Shedding lights on Cyber Crimes, Law, and Ethics

PANDEY Saroj • SHARMA Sunil

Information Technology (IT) nowadays is changing almost all aspects of human activities like communication, trade, culture, education, entertainment, and knowledge. The term ‘cyber’ or ‘cyberspace’ has today come to indicate everything related to IT; the Internet, websites, data, emails, networks, software, data storage devices and even electronic devices such as cell phones, ATM machines, etc.

With the growing Internet usage, the world is becoming smaller place to live in for its users. The rapid growth in the Internet traffic has created a major problem for individuals, businesses and other entities whose work is mostly in the cyber environment. The most trending issue that is troubling the cyber environment is ‘cybercrime’. Cybercrime is a term representing any illegal activity that uses a computer or similar device as its primary means of commission. It led to a higher proportion of legal issues related to computer and information system worldwide. Many people are becoming the victims of hacking, identity theft, fraud, malicious software and the rate is increasing rapidly.

Cybercrime encompasses any criminal act dealing with computers and networks. Moreover, cybercrime includes traditional crimes conducted through the Internet. For example, hate crimes, telemarketing and Internet fraud, identity theft, credit card account thefts are considered to be cybercrimes where illegal activities are committed through the use of a computer and the Internet. The United States, Department of Justice, categorizes cybercrime in three ways – the computer as a target (using a computer to attack other computers), the computer as a weapon (using a computer to commit a crime), and the computer as an ‘accessory’ (using a computer to store illegal files or information).

These days, the Internet is in easy reach of general people, mostly teenagers; they are performing illegal tasks knowingly or unknowingly. There exists an infinite list of possible crimes that can arise in the cyberspace. Network intrusion, downloading and sharing copyrighted video and music files, creating and disseminating computer virus, identity theft, online fraud, penetration of online financial services, ATM fraud with fake debit/credit cards, phishing, sniffing, wiretapping, bombarding the emails, harassing others in social media having anonymous identification, creating fake profiles in social media and troubling the public as well as the genuine person with fake updates, attaching the face of different peoples in nude photos and posting it in blogs or social media, browsing of porn sites by restricted age groups, stir up racial hatred on the grounds of color, race, nationality, religion, ethnicity, etc., publishing obscene and morbid content such as images of torture or accidents, abuse or ‘sexploitation’ especially against children and girls, violating copyrights and downloading music, movies, books, games and software mostly through peer sharing websites such as torrents, plagiarism, websites hacking, Internet time theft and Wi-Fi hacking etc. are among many.

Criminals these days also use an approach of social engineering and make direct contact with intended victim(s) using emails, social sites or phone. They try to gain confidence and retrieve the information they need. Once that is done, they will disappear and the retrieved information will be used for illegal purpose. Cyber terrorism, new to cybercrime, is increasing the anxiety of security officials. Cybercrime, at the present time is becoming a fast-growing area of crime, which has now surpassed illegal drug trafficking as a criminal moneymaker and progressing with the wide opportunities of online media. Cyber criminals are performing a diverse range of crimes misusing the speed, convenience and anonymity of the Internet making Internet world more vulnerable.

Cyber Law to fight with the crime

Cyberlaw is the part of the legal system that deals with the Internet, cyberspace, and their relevant legal issues. Cyberlaw covers a broad area, which includes several subtopics as intellectual property, freedom of expression, usage of the Internet, online privacy etc. Broadly, cyberlaw has been referred to as the Law of the Internet. It encompasses the area, which deals with the Internet’s association with technological and electronic elements including software, hardware, and various information systems. Likewise, the law also deals with the communication and information sharing that includes various related issues of communication and information as protection of intellectual property rights, freedom of speech, and public access to information.

Cyberlaw consists of a collection of legal policies that typically lead the Internet world. It has provisions for penalties and negotiations for various offences that happen in the cyberspace. As per the global provisions of cyberlaw, the government is fully authorized to punish cyber criminals – an individual as well as the institution. It also has provisions for the office of the controllers and regulation of certifying authorities, which issue the license of certification to the IT industries. Cyberlaw varies in different countries and punishment ranges from fines to imprisonment.

Cyber Law and Nepal

In the rapid pace of IT, even Nepal one of the world’s least developed countries is performing very well. Nepal has implemented ICT in various sectors such as government, education, health, agriculture, tourism, trade, and various others to some extent. With the ICT implementation, the criminal activities are also being increased. The government of Nepal has crafted ‘Electronic Transaction Act’ in 2004, popularly known as ‘Cyber Law’. It is said to be landmark legislation for the development of IT industry in Nepal. The act was amended in 2008 and published as Electronic Transaction Act in 2008. In the act, piracy, unauthorized access, damage of information system, publication of illegal materials in electronic form, commit computer fraud, confiscation, etc. are presented as ‘offences relating to computer’. It also has provisions to punish cyber criminals with imprisonment and/or a fine depending on the rigorousness of the offence but punishment is inadequate.

In Nepal, cybercrimes like email and social media threat hate speech in blogs and social media, illegal data access, obscene websites, website dispute, SMS threat, phishing, software piracy, hacking, etc. are increasing swiftly. The Government, private organizations as well as individual uses pirated software. Seeing software, music and movie DVDs sold in the street of the capital city for less than Rs. 50 each is not a new issue. Sharing copyrighted materials with friends and relatives is too normal. In cybercafés, no one cares about the activities of teenagers; most of the proprietors of the cyber café are unaware of illegal activities. Even the parents are unaware of their children’s behavior in the vulnerable virtual world. As the law enforcing mechanism is staying almost silent on such clearly seen issues, the complete implementation of cyberlaw looks skeptical.

The Electronic Transaction Act still lacks various issues of the cyber world. The law does not contain a single word regarding online payment issues. Likewise, the law does not cover even the most common forms of crimes of cyber world. For example, there is no punishment for sending offensive messages. Similarly, phishing also lacks legal coverage. The current law also does not have legal provision for the cybercrimes like cyber-stalking, cyber-terrorism and child pornography. Every cybercrime that is seen need specific provisions with immense fines and imprisonment mechanism.

There are several reasons behind such lackluster response. Nepal police lack sophisticated tools to investigate cybercrimes. There are limited police officers in the Cybercrime Investigation Cell and the Central Investigation Bureau (CIB) with strong ICT skills to deal with cybercrime, which makes it challenging to collect evidence. So, for the effective investigation of crimes in the cyberspace, Nepal needs to invest more in training its human resources and developing anti-cybercrime infrastructure.

Self-awareness of the citizens is the most effective way of decreasing the crimes. The law enforcement agency should begin conducting interaction programs in schools, college, and public/private organizations to train the students and employees and make them aware of different laws and policies so that they will not repeat the criminal behavior they might have been currently doing unknowingly. For least developed nations like Nepal, Microsoft these days is distributing the genuine software (operating system and other products) and its keys in the colleges via Microsoft academic program to discourage the use of pirated ones. Likewise, there are various software covering almost areas, available in the Internet with Free and Open Source License, which help to stay away from the crime of software piracy; the law enforcing agencies should also encourage general people along with themselves to use such.

Staying safe on the Internet

While the Internet is great for making new friends and sharing interests, it’s important not to reveal too much information about yourself. Some people will hide their real identity and approach young people for sexual purposes – perhaps sending sexual messages in a social media by Instant Messenger, or by trying to influence the person to meet in the ‘real’ world.

INTERPOL* suggest following things for staying safe on the Internet:

Staying safe on regular activities

  • In social networks there is a privacy setting – use it. Do not believe everyone you meet in the social media.
  • Think about what messages and information you post online – if you don’t want your parents or teacher to see it or read it then don’t post it.
  • You can’t “unsay” what you say online, so think twice before you write.
  • Use the ‘print screen’ function to record any content that you don’t feel comfortable with, and show it to a parent or another grown-up that you trust.
  • Never meet a virtual friend without discussing it with an adult or bringing a real friend.
  • A person needs to have a legitimate reason to be in constant touch with you – if you’re not comfortable talking to them, don’t reply.
  • Always talk to your parents, or to someone else you trust, about what you experience online.
  • There is no such thing as a free lunch. If you are receiving something, what are you expected to give in return?

Staying safe technically

  • Use Firewall, Anti-spyware and Anti-virus software; run and update them regularly.
  • Update OS for security patches and bug fixes
  • If you have a wireless network, make sure it’s encrypted.
  • Block browser pops ups or try using different browsers.
  • Ignore spam – just delete it, or mark it as ‘spam’ or ‘junk’ in your email client. Don’t try to unsubscribe. Do not click links sent in email from unknown sources.
  • If you get lots of spam, simply close down your email account and open another. There are lots of free ones available online.
  • Open attachments only if they’re sent by people you know and trust.
  • Keep your passwords strong and secret: never give them to anyone.
  • Keep your ATM cards in safe place and don’t reveal the card number and PIN to anyone.
  • Be alert to phishing. A trusted website or online payment processor will never ask you to confirm sensitive information like passwords or account details.

* INTERPOL – http://www.interpol.int

Cyber Ethics

Cyberethics refers to the code of responsible behavior on the Internet. Just as we are taught to act responsibly in everyday life, with lessons such as ‘Don’t take what doesn’t belong to you’ and ‘Do not harm others’ – we must act responsibly in the cyber world as well. The basic rule is do not do something in cyberspace that you would consider wrong or illegal in everyday life. Cyberethics is distinct from cyber law. Laws are formal directives that apply to everyone, interpreted by the judicial system, and enforced by the police. One important point for law is that trespassing the law is an punishable act where ethics is a broad philosophical concept that goes beyond simple right and wrong, and looks towards ‘the good life’.

When determining responsible behaviors, consider the following:

  • Do not use rude or offensive language.
  • Do not use a computer to harm other people
  • Do not interfere with other people’s computer work
  • Do not be a bully on the Internet.
  • Do not lie about people, send embarrassing pictures of them, or do anything else to try to hurt them.
  • Do not copy information from the Internet and claim it as yours – that’s plagiarism.
  • Adhere to copyright restrictions when downloading material including software, games, movies, or music from the Internet.
  • Do not break into someone else’s computer.
  • Do not steal/use someone else’s password.
  • Do not write the computer program that is harmful to the society
  • Do not attempt to infect or in any way try to make someone else’s computer unusable.

If you are being the victim of any cybercrimes, do not hesitate to report to the nearest police station with proof documents and cooperate during the investigation.

Academic experts with police to tackle cybercrime

Cyber environment is being too much susceptible. While viewing the global data, many people are being the victims of cybercrime in some way. Many people are losing their money in online fraud. Even traditional crimes like burglary are being done in a digital way. In the context of Nepal, police are facing many challenges in the investigation of cybercrimes. Only few officers understand the nature of digital crimes and they cannot give full focus on the motivation and psychology of the attackers. Officers also need to learn about digital forensics and the new threats associated with cybercrime. While viewing the cases of cybercrimes, officers need to understand how victims view cybercrime as well as the psychology and techniques used by the cyber criminals.

There are very few researches done in the field of cybercrimes by the academic institution providing IT education in the country. It is their social responsibility to find out and present new challenges and threats to businesses as well as individuals along with radical tactics to cope with it to the investigating agency that will boost the confidence of officers and staffs while investigating.

~