1 / 40

Cyber Law Bridging the Conventional and Cyber Juris

Cyber Law Bridging the Conventional and Cyber Juris. Hasib bin Mansor BSc (USM), MSc ( UiTM ), Bachelor Of Legal Studies Hons . ( UiTM ) Setiauaha Bahagian Bahagian Pengurusan Maklumat Kementerian Pertanian dan Industri Asas Tani Malaysia. Definition of Cyber Law.

nathaniel-brock
Download Presentation

Cyber Law Bridging the Conventional and Cyber Juris

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber LawBridging the Conventional and Cyber Juris Hasib bin Mansor BSc (USM), MSc (UiTM), Bachelor Of Legal Studies Hons. (UiTM) SetiauahaBahagian BahagianPengurusanMaklumat KementerianPertaniandanIndustriAsasTani Malaysia

  2. Definition of Cyber Law In Simple word we can say that cyber law is unlawful acts wherein the computer is either a tool or a target or both Cyber crimes can involve criminal activities that are traditional in nature, such as theft, fraud, forgery, defamation and mischief, all of which are subject to the Penal Code, Act 574. Cyber Defamation

  3. Cyber Crime Seminar Keselamatan ICT Bil 1/2012 MoH

  4. Cyber Crime 1. The Computer as a Target ; using a computer to attack other computers. e.g. Hacking, Virus/Worm attacks, DOS attack etc. 2. The computer as a weapon; using a computer to commit real world crimes. e.g. Cyber Terrorism, IPR violations, Credit card frauds, EFT frauds, Pornography etc. Seminar Keselamatan ICT Bil 1/2012 MoH

  5. Cyber Crime Statistics In Malaysia • RM2.75billion losses for the period of 2005 to 2010 • 13,173 incidents reported in 2011 as compared to 6204 incidents reported in 2010, an increased of 112.3% JabatanPerdanaMenteri, April 2012, The Star Seminar Keselamatan ICT Bil 1/2012 MoH

  6. UK cyber crime costs £27bn a year - government report • Security minister Baroness Neville-Jones said the government was determined to work with industry to tackle cyber crime. • Nearly half of the £21bn cost to business is made up of intellectual property theft - such as the theft of designs. Industrial espionage, such as the theft of commercial secrets. • Intellectual property theft cost £9.2bn, industrial espionage £7.6bn, this was followed by extortion, which cost £2.2bn, and direct online theft, which cost business £1.3bn. Some £1bn was lost through theft of customer data. BBC World Service, London: Feb 2011 Seminar Keselamatan ICT Bil 1/2012 MoH

  7. Enacted Cyber Laws in Malaysia 1. computer Crime Act, Act 563 2. Digital Signature Act, Act 562 3. Telemedicine Act, Act 564 4 Comm. and Multimedia Act, Act 589 5. Digital Signature Act, Act 562 6. Electronic Gov. Act, Act 680 IPR 7. Industrial Design Act, Act 552 8. Copy Right Act, Act 332 9. Patent Act, Act 291 10. Trade Description Act, Act 87 11. Personal Data Protection Act, Act 709 12. Electronic Commerce Act, Act 658 Seminar Keselamatan ICT Bil 1/2012 MoH

  8. Power To Investigate and Prosecute • Investigate • Traditional Crime • Police officer with the rank of sergeant or any officer in charge of a police station (Section 109, Criminal Procedure code, Act 593) • Cyber Crime • CCA, Police officer with the rank of Inspector or Above to conduct search, seizure and arrest (Section 10, Computer Crime Act 1997, Act 563) • MCMC Officer Appointed by the Minister, S.245, case LETCHIMANAN PERUMAL lwn. PP • Prosecute No prosecution shall be instituted for an offence under the acts without the consent of the public prosecutor. S.12 CCA, S.259 MCMC Seminar Keselamatan ICT Bil 1/2012 MoH

  9. Type of Cyber Crimes • Hacking (force) • Intrusion(invasion) • Virus, worm, spam, spyware, phishing, Trojan • Ddos (distributed denial of service) • Fraud, Defamation • IPR violation • Cyber Terrorism • Credit card fraud • Pornography Seminar Keselamatan ICT Bil 1/2012 MoH

  10. Computer Crime Act 1997 Unauthorized access to computer material 3. (1) A person shall be guilty of an offence if— (a) he causes a computer to performany function with intent to secure access to any program or data held in any computer; (b) the access he intends to secure is unauthorized; and (c) he knows at the time when he causes the computer to perform the function that is the case. Seminar Keselamatan ICT Bil 1/2012 MoH

  11. Computer Crime Act 1997 Unauthorized access to computer material 3.(2) The intent a person has to have to commit an offence under this section need not be directed at:— (a) any particular program or data; (b) a program or data of any particular kind; or (c) a program or data held in any particular computer. 3.(3) A person guilty of an offence under this section shall on conviction be liable to a fine not exceeding fifty thousand ringgit or to imprisonment for a term not exceeding five years or to both. Seminar Keselamatan ICT Bil 1/2012 MoH

  12. S. 3 CCA Case Seminar Keselamatan ICT Bil 1/2012 MoH

  13. Issues Of The Case Statement of Issues to be tries:- • Whether the information and documents were confidential and protected by law • Whether the Defendants were under an obligation not to remove and or disclose them without the Plaintiff’s consent • Whether the Defendants’ act of removing the information and documents from the Plaintiff’s computer systems to their personal computers or emails were unauthorized and in breach of their terms of employment or the law. Seminar Keselamatan ICT Bil 1/2012 MoH

  14. Decision Equitable Remedies • Plaintiff’s claim for injunction and declaration were allowed with • Exemplary damages assessed by the Deputy Registrar Seminar Keselamatan ICT Bil 1/2012 MoH

  15. Computer Crime Act 1997 Unauthorized access with intent to commit or facilitate commission of further offence 4. (1) A person shall be guilty of an offence under this section if he commits an offence referred to in section 3 with intent— (a) to commit an offence involving fraud or dishonesty or which causes injury as defined in the Penal Code [Act 574]; or 4.(b) to facilitate the commission of such an offence whether by himself or by any other person. Seminar Keselamatan ICT Bil 1/2012 MoH

  16. Computer Crime Act 1997 Unauthorized access with intent to commit or facilitate commission of further offence 4.(2) For the purposes of this section, it is immaterial whether the offence to which this section applies is to be committed at the same time when the unauthorized access is secured or on any future occasion. 4.(3) A person guilty of an offence under this section shall on conviction be liable to a fine not exceeding one hundred and fifty thousand ringgit or to imprisonment for a term not exceeding ten years or to both. Seminar Keselamatan ICT Bil 1/2012 MoH

  17. Cases Fall Under S.4 • Causing injury or death to a patient as a result of tampering his medical information • Divert money from someone’s account into another account • Tampering with prisoner’s record • Tampering with forwarding agent’s databases Seminar Keselamatan ICT Bil 1/2012 MoH

  18. Computer Crime Act 1997 Unauthorized modification of the contents of any computer 5. (1) A person shall be guilty of an offence if he does any act which he knows will cause unauthorized modification of the contents of any computer. 5.(2) For the purposes of this section, it is immaterial that the act in question is not directed at— (a) any particular program or data; (b) a program or data of any kind; or (c) a program or data held in any particular computer. 5.(3) For the purposes of this section, it is immaterial whether an unauthorized modification is, or is intended to be, permanent or merely temporary. Seminar Keselamatan ICT Bil 1/2012 MoH

  19. Computer Crime Act 1997 5.(4) A person guilty of an offence under this section shall on conviction be liable to a fine not exceeding one hundred thousand ringgit or to imprisonment for a term not exceeding seven years or to both; or be liable to a fine not exceeding one hundred and fifty thousand ringgit or to imprisonment for a term not exceeding ten years or to both, if the act is done with the intention of causing injury as defined in the Penal Code. Seminar Keselamatan ICT Bil 1/2012 MoH

  20. CCA, S5, Case http://www.tabunghaji.gov.my/tabunghaji- theme/PDF/KLIP_AKHBAR/FEBRUARI2012/240212_APRIL%2025%20TRIAL%20FOR%20TABUNG%20HAJI%20DUO.pdf, 9:9-2012 Seminar Keselamatan ICT Bil 1/2012 MoH

  21. Computer Crime Act 1997 Wrongful communication 6. (1) A person shall be guilty of an offence if he communicates directly or indirectly a number, code, password or other means of access to a computer to any person other than a person to whom he is duly authorized to communicate. (2) A person guilty of an offence under this section shall on conviction be liable to a fine not exceeding twenty five thousand ringgit or to imprisonment for a term not exceeding three years or to both. Seminar Keselamatan ICT Bil 1/2012 MoH

  22. 8. Presumption. • A person who has in his custody or control any program, data or other information which is held in any computer or retrieved from any computer which he is not authorised to have in his custody or control shall be deemed to have obtained unauthorised access to such program, data or information unless the contrary is proved. Seminar Keselamatan ICT Bil 1/2012 MoH

  23. S234, MCMC Act • 234. Interception and disclosure of communications prohibited. (1) A person who, without lawful authority under this Act or any other written law- (a) intercepts, attempts to intercept, or procures any other person to intercept or attempt to intercept, any communications; (b)discloses, or attempts to disclose, to any other person the contents of any communications, knowing or having reason to believe that the information was obtained through the interception of any communications in contravention of this section; or (c)uses, or attempts to use, the contents of any communications, knowing or having reason to believe that the information was obtained through the interception of any communications in contravention of this section, commits an offence. (3) A person who commits an offence under subsection (1) or (2) shall, on conviction, be liable to a fine not exceeding fifty thousand ringgit or to imprisonment for a term not exceeding one year or to both. Seminar Keselamatan ICT Bil 1/2012 MoH

  24. Section 6, Interpretation • intercept"intercept" means the aural or other acquisition of the contents of any communications through the use of any electronic, mechanical, or other equipment, device or apparatus; Seminar Keselamatan ICT Bil 1/2012 MoH

  25. Case Law, Section 234 Seminar Keselamatan ICT Bil 1/2012 MoH

  26. The Allegation D.I. was conducted on 5 December 2000 and the claimant had duly attended. At its conclusion, the claimant was found guilty of all the 6 charges except Charge 5.2 namely: • 1. As MIS Manager, you were aware of other employees entering the Chief Operating Officer's e-mail account illegally, but you did not stop or report such activities; • 2. Going into the internet for non-company related activities; • 3. Entering into other people's e-mail account illegally; • 4. Unauthorized access to your account whilst on suspension; • 5. Together with the above two ladies (Ms. KK Lee and Ms. Tang Aye Tin), paid an unscheduled visit to the Hong Leong Senior Management at Wisma Hong Leong on Nov-11-2000; • 6. Collaborating with other employees to undermine the Chief Operating Officer. Seminar Keselamatan ICT Bil 1/2012 MoH

  27. Rationale for the Court's Decision • A Mere received copies of email and not active member as required under section 234 MCMC • not a misconduct in the absence of any written policy or practice and that in respect of item 2, the respondent had failed to prove these 2 items on a balance of probability. • A mere possession of such an e-mail does not necessarily prove that the claimant had entered into Mr. LC Ho's e-mail account and acquired it. • The respondent ought to have known that if the claimant was not allowed to use the said facility, it had to be withdrawn from her or to be expressly mentioned in her letter of suspension. Without it being so expressed, it would be inequitable to hold the claimant liable for a misconduct on such a charge. This court agrees with the submission for the claimant that there was no evidence led by the respondent to prove that the claimant had deleted documents on 10 November 2000. …..He who seeks equity must do equity Seminar Keselamatan ICT Bil 1/2012 MoH

  28. Remedy & Award Claimant had pleaded for reinstatement to her former position with backwages, inter alia. • As a consequent of this case, this court is the view that there has been bad feeling between Management team. Such environment will certainly not be conducive for both the claimant as well as the respondent since the mutual trust and confidence may be diminishing. • This court finds that reinstatement is not the appropriate remedy in the circumstances. The alternative remedy to the claimant would be compensation in term of back wages • Ubi jus ibiremedium Seminar Keselamatan ICT Bil 1/2012 MoH

  29. Cyber Defamation Seminar Keselamatan ICT Bil 1/2012 MoH

  30. Defamation Arises • Publication – The words are defamatory • Tends to lower a person’s reputation (Tendency to lower the estimation of the plaintiff in the mind of right thinking members of society) OR • To cause him to be shunned or avoided by reasonable people in the society • Thereby adversely affecting his reputation Seminar Keselamatan ICT Bil 1/2012 MoH

  31. Rindos v Hardwick Facts of case • A landmark case in cyber defamation in Western Australia in 1994 • Dr Rindos, An American academic and probationary lecturer at WA University • He was denied tenure at the university on controversial issue of homosexual. • Hardwick was a student and studying in a different department. He made defamatory statement about Dr Rindos when he posted to the usenet newsgroup Sc. anthropology computer bulletin board via DIALix, An ISP Seminar Keselamatan ICT Bil 1/2012 MoH

  32. Rationale for the Court's Decision • Rindos was awarded $40,000 damages from Hardwick - but apparently did not collect before his death. Seminar Keselamatan ICT Bil 1/2012 MoH

  33. Bridging the Gaps Basic Elements of Criminal Liability • ACTUS REUS – causing computer to perform S.3, CCA 1997 • In cyber world it is not physically painful but emotionally, eg: computer crash, hand phone and notebook stolen • Action may from remote 2. MENS REA 2.1 He must intend to secure access to computer 2. He knew that his intended access was unauthorised Seminar Keselamatan ICT Bil 1/2012 MoH

  34. Bridging the Gaps • Cyber defamation • Circulation of defamatory words traditionally through sale of book, magazine, newspaper, bulletin- come in person • Cyber world, through www, email, social networking(email, facebook, tweeter, blog) – through electronic • www = publisher • Number of circulations, exponentially fast v traditional printing • The media of defamations are hard to disposed, case youtube, Video: Police Inspector Held For ‘Beating’ Hotel Employee , http://mynewshub.my/eng/2012/07/video-police-inspector-held-for-beating-hotel-employee/ Seminar Keselamatan ICT Bil 1/2012 MoH

  35. Challenges And Issues • Law conflict with organization goals • Law enforcer, Lack of competent technical skills in computer crime forensic, Malaysia need 7000 such personnel in the next three years, Cyber Security Malaysia , August 2012 • Shortage of lawyers in cyber laws • Circumstantial evidences, forensic evidences – problem in identifying the perpetrators • Victims reluctant to report – fear of reputational damage • Too many regulatory bodies that involves in cyber laws • Lack of awareness of the law Seminar Keselamatan ICT Bil 1/2012 MoH

  36. S.114A Evidences Act 114A. Presumption of fact in publication. (1) A person whose name, photograph or pseudonym appears on any publication depicting himself as the owner, host, administrator, editor or sub-editor, or who in any manner facilitates to publish or re-publish the publication is presumed to have published or re-published the contents of the publication unless the contrary is proved. (2) A person who is registered with a network service provider as a subscriber of a network service on which any publication originates from is presumed to be the person who published or re-published the publication unless the contrary is proved. (3) Any person who has in his custody or control any computer on which any publication originates from is presumed to have published or re-published the content of the publication unless the contrary is proved. (4) For the purpose of this section- (a)"network service" and "network service provider" have the meaning assigned to them in section 6 of the Communications and Multimedia Act 1998 [Act 588]; and (b)"publication" means a statement or a representation, whether in written, printed, pictorial, film, graphical, acoustic or other form displayed on the screen of a computer. Seminar Keselamatan ICT Bil 1/2012 MoH

  37. Terima Kasih Seminar Keselamatan ICT Bil 1/2012 MoH

  38. LACK OF AWARENESS OF THE LAW Jeremy Bentham, the Classical Utilitarian Theory (A Positivist) http://users.ox.ac.uk/~ball0888/oxfordopen/happiness.htm Seminar Keselamatan ICT Bil 1/2012 MoH

  39. Seminar Keselamatan ICT Bil 1/2012 MoH

  40. Letchimanan Perumal v PP • Found Not Guilty • IO was not Authorized by the minister • Lack of Evidences • Video recordings, punch card, job sheets of daily activities were not produced as exhibits • Wrongful gain to one person or wrongful loss to another, not produced in court He who comes to equity must come with clean Hands, Maxim of equity Seminar Keselamatan ICT Bil 1/2012 MoH

More Related