.A case involving Russian hackers, they hacked into Paypal and stole 53,000 credit card details. Paypal is an American company. The Russian hackers blackmailed Paypal and asked for a substantial amount of money, they threatened they would publish the details of 53,000 credit cards if they do not receive the money.Russia and American both have signed extradition treaty but still Russian authorities failed to take action, it is still not clear why they did not take appropriate action against the Russian hackers. Both nations struggled to gain jurisdiction over each other. FBI decided to take things into their own hands by setting up a secret operation, undercover agents posed as reprenstatives of a bogus security firm Invita. The bogus security firm invited the Russian hackers to USwith prospects of employment. When the interview for employment by the bogus firm Invita was being carried out, the Russian hackers were asked to display there hacking skills, one of the hackers accessed his own system in Russia to show off his skills, the FBI recorded every keystroke and later arrested the Russian hackers for multiple offences such as hacking, fraud and extortion. The keystrokes recorded were later used to hack into one of the hackers computer i n Russia to access incriminating evidence. All this took place without the knowledge of Russian authorities.When Russian authorities came to know about whole incident, they were furious and argued that US misused their authority and infringing on another sovereign nations jurisdiction. Lack of co-operation in relation to jurisdiction can lead to serious problems between nations, in order to avoid such conflicts, there is need to address the jurisdiction issue and come up with a mechanism which ensures that countries co-operate with each other.Where is the Jurisdiction?In the real world crime, the conduct and the effect of the conduct are easy to pin down because we can visibly see the human carrying out the conduct and the effect of the conduct is also visible. The location of the offence and the location of the perpetrator can easily be identified. Imagine a situation in which a shooter in Canada shots an American across Niagara Falls, it is clear from the example that the conduct took place in Canada and the effect of the conduct took place in Canada.Cyberspace is not real, people say that events on cyberspace occur everywhere and nowhere, a man disseminating a virus could release a virus which travel through servers of many different country before reaching the victim, for e.g. a person makes a racist website targeting Jews in Malta, uploads the website on American servers and the website is available for everyone to see, a Jewish living in Israel comes across the website and gets offended.In a situation like this where would you bring an action, should you bring an action in Malta because the perpetrator is based over there, would bring an action in America where the server is hosted or would bring the action in Israel where the victim is? There are specific laws regarding jurisdiction issues on the internet, the world is still struggling to come up with a solution which would solve the problem of jurisdiction.Positive or Negative Jurisdiction?The principl e of negative jurisdiction occurs when no country is willing to exercise jurisdiction for a cybercrime. Cybercrime can have multiple victims in different countries the love bug caused damage in many different countries including USA, UK, France and Germany. If the damage is caused to multiple countries then who should claim jurisdiction over the cybercrime, should it by prioritised by the amount of damage suffered by each country. If the effected countries decide not to take action against the perpetrator because it is not in their best interest, the country may be occupied by other internal problems. If no country is willing to exercise jurisdiction over a cybercrime then the perpetrator would walk free.Positive jurisdiction is opposite of negative jurisdiction, how will the issue of jurisdiction be decided if more than two countries want to exercise t