Abstract
The escalation of cybersecurity threats around the world transcends boundaries. Various non-state actors, criminal and terrorist organizations, and state entities exploit it for offensive means. Encryption and dark web are effective tools for conducting malicious activities while maintaining anonymity online. However, the definition and an elaborate understanding of cybersecurity and cybercrime remain contested at the global level. Multiple factors, including the legal, technical, and political issues, play an important part in the formation of diverse policy responses by states and international organizations. Despite limitations, various forms of collaboration have developed between the states, non-state actors, and investigation agencies. This article analyzes the meaning, nature of cybercrime legislation, and the scope of policy formation in the global narrative of cybersecurity. The article concludes with the proposed balanced multi-stakeholder model with equal inclusion of the developing countries in policy framework and capacity building initiatives for combatting cybercrime.
TopIntroduction
The cyberspace emergence has created a new reality with transnational connection providing a venue for growth and also for contestation (Chourci, 2012). Defining the characteristics of the cyberspace includes various attributes such as; diffusion of power, ease of accessibility, low cost of entry, attribution, i.e., anonymity (Nye, 2011). The cyber domain position is characterized as a “transnational domain for information and economic exchange, which contemplates the transnational nature of the internet and the problem of global governance” (Kiggins, 2014). Definition of cybersecurity has constantly shifted to reveal the growing number of threats and new areas affected by the attacks. The case of UNGA resolution 53/70 where the modification of definition from the phrase ‘may adversely affect the security of the state’ in 1999 to ‘may adversely affect States in both civil and military fields’ in 2002 reflects the change in definition due to evolving nature and increased threats (Radu, 2014). Effectively, cybercrime was seen majorly as a technical issue, however, the course changed with the increase in incidents and the need for regulating it. The effective cost of cybercrime has increased with sophisticated tools being employed for a criminal purpose especially with the rise of ransomware as an industry. The concern arises from the fact that the average cost for the enterprises was $11.7 million of cybersecurity due to cybercrime, with an increase of 27.4 percent each year (Accenture, 2017). Platforms like Convention on Cybercrime in 2001, World Information Society in 2003, have pushed for a ‘global culture of cybersecurity’ and laid the foundation for the effective policymaking at the international, regional, and national level. Moreover, the international scenario is constantly molded by the sophisticated cyberattacks, global geopolitical shifts, and social media empowered by political move with the divergent position of the states. The variance is visible in the cyber legislation with varying definitions, development with one paternalistic group of countries advocating state sovereignty while other members promoting freedom of internet and role of private companies
In this perspective, the article aims at presenting and analyzing the state of the growing threat of cybercrime and the resultant laws being enacted at the international, regional and national level by the countries to counter it. The first section includes the background, including an overview of cybercrime being defined in the various literature. The second section includes various efforts presented on cybercrime legislation including the multilateral instruments such as the convention on cybercrime by Council of Europe, United Nations resolution apart from regional and national efforts. The third section analyzes the challenges of jurisdiction, sovereignty, and privacy and the various responses in the form of legislation being laid out. The fourth section proposes a model for the effective cooperation in the form of balanced multi-stakeholder in light of growing internationalization of the cybercrime.
Key Terms in this Chapter
Mutual Legal Assistance (MLAT): MLAT are formal investigation request made by the states for the access of the data located in other country for the purpose of investigation and extradition.
Ransomeware: Is defined as the illegal access to computer system using malware for the purpose of gaining control of the system with the motivation for financial gains.
Denial of Service Attack (DDoS): The activities which disrupt the services of the computer rendering the computer usage ineffective for the user.
Cybercrime: The usage of the computer and its related technologies for the purpose of disrupting, with the motivation to gain financial gains or causing political, social, and psychological harm.
Dark Web: The dark web is part of the web that is not accessible on general search and can be accessed through specific hosting servers. It consist of the information and tools that are illegal by criminal, terrorist.
Phishing: Is defined as the method of cyberattack which are employed to capture the sensitive information including passwords, personal information for the malicious purpose through means such as deceptive emails.
Cloud Act: Cloud Act is the U.S. legislation related to the transfer of electronic data with provisions for obtaining data for evidence and prosecution and also regulating transfer for foreign governments.