Electronic Frontier Old Law and New Offences

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Computer has become an important tool to humans, which they cannot life without since this tool is helping every professionals, commercial and industrial activities as well. On the other hand, computer technology with its unique characteristics has posed complex legal problems such as computer crime. In the United States, a number of federal laws protect against attacks on computers, misuse of passwords, electronic invasions of piracy and any other transgressions. The Computer Fraud and Abuse Act 1986 is the main piece of legislation that governs most computer crimes, although many other laws may be used to prosecute different types of crime. It should be noted here that the act above has been amended several times, this shows that the development of computer crime needs protection which lead to the amendment of the act On the other hand, Malaysia has its own legislation which govern computer crime take place in Malaysia which is the Computer Crime Act 1997. The Act aims to provide for offenses relating to the misuse of computers. Amongst other things, it deals with unauthorized access to computer material, unauthorized access with intent to commit other offenses and unauthorized modification of computer contents. It also makes provisions to facilitate investigations for the enforcement of the Act. Under the Act, there is a presumption that a person who has in his custody or control, a program, data or other information held in a computer or retrieved from a computer and which he is not authorized to have in his custody or control, is deemed to have obtained unauthorized access to it. If an offense is committed by any person outside Malaysia, he may be dealt with as if he had committed the offense within Malaysia, if for that offense the computer program or data was in Malaysia or capable of being connected, sent or used by or with a computer in Malaysia.

The Development of Computer Crimes and Legislative History Throughout Past and Present Including The Challenges Arose Due To The Commission of Crimes On Internet,

It has been stated that, the use of computer and computer network to commit criminal acts started at late 1970's. [1] Computer crime, or cybercrime, refers to any crime that involves a computer and a network, where the computers may or may not have played an instrumental part in the commission of a crime [2] whereas any crime committed via the internet is a cyber crime. It is relevant to point out several major cyber crimes occurred for example, where recently a group of hacker cracked into Sudanese Bank and obtained info about the Al-Qaeda terrorist organization and its leader Osama bin Laden. [3] Similarly the 'Love Bug virus' is estimated to have cost computer users around the world somewhere between US$3 billion and US$15 billion. The ability of a single university student in the Philippines to produce this level of damage using inexpensive equipment shows the potential risk from crime committed through electronic means to the global financial system [4] 

As regards to the development of cyber crimes the analysis shown by investigators determined the top ten cyber crimes based on the total number of complaints received. Cyber crimes can take many forms, and over the last few years, has held itself out to be one of the most efficient method to facilitate criminal activity. These includesin order of most complaints to least complaints, on-delivery (paying for merchandise online, but not receiving it), Auction fraud, Debit/credit card fraud, Confidence fraud (also referred to as advance fee fraud, and includes crimes like the Nigerian letter scam), Computer fraud, Check fraud, Nigerian letter fraud, Identity theft, Financial institutions fraud, Threats. [5] Traditional crimes such as murder, theft, prostitution, piracy, forgery, extortion can all be done through digital means today. [6] 

Through examining cyber crime growth, investigators found trends among perpetrators. They discovered that in 2008, 77.4 percent of those who committed cyber crimes were male, just as the perpetrators were analyzed, so were the complainants in order to try and find trends. The following cyber crime facts and trends were discovered among complainants: 55.4 percent of complainants were male, 92.4 percent of the complainants resided in the United States, but a number of complaints also came from Australia, Canada, France, India, and the United Kingdom, The two main modes of fraudulent contact were web pages (28.9 percent) and email (74 percent). Almost half of all complainants were between thirty and fifty years of age and one-third lived in one of the states in the US with the highest populations: California, Florida, New York, and Texas, Male complainants lost more money than female complainants with a ratio of males losing $1.69 to every $1.00 lost per female. It is thought that males lost more, and were victimized more often, due to the gender differences in online purchasing and by the type of fraudulent schemes. [7] 

According to David L.Carton there are several methods which it can be committed, where at first place computer as the target crimes, computer as the instrumentality of crimes, computer as incidental to crime and crimes associated with the prevalence of computers. While in UK, Home Office affair officials are in opinion that the computer technology has impacts on two ways, first it facilitates the commission of existing crimes such as fraud and theft, secondly it given new range of activities such as computer hacking and development of computer crimes, as a result on pressure of Industry as to curb this issue they enacted UK Computer Misuse Act 1990. [8] Some of the researchers are in opinion that most cyber crimes cannot be placed into a single category, thus making cyber crime statistics difficult to compile. The Internet Crime Complaint Center compiles and releases annual reports on the statistics and cyber crime facts. Both the statistics and facts are used to analyze and examine cyber crime growth. Knowing the facts, growth, and trends is essential to fighting cyber crime and creating the tools and techniques necessary to prevent it. [9] However, computer crimes in Malaysia are punishable under Computer Crimes Act 1997 which enacted along with UK Computer Misuse Act 1990 sets out a few types of criminal offences most of which involve unauthorised use of computers namely, basic offence of unauthorised access, the ulterior intent offence, the offence of unauthorised modification of computer contents an the offence of wrongful communication. [10] However it should be noted that due to the missing element in UK Act is the definition of 'computer' which the reason for us to adopt US Computer Fraud and Abuse Act 1993 the definition of computer and further modify the term by where logical, arithmetic, storage and display function, considerably much specific than US Act. Other countries like, Singapore enacted Singapore Computer Misuse Act 1993 which similarly follows the UK Act but as in 2003 the Act gone through several amendment which added ' protected computers' as to protect the computers use for national security, government use and those charged under this section the penalty also much higher compared to other computer crimes. [11] However in Malaysia ever since the Act enacted in 1997 never gone through any amendment and through this assignment task we determine whether our Act has the need to be amended and sufficient to cover all types of cyber crimes.

Issue of Extradition in Malaysia

One of the foremost problems facing in cybercrime is determining the jurisdiction in which proceedings should be taken. Where offences are committed in various countries, or where the offender and victim are located in different places, question arises as to which court should deal with the matter. [12] If a crime crosses borders, it may be almost impossible to secure extradition [13] or decide which country deserves ultimate jurisdictional power over a given case. [14] In a recent news, a Thai court has approved the extradition to the U.S. of a Malaysian man allegedly involved in hacking credit card information, causing massive losses for victims in the U.S. Gooi Kokseng is a suspected member of a crime ring that has caused more than 5 billion baht (US$150 million) in losses through hacking aimed at the U.S. and Southeast Asia. The man was arrested in Thailand after U.S. authorities filed a request with the Thai foreign ministry. He could be imprisoned for over a year if convicted.

In Malaysia, Computer Crimes Act (Malaysia) 1997 allows crimes on computer to be extradited in Malaysia. This is because according to s.9(1) of Computer Crimes Act (Malaysia) 1997, where an offence under this Act is committed by any person in any place outside Malaysia, he may be dealt with in respect of such offence as if it was committed at any place within Malaysia. For example, unauthorized access being committed in Japan, and targeted company in Malaysia, Malaysia's jurisdiction can extradite such offender. However Malaysia's jurisdiction can only extradite if other country enacted same offence under their legislation. This is because, according to s.9(3) of Computer Crimes Act (Malaysia) 1997, if such offence was committed in Malaysia shall be a bar to further proceedings against him under any written law relating to the extradition of persons, in respect of the same offence outside Malaysia. Thus, Malaysia can't extradite the offender when other country the unauthorized access isn't an offence as they didn't enact the law for it yet. This situation caused the offender free without being charged. For example, the word 'modification' in Cybercrime Act 2001 (Australia) defines modification, in respect of data held in a computer means

The alteration or removal of the data; or

An addition to the data.

In the s.2 (interpretation) Subsection 7 in Computer Crimes Act (Malaysia) 1997, for the purposes of this Act, a modification of the contents of any computer takes place if, by the operation of any function of the computer concerned or any other computer -

(a) any program or data held in the computer concerned is altered or erased;

(b) any program or data is introduced or added to its contents; or

(c) any event occurs which impairs the normal operation of any computer,

Therefore, it is obvious that the word modification had been used differently. In Cybercrime Act 2001 (Australia), the word didn't cater introduction as mention in CCA 1997. So, if perpetrator launching an attack from Australia and causing modification (by introduction something) of any target in Malaysia, Malaysia's jurisdiction cannot take action to the perpetrator because in Australia, the introduction didn't fall under modification in the Cybercrime Act 2001 (Australia). [15] The problem of 'negative international jurisdiction also arises. This is where when cases are not investigated because they could be prosecuted in many countries but none wants to take action. This situation also covers when too many countries want to prosecute such case. What we needed to deal with this situation is the creation of an international instrument along the lines of the United Nations protocol on negotiating jurisdiction, setting out how jurisdiction is best determined in these cases. [16] 

From the above discussion and justification, we can see although our Computer Crimes Act has provided law related to extradition, there still have difficulty need to be faced. It is obvious that there is a hole in the cyber law implementation to combat cyber crime. The hole is come from because of the un-uniformity of cyber law in all countries in the world. We need to have harmonization or uniformity of cyber law for all countries in this world to combat this situation. For the uniformity of Cyber Law, all countries need to define and give interpretation of all terms related to cyber crime with every countries have mutual understanding of what they all about. For each country, write and enact cyber law based on this mutual understanding and there is a need to review of cyber law regularly. The harmonization of cyber law can be made via establish cyber law in countries where they didn't enact it yet, use existing and established union, conference, convention, treaty association such as United Nation Convention Against Transnational Organised Crime and Convention on Cybercrime adopted by the Committee of Ministers of the Council of Europe.

With reference to CCA 1997 in Malaysia, is it adequate enough to protect the cyber crimes now including the upcoming crimes?

In this Information Age, Malaysia having our Act 563 [17] to combat few types of criminal offences most of which involve the unauthorized use of computers, namely:

(i) 'Basic' offence of unauthorized access. [18] 

(ii) The 'ulterior intent offence'. [19] 

(iii) Offence of unauthorized modification of computer contents. [20] 

(iv) Offence of wrongful communication. [21] 

The internet development in Malaysia can be say quite slow compare to other countries as Internet reach Malaysia only on late 90's. We unanimously agree that our CCA [22] never amended as our situation in Malaysia not so chaotic compare to other developed countries such as US, as they more advance than us in terms of technology, they are the first country that launch thing called 'internet' [23] and because of that also, the crime committed or using internet is more in their countries. [24] As for that their legislative do so many amendments to US Computer Fraud and Abuse Act 1986 [25] (CFAA) as there are plenty of hackers and unscrupulous people get access into the Government program, data and so forth or financial institution database by defraud to steal money. As far as Malaysia is concerned, Internet still in young age, the hackers and cases for cyber crimes [26] are not so much heard compared to actual crimes done in reality world. But now the cyber crimes especially on money-laundering and computer fraud are getting serious, these hackers gain unauthorized access to bank database and burrow into account holder's account and cause wrongful gain to them by making wrongful loss to the account holders

Our CCA is too simple laws compare to US CFAA 1986 [27] , UK CMA [28] 1990, Singapore CMA 1993 [29] and Australia Cybercrimes Act 2001 [30] . In any of countries, the three basic offences lay down in their cyber crimes statute are unauthorized access to computer material [31] , unauthorized access with intent to commit further offence [32] and unauthorized modification to computer contents/material [33] .

In our critical study in depth on CCA, we jump to the conclusion that CCA have to be amended as from the date it came into force, there are no single amendment done. Compare to other countries such as UK [34] , US [35] , Australia [36] and Singapore [37] , their legislation regulates these cyber crimes amended for numerous times in line with the development of law and rapid enhancement of various crimes committed on Internet each day in our daily life. We think it is time for us to amend CCA and to look into provisions, is it sufficient to address cyber crimes. Our CCA contrast to Singapore's CMA, we have similarities [38] and differences [39] . Singapore CMA 1993 [40] and US CFAA [41] have extra section regards to protected computers; computer used for national security, government used for transport and traffic controlling. Hacker of these kinds of computers will be penalized higher than usual computer being access unauthorized. In Malaysia, all computers treated the same sanction. Section 6, 7, and 9 of CMA 1993 show Singapore legislation in guarding cyber crimes is better than our CCA as their offences are more to penalized the person convicted rather than us in Malaysia in terms of any impairment done towards computer service, any obstruction to both usual computers and even worse, we does not have thing so called 'protected computers'. [42] Contrast to UK Computer Misuse Act [43] and Australia Cybercrimes Act 2001 [44] , our CCA quite similar [45] to their laws a little bit but Australia Cybercrimes Act 2001 has more offences and their wordings are different. [46] 

We not saying our laws on regulating cyber crimes in Malaysia are the worst in the world, as we have existing law as Digital Signature Act 1997 [47] , Telemedicine Act 1997 [48] , Electronic Commerce Act 2006 [49] , Communication and Multimedia Act 1998 [50] , Electronic Government Activities Act 2007 [51] and the latest is Personal Data Protection Act 2010. We do have new regulatory body; MCMC [52] held powers [53] to deal with economic regulation [54] , technical regulation [55] , consumer regulation [56] , social regulation [57] , enforcement [58] and compliance pertaining to communications and multimedia industry. There are 571 cases investigated by MCMC January till October 2010 regards to large area of offences such as 282 cases on sending offensive, obscene, indecent, menacing or false short messaging services (SMS) by virtue of Section 233 (1) (A) CMA 1998. [59] CyberSecurity Malaysia [60] runs the Cyber999TM Help Centre for Malaysian Internet users. It also provides safety tips, advisories, and specialized services in the fields of cyber security such as Digital Forensics and Wireless Security. [61] Our CCA is better in defining 'computer' as need to fulfill four elements [62] and not like the rest of countries, just three things to be performed by computers. [63] 

Despite of CCA flaws, no need for it to be repealed but it should be revised. The law is old and the offences is new, as for that Parliamentarians need to see the new offences and think on the solution, the best laws in inserting new provisions in CCA to curb the offence on Electronic Frontier i.e computers. Parliamentarians need to keep pace with the rapid advances in technology and the resulting proliferation of computer-based crimes, do something to curb grows of various cyber crimes as each day, the crimes on internet are increasing as people become more intelligent in cracking the technology. As for instance, we can see that the viruses and worms on computer are developing and mounting. We recommend for a new provision regards to punish the person join in conspiracy [64] to commit hacking or computer fraud or other related offences.

'Protected computers' like Singapore and U.S [65] should be formed in Malaysia created as to secure more on safety of Malaysia to avoid any hackers violate the crucial system as it may lead to trespass to our national security, i.e. dig into our top secret for a success economy or place the Ministry of Defense hides our secret weapons, and the punishment should enhance than the wrong done on usual computers. And we can adopt Australia CA 2001 which deals with so many computer offences [66] in detail as it is fresh amended in 2004. U.S CFAA provision [67] can be a model in order to protect any computer fraud done on financial institutions such as banks in Malaysia as the cases of this not reported as afraid they will lose their customer or account holders by showing their weakness, their system is insecure. CyberSecurity Malaysia [68] can be given authority to investigate the offenses of cyber crimes for now and upcoming crimes as we can split the police powers to handle only with the crimes on reality world or we may establish Federal Bureau of Investigation as like in U.S [69] .

Soft copy