Shedding lights on Cyber Crime, Law and Ethics

● SAROJ PANDEY ● SUNIL SHARMA ●

Information Technology nowadays is changing almost all aspects of human activities like communication, trade, culture, education, entertainment, and knowledge. The term cyber or cyberspace has today come to indicate everything related to computers; the Internet, websites, data, emails, networks, software, data storage devices and even electronic devices such as cell phones, ATM machines etc.

With the growing nature of Internet usage, the world is becoming smaller place to live in for its users. The rapid growth in the Internet traffic has led to a higher proportion of legal issues related to computer and information system worldwide. The World Wide Web is surprisingly bringing the world closer. However, it has also created a major problem for individuals and businesses, which perform their works in the Cyber World – that is ‘cybercrime’. Many people are becoming the victims of hacking, identity theft, fraud, malicious software and the rate is increasing rapidly.

Cybercrime encompasses any criminal act dealing with computers and networks. Moreover, cybercrime includes traditional crimes conducted through the Internet. For example hate crimes, telemarketing and Internet fraud, identity theft, credit card account thefts are considered to be cybercrimes where the illegal activities are committed through the use of a computer and the Internet. The United States, Department of Justice, categorizes cybercrime in three ways – the computer as a target (using a computer to attack other computers), the computer as a weapon (using a computer to commit a crime), and the computer as an accessory (using a computer to store illegal files or information).

These days, Internet is in the easy reach of general people, mostly teenagers; they are performing illegal tasks knowingly or unknowingly. There exists an infinite list of possible crimes that can arise in the cyber space. Network intrusion, downloading and sharing copyrighted video and music files, creating and disseminating computer virus, identity theft, online fraud, penetration of online financial services, ATM fraud with fake debit/credit cards, phishing, sniffing, wiretapping, bombarding the emails, harassing others in social media having anonymous identification, creating fake profiles in social media and troubling the public as well as the genuine person with fake updates, attaching the face of different peoples in nude photos and posting it in blogs or social media, browsing of porn sites by restricted age groups, stir up racial hatred on the grounds of color, race, nationality, religion, ethnicity etc., publishing obscene and morbid content such as images of torture or accidents, abuse or ‘sexploitation’ especially against children & girls, violating copyrights and downloading music, movies, books, games and software mostly through peer sharing websites such as torrents, plagiarism, hacking the websites, Internet time theft and WiFi hacking etc. are among many.

The criminals these days also use the approach of social engineering and make a direct contact with intended victim using emails, social sites or phone. They try to gain the confidence and retrieve the information they need. Once that’s done, they will disappear and the retrieved information will be used for illegal purpose. The cyber terrorism, which is new to cybercrime, is increasing the anxiety of security officials. Cybercrime, these days is becoming a fast-growing area of crime. Cyber criminals perform a diverse range of crimes misusing the speed, convenience and anonymity of the Internet. Cybercrime has now surpassed illegal drug trafficking as a criminal moneymaker. It’s progressing with the wide opportunities of online and therefore becoming more extensive and destructive.

Cyber Law to fight with crime

The cyber law encompasses a wide variety of legal issues. It is the part of legal system that deals with the Internet, cyberspace, and their relevant legal issues. Cyber law covers broad area, which includes several subtopics such as intellectual property, freedom of expression, usage of the Internet, online privacy etc. Broadly, cyber law has been referred to as the Law of the Internet. Cyber law encompasses the area, which deals with the Internet’s association with technological and electronic elements that includes software & hardware and various information systems. Likewise, the law also deals with the communication and information sharing that includes various related issues of communication and information as the protection of intellectual property rights, freedom of speech, and public access to information.

Cyber law consists of a collection of legal policies that typically lead the Internet world. It has provisions for penalties and negotiation for various offences that happens in the cyber space. As per the provisions of law, the government is fully authorized to punish cyber criminals – an individual as well as institution. The law also has the provisions for office of the controllers and regulation of certifying authorities, which issue license of certification to the IT industries. Cyber law varies in different countries and punishment ranges from fines to imprisonment.

Cyber Law and Nepal

In the rapid pace of IT, even Nepal one of the world’s least developed countries is performing very well. Nepal has implemented the ICT in various sectors such as government, education, health, agriculture, tourism, trade and various others in some extend. With the ICT implementation, the criminal activities are also being increased. The government of Nepal has crafted the Electronic Transaction Act in 2004, which is popularly known as “Cyber Law.” It was said to be landmark legislation for the development of IT industry in Nepal. The act was amended in 2008 and published as Electronic Transaction Act in 2008.

In Nepal, cyber crimes like email and social media threat, hate speech in blogs and social media, illegal data access, obscene websites, website dispute, SMS threat, phishing, software piracy, hacking etc. are increasing swiftly. Government, private organization as well as individual uses pirated software. Seeing software, music and movie DVDs sold in the street of the capital city for less than Rs. 50 each is not the new issue. Sharing the copyrighted materials with friends and relatives is too normal. In cybercafés, no one cares the activities of teenagers; most of the proprietors of the cyber café are unaware of legal or illegal activities. Even the parents are unaware of their children’s behavior in the vulnerable virtual world. As the law enforcing mechanism is staying silent on such clearly seen issues, the complete implementation of the cyber law looks skeptical.

The Electronic Transaction Act still lacks various issues of the cyber world. The law doesn’t contain a single word regarding online payment issues. Likewise the law does not cover even the most common forms of crimes happening presently in the cyber world. For example, no punishment exists for sending offensive messages. Similarly, phishing also lacks legal coverage. The current law also does not have the legal provision for the cybercrimes like cyber-stalking, cyber-terrorism and child pornography. Every cybercrime that is seen need specific provisions with immense fines and imprisonment mechanism.

There are several reasons behind such lackluster response. Nepal police lack sophisticated tools to investigate cybercrimes. There are limited police officers in the Cybercrime Investigation Cell and the Central Investigation Bureau (CIB) with strong ICT skills to deal with cybercrime, which makes it challenging to collect evidence. So, for the effective investigation of crimes in the cyber space Nepal needs to invest more in training its human resource and developing anti-cybercrime infrastructure.

Self-awareness of the citizens is most effective way of decreasing the crimes. The law enforcement agency should begin conducting interaction programs in schools, college, and public/private organizations to train the students & employees and make them aware of different laws and policies so that they will not repeat the criminal behavior they may currently doing unknowingly. For the developing nations like Nepal, Microsoft these days is distributing the genuine software (Operating system and other products) and its keys in the colleges via Microsoft academic program discouraging the use of pirated ones. Likewise, there are various software covering almost areas, available in the Internet with Free and Open Source License, which help to stay away from the crime like software piracy; the law enforcing agencies should also encourage general people along with themselves to use such.

Staying safe on the Internet

While the Internet is great for making new friends and sharing interests, it’s important not to reveal too much information about yourself. Some people will hide their real identity and approach young people for sexual purposes – perhaps sending sexual messages in a social media by Instant Messenger, or by trying to influence the person to meet in the ‘real’ world.

Interpol suggest following things for staying safe on the Internet:

Staying safe on regular activities

• In social networks there is a privacy setting – use it. Do not believe everyone you meet in the social media.
• Think about what messages and information you post online – if you don’t want your parents or teacher to see it or read it then don’t post it.
• You can’t “unsay” what you say online, so think twice before you write.
• Use the ‘print screen’ function to record any content that you don’t feel comfortable with, and show it to a parent or another grown-up that you trust.
• Never meet a virtual friend without discussing it with an adult or bringing a real friend.
• A person needs to have a legitimate reason to be in constant touch with you – if you’re not comfortable talking to them, don’t reply.
• Always talk to your parents, or to someone else you trust, about what you experience online.
• There is no such thing as a free lunch. If you are receiving something, what are you expected to give in return?

Staying safe technically

• Use Firewall, Anti-spyware and Anti-virus software; run and update them regularly.
• Update OS for security patches and bug fixes
• If you have a wireless network, make sure it’s encrypted.
• Block browser pops ups or try using different browsers.
• Ignore spam – just delete it, or mark it as ‘spam’ or ‘junk’ in your email client. Don’t try to unsubscribe. Do not click links sent in email from unknown sources.
• If you get lots of spam, simply close down your email account and open another. There are lots of free ones available online.
• Open attachments only if they’re sent by people you know and trust.
• Keep your passwords strong and secret: never give them to anyone.
• Keep your ATM cards in safe place and don’t reveal the card number and PIN to anyone.
• Be alert to phishing. A trusted website or online payment processor will never ask you to confirm sensitive information like passwords or account details.

I follow Cyber Ethics, Do you?

Cyber ethics refers to the code of responsible behavior on the Internet. Just as we are taught to act responsibly in everyday life, with lessons such as “Don’t take what doesn’t belong to you,” and “Do not harm others,” – we must act responsibly in the cyber world as well. The basic rule is do not do something in cyber space that you would consider wrong or illegal in everyday life. Cyber ethics is distinct from cyber law. Laws are formal written directives that apply to everyone, interpreted by the judicial system, and enforced by the police. Ethics is a broad philosophical concept that goes beyond simple right and wrong, and looks towards “the good life”.

When determining responsible behaviors, consider the following:

• Do not use rude or offensive language.
• Do not use a computer to harm other people
• Do not interfere with other people’s computer work
• Do not be a bully on the Internet.
• Do not lie about people, send embarrassing pictures of them, or do anything else to try to hurt them.
• Do not copy information from the Internet and claim it as yours – that’s plagiarism.
• Adhere to copyright restrictions when downloading material including software, games, movies, or music from the Internet.
• Do not break into someone else’s computer.
• Do not steal/use someone else’s password.
• Do not write computer program that is harmful to the society
• Do not attempt to infect or in any way try to make someone else’s computer unusable.

If you are being the victim of any of the cybercrimes, do not hesitate to report to the nearest police station with proof documents and cooperate during the investigation.

Academic experts with police to tackle cybercrime

Cybercrime is a growing issue. Cyber environment is being too much vulnerable. While viewing the global data many people are being the victims of cybercrime in some way. Many people are losing their money in online fraud. Even traditional crimes like burglary are being done in a digital way. In the context of Nepal, police are facing many challenges in the investigation of cybercrimes. Only few officers understand the nature of digital crimes and they can’t give full focus on the motivation and psychology of the attackers. Officers also need to learn about digital forensics and the new threats associated with cybercrime. While viewing the cases of cybercrimes, officers need to understand both how victims view cybercrime as well as the psychology and techniques used by the cyber criminals.

There are very few researches done in the field of cybercrimes by the academic institution which are providing IT education in the country. It’s their social responsibility to find out and present new challenges and threats to businesses as well as individuals along with radical tactics to cope with it to the investigating agency that will boost the confidence of officers and staffs while investigating.