Challenges involved in cyberspace regulation

From Advocatespedia, The Law Encyclopedia
Jump to: navigation, search

In today’s world cyberspace has become a vital part of our lives, it is embedded in every sphere of our lives and the society. According to Deibert and Rohozinski cyberspace has become an indispensable part of the social, political and economic power worldwide. It is important to understand what it means when we say “cyberspace”. The whole idea of Cyberspace came into existence when it was conceived by the Advanced Research Projects Agency (ARPA) of the U.S. government in 1969 and was first known as the ARPANet. The original aim was to create a network that would allow users of a research computer at one university to "talk to" research computers at other universities. A side benefit of ARPANet's design was that, because messages could be routed or rerouted in more than one direction, the network could continue to function even if parts of it were destroyed in the event of a military attack or other disaster.

Introduction

Three times in the past 250 years the world has witnessed a major transformation affecting virtually every aspect of society. Founded on advances in science and fuelled by innovations in technology, these industrial revolutions produced major leaps forward in human productivity and changed the way people work and interact with each other. By the time such a revolution runs its course, virtually every aspect of society has been affected in some significant way. The first industrial revolution originated in Britain and lasted from roughly 1760 to 1830. It was founded on new methods of manufacturing based on iron and steam, and at its core were the first major advances since antiquity to use scientific reasoning to develop new products - in short, modern applied research.

These innovations ultimately spurred new forms of transportation such as the steamshipand the railroad, as well as the invention of mechanical looms and other machinery, which together prompted socio-economic changes such as the introduction of specialized labour and the factory system4 .Specialization and factories, in turn, led to widespread population shifts from rural to urban areas and to fundamental changes in the way people worked and interacted.

The second industrial revolution lasted from about 1875 to 1930. It was powered by inventions such as electricity, the telephone and the internal combustion engine and automobile, as well as new synthetics and alloys and new applications of steel and oil. These advances were made possible by the unprecedented availability of capital and the creation of the modern business organization. Among the revolution's many socio-economic effects were greater mobility, a growing middle class and the beginnings of more widespread leisure time. Although different in many ways, these industrial revolutions shared certain characteristics. First, each was founded upon one or more new technologies that fundamentally changed manufacturing processes in a number of industries. Second, the adoption of these new technologies made it possible for manufacturers to improve productivity, which ultimately resulted in greater purchasing power and higher standards of living for broad segments of the population. Finally, these new technologies exerted profound and lasting effects on how people worked, socialized and used their leisure time. Today the Internet is at the heart of a third industrial revolution. Made possible by technological advances in computer hardware, software, and telecommunications, the Internet has forced companies everywhere to reinvent themselves and the way they do business. This transformation in business practices has fuelled unprecedented gains in productivity, generated both by improvements in efficiency and the creation of new markets. At the same time, the Internet is profoundlychanging the way people communicate with one another and express and enjoy themselves.

History

In today’s world cyberspace has become a vital part of our lives, it is embedded in every sphere of our lives and the society. According to Deibert and Rohozinski cyberspace has become an indispensable part of the social, political and economic power worldwide. It is important to understand what it means when we say “cyberspace”. The whole idea of Cyberspace came into existence when it was conceived by the Advanced Research Projects Agency (ARPA) of the U.S. government in 1969 and was first known as the ARPANet. The original aim was to create a network that would allow users of a research computer at one university to "talk to" research computers at other universities. A side benefit of ARPANet's design was that, because messages could be routed or rerouted in more than one direction, the network could continue to function even if parts of it were destroyed in the event of a military attack or other disaster.

Elements

Although the internet has allowed societies to benefit from increased connectivity, it has also introduced a range of vulnerabilities. It has created opportunities for actors, from nation-states to cyber criminals, to launch potentially destructive attacks. Nation-states, and the public in general, are growing increasingly aware of the potential economic, political, and social implications of cybersecurity incidents amid an increase in both the number and sophistication of attacks. Yet, there is still only a limited conceptual understanding of what cyber is due to the relative novelty of ‘cyber’ as an identifiable security domain. This is due to the complexity of the virtual domain, where boundaries, borders, and geographic notions of space are mostly intangible.

A basic example of the ties between physical and virtual realms that make up the internet and cyber domain is the internet protocol (TCP/IP) addressing system. Assigned to each computer or device, IP addresses ensure that data packets arrive at the right destination in a network, in the same way that the traditional postal system functions based on house numbers and postal codes. Although hackers can easily forge IP addresses to go undetected when launching attacks, the protocol is routinely utilised by law enforcement authorities to trace devices. Broadly speaking, while ‘cyber’ may refer to anything related to computer security and information technology, the term cybersecurity involves protecting systems from attacks and other threats coming via a network, among other attributes. However, states have varying definitions of both terms. Moreover, there are differing approaches to conceptualising the cyber domain, and disagreement over whether ‘cyber’ actually constitutes a physical space subject to laws applicable in the real world.

John Perry Barlow’s 1996 Declaration of the Independence of Cyberspace represents one approach, radically dismissing any attempt by governments – the US government in particular – to regulate the medium. Although rhetorically appealing, such calls to consider cyber as an independent realm or an extra-territorial environment, have had little to no impact on the development of norms and international law applicable to it. This is evidenced by state practice today, whereby, faced with cross-border data flows, nation-states have a strong interest in controlling what crosses their borders. Two examples of states exercising sovereignty over the internet are Chinese authorities’ and internet service providers’ frameworks to control net traffic, the Golden Shield Project, otherwise known as ‘The Great Firewall of China’, and Iran’s newly announced measure requiring foreign messaging companies to store data about Iranian users inside the country. The second approach consists of perceiving cyberspace and the internet as a physical space, subject to laws applicable in other domains, enabling policy-makers to derive legal frameworks and principles from existing laws. This approach forms the basis of the following discussion.

Under Common Law

Common law principles can be effectively used to regulate certain conduct of citizens over the cyberspace. Common law doctrines like Nuisance, Trespass, and Negligence and Strict liability can be applied to control cyberspace activities. Application of property law, with its ancient roots, to something as recently evolved as the Internet raises questions about the use of such antiquated laws in cyberspace. In spite of its “virtual” nature, the Internet readily lends itself to parallels with real property. Like real property, Internet sites are “fixed” in a cyberspace location. They are identified by an address, have definable borders and are capable of being exclusively controlled. Courts have also recognized these similarities by applying property law to cyberspace in upholding a registrant’s property right in an Internet.domain name, enabling claims of conversion for web sites, and enabling owners of web sites to bring claims of trespass to prevent unauthorized access to their site. Critics of the chattels theory fear that allowing web site owners to exert control over who can access a web site and the means by which they can access that web site will have “disastrous implications for basic types of behaviour fundamental to the Internet.” Since open access to information on the Web has been, and continues to be, the lifeblood of the Internet, some fear the application of antiquated notions of property and trespass may threaten the critical interests of cyberspace. One of the most cited fears is that trespass doctrine, if applied to cyberspace, threatens the legality of the search engines that make finding useful information in the vast repository of the Internet feasible. What this argument fails to take into account, however, is that Internet standards and technology have already ranted web site owners the type of power needed to control access to their web sites. The law of trespass simply affirms and gives a legal framework to these rights. It is also possible to use law of nuisance to prevent unsolicited e-mails, which are popularly known as SPAM, which are flooding e-mail accounts of citizens thereby irritating and harassing them. Sometimes they are also causing the citizens to delete their legitimate e-mails. Law as of now provides for opt-out option only, principle of nuisance can be effectively used to keep the spammers at bay.

5 related famous cases summary

1) WannaCry virus hits the NHS, 2017

The most widespread cyber-attack ever, hackers managed to gain access to the NHS' computer system in mid-2017, causes chaos among the UK's medical system. The same hacking tools were used to attack world-wide freight company FedEx and infected computers in 150 countries. Ransomware affectionately named "WannaCry" was delivered via email in the form of an attachment. Once a user clicked on the attachment, the virus was spread through their computer, locking up all of their files and demanding money before they could be accessed again. As many as 300,000 computers were infected with the virus. It was only stopped when a 22-year-old security researcher from Devon managed to find the kill switch, after the NHS had been down for a number of days.

2) Hackers steal £650 million from global banks, 2015

For a period of two years, ending in early 2015, a group of Russian-based hackers managed to gain access to secure information from more than 100 institutions around the world.The cyber criminals used malware to infiltrate banks' computer systems and gather personal data,they were then able to impersonate online bank staff to authorise fraudulent transfers, and even order ATM machines to dispense cash without a bank card.It was estimated that around £650 million was stolen from the financial institutions in total.3)

3) JP and Morgan Chase & Co target of giant hacking conglomerate, 2015

Late in 2015, three men were charged with stealing date from millions of people around the world, as part of a hacking conglomerate that spanned the best part of a decade. The trio themselves allegedly described the incident as “one of the largest thefts of financial-related data in history”. Thought to have been operating out of Israel, the trio targeted major corporations, including major US bank JP Morgan Chase & Co, stealing personal data and then selling it on to a large network of accomplices.The group stole information from more than 83 million customers from JP Morgan alone, and are thought to have made hundreds of millions of dollars in illegal profits. Along with personal data, the hacking group also stole information related to company performance and news, which allowed them to manipulate stock prices and make enormous financial gain.Using more than 200 fake identity documents, they were able to facilitate large scale payment processing for criminals, an illegal bit coin exchange, and the laundering of money through approximately 75 shell companies and accounts globally.

4) Sony Pictures crippled by GOP hackers, 2014

In late 2014, major entertainment company Sony Pictures were hit with a crippling virus. Cybercrime group Guardians of Peace (GOP) were behind the apparent blackmail attempt, which saw around 100 terabytes of sensitive data stolen from the company. It is largely thought that the attack was related to North Korea's disapproval of the film 'The Interview', which humorously predicted Kim Jong-un and contained a plot where main characters attempted to assassinate the head of state.US government agencies investigated the claim that North Korea had authorised the cyber-attack in an attempt to prevent the film from being released.

5) One billion user accounts stolen from Yahoo, 2013

In one of the largest cases of data theft in history, Yahoo had information from more than one billion user accounts stolen in 2013. Personal information including names, phone numbers, passwords and email addresses were taken from the internet giant. Yahoo claimed at the time that no bank details were taken. Releasing information of the breach in 2016, it was the second time Yahoo had been targeted by hackers, after the accounts of nearly 500 million users were accessed in 2014.

References

1) Adler, J, “When E-Mail Bites Back”, NEWSWEEK, November 23, 1998, pp. 45.

2) Adria, A, “Internet jurisdiction today”,

3) Northwestern Journal of International Law & Business (22:1), 2001 Agin,

4) W. E, “Jurisdiction in cyberspace”,

5) ABA Subcommittee on Internet Law Liability Report, American Bar Review, www.aba.net, 2003.

6) Alchian, A. and Demsetz, H., “Production, information costs, and economic Allen, T. and Widdison R,

7) “Can computers make contracts?”, Harvard Journal of Law & Technology (9:1), 1996, pp. 25.

WEBSITES

8) www.abajournal.com/

9) www.aclu.org www.allacademic.com

10) www.apsu.edu

11) www.aresearchguide.com

12) www.asianlaws.org

13) www.bakercyberlawcentre.org

14) www.bakercyberlawcentre.org

15) www.btlj.boalt.org

16) www.bu.edu

17) www.copyright.co.il

18) www.crime-research.org