Introduction
One of the most globally active forms of crime in the modern-day world is cybercrimes. Technological advancement over the years has aimed at improving the quality of life of people. In the contemporary world, no sector can run without the implementation of a particular form of technology. Technology has been used in bettering the health and well-being of the people. However, one factor that has often stood out is that technology is a double-edged sword. This arises from the fact that technology introduced a new wave of criminal activities referred to as cybercrimes. The internet is now available to almost every individual and this increase the span of the crimes and risks. Cybercrimes have become of the most dangerous crimes as they are committed over the internet and thus finding out the perpetrators is not an easy task. Cybercrime continues to grow in sophistication and scope and thus has seen losses amounting to billions of dollars as of 2018. As people continue to allow for the use of technology in their lives, they must provide some private data, and this is what mots cybercriminals are targeting. Some of the information that is now available in various technological platforms includes personal health data, passive conversations, account information and shopping history that is picked up by voice-controlled devices, website passwords, photos, browsing history and private conversations on various social media platforms. This indicates that the life of an individual from the intimate to mundane is turning digital, and this is continuing to make information easily accessible to cybercriminals. Cybercrimes can consist of identity theft, online predation, cyberbullying, unauthorized computer access, among others. In order to facilitate cybercrimes, the perpetrators use a variety of strategies such as network attacks, phishing, viruses, malware, and cyberstalking. It is an indication that the sophistication and scope of cybercrimes requires an individual, organizations and, nations to come up with strategies to prevent cybercrimes, as they are a universal problem that requires a coordinated international response.
Background Information
History of Cybercrimes
According to Chauhan (2017) during the 1970s, telephone lines were the primary attack channels used by criminals in launching technologically driven attacks. The perpetrators were referred to as Phreakers as they had found out that the American telephone lines had a significant number of vulnerabilities. However, their principal aim was only to make a free call by imitating the function-based tones that allowed the telephones to operate. However, it is only in the 1980s when real cybercrimes began to evolve, and this was through hacking. People would hack computers to access, delete and manipulate the data. In 1981, Ian Murphy, popularly known as captain zap, was the first person charged with committing a cybercrime after he had hacked the USA telephone services (Chauhan, 2017). Telephone companies were the main target for mots hackers. However, private people, financial institutions, governments later followed suit. In the 21st century, cybercrimes have affected governments such as the USA, Russia, China, and South Korea, among others. Big companies have also been affected by cybercrimes including eBay, Yahoo, Sony, among others. This has seen the leaking of private and confidential information that has left nations, companies and individuals susceptible to other forms of attacks.
Delegate your assignment to our experts and they will do the rest.
International Legal Response against Cyber Crimes.
According to the United Nations Conference on Trade and Development that was formed in 1964, crime legislation across the globe has grown over the years. Currently, 138 nations are representing 79% of the global countries that have implemented cybercrimes related legislations (UNCTAD, 2019). However, more than 30 other states representing 18% lack a practical cybercrime legislation framework (UNCYAD, 2019). The United Nations Conference on Trade and Development Global Cyberlaw Tracker track the adoption of international legations in 194 countries across the globe. Through the tracker, it allows for an indication of which nation has implemented cybercrime legislation and which one has not. To fully enforce cybercrime laws, UNCTAD requires a nation to enact e-transaction laws, consumer protection laws and data protection laws.
One of the most renown international legal framework on cybercrime is known as the Budapest Convention on Cybercrime that as opened in Europe in 2001. More than nearly two decades later, this convention represents one of the most significant and vital agreements on cybercrimes. The membership of the convention has continued to grow over the years since its foundation. Similarly, the quality of the implementation of the standards has continued to improve as the treaty aims at meeting the new challenges that arise due to the dynamic nature of cybercrime-related problems. According to the Budapest Convention on Cybercrimes, it acknowledges that cybercrimes have been around for more than four decades. However, the Council of Europe had been grappling with cybercrime-related activities since the 1980s yet there was no international or legal framework in place to prevent the crimes and even persecute the perpetrators once they were apprehended (Clough, 2014). By 2001, cybercrimes had become a significant threat to many nations, and this led to the signing of the treaty between the USA, South Africa, Japan, and Canada (Clough, 2014). Through the Convention, it outlines a list of criminalization of various attacks using computers, international judicial and law enforcement co-operation with regards to cybercrimes related evidence and procedural law that would make sure that all cybercriminals are persecuted using the right evidence.
The Commonwealth has for years tried to address the issues related to cybercrimes especially with regards to formulating workable legislations. The main reason for this is that cybercrimes have continued to cause havoc to not only Commonwealth member but also other nations across the globe. The Information and Communication Technology ministers form the commonwealth nations relied on the Council of Europe’s Convention on Cybercrime in laying down strategies for preventing cybercrimes, and this led to the submission of a proposal in 2002 referred to as the Model Law on Computer and Computer Related Crimes (Gercke, 2012). In 2011, the Commonwealth Cybercrime Initiative was presented before the member states for adoption. The initiative aimed to make sure that all nations had in place the technical and human capacities to fight off cybercrimes.
The Asia-Pacific Co-operation has also tried to ensure that cybercrimes are regulated and mitigated from its member states. During the Telecommunication and Information Ministries meeting that occurred in Bangkok in 2008, the Asia-Pacific Co-operation adopted the international standards laid down by the Budapest Convection in 2001 in mitigating cybercrimes from the member states (Gercke, 2012). This led to the APEC affiliated member states adopting the APEC Cybersecurity Strategy in 2002.
The African Union also decided to develop a legal framework that would enable its member nations in data protection, cybersecurity, and managing electronic transactions. During the 2009 meeting organized by the Information Communication and Technology Ministers held in Johannesburg, South Africa, a legal framework was drafted (Gercke, 2012). The draft was presented in 2011, which would enable its member states in strengthening their cyberspaces (Gercke, 2012). The convention was made up of three vital parts; electronic commerce, data protection issues, and combating cybercrimes. Other international efforts aimed at addressing cybercrimes include the Arab League of Nation Cooperation Council and the Organization of American States.
From the above treaties, it is an indication since 2001; various international bodies have come up with strategies aimed at controlling and mitigating cybercrimes. The first-ever convention is the Budapest Convection held in 2001, and the legal frameworks from the convention have laid down a foundation for most other nations. Before 2001, there was very little international effort aimed at controlling and managing cybercrimes. However, with its increased prevalence across the globe and continued adoption of technology, it has now become a necessity for governments to protect its people. Nonetheless, the looming question is still, have these international legal responses by countries been able to reduce the rates of cybercrimes? Just how efficient are international laws in eliminating cybercrimes? It is this question that this research aims at answering and determine whether cybercrimes are controlled or they will continue to affect people today and in future.
The efficiency of International Law and Cybercrime
Theoretical Efficiency
Any internet savvy individual regardless of his location in the globe is aware of the term cybercrimes and what it constitutes. Nonetheless, the cybercrime concept definition has no single acceptable phrase across the globe. The only related factor about the definition of cybercrime is that it involves the use of computers and an internet connection to carry out criminal activities. There are very many types of cybercrimes, and they are not only limited to child pornography, cyberbullying, cyberstalking, network breaches, online fraud, identity theft and many others. Cybercrimes have been identified as being a global problem as they do not only affect a single nation. In recent years, cybercrimes have been carried out across borders as hackers from China have targeted USA companies; hackers from Russia have targeted China and many others. This is an indication that cybercrimes have no boundaries and to ensure they are eliminated, there is a need for having an international legal framework that will eliminate the boundaries and allow for the prosecution of the perpetrators.
With regard to ensuring that cybercrimes are regulated, a significant number of sovereign states across the globe have come together and formulated the legal framework through conventions. According to Ajayi (2015), some of the countries that have cybercrime and computer laws include; Uruguay, USA, the UK, Australia, Belgium, Zambia, Pakistan, Portugal, Argentina and many others. According to the UNCTAD (2019), about 135 nations have in place laws aimed at controlling cybercrime and other computer-related activities deemed as being illegal.
From a theoretical point of view, there have been tremendous efforts towards both international and regional towards addressing cybercrimes. In 1997, the G8 made it public that it was planning to combat crimes from its member states (Ajayi, 2016). The law aimed to ensure that data is protected. Moreover, the framework undertaken by the G8 would ensure that it had in place personnel who were equipped and trained to make certain they offered security 24 hours a day, seven days a week. In 1990, the United Nations General Assembly adopted a framework that would enable its member states managing computer-related crimes (Ajayi, 2016). According to Nicholas (2008), the UN adopted other resolutions in 2002 and 2008 aimed at preventing the misuse of information technology. The Council of Europe made up of 47 states held its first-ever International efforts conference with Japan, USA and Canada aimed at mitigating cybercrimes (Ahamad et al., 2008). The convention came to be referred to as the Budapest Convention, and it became the first-ever transnational agreement amongst nations with respect to managing crimes committed on the internet and using computers the aim of the treaty was to come up with a single agreement that would see the society protected from the adverse effects of crimes.
Similarly, there has been some regional efforts by countries aimed at mitigating cybercrimes. Ajayi (2016) states that in 2002, the Asia-Pacific Economic Cooperation (APEC) issued the Cyber Security Strategy, and it consisted of the Shanghai Declaration. The strategy laid down a framework on cybercrimes basing on six key courses of actions; wireless security, training and education, public awareness campaigns, information sharing and cooperation and legal developments. In the same years. The Organization for Economic Cooperation Development made up of thirty-four nations laid down its guidelines that would see the states protecting the information and communication technologies (Ajayi, 2016). Other regional efforts that have been undertaken by nations include the Commonwealth convention of Cybercrimes draft of 2002 and the African Union Cybercrime Imitative Strategy. Nonetheless, despite being regarded as regional efforts, most of the legal frameworks have been formulated basing on the Budapest convention standards.
It is an indication that from a theoretical point of view, the efficiency of combating cybercrimes has been high. Since 1997, various transnational treaties have been signed by countries across the globe. Countries have also joined treaties that were signed much earlier such s the Budapest convention. This came in the wake of countries realizing that there was a need to control computer and cybercrimes, as they are a threat to society.
Practical Efficiency
There has been a high international effort towards battling cybercrimes. The Budapest Convention is regarded as being the first-ever translational treaty between nations aimed at fighting cybercrimes. The convention laid down standards that have been adopted by other transnational and regional treaties over the years. However, despite having such an international response towards mitigating cybercrimes, one can still wonder why the rate has remained prevalent. This is despite more than 135 countries having implemented cybercrime-related laws. From a national level, countries have continued to prosecute cybercriminals. However, from an international perspective, there have been no or very little prosecutions of cybercrimes, yet there are laws in place to allow such prosecutions to be carried out. There are very many reasons that have contributed towards making international law inefficient in combating cybercrimes.
The new computer and information technologies have brought about new changes in society, yet they have also affected the criminal procedures and laws of nations. These new technologies have ended up becoming tools that are used in committing crimes. Hackers can gain access to a computer network belonging to another country and carry out any form of malicious activity. As nations have united to fight off this new form of crime, the information technologies have continued to raise new legal questions. This is because; the crime may be carried out across many states and may involve several international organizations. A perfect example is seen whereby, the perpetrator of cybercrime may commit criminal activity in another state, and however, the satellite allowing the crime to be carried out may be owned by another state. Therefore, this brings about the question, is the international law applicable to solving cybercrimes?
Jurisdictional Challenges
One of the major impediment toward successfully applying international law in combating cybercrimes is issues emanating from the jurisdiction. Jurisdiction is referred to as the rights of a sovereign nation to have control over its territories and what happens within them. A significant number of international laws have not focused on new jurisdictional challenges. The only nation that has eliminated jurisdictional challenges in relation to cybercrimes is Denmark (Klip, 2014). In the case of the USA, its cybercrime laws do not apply outside its territories (Klip, 2014). Jurisdiction is a very important concept in law. Using an example of a court or judge, incase either lacks jurisdiction, it is an indication that it can bring about adjudication and thus making any proceedings null and void. Jurisdiction is the most abused concepts in law. With regards to solving cybercrimes using international laws, there must be a clear distinction made between the use of the term in intra-territorial and extra-territorial situations. The jurisdictional challenges affiliated to cybercrimes revolves around two major issues, jurisdiction in personam and geographical jurisdiction. The geographical jurisdiction is based note ability of the court to hear a case beyond its boundaries while personam jurisdiction refers to the ability of a court to preside over a case involving a cybercriminal who does not reside within its territories (Mann & Roberts, 2013). One fact about cybercrime is that they are not similar to other forms of crimes as they can bypass any given jurisdictions and nations. They are thus referred to as transnational crimes. A cybercrime perpetrator can sit at the comfort of his/her home and connect to an internet connection enabling one to carry out a crime thousands of miles away. As a result of jurisdictional challenges, cybercrimes lack a locus delciti , commonly referred to as the location of the crime (Klip, 2014). The locus of an offense must first be determined before prosecuting a criminal. In case it is outside the territories, such an individual will not easily become prosecuted by the nation that has suffered from his/her criminal activities. In case the IP address is traced to another country, a court cannot prosecute the criminal unless extradition is issued. However, extradition is also faced by a set of challenges in case there is no such legal agreement between the victim country and the nations having custody of the cybercriminal .
Extradition Challenges
Extradition refers to the surrendering of a person accused of a crime by one state to another. In the case of a cybercriminal, in case he/she escapes into another country, it is expected for that state to return the individual to the state upon which the crime was committed or directed against. Nonetheless, in a majority of cases, this is not practical due to the jurisdictional challenges, which allow a country to enjoy its independence and sovereignty. According to international law, no statute imposes a nation to extradite a criminal accused of committing a cybercrime. The shocking factor is that nations have continued to harbor cybercriminal instead of extraditing them to become prosecuted for their actions and this has been another major impediment towards international law fighting off cybercrimes. However, in case two states more have signed extradition treaties, they can fill this void, and the cybercriminals are extradited to answer for their crimes.
The major factor that makes extradition a very tough undertaking is jurisdiction. In case the state thereby the criminal has the legal framework to try a perpetrator, the requesting nation is forced to abide by those rules, and thus it cannot do anything. It is at this point that a legal hurdle placed by the same international law defeats the practical efficiency of cybercrime prosecutions enforced by international laws. An example of countries that have legal frameworks to prosecute their criminals on crimes carried out abroad include Japan, Germany, France, Czech Republic and Austria (Ajayi, 2016). The legal framework that such nations use under internationally is referred to as the aut dedere aut judicare meaning extradite or prosecute (Hameed, 2015). However, the crimes that fall under this international law doctrine include financing terrorist activities, crimes against humanity, diplomats and other protected persons, hijacking of aeroplanes, holding people hostages and acts of terrorism.
Nonetheless, cybercrimes do not fall under this category. According to the doctrine, it does not consider whether an individual is national or foreigner on the respective country. In case, one has carried out a crime. He/she is eligible for extradition or prosecution. The aut dedere aut judicare doctrine is treaty signed by nations, and some of the agreements with this doctrine include the Geneva Convention, and The Convention against Torture and Other Cruel, Inhuman or Degrading Treatment or Punishment (International Law Commission, 2017). From the treaty, it is an indication that cybercrimes are not subject to the aut dedere aut judicare doctrine and this cripples international legal responses towards eliminating the cybercrimes.
Lack of Enforcement Mechanism and Applicability
In most cases, the enforcement of international law by countries is hampered by their territorial, independence and sovereignty bounds. In the case of the Budapest Convention, it involved about 50 states, and each was required to implement the standards that were agreed upon. However, in case a nation that is party to treaty refuses to enforce the treaty’s agreement, there is nothing that the other remaining states can do. International law at times is non-binding in nature, and this makes it lack a stringent implementation mechanism. Similarly, it is the legal duty of the president of head of state to make sure that any international treaties signed are part of the respective nation’s legislations. However, the country’s legislature, which is the law-making authority at times, neglects its obligations and such treaties are left dormant and ineffective. Various factors affect the domestication international treaties such as values, norms, religion, language and culture. The domestication of international laws related to cybercrimes has been slow across the globe, and this has made it hard for the rules and regulations to become applicable.
Moreover, there is no single law that governs cybercrimes. Cybercrimes lack jurisdictional respect as one can sit down in New York and commit a crime in Tokyo or any other part of the globe. It is an indication that cybercrimes are borderless crimes. Most of the laws governing cybercrimes are either regional or national with the Budapest convention being the only international law though various issues as highlighted above hinder it. The only jurisdiction linked to cybercrimes is the entire globe, and the regional, national, fragmented and or quasi-international rules and regulations cannot help eliminate the menace. The current cyber laws will continue to suffer from enforcement challenges until the entire globe comes up with a single international law that does not adhere to jurisdictions.
Conclusion
Technological advancement is one of the greatest strides that have been made by human civilization. Through technology, the quality of life has been improved across all sectors. However, this has laid down a foundation for new forms of crimes known as cybercrimes. Cybercriminals use computers and the internet to access personal information that is used in blackmailing people, nations or organizations. The information can also be used for other malicious purposes. Countries across the globe have come to realize that cybercrimes are causing adverse effects society and thus they have formulated various legal frameworks to help curb the menace. This has seen the signing of treaties such as the Budapest Convention, the G8, Commonwealth, and African Union among others. From a theoretical point of view, international always been enforced towards mitigating, prosecuting and eliminating cybercrimes and its perpetrators. However, the practical implementation of the laws is marred by a considerable number of challenges with the main one being jurisdiction, extradition and lack of enforcement mechanisms and adaptability. Jurisdictional challenges arise from the sovereignty and independence of a nation. Through jurisdictional challenge, extradition difficulties arise. Some nation does not extradite the perpetrators of cybercrimes to nations that have suffered from their actions. Various international Law treaties governed by the aut dedere aut judicare principle do not include cybercrimes as part of the extradition or prosecution crimes. From this, it is an indication that there is need to ensure internal laws related to cybercrimes are enforced to boost their efficiency.
References
Ahamad M, Amster D, Barrett M, Cross T, Heron G, Jackson D, King J, Lee W, Naraine R, Ollmann G, Ramsey J, Schmidt HA, Traynor P (2008). Emerging Cyber Threats Report for 2009, Georgia Tech Information Security Centre . Georgia Inst. Technol. 9p.
Ajayi, E. F. G. (2016). Challenges to enforcement of cyber-crimes laws and policy. Journal of Internet and Information Systems , 6 (1), 1-12.
Ajayi, E. F. G. (2016). The Impact of Cybercrimes on Global Trade and Commerce. International Journal of Information Security and Cybercrime (IJISC) , 5 (2), 31-50.
Chauhan, S. (2017). Cyber crimes National and International perspective . Retrieved on 30 October 2019, from https://shodhganga.inflibnet.ac.in/bitstream/10603/188293/10/10_chapter%202.pdf
Clough, J. (2014). A world of difference: the Budapest convention of cybercrime and the challenges of harmonisation. Monash UL Rev. , 40 , 698.
Gercke, M. (2012). Understanding Cybercrimes: Phenomena, Challenges and Legal Response . International Telecommunication Union.
Hameed, U. (2015). Aut Dedere Aut Judicare (Extradite or Prosecute) Obligation-Whether a Duty Rooted in Customary International Law? International Journal of Humanities and Social Science , 5 (9), 1.
International Law Commission. (2017). The obligation to extradite or prosecute (aut dedere aut judicare). UN Doc. A/CN , 4 , 630.
Klip, A. (2014). Section IV–International criminal law. Information society and penal law. Revue internationale de droit penal , 85 (1), 381-428.
Mann, R. A., & Roberts, B. S. (2013). Essentials of business law and the legal environment . Mason, OH: Southwestern Cengage Learning.
Nicholas CAMQC (2008). Emerging Trends in Cyber Crime, 13th Annual Conference - New Technologies in Crime and Prosecution: Challenges and Opportunities, International Association of Prosecutors, Singapore . Retrieved on 30 October 2019, from http://www.odpp.nsw.gov.au/docs/default-source/speeches-bynicholas-cowdery/emerging-trends-in-cyber-crime.pdf?sfvrsn=2
UNCTAD. (2019) Cybercrime legislation worldwide . Retrieved from https://www.unctad.org/en/Pages/DTL/STI_and_ICTs?ICT4D-Legislation/eCom-Cybercrime-Laws.aspx
