17-05-2012, 01:34 PM
CYBER LAW
Legal aspects of computing are related to various areas of law. Cyber law is a term that encapsulates the legal issues related to use of communicative, transactional, and distributive aspects of networked information devices and technologies. It is less a distinct field of law than property or contract law, as it is a domain covering many areas of law and regulation. Some leading topics include intellectual property, privacy, freedom of expression, and jurisdiction. Information Technology Law (or IT Law) is a set of recent legal enactments, currently in existence in several countries, which governs the process and dissemination of information digitally. These legal enactments cover a broad gamut of different aspects relating to computer software, protection of computer software, access and control of digital information, privacy, security, internet access and usage, and electronic commerce. These laws have been described as "paper laws" for a "paperless environment"
Cyber Law is the law governing cyber space. Cyber space is a very wide term and includes computers, networks, software, data storage devices (such as hard disks, USB disks etc), the Internet, websites, emails and even electronic devices such as cell phones, ATM machines etc.
Law encompasses the rules of conduct:
That have been approved by the government, and Which are in force over a certain territory, and Which must be obeyed by all persons on that territory? Violation of these rules could lead to government action such as imprisonment or fine or an order to pay compensation.
Cyber law encompasses laws relating to:
Cyber Crimes
Electronic and Digital Signatures
Intellectual Property
Data Protection and Privacy
Cyber-crimes are unlawful acts where the computer is used either as a tool or a target or both. The enormous growth in electronic commerce (e-commerce) and online share trading has led to a phenomenal spurt in incidents of cybercrime. These crimes are discussed in detail further in this chapter. A comprehensive discussion on the Indian law relating to cybercrimes and digital evidence is provided in the ASCL publication titled “Cyber Crimes & Digital Evidence – Indian Perspective”.
Electronic signatures are used to authenticate electronic records. Digital signatures are one type of electronic signature. Digital signatures satisfy three major legal requirements – signer authentication, message authentication and message integrity. The technology and efficiency of digital signatures makes them more trustworthy than hand written signatures. These issues are discussed in detail in the ASCL publication titled “Ecommerce – Legal Issues”.
Intellectual property is refers to creations of the human mind e.g. a story, a song, a painting, a design etc. The facets of intellectual property that relate to cyber space are covered by cyber law.
These include:
• Copyright law in relation to computer software, computer source code, websites, cell phone content etc,
• Software and source code licenses
• Trademark law with relation to domain names, Meta tags, mirroring, framing, linking etc
• Semiconductor law which relates to the protection of semiconductor integrated circuits design and layouts,
• Patent law in relation to computer hardware and software.
These issues are discussed in detail in the ASCL publication titled “IPR & Cyberspace - the Indian Perspective”.
Data protection and privacy laws aim to achieve a fair balance between the privacy rights of the individual and the interests of data controllers such as banks, hospitals, email service providers etc. These laws seek to address the challenges to privacy caused by collecting, storing and transmitting data using new technologies.
NEED FOR CYBER LAW
There are various reasons why it is extremely difficult for conventional law to cope with cyberspace. Some of these are discussed below.
1. Cyberspace is an intangible dimension that is impossible to govern and regulate using conventional law.
2. Cyberspace has complete disrespect for jurisdictional boundaries. A person in India could break into a bank’s electronic vault hosted on a computer in USA and transfer millions of Rupees to another bank in Switzerland, all within minutes. All he would need is a laptop computer and a cell phone.
3. Cyberspace handles gigantic traffic volumes every second. Billions of emails are crisscrossing the globe even as we read this, millions of websites are being accessed every minute and billions of dollars are electronically transferred around the world by banks every day.
4. Cyberspace is absolutely open to participation by all. A ten year-old in Bhutan can have a live chat session with an eight year-old in Bali without any regard for the distance or the anonymity between them.
5. Cyberspace offers enormous potential for anonymity to its members. Readily available encryption software and steganography tools that seamlessly hide information within image and sound files ensure the confidentiality of information exchanged between cyber-citizens.
6. Cyberspace offers never-seen-before economic efficiency. Billions of dollars’ worth of software can be traded over the Internet without the need for any government licenses, shipping and handling charges and without paying any customs duty.
7. Electronic information has become the main object of cybercrime. It is characterized by extreme mobility, which exceeds by far the mobility of persons, goods or other services. International computer networks can transfer huge amounts of data around the globe in a matter of seconds.
8. A software source code worth crores of rupees or a movie can be pirated across the globe within hours of their release.
9. Theft of corporeal information (e.g. books, papers, CD ROMs, floppy disks) is easily covered by traditional penal provisions. However, the problem begins when electronic records are copied quickly, inconspicuously and often via telecommunication facilities. Here the “original” information, so to say, remains in the “possession” of the “owner” and yet information gets stolen.
JURISDICATION
Issues of jurisdiction and sovereignty have quickly come to the fore in the era of the Internet.
Jurisdiction is an aspect of state sovereignty and it refers to judicial, legislative and administrative competence. Although jurisdiction is an aspect of sovereignty, it is not coextensive with it. The laws of a nation may have extraterritorial impact extending the jurisdiction beyond the sovereign and territorial limits of that nation. This is particularly problematic as the medium of the Internet does not explicitly recognize sovereignty and territorial limitations. There is no uniform, international jurisdictional law of universal application, and such questions are generally a matter of conflict of laws, particularly private international law. An example would be where the contents of a web site are legal in one country and illegal in another. In the absence of a uniform jurisdictional code, legal practitioners are generally left with a conflict of law issue.
Another major problem of cyber law lies in whether to treat the Internet as if it were physical space (and thus subject to a given jurisdiction's laws) or to act as if the Internet is a world unto itself (and therefore free of such restraints). Those who favor the latter view often feel that government should leave the Internet community to self-regulate. John Perry Barlow, for example, has addressed the governments of the world and stated, "Where there are real conflicts, where there are wrongs, we will identify them and address them by our means. We are forming our own Social Contract. This governance will arise according to the conditions of our world, not yours. Our world is different". A more balanced alternative is the Declaration of Cyber secession: "Human beings possess a mind, which they are absolutely free to inhabit with no legal constraints. Human civilization is developing its own (collective) mind. All we want is to be free to inhabit it with no legal constraints. Since you make sure we cannot harm you, you have no ethical right to intrude our lives. So stop intruding!" Other scholars argue for more of a compromise between the two notions, such as Lawrence Lessig's argument that "The problem for law is to work out how the norms of the two communities are to apply given that the subject to whom they apply may be in both places at once" (Lessig, Code 190).
With the internationalism of the Internet, jurisdiction is a much more tricky area than before, and courts in different countries have taken various views on whether they have jurisdiction over items published on the Internet, or business agreements entered into over the Internet. This can cover areas from contract law, trading standards and tax, through rules on unauthorized, data privacy and spamming to more political areas such as freedom of speech, censorship, libel or sedition.
Certainly, the frontier idea that the law does not apply in "Cyberspace" is not true. In fact, conflicting laws from different jurisdictions may apply, simultaneously, to the same event. The Internet does not tend to make geographical and jurisdictional boundaries clear, but Internet users remain in physical jurisdictions and are subject to laws independent of their presence on the Internet. As such, a single transaction may involve the laws of at least three jurisdictions:
1. the laws of the state/nation in which the user resides,
2. the laws of the state/nation that apply where the server hosting the transaction is located, and
3. The laws of the state/nation which apply to the person or business with whom the transaction takes place.
So a user in one of the United States conducting a transaction with another user in Britain through a server in Canada could theoretically be subject to the laws of all three countries as they relate to the transaction at hand.
In practical terms, a user of the Internet is subject to the laws of the state or nation within which he or she goes online. Thus, in the U.S., Jake Baker faced criminal charges for his e-conduct, and numerous users of peer-to-peer file-sharing software were subject to civil lawsuits for copyright infringement. This system runs into conflicts, however, when these suits are international in nature. Simply put, legal conduct in one nation may be decidedly illegal in another. In fact, even different standards concerning the burden of proof in a civil case can cause jurisdictional problems. For example, an American celebrity, claiming to be insulted by an online American magazine, faces a difficult task of winning a lawsuit against that magazine for libel. But if the celebrity has ties, economic or otherwise, to England, he or she can sue for libel in the British court system, where the standard of "libelous speech" is far lower.
Internet governance is a live issue in international fore such as the International Telecommunication Union (ITU), and the role of the current US-based coordinating body, the Internet Corporation for Assigned Names and Numbers (ICANN) was discussed in the UN-sponsored World Summit on the Information Society (WSIS) in December 2003
THE CREATION OF PRIVARY IN CYBER-LAW
Warren and Brandeis
At the close of the 19th Century, concerns about privacy captivated the general public, and led to the 1890 publication of Samuel Warren and Louis Brandeis: "The Right to Privacy”. The vitality of this article can be seen today, when examining the USSC decision of Kyllo v. United States, 533 U.S. 27 (2001) where it is cited by the majority, those in concurrence, and even those in dissent.[13]
The motivation of both authors to write such an article is heavily debated amongst scholars; however, two developments during this time give some insight to the reasons behind it. First, the sensationalistic press and the concurrent rise and use of "yellow journalism" to promote the sale of newspapers in the time following the Civil War brought privacy to the forefront of the public eye. The other reason that brought privacy to the forefront of public concern was the technological development of "instant photography". This article set the stage for all privacy legislation to follow during the 20 and 21st Centuries.
Reasonable Expectation of Privacy Test and emerging technology
In 1967, the United States Supreme Court decision in Katz v United States, 389 U.S. 347 (1967) established what is known as the Reasonable Expectation of Privacy Test to determine the applicability of the Fourth Amendment in a given situation. It should be noted that the test was not noted by the majority, but instead it was articulated by the concurring opinion of Justice Harlan. Under this test, 1) a person must exhibit an "actual (subjective) expectation of privacy" and 2) "the expectation [must] be one that society is prepared to recognize as 'reasonable.'
Privacy Act of 1974
Inspired by the Watergate scandal, the United States Congress enacted the Privacy Act of 1974 just four months after the resignation of then President Richard Nixon. In passing this Act, Congress found that "the privacy of an individual is directly affected by the collection, maintenance, use, and dissemination of personal information by Federal agencies" and that "the increasing use of computers and sophisticated information technology, while essential to the efficient operations of the Government, has greatly magnified the harm to individual privacy that can occur from any collection, maintenance, use, or dissemination of personal information."
Foreign Intelligence Surveillance Act of 1978
Codified at 50 U.S.C. §§ 1801-1811, this act establishes standards and procedures for use of electronic surveillance to collect "foreign intelligence" within the United States. §1804(a)(7)(B). FISA overrides the Electronic Communications Privacy Act during investigations when foreign intelligence is "a significant purpose" of said investigation. 50 U.S.C. § 1804(a)(7)(B) and §1823(a)(7)(B). Another interesting result of FISA is the creation of the Foreign Intelligence Surveillance Court (FISC). All FISA orders are reviewed by this special court of federal district judges. The FISC meets in secret, with all proceedings usually also held from both the public eye and those targets of the desired surveillance.
Electronic Communication Privacy Act 1986
The ECPA represents an effort by the United States Congress to modernize federal wiretap law. The ECPA amended Title III (see: Omnibus Crime Control and Safe Streets Act of 1968) and included two new acts in response to developing computer technology and communication networks.
Thus the ECPA in the domestic venue into three parts:
1) Wiretap Act,
2) Stored Communications Act, and
3) The Pen Register Act.