20 years since the internet was born have we sidelined the pitfalls that it has offered? Call it ignorance or call it our failure, but we do need to realize that if we let the status quo remain untouched we will eventually negotiate our position in the virtual world to cyber-criminals or terrorist organisations. In another scenario the government may seize entire control over the internet and regulate it to that extent. In such a case we bargain security over the internet with privacy rights. Thus in an attempt to offer solutions to cybercrimes and the risks it poses we carefully examine the most common cybercrime – Hacking. It is like a ‘gateway skill’ required to enter the world of cybercrimes. Mostly, because it is the most common way of committing cybercrimes from the range of cyber-torts to cyber-warfare. Therefore, we analyse the extent and evolution of hacking and offer solutions to that regard, from a legal perspective. At the same time in an attempt to do the above we also explore the nature of cybercrimes and hacking, from a social perspective. After a careful examination of all the problems that hacking poses we look for solutions (legislations and social changes) and their viability.
20 years since the internet was born have we sidelined the pitfalls that it has offered? Call it ignorance or call it our failure, but we do need to realize that if we let the status quo remain untouched we will eventually negotiate our position in the virtual world to cyber-criminals or terrorist organisations. In another scenario the government may seize entire control over the internet and regulate it to that extent. In such a case we bargain security over the internet with privacy rights. Thus in an attempt to offer solutions to cybercrimes and the risks it poses we carefully examine the most common cybercrime – Hacking. It is like a ‘gateway skill’ required to enter the world of cybercrimes. Mostly, because it is the most common way of committing cybercrimes from the range of cyber-torts to cyber-warfare. Therefore, we analyse the extent and evolution of hacking and offer solutions to that regard, from a legal perspective. At the same time in an attempt to do the above we also explore the nature of cybercrimes and hacking, from a social perspective. After a careful examination of all the problems that hacking poses we look for solutions (legislations and social changes) and their viability.
20 years since the internet was born have we sidelined the pitfalls that it has offered? Call it ignorance or call it our failure, but we do need to realize that if we let the status quo remain untouched we will eventually negotiate our position in the virtual world to cyber-criminals or terrorist organisations. In another scenario the government may seize entire control over the internet and regulate it to that extent. In such a case we bargain security over the internet with privacy rights. Thus in an attempt to offer solutions to cybercrimes and the risks it poses we carefully examine the most common cybercrime – Hacking. It is like a ‘gateway skill’ required to enter the world of cybercrimes. Mostly, because it is the most common way of committing cybercrimes from the range of cyber-torts to cyber-warfare. Therefore, we analyse the extent and evolution of hacking and offer solutions to that regard, from a legal perspective. At the same time in an attempt to do the above we also explore the nature of cybercrimes and hacking, from a social perspective. After a careful examination of all the problems that hacking poses we look for solutions (legislations and social changes) and their viability.
20 years since the internet was born have we sidelined the pitfalls that it has offered? Call it ignorance or call it our failure, but we do need to realize that if we let the status quo remain untouched we will eventually negotiate our position in the virtual world to cyber-criminals or terrorist organisations. In another scenario the government may seize entire control over the internet and regulate it to that extent. In such a case we bargain security over the internet with privacy rights. Thus in an attempt to offer solutions to cybercrimes and the risks it poses we carefully examine the most common cybercrime – Hacking. It is like a ‘gateway skill’ required to enter the world of cybercrimes. Mostly, because it is the most common way of committing cybercrimes from the range of cyber-torts to cyber-warfare. Therefore, we analyse the extent and evolution of hacking and offer solutions to that regard, from a legal perspective. At the same time in an attempt to do the above we also explore the nature of cybercrimes and hacking, from a social perspective. After a careful examination of all the problems that hacking poses we look for solutions (legislations and social changes) and their viability.
Download as DOCX, PDF, TXT or read online from Scribd
Download as docx, pdf, or txt
You are on page 1of 8
i
SURANA & SURANA INTERNATIONAL ESSAY WRITING COMPETITION, 2014
Theme of the Essay: Emerging Trends of Cyber Laws.
Topic: Hacking- The gateway cybercrime skill, corroding our virtual world byte by byte. 1
Abstract. 20 years since the internet was born have we sidelined the pitfalls that it has offered? Call it ignorance or call it our failure, but we do need to realize that if we let the status quo remain untouched we will eventually negotiate our position in the virtual world to cyber-criminals or terrorist organisations. In another scenario the government may seize entire control over the internet and regulate it to that extent. In such a case we bargain security over the internet with privacy rights. Thus in an attempt to offer solutions to cybercrimes and the risks it poses we carefully examine the most common cybercrime Hacking. It is like a gateway skill required to enter the world of cybercrimes. Mostly, because it is the most common way of committing cybercrimes from the range of cyber-torts to cyber-warfare. Therefore, we analyse the extent and evolution of hacking and offer solutions to that regard, from a legal perspective. At the same time in an attempt to do the above we also explore the nature of cybercrimes and hacking, from a social perspective. After a careful examination of all the problems that hacking poses we look for solutions (legislations and social changes) and their viability.
1 Sudeep Gogoi and Varun Raina, Students at Army Institute of Law, Mohali. 1 of 6
SURANA & SURANA INTERNATIONAL ESSAY WRITING COMPETITION, 2014 INTRODUCTION. On May 20, 2013 an NSA contractor by the name of Edward Joseph Snowden flees the U.S. to reach Honk Kong and reveal what is said to be the most significant leak in U.S. history 2 . He has revealed classified information about global surveillance apparatus run by the the United States' NSA. 1 By October 2013, Snowden's disclosures unveiled that the U.S. had spied on Brazil, France, Mexico, Britain, China, Germany, and Spain, as well as 35 world leaders, most notably German Chancellor Angela Merkel. This was done through the deployment of an elite hacking team known as Tailored Access Operations that hacks into computers worldwide, infecting them with malware and does the dirty job when other surveillance techniques fail. The internet has been one of the major driving forces in achieving an unending globalisation process. It has transformed our perceptions of work, business and leisure, to an extent that it can be easily referred as a revolution The Informatics revolution. However, like any other advancement it has been tempered by fear of criminals and threatened by terrorist organization, for their own short-sighted advantages. Since, hacking is the widely used mode of committing cybercrimes and is riddled with contested definitions we focus our solutions and problems offered only with regard to hacking. The aforesaid example of state authorised espionage throws the towel and reveals more than what is generally perceived about hacking. Therefore in an attempt to seek answer to the question, whether hacking is a requirement for protection? And whether it should be given legal recognition owing to its wide usage by state sponsored authorities? We also delve into the grey areas offered by legal recognition of White hat hackers. In order to carefully examine all the related aspects of hacking we begin by understanding what cybercrimes are, their nature and how analogous they are with terrestrial crimes. Later, we analyse jurisdictional problems posed due to the nature of internet and finally we highlight the loopholes in the legislative solutions offered hitherto and provide solutions with that regard.
2 Daniel Ellsberg, Pentagon papers leaker 2 of 6
SURANA & SURANA INTERNATIONAL ESSAY WRITING COMPETITION, 2014 PUTTING THE PICTURE IN PERSPECTIVE: DEFINITION OF INTERNET, CYBERSPACE AND CYBERCRIMES. The internet in todays world has seeped into our culture and daily life. The fact that social interactions now take place through Facebook, information is obtained through Google, e- banking is replacing the conventional banking are all indicative of the fact that our dependence over the internet is at an expanding stage. Therefore, it is safe to say that internet usage is not just limited to accessing data or retrieving information, it is a social phenomena. The internet for all the purposes of this essay is the most important ingredient to commit cybercrimes, for the simple reason that if there was no internet there would and could not be cybercrimes. So, basically cybercrimes need a medium for commission of offences and that medium is what we call cyberspace. Taking that proposition further it is felt that because of such legitimate social usage of the internet we create more opportunities for criminals to commit offences. 3 Thus, cybercrime refers not so much to a single, distinctive kind of criminal activity but more to a diverse range of illegal and illicit activities that share in common the unique electronic environment (cyberspace) in which they take place. 4
To answer the question of how cybercrimes are committed and the meaning of hacking, we study the various alterations in the definition of hacking over a period of time. HACKING, HACKERS AND ETHICAL HACKING: Hacking has been properly defined in Section 66 of the Information Technology Act, 2000 as, "Whoever with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person destroys or deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means, commits hacking." 5
The word intent is quite significant here as it brings out the mens rea aspect of such an activity and of course an act against society with a guilty mind is a crime, but what of one without mens rea? Hackers in the dawn of the era of the Information Age, were known to be
3 Majid Yar, Cybercrimes and society, Sage Publications, 2 nd . Ed., 2013, Page 9 4 Majid Yar, Cybercrimes and society, Sage Publications, 2 nd . Ed., 2013, Page 5 5 Dr. Farooq Ahmad, Cyber Law in India, New Era Law Publications, 2011, pg. 236 3 of 6
SURANA & SURANA INTERNATIONAL ESSAY WRITING COMPETITION, 2014 computer experts whose intrinsic curiosity persuaded them to break into computers to satiate their quest for learning and knowing. They did not include of only intruders with malicious designs but also of enthusiasts whose motives are innocent and sometimes even helpful in many respects. 6 Since there is a paradigm shift over the definitions of hacking over the years, as can be seen from the two definitions provided, it is essential to throw light on the ethical side of hacking so that one doesnt visualize just the negative aspects of hacking. Once a computer resource has been hacked into or infected by a virus/worm, it needs to be repaired. This repair of websites or computer programmes can only happen by hacking it back from the user who gained unauthorised access in the first place. Thus, ethical hackers are that group of hackers who technically do not gain unauthorised access, since the access to the computer resource is consented by the owner. Further it is stated that ethical hackers are now employed by companies and various other private organisations to find loopholes in computer programmes that may be exploited by intruders. The Information Technology Act, 2000 elucidates this distinction of ethical & unethical hacking by recognising the role of intention. Thereby, being an effective derivative to empower the hackers who play a constructive part in cyberspace. CURRENT LEGAL SYSTEM AND CHALLENGES FACED BY IT: In a country where cybercrimes is on the rise and number of cybercrimes reported has been increasing significantly, there needs to be introspection in the legislative and executive framework of the country. These counter-criminal cyber legislations do not appear to have coherence along with other criminal legislations rendering them incapable of effective conviction. A glaring example can be seen in the ratio of arrests made to that of hacking crimes reported in 2011 which is 65:157. 7 These poor statistics follow because of the frailty of the current cyber laws and their incoherence with substantive and procedural laws. For example, Sections 166A and 166B of the code of criminal procedure which enable investigation of crime in a foreign country would be hopelessly out of tune with the scope of computer crime and swiftness with which the evidence can be destroyed. Similarly the bar of Section 188 of the code requiring prior permission of the central Government to inquire into or try offences committed outside the country, appear to be out of tune with the global nature
6 Laura and Evenson & Michelle Quinn, Outlaws on the Cyberpraire, S.F. Chron, Apr. 2, 1995, at 1/Z1 7 New Delhi, Indias Information Technology act has not been effective in checking cybercrimes, 3 April 2013, < http://www.dnaindia.com/scitech/report-indias-information-technology-act-has-not-been-effective-in- checking-cyber-crime-expert-1818328>, accessed on 18/08/2014 4 of 6
SURANA & SURANA INTERNATIONAL ESSAY WRITING COMPETITION, 2014 of computer activity. 8 This brings out another important shortcoming in laws regulating cyberspace and that is with regard to jurisdictional issues faced in prosecuting cybercriminals. The current legal framework is not designed to tackle such crimes due to their nature of being anti-spatial. That is to say that internet crime crosses jurisdictions where similar legislations may not prevail sometimes. 9 The primary reason for such a loophole to remain uncovered is due to lack of international co-operation and lack of resources with certain countries. LOOKING FOR POSSIBLE SOLUTIONS. The drawbacks of current cyber-legislations can be minimized many fold by increasing priority levels of cyber-crimes in modern jurisprudence, which can only be accomplished by introduction of global protocols, procedures and authorities which pervade the general notions of jurisdiction. 10 The initiation of such a metamorphic ideology can only happen with the introduction of a new kind of jurisdiction, that of cyber-space. In order to achieve the above proposition we require legal recognition of cyber-space jurisdiction by a majority of countries. Moreover, it will not only solve the jurisdictional paradox but also provide a mechanism to facilitate information exchange between member nations as well as aid in technology transfer to countries incapable of tackling the issue of cyber-crimes. However, this should not change the top priority of such an agency which is that of protection of privacy and cyber-sovereignty. With a view to support the above we suggest the following measures be adopted by the world community in a co-operative manner. 1. THE FABRICATION OF A SUBSTANTIVE AND PROCEDURAL CONVENTION. Many countries find themselves unable to tackle cracking and cyber-crimes because of lack of resources and ambiguous legislation, resulting in repeat-offending because of lack of deterrence. Therefore, to cover such loopholes we propose that countries assist each other in dealing with aspects related to cybercrimes. With mutual international co-operation a Cyberspace Assistance & Regulatory Authority (C.A.R.A.) should be established under the aegis of United Nations, much like the
8 Yogesh Barua, Criminal Activities in Cyber World, Dominant Publishers & Distributors, 2005 242 9 A famous example would be that of Onel De Guzmans acquittal after making 10 Jurisdiction has been defined as a geographic area over which authority extends. However , our conventional understanding of jurisdiction will completely change in the cyberspace. Cyberspace due to its open architecture system and by its very nature of being public facing cannot be restricted to separate continents or countries. 5 of 6
SURANA & SURANA INTERNATIONAL ESSAY WRITING COMPETITION, 2014 Budapest convention initiated by the European Union. The reason why U.N. should initiate such an establishment is because of its universal character. It should have the leading role in inter-governmental activities for the functioning and protection of cyberspace so that it is not abused or exploited by criminals, terrorists and states for aggressive purposes. 11 The C.A.R.A shall derive its enforcement and functionary powers through the convention. The primary objectives that it seeks to achieve are: (a) Achieving a comprehensive consensus on Law of cyberspace. (b) Advance the harmonisation of National cybercrime laws through Model prescription (c) Establish procedure for international co-operation and mutual assistance. (d) Facilitate information exchange between member countries with a careful view to not violate privacy rights. (e) Assist those member countries which lack adequate resources with the help of technology transfer agreements. 2. BRIDGING THE DIGITAL DIVIDE. The international scientific community, and in particular the World Federation of Scientists, should assist in developing countries and donor organisations to understand better how Information and Communication Technology can further develop in an environment that promotes information security and while striving for digital equilibrium among countries. 12 This serves as a major incentive for countries that lack resources to be able to develop their information technology sector by becoming a signatory to the aforementioned convention. SOLVING THE PARADOX OF JURISDICTION. Cybercrime defies National boundaries. Any effective strategy to prevent and combat the new type of offences and the new modalities of committing traditional offences through technologies of cyberspace must therefore lead to transnational responses in criminal law and law enforcement. There must be no national loopholes. 13 After the establishment of such a body it will naturally face jurisdictional issues as faced by other regional organisations, thereby hindering the justice deliverance, in case of extra-territorial offences like cyberwar
11 Atul Jain, Cyber Crime: Issues, threats and management, Isha Books, 2006 12 Atul Jain, Cyber Crime: Issues, threats and management, Isha Books, 298. 13 Atul Jain, Cyber Crime: Issues, threats and management, Isha Books, 257. 6 of 6
SURANA & SURANA INTERNATIONAL ESSAY WRITING COMPETITION, 2014 and trans-national hacking. The remedy lies in providing enforcement capabilities to such a world body which strengthens the binding nature of the convention. There should be an ace of spades up the sleeves of such an organization that renders the member nations compliance and at the same time does not infringe their cyber-sovereignty and cyber-rights. One interesting strategy to approach the issue of enforceability is on similar lines as the one adopted by WTO while enacting TRIPS. Herein, the WTO communicated to its member nations that non-compliance with TRIPS agreement will result into imposition of trade sanctions on them. Now, keeping the youth years of internet in mind it is quite foreseeable that there will be a further expansion and evolution in trade related aspects of the internet. This can be seen from the fact that in the recent past there has been growing economic relevance of something known as the Bit-coin 14 which is like an electronic currency recognized by a number of developed nations. Its expanding recognition by large economies will create a concurrence of trading and the cyber-realm wherein trade will flourish at an enhanced rate in the anti-spatial territory. This will result into providing the same rights that WTO had in the nature of trade sanctions. This will consolidate the position of the Cyberspace Assistance & Regulatory Authority by the time bitcoins become a world recognised virtual currency. Thereby, making C.A.R.A. capable of enforcing its objectives. CONCLUSION The various problems posed by hacking and its related cybercrimes have been studied and it is suggested that the concern over hackers and hacking can be seen as part of wider social tensions and anxieties about technological change and its threat to familiar ways of life. Therefore we attempted to look at the threat of cybercrime from a much more broader and global perspective. Wherein the trans-national nature of cybrimes was accounted for. The jurisdictional issue posed to be the biggest missing puzzle because of jurisdictional problems faced by regional organizations that are a result of conventions. However, the initiation of such a programme itself held the key to that problem by synchronising all national laws concerning cybercrimes. Thus, paving way for a much more comprehensive, consensus based and harmonized laws.
14 Bitcoin is a digital currency in which transactions can be performed without the need for a central bank 6 of 6
SURANA & SURANA INTERNATIONAL ESSAY WRITING COMPETITION, 2014 Cover Page Name of the Author: Sudeep Gogoi. Nationality: Indian. Address: Double Wing, Boys Hostel, Army Institute of Law, Sector 68, Mohali. E-mail Id: [email protected] Contact No.: 9988701730
Name of the Author: Varun Raina Nationality: Indian. Address: Double Wing, Boys Hostel, Army Institute of Law, Sector 68, Mohali. E-mail Id: [email protected] Contact No.: 9780839576