1 / 16

Computer Crime

Computer Crime. Dr Ian Walden Institute of Computer and Communications Law, Centre for Commercial Law Studies, Queen Mary, University of London Baker & McKenzie. Introductory Remarks. Definitions misuse, abuse and criminal behaviour computer-related, content-related & computer integrity

spencer
Download Presentation

Computer Crime

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Crime Dr Ian Walden Institute of Computer and Communications Law, Centre for Commercial Law Studies, Queen Mary, University of London Baker & McKenzie

  2. Introductory Remarks • Definitions • misuse, abuse and criminal behaviour • computer-related, content-related & computer integrity • Policy objectives • business cost, individual distrust & societal risk • critical national infrastructure • International harmonisation • Computer and Computer Related Crime Model Law • Council of Europe Cybercrime Convention (2001) • 44 Member countries + US, Japan, South Africa, Canada

  3. Crime Problems • Under-reporting • reputational risk • e.g. Citibank case • lack of awareness • Law enforcement concerns • Investigation and prosecution • Statistical recording • International nature • Forensic and evidential challenges

  4. Definitions • ‘Computer data’ and ‘computer system’ • programs and devices • ‘Service provider’ • provision of communication services, including storage • ‘Traffic data’ • communications attributes: origin, destination, route, time, date, size, duration & type

  5. Offences

  6. Accessing Data • Article 5, Illegal access (stored data) • ‘without lawful excuse or justification’ • problem of authorisation • e.g. employees • Article 8, Illegal interception (in transmission) • non-public transmissions • electromagnetic emissions • further issues • What constitutes ‘interception’? • Scope: public and private networks?

  7. Interference • With data (article 6) • intentionally or recklessly • without lawful excuse or justification • acts: e.g. destroys or alters, access to, use of • temporary or permanent effect • With computer systems (article 7) • hinder • cutting electricity supply • causing electromagnetic interference • corrupting the system, altering data

  8. Illegal Devices • Produces, sells, procures for use, imports, exports, distributes…. • designed or adapted for purpose of committing offence • ‘a computer password, access code or similar data’ • Possession • with intent to commit offence • court may infer intent based on number of items possessed • Defence? • e.g. authorised testing, research

  9. Child Pornography • Supply and possession • differential sanctions? • e.g. UK: 10 yrs / 5 yrs • corporate v individuals • defence • e.g. research • Age • e.g. Council of Europe 16-18 yrs • Scope, including ‘realistic images’

  10. Jurisdiction • Territorial jurisdiction (art. 4(a)-(b)) • act or omission • where the actus reus completed • e.g. UK: Computer Misuse Act 1990, s. 4-9 • “at least one significant link” • the accused, the computer or the unauthorised modification • Extra-territorial jurisdiction • outside any jurisdiction (art. 4(c)) • ‘active personality’ principle: the offender is a national of the territory (art. 4(d))

  11. Procedural Powers

  12. Search and Seizure • Judicial warrant to enter place • including ‘computer data storage medium’ • Assistance to police (article 13) • remote data: ‘…any computer data available to…’ • issue of sovereignty • protected data: ‘intelligible output’ • e.g. encryption key • failure to assist is an offence

  13. Seized Data • Provide list of seized data/data rendered inaccessible • ‘person in control of the computer system’ • Provide copy • unless a criminal offence • prejudice investigation or proceedings

  14. Stored Data • Article 16, Disclosure of stored traffic data • to person or ex parte application for court order • to identify service provider • communication route • Article 17, Preservation of data • risk of loss • 7 days (CoE: 90 days) • issue of data retention

  15. Data in Transmission • Article 18, Interception of electronic communications • judicial warrant • service provider assistance • obligation to maintain an Internet capability • Article 19, Interception of traffic data • law enforcement request for collection • Distinguishing content data from traffic data • e.g. Uniform Resource Locator (URL) • http://www.google.com/search?hl=en&q=big+bottom+aliens&btnG=Google+Search

  16. Concluding remarks

More Related