term paper on cyber crime by hossenbillal0038

VIEWS: 275 PAGES: 45

									                                              Chapter 1

                                            Introduction
Definition of cyber crime

The uses of internet in Bangladesh are growing rapidly. It has opened a new window in every
sector in everyday life. But unlike a coin it has two sides is good and bad. Internet also has its
own disadvantages. One of the most annoying disadvantages of Cyber-crime is illegal
activity on the internet. The internet, along with its advantages, has also threatened us to
security risks that come with connecting to a large network. Computers are now being
abused for illegal activities like e-mail espionage, credit card fraud, spams, and software
piracy and so on, which invade our privacy and offend our senses.

Maya babu expressed that “The modern thief can steal more with a computer than with a
gun. Tomorrow's terrorist may be able to do more damage with a keyboard than with a
bomb”1

Now it has become a quite easy for someone to access another’s privacy and steal anything
he wants. Only by using internet one can steal information from another’s computer which
is much more valuable than money.

The word ‘cyber-crime’ is consist of two words is ‘cyber’ and ‘crime’. The word ‘crime’ more
or less known to us, that means any act which is illegal, against any law or hampers
another’s right. The word ‘cyber’ means anything related to internet. That can be anything
we can think. Now ‘cyber-crime’ means any unlawful work done through internet.

“Computer crime or cyber-crime is a form of crime where the Internet or computers are
used as a medium to commit crime. Issues surrounding this type of crime have become
high-profile, particularly those surrounding hacking, copyright infringement Child
pornography, and child grooming.”2

History and background of cyber-crime

Internet has increased the way of interaction of humans. Within four years more than fifty
million people connected with each other. To reach there radio took thirty eight year.
1
  Maya Babu, ‘What is cybercrime’ (Mysore GrahakaraParishat), 11 October 2004, http://www.crime-
research.org/analytics/702/, Last visited 25 March 2010.
2
  http://en.wikipedia.org/wiki/Cyber_crime, Last visited 25 March 2010.

                                                                                                   pg. 1
The first recorded cyber-crime took place in the year 1820. That is not surprising considering
the fact that the abacus, which is thought to be the earliest form of a computer, has been
around since 3500 B.C. in India, Japan and China. The era of modern computers, however,
began with the analytical engine of Charles Babbage. In 1820, Joseph-Marie Jacquard, a
textile manufacture in France, produced the loom. This device allowed the repetition of a
series of steps in the weaving of special fabrics. This resulted in a fear amongst Jacquard’s
employees that their traditional employment and livelihood were being threatened. They
committed acts of sabotage to discourage Jacquard from further use of their new
technology. This is the first recorded cyber-crime.3

Interpol is the first organization that dealt with the cyber-crime. They tried it with
international law and penal law. “In conjunction with an Interpol Conference in 1981, a
survey of Interpol member countries on computer crime and penal legislation identified
several problems in the application of existing penal legislation. The OECD in Paris appointed
in 1983 an expert committee to discuss computer-related crime and the need for changes in
the penal Codes. This committee made a proposal that could constitute as a common
denominator between the different approaches taken by the member countries. The
Council of Europe appointed in 1985 another expert committees in order to discuss the legal
issues of computer-related crime. A summary of the guidelines for national legislatures with
liability for international acts only, was presented in the Recommendation of 1989. The UN
adopted a resolution on computer crime legislation at 8th U.N. Congress on the Prevention
of Crime and the Treatment of Offenders in Havana, Cuba, in 1990. The United Nations
Manual on the Prevention and Control of Computer-related Crime was published in 1994.
The last part of this historic presentation is the Wurzburg conferences organized by the
University of Wurzburg in 1992. These conferences led to 29 national reports, and
recommendations for the development of computer crime legislations. Most countries in
Europe adopted new penal laws according to the recommendation in the 1980s and 90s.
Similar development occurred in the U.S.A. Canada and Mexico. Also in Asia, where Japan,
Singapore, Korea and Malaysia were the leading countries. In Australia, the Commonwealth
added computer crime laws to the Crimes Act in 1989. Today computers have come a long
way, with neutral networks and nano-computing promising to turn every atom in a glass of
water into a computer capable of performing a Billion operations per second.”4




3
 R. K. Chaubey, ibid, p.137.
4 Ibid, pp.139-40




                                                                                        pg. 2
                                         Chapter 2

                            Deferent types of cyber-crimes


Kinds of cyber crime

It is not very easy to identify the kinds of cyber-crime because criminals now using hi-tech to
commit crime from different angle. Therefore every day new types of crimes are seen.
Although criminologist has identified some basic types of cyber-crimes these are

   1.   Theft of telecommunications services
   2.   Communications in furtherance of criminal conspiracies
   3.   Telecommunications piracy
   4.   Dissemination of offensive materials
   5.   Electronic money laundering and tax evasion
   6.   Electronic vandalism, terrorism and extortion
   7.   Sales and investment fraud
   8.   Illegal interception of telecommunications
   9.   Electronic funds transfer fraud

These are the main types of cyber-crimes. We cannot make a definite chart of or list of
cyber-crimes. Therefore searching classification is kind of odd.

Under given classification following crimes can be discussed:

Hacking:

Hacking is some kind of act of taking control of another’s computer. It is the most common
type of Cyber-crime in present days. The word ‘hacking’ has been defined in section 56 of
the Information & Communication Technology Act 2006, as follows:

“If any person-

    a) with the intent to cause or knowing that he is likely to cause wrongful loss or damage
        to
The public or any person, does any act and thereby destroys, deletes or alters any
Information residing in a computer resource or diminishes its value or utility or affects it
injuriously by any means;
    b) damage through illegal access to any such computer, computer network or any other
        electronic system which do not belong to him;



                                                                                          pg. 3
Then such activity shall be treated as hacking offence.”5

Virus, Trojan and worms:
A computer virus is a kind of computer program, mainly designed to make copy itself and
spread and infect other computer, generally with the victim being oblivious to its existence.
Computer viruses spread by attaching themselves to programs like word processor or
spreadsheets or they attach themselves to the boot sector of a disk. When an infected file is
activated or when the computer is started from an infected file is activated or when the
computer is started from an infected disk, the virus itself is also executed. Just as a virus can
infect the human immunity system there exist programs, which, can destroy or hamper
computer system. Trojan horse is defined as a “malicious, security-breaking program that is
disguised as something benign” such as a directory list, archive, game, or a program to find
and destroy viruses. A computer worm is a self-contained program that is able to spread
functional copies of itself or its segments to other computer systems. Unlike viruses, worms
do not need to attach themselves to a host program.6

Cyber pornography:
“The new technology is not merely an extension of the existing forms like text, photographs
and images. Apart from still pictures and images, full motion video clips and complete
movies are also available. Another great disadvantage with a media like this is its easy
availability and accessibility to children who can now log on to pornographic websites from
their own houses in relative anonymity and the social and legal deterrents associated with
physically purchasing an adult magazine from the stand are no longer present. Furthermore,
there are more serious offences which have universal disapproval like child pornography
and far easier for offenders to hide and propagate through the medium of the Internet.” 7

Cyber stalking:

 Cyber Stalking is the repeated acts harassment or threatening behavior of the criminal
towards the victim by using internet services. Stalking means the repeated acts of
harassment targeting the victim such as following the victim, making harassing phone calls,
vandalizing victim’s property, leaving written messages or objects. Stalking may be followed
by serious violent acts such as physical harm to the victim and the same has to be treated
and viewed seriously. It all depends on the course of conduct of the stalker. Stalking is a
problem that many people especially women is familiar with real life. These problems occur
on the Internet as well, in what has become known as cyber stalking or on line harassment.8

Cyber Terrorism:


5                                                            st
  Ahmed , Zulfiquar , A Text Book on Cyber Law in Bangladesh, 1 ed., (Dhaka: National Law Book Company,
2009), pp.63 – 64
6
  R. K. Chaubey, ibid, p.143
7
  Ibid, p.144.
8
 Ibid, p.145

                                                                                                    pg. 4
Cyber terrorism may be defined to be “the premeditated use of disruptive activities, or the
threat thereof, in cyber space, with the intention to further social, ideological, religious,
political or similar objectives, or to intimidate any person in furtherance of such objectives.”
The role of computer with respect to terrorism is that of modern thief who can steal more
with a computer than with a gun. The terrorist may be able to do more damage with a
keyboard than with a bomb. Computer and information technology has exploded in recent
times. No doubt, the great fears are combined in terrorism; the fear of random, violent,
victimization segues well with the distrust and out-rights fear of computer technology.9

Cyber Crime Related to Finance:
        There are various types of Cyber Crimes which are directly related to financial or
monetary gains by illegal means, to achieve this end, the persons in the cyber world who
could be suitably called as fraudsters uses different techniques and schemes to be fooled
other peoples on the internet. Online fraud and cheating is one of the most lucrative
businesses that are growing today in the cyber space. It may assume different forms. Some
of the cases of online fraud and cheating that have come to light are those pertaining to
credit card crimes, contractual crimes, online auction frauds, online investment schemes,
offering jobs, etc.10

Cyber Crime with Mobile & Wireless Technology:                                          At
present the mobile is so developed that its becomes somewhat equivalent to personal
computer, as we can do a lot of work on our mobile phones which were earlier possible on
the computers only, such as surfing, sending e-mails etc. There is also increase in the
services which were available on the mobile phones such as Mobile Banking which is also
prone to cyber-crimes on the mobile as it is on the Internet. Due to the development in the
mobile and wireless technology day by day, the day is not far away when the commission of
cyber-crimes on the mobile will become a major threat along with other cyber-crimes on the
net.11

Phishing:

 In computing, phishing is a form of social engineering, characterized by attempts to
fraudulently acquire sensitive information, such as passwords and credit card details, by
masquerading as a trustworthy person or business in an apparently official electronic
communication, such as an e-mail or an instant message. The term phishing arises from the
use of increasingly sophisticated lures to fish for users, financial information and passwords.
He act of sending an e-mail to a user falsely claiming to be an established legitimate
enterprise in an attempt to scam the user into surrendering private information that will be


9
  Ibid, p.145.
10
   Ibid, p.145.
11
   Ibid, p.145.

                                                                                          pg. 5
used for identity theft. The e-mail directs the user to visit a web site where they are asked to
update personal information, such as passwords and credit card, social security, and bank
account numbers that the legitimate organization already has. The Web site, however, is
bogus and set up only to steal the user’s information. By spamming large groups of people,
the phisher counted on the e-mail being ready by a percentage of people who actually had
listed credit card numbers with legitimately. Phishing, also referred to as brand spoofing or
carding, is a variation on fishing, the idea being that bait is thrown out with the hopes that
while most will ignore the bail, some will be tempted into biting.12

E-mail Bombing:

In Internet usage, all e-mail bombs is a form of net abuse consisting of sending huge
volumes of e-mail to an address in an attempt to overflow the mailbox or overwhelm the
server. Mail bombing is the act of sending an e-mail bomb, a term shared with the act of
sending actual exploding devices (see mail bomb). Mail bombing is sometimes accomplished
by giving the victim's e-mail address to multiple spammers. In the Russian internet
community, there is another sense for mail bomb. There, mail bomb is a form of denial of
service attack against a computer system (mail server). After most of the servers began
checking mail with antivirus software, the Trojan viruses tried to send themselves
compressed into archives, such as ZIP or RAR. Then mail servers began to unpack archives
and check their contents too. That gave black hats the idea to make a huge text file,
containing, for example, only the letter z repeated millions of times. Such a file compresses
into a relatively small archive, but being unpacked by early versions of mail servers might
waste the free space on its disks and cause denial of service. Also known as a Zip bomb.13

Salami Attacks:

A salami attack is a series of minor data-security attacks those together results in a larger
attack. For example, a fraud activity in a bank where an employee steals a small amount of
funds from several accounts, can be considered a salami attack. Crimes involving salami
attacks typically are difficult to detect and trace. These attacks are used for the commission
of financial crimes.




Characteristics of cyber crimes


12
     Ibid, p.146.
13
     Ibid, p.152.

                                                                                          pg. 6
After the classification of cyber-crime and before examining the legal strategies to check
cyber-crime, it is necessary to examine the peculiar characteristics of cyber-crime.

      The weapon with which cyber-crime are committed is technology. Cyber-crimes are
       the work of technology and thus cyber criminals are technocrats who have deep
       understanding of the Internet and computers.
      Cyber-crime is extremely efficient, i.e. it takes place in real time. It may take seconds
       or a few minutes to hack websites or do cyber frauds.
      Cyber-crime knows no geographical limitations, boundaries or distances. A cyber-
       criminal in the one corner of the world can commit hacking on a system in the other
       corner of the world for example a hacker in the US can in real time hack in the
       system placed in Japan.
      The act of cyber-crime takes place in cyberspace which makes the cyber-criminal
       being physically outside cyberspace. All the components of cyber criminality from
       preparation to execution, take place in the cyberspace.
      Cyber-crime has the potential of causing harm and injury which is of an unimaginable
       magnitude. It can easily destroy websites created and maintained with huge
       investments or hack into website of Banks and the defense department’s websites.
       The amount of loss which may cause is easy to be imagined.




                                                                                          pg. 7
                                            Chapter 3

                          Present condition of cyber-crimes in Bangladesh



Need for Cyber Law in Bangladesh:

 Computer has become integral parts of the modern day homes and workplaces. Countries
around the world continue to exhibit an encouraging trend of computer usage. Most
academic institution has invested in the best technology to keep their students equipped
and informed. As for the workplace, there is a gradual trend towards a possible future
brimming with ‘paperless and selfless offices’. The dependence on computer is increasing by
the day as we are faced with better and faster machines geared up to fulfill operations that
were not even imagined a few years back. The usage of computers have opened up newer
possibilities for commerce and given fresh lease of life to several industries. The flexibility
and economic feasibility of the Internet has transformed the cyberspace into a colossal
market abundant with opportunities. The cyberspace knows no boundaries, no parameters
and no precincts as it connects people around the world. The cyber world has rendered our
physical tangible world a much smaller place with distance and time being no longer
constraints of the modern day human. Computer and their influences have traveled into
almost every sector. Business, travel, education, entertainment or any other industry cannot
comprehend progress without the help of these machines, which look innocuous enough to
be underestimated of their potential. Students, professional and organizations around the
world need to understand the inescapable truth that computer are here to stay and in
definite future, it might be difficult to even move an inch without it having an effect on us.
Considering the present trend, it has become almost obligatory for everyone to understand
the jurisprudence that countries worldwide have framed to regulate and control the use of
computers.14

For the past several years, many countries have been concentrating on the awareness on
questions of about the governance of cyberspace. The question of who controls the Internet
is directly related to the question who wants to control the Internet. From the moment that
the Internet was opened up to commercial activity many different groups wanted to
dominate, such as user, communication companies, ISPs, and the government. Of them all,
the most objected was the government intervention, yet it is governments that have
managed to exert the most control.


14
     Zulfiquar Ahmed, ibid, pp.39 – 52.

                                                                                         pg. 8
However as Internet has grown in our country, the need has been felt to enact the
appropriate cyber laws, which are indispensable to legalize and regulate Internet in
Bangladesh. The need for cyber laws was propelled by numerous factors. The arrival of
Internet signaled the commencement of the rise of new and intricate legal issues. Despite
the brilliant acumen of our master draftsman, the requirement of cyberspace could hardly
ever be anticipated. As such, the coming of the internet led to the emergence of numerous
ticklish legal issues and problem which necessitated the enactment of cyber laws. The
existing laws of Bangladesh, even with the most generous and moderate interpretation,
could not be interpreted in the light of the promising cyberspace, to consist of all aspect
relating to different activities in cyberspace. There are no existing laws that assigned any
legal validity or sanction to the activities in cyberspace, as such, before passing Cyber Law,
email was not “legal” in our country and courts and judiciary in our country had been
reluctant to grant judicial recognition to the legality of email in the absence of any specific
law having been enacted by the parliament. The Government of Bangladesh responded by
coming up with the first cyber law of Bangladesh – The Information and Communication
Technology Act (ICT), 2006. The Cabinet of Minister of Bangladesh has approved the
Information and Communication Technology bill (ICT), 2006 on February 2005 and it has
been enacted on 8th October, 2006.

The ICT Act defines various terms, which are innovative in the legal lexicon in Bangladesh.
The law consists of a preamble, 97 sections and four schedules. Cyber Laws are contained in
the ICT Act, 2006. This Act aims to provide the legal infrastructure for e-commerce in
Bangladesh. And the cyber laws have a major impact for e-businesses and the new economy
in Bangladesh. So, it is important to understand the various perspectives of the ICT Act, 2006
and what it offers.

Historical Background of the Information and Communication Technology Law or Cyber
Law:

Bangladesh Government has recently enacted The Information and Communication
Technology (ICT) Act, 2006 on 8th October, 2006. The law has been made in the shape of the
United Nations Commission on International Trade Law (UNCITRAL) of 1996, which is called
UNCITRAL Model Law on economic commerce. The Model Law does not have any force but
merely serves as a model to countries for the evaluation and modernization of certain
aspects of their laws and practices in the field of communication involving the use of
computerized or other modern techniques, and for the establishment of relevant legislation
where none exists. The law is sometimes called cyber law and sometimes the law of
“Internet” or “Computer”. Bangladesh is the 32nd nations in the world that has cyber
legislation apart from countries like India, Singapore, France, Malaysia and Japan.15


15
     Ibid, p.52.

                                                                                          pg. 9
Sides of Cyber Law or ICT Act of Bangladesh:

Cyber laws are meant to set the definite pattern, some rules and guidelines that defined
certain business activities going through internet legal and certain illegal and hence
punishable. The ICT Act 2006, the cyber law of Bangladesh, gives the legal framework so that
information is not denied legal effect, validity or enforceability, solely on the ground that it
is in the form of electronic record. One cannot regard government as complete failure
shielding numerous e-commerce activities on the firm basis of which this industry has got to
its skies, but then the law cannot be regarded as free ambiguities. 16

The Information and Communication Technology Act (ICT), 2006 also aims to provide for the
legal framework so that legal sanctity is accorded to all electronic records and other
activities carried out by electronic means. The Act states that unless otherwise agreed, an
acceptance of contract may be expressed by electronic means of communication and the
same have legal validity and enforceability. Some highlights of the Act have been given
below:

Chapter I of the ICT Act 2006 specifically defines some term which are used in ICT sector and
cyber legislation for clearing the concept. This chapter also stipulates the jurisdiction and
superiority of the Act. Extra regional effect of the Act has been discussed in the chapter.

Chapter II of the Act specifically stipulates that any subscriber may authenticate an
electronic record by affixing his digital signature. It further states that any person can verify
an electronic record by use of a public key of the subscriber. The said chapter also details
the legal recognition of Digital Signature and electronic records. Chapter II of the ICT Act
details about Electronic Governance and provides inter alia amongst others that where any
law provides that information or any other matter shall be in writing or in the typewritten or
printed from, then, notwithstanding anything contained in such law, such requires shall be
deemed to have been satisfied if such information or matter is rendered or made available
in an electronic from; and accessible so as to be usable for a subsequent reference.

Chapter III of the ICT Act details for application to the attribution, acknowledgement and
dispatch of electronic records among parties. Chapter IV of the ICT Act provides rules for
secure electronic records & secure digital signature. Chapter V of the said Act gives a
scheme for regulation of Certifying Authorities. The Act envisage a Controller of Certifying
Authorities who shall perform the function of exercising supervision over the activities of
the Certifying Authorities as also laying down standards and conditions governing the

16
     Ibid, p.53.

                                                                                         pg. 10
Certifying Authorities as also specifying the various forms and content of Digital Signature
Certificates. The Act recognizes the need for foreign Certifying Authorities and it further
details the various provisions for the issue of license to issue Digital Signature Certificates.
Chapter VI of this Act details about applying the security procedure, acceptance of Digital
Signature Certificate, obtaining Digital Signature Certificate and Control of Private Key. The
duties of subscribers are enriched in this said Act. Chapter VII & VIII of the ICT Act talks
about penalties, adjudication, investigation, judgment and punishment for various offences.
The penalties for damage to computer, computer systems etc. has been fixed as damages by
way of compensation not exceeding Tk. 1,00,00,000 to affected persons. The Act talks of
appointment of any officer not below the rank of a Director to the Government of
Bangladesh or an equivalent officer of state government as an Adjudicating Officer who shall
adjudicate whether any person has made a contravention of any of the provision of the said
Act or rules framed there under. The said Adjudicating Officer has been given the power of a
civil court. Chapter VIII of the Act also talks of the establishing of the Cyber Regulations
Appellate Tribunal, which shall be an appellate body where appeals against the order passed
by the Adjudicating Officer, shall be preferred. Chapter – VIII of the Act talks about various
offences and the said offences shall be investigated only by a Police Officer not below the
rank of the Deputy Superintendent of police. Chapter IX of the Act details about police
servant, protection of action taken in good faith. The said Act also proposes to amend the
Penal Code, 1860, the Evidence Act, 1872, the Bankers’ Books Evidence Act, 1891 to make
them in tune with the provision of the ICT ACT.17

Objective of the ICT Act, 2006:
          The preamble of the ICT Act, 2006 declares that, an Act to provide legal
recognition for transaction carried out by means of electronic data interchange and other
means of electronic communication, commonly referred to as “electronic commerce”,
which involve the use of alternative to paper-based methods of communication and storage
of information, to facilitate electronic filing of documents with the Government agencies
and further to amend the Penal Code, 1860, the Evidence Act, 1872 and the Bankers’ Books
Evidence Act, 1891 and for matters connected therewith or incidental thereto. The object of
the ICT Act, 2006, has been illustrated by the Law Commission’s Final Report to give effect to
the following purposes:

       1. To facilitated electronic communications by means of reliable electronic records;
       2. to facilitate electronic commerce, eliminate barriers to electronic commerce
          resulting from uncertainties over writing and signature requirements, and to
          promote the development of the legal and business infrastructure necessary to
          implement secure electronic commerce;


17
     Ibid, pp.53-55.

                                                                                        pg. 11
     3. To facilitate electronic filing of documents with government agencies and statutory
        corporation, and to promote efficient delivery of government services by means of
        reliable electronic records;
     4. To minimize the incidence of forged electronic records, intentional and unintentional
        alteration of records, and fraud in electronic commerce and other electronic
        transaction;
     5. To help to establish uniformity of rules, regulations and standards regarding the
        authentication and integrity of electronic records; and
     6. To promote public confidence in the integrity and reliability of electronic records and
        electronic commerce, and to faster the development of electronic commerce
        through the use of electronic signatures to lend authenticity and integrity to
        correspondence in any electronic medium.18

Establishment & Jurisdiction of Cyber Tribunal in Bangladesh:

Government of Bangladesh by gazette notification, for the purpose of quick and effective
trial of crimes committed under the Act, may establish one or more cyber tribunal,
sometimes which is stated later as tribunal under section 68(1) of the ICT Act. The cyber
tribunal that is stated in section (1) of the section will comprise of a session judge or an
assistant session judge appointed by the government with consulting with the Supreme
Court; and such a judge appointed will be introduced “judge, cyber tribunal”.19 The cyber
tribunal under the section may be given jurisdiction of whole Bangladesh or one or more
session jurisdiction; and the tribunal will only judge the cases of crimes under the Act.20 The
special tribunal may sit and continue its procedure on a place at a certain time and
government will dictate all this by its order.21

Establishment & Jurisdiction of Cyber Appellate Tribunal in Bangladesh:
The ICT Act envisages the establishment of the Cyber Appellate Tribunal at one or more
places as the government may deem fit. Section 82(1) of the ICT Act provides that the
government shall, by notification in the Official Gazette, establish one or more appellate
tribunals to be known as the Cyber Appellate Tribunal. The cyber appellate tribunal will be
comprised of a chairman and two members appointed by the government.22 The chairman
will be such a person, who was a justice of the Supreme Court or is continuing his post or
capable to be appointed as such and one of the member will be as an appointed judicial
executive as a district judge or he may be retired and the other will be a person having the
knowledge and experience in information and technology that is prescribed. 23The chairman

18
   Ibid, p.57.
19
   The Information and Communication Technology Act, 2006, s. 68(2).
20
   Ibid, s. 68(3).
21
   Ibid, s. 68(4).
22
   Ibid, s. 82(2).
23
   Ibid, s. 82(3).

                                                                                        pg. 12
and the members will be in their post minimum 3 years and maximum 5 years and the
conditions of their service will be decided by the government.24 The Cyber Appellate
Tribunal shall have the power to hear and settle the appeal made against the judgment of
cyber tribunal and session court.25 The appeal tribunal will have authority of supporting,
canceling, changing, or editing the judgment of the cyber tribunal.26 The decision of the
appellate tribunal will be final. The Cyber Appellate Tribunal does not seem to be vested
with any original jurisdiction; it has been vested with the powers of a Civil Court in respect
of, inter-alia,
     a. Summoning and examining of witnesses
     b. Requiring production of document
     c. Receiving evidence
     d. Issuing commissions and
     e. Reviewing its decisions.27




24
   Ibid, s. 82(4).
25
   Ibid, s. 83(1).
26
   Ibid, s. 83(2).
27
   Zulfiquar Ahmed, ibid, pp.150-52.

                                                                                        pg. 13
                                         Chapter 4

                            Cyber-laws in different country
United Kingdom: The Computer Misuse Act, 1990 is an Act of the UK Parliament. The Act’s
introduction followed the decision in R v Gold,28 with the bill’s critics charging that it was
introduced hastily and was poorly throughout. Intention they said was often difficult to
prove, and that the bill inadequately differenced “joyriding” crackers like Gold and Schifreen
from serious computer criminals. The Act has nonetheless become a model upon which
several other countries including Canada and the Republic of Ireland, have drawn inspiration
when subsequently drafting their own information security laws.29

The Computer Misuse Act became effective in August1990. Under the Act hacking and the
introduction of viruses are criminal offences. Universities and colleges need to co-operate to
take action under the Act as the offences are likely to be committed by members of
universities and colleges, students in particular, and are often perpetrated on machines or
network within the sector. For offences committed within the higher education sector
institutions may wish to use the speedier process of internal disciplinary measures rather
than resort to the law. The aim of this Guidance is to ensure that universities recognize the
seriousness of these offences and to encourage a greater degree of common practice in
dealing with the people who carry out these actions, whether action is taken under the
criminal law or thought the use of disciplinary procedures.30

The Act identifies three specific offences:

     1. Unauthorized access to computer material (that is a program or data).
     2. Unauthorized access to a computer system with inters to commit or facilitate the
        commission of a serious crime.
     3. Unauthorized modification of computer material.

The Act defines (1) (the basic offence) as a summary offence punishable on conviction with
a maximum prison sentence of six months or both. The Act goes on to describe offences (2)
and (3) as triable either summarily or on indictment, and punishable with imprisonment for
a term not exceeding five years or fine or both. These sentences clearly reflect the perceived



28
   (1988) 1 AC 1063.
29
   Ibid, p.180.
30
   Ibid, pp.180-81.

                                                                                      pg. 14
gravity of the offence and would imply that universities should take an equally serious view
of hacking or virus proliferation.31

Position in US:

There are two ways, conceptually, to address the growing compute crime problem. The first
would be to comb thought the entire United States Code, identifying and amending every
statute potentially affected by the implementation of new computer and
telecommunications technologies. The second would be to focus substantive amendments
on the Computer Fraud and Abuse Act, 1984 to specifically address new abuses that spring
form the misuse of new technologies.

 The new legislation adopts the later approach for a host of reason: The United States, in a
single statute, continues to address the core issues driving computer and information
security at both domestic and international levels; that is, protecting the confidentiality,
integrity, and availability of data and systems. By patterning the amended Computer Fraud
and Abuse Act on the OECD guidelines, the U.S. is at the forefront of rethinking how
information technology crimes must be addressed-simultaneously protecting the
confidentiality, integrity, and availability of data and systems. In most cases, a single point of
reference-The Computer Fraud and Abuse Act, 18 U.S.C § 1030 is provided for investigators,
prosecutors, and legislators as they attempt to determine whether a particular abuse of
new technology is covered under federal criminal law.

As new technologies are introduced and the criminal law requires reconsideration, fine-
tuning § 1030 may well be adequate, and it will not be necessary to continually parse
thought the entire United Sates Code. This statutory scheme will give us a better
understanding of the scope of the computer crime problem by enabling more reliable
statistics to be generated regarding computer abuse. Under current law, computer crimes
can be charged under a host of criminal statutes.

Last, 18 § 1030 (f) specifically provides that certain government officials, if engaging in
lawfully authorized investigative, protective, or intelligence activities, are not restricted by §
1030. By amending only 18 U.C.C. § 1030 to address new high-tech offenses, this exception
clearly continues to apply to any newly defined criminal conduct.32

                            Position of different organization
The global world network, which united millions of computers located in different countries
and opened broad opportunities to obtain and exchange information, is used with criminal
purposes more and more often. The introduction of electronic money and virtual banks,

31
     Ibid, p.181.
32
     Ibid, pp.185-88.

                                                                                          pg. 15
exchanges and shops became one of the factors of the appearance of a new kind of crime-
transnational computer crimes. Today law enforcement face tasks of counteraction and
investigation of crimes in the sphere of computer technologies, cyber-crimes. Still the
definition of cyber-crime remains unclear to law enforcement, though criminal actions on
the Internet pose great social danger. Transnational character of these crimes gives the
grounds to say that development of a mutual policy to regulate main problem should be a
part of every strategy to fight cyber-crime.33

Anonymity and absence of frontiers makes the Internet an efficient weapon in hands of
criminals. Investigation and prevention of computer crimes turns into a “headache” of law
enforcement officer. In the virtual space criminals usually act form sites in other countries.
In such cases it is necessary to cooperate with foreign law enforcement agencies, and that is
possible not always. Taking into consideration that globalization of such crime, it is more
and more obvious that so State is able to cope with such threats independently. During
investigation of transnational cyber-crimes law enforcement of a concrete State, authorities
of which extend only on its territory exclusively, should cooperate with each other in
accordance with international legal documents accepted by these countries. Depending on
relations between interested countries and corresponding information or other facts, a
necessary to develop additional authorities and procedures on investigating of such crimes
may appear.34

One of the most serious steps taken on regulate this problem was the adoption of Cyber
Crime Convention by European Council on 23 November 2001, the first investigating
agreement on judicial and procedural aspects of investigating and prosecuting on judicial
and prosecuting cyber-crimes. It specifies efforts coordinated at the national and
international level and directed at preventing illegal intervention into the work of
computer systems. The Convention stipulates actions targeted at national and
intergovernmental level directed to prevent unlawful infringement of computer system
functions. The Convention divides forbidden content (racist websites and child porn
content) and breaking copyright laws.35

There are various initiatives taken by the Organizations worldwide from time to control the
growing of cyber-crime. Some of the initiatives taken by various organizations are:

The United Nation:

 A Resolution on combating the criminal misuse of information technologies was adopted by
the General Assembly on December 4, 2000 including as followings:


33
   R. K. Chaubey, ibid, p.167.
34
   Ibid, pp.167-168.
35
   Ibid, p.168.

                                                                                      pg. 16
     a) States should ensure that their laws and practice eliminate safe havens for the those
        who criminally misuse information technologies.
     b) Legal systems should protect the confidentiality integrity and availability of data and
         computer systems from unauthorized impairment and ensure the criminal abuse is
         penalized.36

The Council of Europe:
Convention on Cyber Crime of 2001 is a historic milestone in the combat against cyber-
crime. Member States should complete the ratification, and other States should consider
the possibility of acceding to the Convention or evaluate the advisability of implementing
the principles of the Convention. With the Council of Europe Convention on Cyber Crime and
the recommendations from, G8, OAS, and APEC, we may reach our goal of a global legal
framework against cyber-crime. By ratifying or acceding to the Council of Europe Convention
of Cyber Crime or implementing the principles States agree to ensure that their domestic
laws criminalize conducts described in the substantive criminal law section and establish the
procedural tools necessary to investigation and prosecute such crimes. This is the
harmonizing of national legal approaches on cyber-crime.37

The council of Europe established a Committee of Experts on Crime in Cyber-Space in 1997.
The committee prepared a proposal for a Convention on Cyber Crime, and the Council of
Europe Convention on Cyber Crime was adopted and opened for signatures at a Conference
in Budapest, Hungry, 2001, The convention entered into force on July 1, 2004. As of
February 2007, the total numbers of signatures not followed by ratifications are 22
countries. The total number of ratifications/accessions at present is 21.38


The European Union:
                 In the European Union, the Commission of the European Communities
presented on April 19, 2002 a proposal for a Council Framework Decision on attacks against
information systems. The proposal was adopted by the Council in 2005 and includes Article
2: Illegal access to Information System, Article 3: Illegal System Interference and Article 4:
Illegal Date Interference.39

Article 2: Illegal access to Information systems:
                1. Each Member State shall take the necessary measures to ensure that the
intentional access without right to the whole or any part of an information system is
punishable as a criminal offence, at least for cases which are not minor.


36
   Ibid, p.169.
37
   Ibid, p.169.
38
   Ibid, pp.169-70.
39
   Ibid, p.170.

                                                                                        pg. 17
2. Each Member State may decide that the conduct referred to in paragraph I is
incriminated only where the offence is committed by infringing a security measure.

Article 3: Illegal system interference:

Each Member State shall take the necessary measures to ensure that the intentional serious
hindering or interruption of the functioning of an information system by inputting,
transmitting, damaging, deleting, deteriorating, altering, suppressing or rendering
inaccessible computer data is punishable as a criminal when committed without right at
least for cases which are not minor.

Article 4: Illegal data interference:

Each Member State shall take the necessary measures to ensure that the intentional
deletion, damaging, deterioration, alteration, suppression or rendering inaccessible of
computer date on an information system is punishable as a criminal offence when
committed without right, at least for cases which are not minor.40

ASEAN:

 The Association of Southeast Asian Nations (ASEAN) has established high level Ministerial
Meeting on Transnational Crime (AMMTC). At the Meeting in Bangkok, January 8, 2004, a
statement included cyber-crime was recognized and the need for an effective legal
cooperation to enhance the fight against transnational crime. A plan of Action to Implement
the Joint Declaration on ASEAN China Strategic partnership for paces and prosperity was
signed on October 8, 2003, in Bali, Indonesia. ASEAN and China will purses the following
joint actions and measures.41

Formulate Cooperative and emergency response procedures for purposes of maintaining
and enhancing cyber security and preventing and combating cyber-crime.In a statement
from ASEAN Regional Forum (ARF) on July 2006 it was emphasized that: “Believing that an
effective fight against cyber tacks and terrorist misuse of cyberspace requires increased
rapid and well-functioning legal and other forms of cooperation.”42

APEC:

The Ministers and leaders of the Asia Pacific Economic Cooperation (APEC) have at a
meeting in 2002 made a commitment to: “Endeavor to enact a comprehensive set of laws
relation to cyber security and cyber-crime that are consistent with the provision of
international legal instruments, including United Nations General Assembly Resolution 55/63


40
   Ibid, pp.170-71.
41
   Ibid, p.171.
42
   Ibid, p.171.

                                                                                      pg. 18
(2000) and Convention on Cyber-crime (2001) by October 2003.”In a Ministerial Meeting in
Santiago, Chile, November 2004, it was agreed to strengthen the respective economies
ability to combat cyber-crime by enacting domestic legislation consistent with the
provisions of international legal instruments including the Convention on Cyber Crime
(2001) and relevant United General Assembly Resolutions.43

G-8 States:

The G-8 States established in 1997 the Subgroup of High-Tech Crime. At a meeting in
Washington DC in 1997 the G8 countries adopted Ten Principles in the combat crime. The
goal was to ensure that no criminal receives safe havens anywhere in the world. At the last
Meeting of G8 Justice and Home Affairs Ministers in Washington DC, on May, 2004, a joint
communiqué was including as follows:         “Continuing to Strengthen Domestic Laws. To
truly build globe capacities to combat terrorist and criminal uses of the Internet, all
countries must continue to improve laws that criminalize misuses of computer network and
that allow for faster cooperation on Internet related investigations, with the council of
Europe’s Convention on Cyber-crime coming into force on July 1, 2004 we should take steps
to encourage the adoption of the legal standards it contains on a broad basis.”44

In a statement from the G8 Meeting in 2002 a goal was emphasized: “To ensure that law
enforcement agencies can quickly respond to serious cyber threats and incidents.”

At the Moscow Meeting in 2006 in for the G8 Justice and Home Affairs Ministers discussed
cyber-crime and issues of cyberspace. In a statement it was emphasized:

“We also discussed issue related to shoring accumulated international experience in
combating terrorism as well as comparative analysis of relevant pieces of legislation on that
score. We discussed the necessity of improving effective countermeasures that will prevent
IT terrorism and terrorist acts in this sphere of high technologies. For that it is necessary to
device a set of measures to prevent such possible criminal acts including in the sphere of
telecommunication. That includes and application of viruses and other harmful computer
program. We will instruct our experts to generate unified approaches to fighting cyber
criminality and we will need an international legal base for this particular work, and we will
apply all of that to prevent terrorist from using computer and Internet sites to prevent
terrorists and the recruitment of other illegal actors.” 45

Organization of American States:
         The Ministers of Justice or Ministers or Attorneys General of the Americas in the
Organization of American States (OAS) recommended in Peru in 1999 the establishment of a

43
   Ibid, p.171-72.
44
   Ibid, p.172.
45
   Ibid, pp.172-73.

                                                                                         pg. 19
group of government experts on cyber-crime. At a meeting in Trinidad and Tobago in 2002
recommendations were adopted giving the Group of experts the following mandate:
                                                                                   “To
consider the Preparation of pertinent inter-American legal instruments and model
legislation for the purpose of strengthening hemispheric cooperation in combating cyber-
crime. Consideration of recommendation was discussed at a meeting in Washington DC
June 2003. The Fifth Meeting of Ministers of Justice or of Ministers or Attorneys General of
the Americas in Washington DC on April 2004, approved conclusions and recommendation
to the General Assemble of the OAS including as follows: “That Member States evaluate
the advisability of implementing the principles of the Council of Europe Convention on
Cyber-crime (2001) and consider the possibility of acceding to the convention.”46

The General Assembly of the Organization of American States requested at the Meeting on
June 7, 2005, the Permanent Council to convene the meeting of the Group of Government
Experts on Cyber-crime. The organization of American States in cooperation with the council
of Europe and Spain, organized a conference in Madrid on December 2005. This conference
was titled Cyber Crime a Global Challenge a Global response. Among the conclusion was
adopted: “Acknowledge the importance of the only international treaty in this field: the
convention on Cyber-crime which is open to all states as well as the importance of
strengthening the international legal framework; Strongly encourage States to consider the
possibility of becoming Parties to this Convention in order to make use of effective and
compatible laws and tools to fight cyber-crime at domestic level and on behalf of
international cooperation Recognize the need of pursuing cooperation providing technical
assistance and organizing similar events in other regions of the world.”47

The permanent council of the Organization of American States resolves on December 15,
2005. That the Group of Government experts on cyber-crime should meet on February 27-
28, 2006. For the purpose of carrying out the mandates referred to in the conclusions and
recommendations of the fifth Meeting of Ministers of Justice on April 28-30, 2004.

The Agenda included also: Challenges on accessing drafting and amending legislation
consistent with the principles, substantive and procedural law of the council of Europe
convention on cyber-crime (2001).48

At the Sixth Meeting of Ministers of Justice in June 2006 it was made a statement as follows:
“…continue to strengthen cooperation with the council of Europe so that the OAS member
states can give consideration to applying the principles of the council of Europe’s
Convention on Cyber Crime and to acceding thereto, and to adoption the legal and other


46
   Ibid, p.174.
47
   Ibid, p.174.
48
   Ibid, p.174.

                                                                                      pg. 20
measures required for its implementation. Similarly that efforts continue to strengthen
mechanisms for the exchange of information and cooperation with other international
organizations and agencies in the area of cyber-crime, such as the United Nation, the
European Union, the Asia Pacific Economic co-operation and Development, the G-8, the
commonwealth and Interpol in order for the OAS member states to take advantage of
progress in those forums.”49




                                         Chapter 5

                              Punishment for cyber-crime

Cyber-crime is a type of crime that not only destroys the security system of a country but
also its financial system. One supporter of legislation against cyber-crime, Rep. Lamar Smith
(R-Texas), stated, "Our mouse can be just as dangerous as a bullet or a bomb." Cyber
attackers should be penalized and punished severely and most cyber-crimes have penalties
reflecting the severity of the crime committed. Although in the past many laws against
cyber-crimes were insufficient, law enforcement agencies and governments have recently
proposed many innovative plans for fighting cyber-crimes.

Cybercrime must be dealt with very seriously because it causes a lot of damage to
businesses and the actual punishment should depend on the type of fraud used.

The penalty for illegally accessing a computer system ranges from 6 months to 5 years. The
penalty for the unofficial modification on a computer ranges from 5 to 10 years. Other
penalties are listed below:

Telecommunication service theft: The theft of telecommunication services is a very common
theft and is punished with a heavy fine and imprisonment.

Communications intercept crime: This is a Class-D crime which is followed by a severe
punishment of 1 to 5 years of imprisonment with a fine. Other cyber-crimes like
telecommunication piracy, offensive material dissemination, and other cyber frauds also
belong to this category.

Information Technology Act-2000: According to this act, different penalties are available for
different crimes. Some of the penalties are as follows:



49
     Ibid, pp.174-75.

                                                                                      pg. 21
Computer source document tampering: The person who changes the source code on the
website or any computer program will get a punishment up to 3 years of imprisonment or
fine.

Computer hacking: The individual who hacks the computer or computer devices will get an
imprisonment up to 3 years or a fine.

Government protected system: An act of trying to gain access to a system which is a
protected system by the government, will result in imprisonment for 10 years and a heavy
fine.

The introduction of such penalties have led to a drastic reduction in the cyber-crime rates as
more and more criminals are becoming aware of the penalties related to them. Spreading
the word about the penalties of cyber-crime can serve as a deterrent against such crime.

Penalties relating to cyber-crime will vary depending on the country and legislation in
place.50




50
     http://www.spamlaws.com/cyber-crime-punishment.html

                                                                                      pg. 22
                                          Chapter 6

                       How to protect society from cyber-crime
In spite the variety issues related to different aspects of prevention of transnational
computer crime the following basic problem could be defined which should be immediately
addressed within the framework of international cooperation:           Imperfection of the
legislation in the sphere of combating transnational computer crime. Criminal sanctions on
national and international level do not ensure good protection from computer crime
because of absence of precise clarifications of computer crime in the laws or because
difficult of interpretation and application of these laws restrict the law enforcement activity.
Therefore, policy and law makers should perform consequent activities on development of
the new legal norms and relevant sanctions creating necessary mechanism for law
enforcement judge and prosecution activity which could prosecute and punish the guilt in
computer crime. Weak specialized professional training for officers of law enforcement
agencies related to prevention and investigation of transnational computer crime.
Conducting the investigation measures related to search, seizure and arresting the
computer machinery has certain peculiarities. First, specially trained personal able to duly
conduct these actions are required. Second, upon the arrest of information the possibility of
its modification and termination should be excluded. These actions should be conducted
within minimum period of time, taking into account the speed of receiving the information.
Third, careful analysis of the records about connections to Internet of tech computer system
should be made prior to arrest of this system. This is necessary for full procedure of
conducting the measures on arrest and seizure of evidences. Therefore, conducting
investigation and operative search measures upon investigation of computer crime has
certain range of peculiarities and requires special background.

                                                                                        pg. 23
These are no specialized response teams similar to Computer Emergency Response Team
(CERT) in every country. The creation of special response teams on the lines of CERT is a very
important task. If it is not solved in the nearest future both the individual country and other
countries may suffer.

 Non-availability of the coordinated criminalization of computer hacking and hacking devices
illegal interception of data and interference in to the work of computer systems may
prevent.51

The growth of cyber-crimes parallel with the weak legal control over them turn into a
certain vicious which could only be broken by the proper unity of criminal law strategies of
struggle with crimes of this kind. And international cooperation should become an
important constituent part of such strategy as it is obvious that it is practically impossible to
control of transnational computer crimes at a level of separate States. These are problems
to be urgently solved by international community in the sphere of struggle with cyber-
crimes on the threshold of the 21st century.

Prevention of Cyber Crime
Nowadays, the one place that people thought they were secure could be one of the most
dangerous areas in society. Computer use is increasingly spreading and more and more
users are connecting to the Internet. The Internet is a source for almost anybody to access
manipulates and destroys others’ information. These “criminal directly related to the use of
computers, specifically illegal trespass into the computer system or database of another,
manipulation or theft of stored on line data, or sabotage of equipment and data” are
defined as computer crimes according to the American heritage dictionary. Even through
companies strive hard to prevent these criminal activities companies are still fighting a
losing war against computer invasions. Although computer “hacking” has become a growing
concern, much is being done to address this problem.52 To better understand the situation
users and companies must be aware of the indicators that problems with computer crime
exist. One of these indicators is that many companies are involved in computer crimes.
Eighty five percent of computer reported security breaches in their systems, and 94%
detected viruses in their systems in 2001. Furthermore, the U.S. Defense Department was
also hacked many times. It alone was hit by about 250,000 hacks in 1995. These hacks aren’t
minor; hacks cost a lot of money in damage. Hacking resulted in a cost of about 377 million
dollars. This problem is also rising and needs to be quelled. Break-ins are rising rapidly and
double every year.53




51
   Ibid, pp.175-76.
52
   Ibid, pp.176-77.
53
   Ibid, p.177.

                                                                                          pg. 24
 Each of the aforesaid characteristics of cyber-crime ought to be considered while devising
effective measures of checking preventing and punishing cyber cries which threaten the
global community. Besides deterrent laws the following are the strategies which are
required to be adopted simultaneously to deal with the menace of cyber-crime.

Since cyber-crime are crimes of technology, the law enforcement agencies ought to be
trained in the intricacies of technology so as to properly and effectively conduct
investigations, A cyber cop has to be at least a half IT engineer to be a competent cyber-
crime investigator. Since the criminal has the tendency of jumping geographical borders also
called jurisdictional jumping, there has to be co-operation between law enforcement
agencies of different countries. Effective laws of extradition and their implementation are
necessary to bring to trial cyber criminals across borders. These existing extradition treaties
ought to be strengthened by co-operation in the International community. The most
effective weapon to counter cyber-crime is the use of encryption and other security
technologies. It has been said that we need better locks on computers and not on jails to
prevent cyber-crime.

The IT industry must assume responsibility of protecting its own computer systems and
networks by using security technologies and should be not depend upon the law
enforcement agencies to track cyber criminals which are extremely difficult given the
anonymity provided by the Internet. The Government should encourage the use of security
technology’ and should work in close partnership with the private sector. It must facilitate
and encourage research and developing of new security technologies. Govt. should fund and
support research and development and facilities education about the measure to counter
cyber-crime.

Since most cyber-crime is not reported by victims in the IT Industry, it gives protection to
cyber criminals. Cyber-crimes are not reported by victims for fear of eroding the confidence
of customers and the consequent loss of business. It needs to be understood that to
suppress information about cyber-crime having been victimized by cyber-crime amounts to
protection of and encouraging cyber-crime. The private sector must share information
about cyber-crime so as to understand its various forms and ways to deal with them more
effectively.

Last but not least suggestion is that identification of citizens. Anonymity facilities cyber-
crime and thus must yield to the large interest of the society. It is not being advocate that all
contents and interactions on the Internet should be censored. Technological modes of easy
identification of citizens in their interaction should be used only when necessary while
investigation into allegations of cyber-crime thought privacy concerns arc important it has
to be realized that identification of citizens in certain areas such as cyber-crime is equally
necessary.


                                                                                         pg. 25
                       Criminal justice system all over the world, must also remember that
because of certain inherent difficulties in the real cyber-criminal, criminal laws must be
applied so as distinguish between the innocent and the deviant. A restrain must be
exercised on the general tendency to apply the principle of deterrence as a response to
rising cyber-crime, without being sensitive to the right of the accused. Our law makers and
the criminal laws system must not forget the basic difference between an accused and a
convict.54




                                              Chapter 7

       Do we need new laws to protect society from such crimes? (Bangladesh
                                  perspective)
The ICT Act has identified some critical situation, which is not clear to our archaic legal
provisions. The law does something regulate the social norm and then control of
information technology. Ever since the passing of the Information and Communication
Technology Act by parliament, a lot has been said both for and against the Act. Although the
newly enacted Cyber Law has some weakness, something is better than nothing. The
criticism of the Cyber Law of Bangladesh is given below: Internet is a borderless medium; it
spread to every corner of the world where life is possible and hence is the cyber-criminal.
Then how come is it possible to feel relaxed and secure once law is enforced in the nation?

The Act initially was supposed to apply to crimes committed all over the world, but nobody
knows how can this be achieved in practice, how to enforce it all over the world at the same
time? Can we track down the Emil Indian Hacker who recently hacked our 17 district web
portal?55The Act empowers the Deputy Superintendent of Police to look up into the
investigations and filling of charge sheet when any case related to cyber law is called. This
approach is likely to result in misuse in the context of Corporate Bangladesh as companies
have public offices which would come within the ambit “public place” under the Act. As a
result, companies will not be able to escape potential harassment at the hand of the Deputy
Superintendent of Police. Cyber Offences Investigation Police Officer must have relevant
expertise: Under section 80 of the ICT Act, 2006 that a police officer not below the rank of
an Inspector of Police shall investigate any offences under this Act. This section should be


54
     Ibid, pp.178-79.
55
     The Prothom Alo (21 March 2010), p.24.

                                                                                      pg. 26
modified that Inspector of Police and above, must have appropriate ICT knowledge (i.e.
Diploma/Bachelor’s degree in ICT related subject proper training in this area).

The draconian power have been given to police officers that a police officer not below the
rank of an Inspector of Police (IP), or any other officer of the Government authorized by the
Government in this behalf for purpose of investigating and preventing the commission of a
cyber-crime under section of the ICT Act, 2006. The unrestricted power given by the ICT Act
to the said IP includes the power ‘to enter any public place and search and arrest without
warrant any person found therein who is reasonably suspected of having committed or of
committing or being about to commit any offences under this Act’.56 It is very much possible
that the given power may be misused and abused by the said police officers. This law has
given more power to police officer in case of arresting cyber criminals, albeit cyber-crime
detection is very difficult. So, this is similar to section 54 of the Criminal Procedure Code in
case of harassment to public.

Spamming is not an offence under the ICT Act, 2006 in Bangladesh. But Spamming has
become a peril in USA, UK and other developed nations and anti-spamming provision need
to be included. Implementation of Global Cyber Law: Implementation of the law is a big
question mark for any nations’ law enforcing agency. The implementation of the global
cyber law is a big challenge without any law enforcing agencies. But countries can take the
lead in implementation the law within their national boundaries. Like the US, this has cyber-
squatting laws that make cyber-squatting is a punishable offence. But other countries are
very confused and Bangladesh is one of those countries. In fact, the ICT Act 2006 has a
provision wherein the law is not only applicable to Bangladeshi’s citizens but also to any
contravention or any violation done by anybody anywhere in the world is also liable to the
penalties under section 84, which is very impractical unless cyber law related global
agreement is in existence. The provision in section 84 is not clearly defined as to how and
what particular manner, this ICT Act shall apply to any offence or contravention there-under
committed outside of Bangladesh by any person. The ICT Act does not provide extra-
territorial jurisdiction or multi-territorial jurisdiction to law enforcement agencies, but such
powers are basically ineffective. This is because Bangladesh does not have reciprocity like
EU countries and extradition treaties with a large number of countries. “Domain Name” is
the major issue, which related to Internet thoroughly. But the ICT Act, 2006 does not define
        “domain Name” and the rights and liabilities. “Domain Name” owners do not find
any mention in the ICT Act. There is no provision about the Intellectual Property Rights of
“domain Name” owners. These need proper attention. Section 56 of the ICT Act, 2006, that
the order of the Government appointing any person as the Presiding officer of a Cyber
Appellate Tribunal shall be final and shall not be called in question in any manner and no Act
or proceeding before a Cyber Appellate Tribunal shall be called in question in any manner

56
     The Information and Communication Technology Act, 2006, s. 79.

                                                                                        pg. 27
on the ground merely of any defect in the constitution of a Cyber Appellate Tribunal. The
said provisions is a affect the Fundamental rights of the citizens as are enshrined in Chapter
III of the Constitution of Bangladesh and the said provision is not convenient and is likely to
be struck down by the courts. The Government cannot claim immunity in appointment to
Cyber Appellate Tribunal, as the same is contrary to the spirit of the Constitution of
Bangladesh. So, under the Constitution of Bangladesh, all proceeding and Act of the Cyber
Appellate Tribunal are null and void-ab-initio.57

Necessary Recommendation

The ICT Act, 2006 demands amendments of certain Acts for the first step for incorporation
of the Internet into Bangladesh’s legal framework. There is still a long way to go before the
Bangladeshi legal system incorporates and accepts the internet fully. The Evidence Act,
1872, the Bankers’ books Evidence Act, 1891 and the Bangladesh Bank order, 1972 shall be
amended in the manner specified in the Second Schedule, Third Schedule and Fourth
Schedule of this Act.58 And we need to amendment some provisions of the ICT Act, 2006.

In Bangladesh, cyber-crime has to be voluntary and willful, an act or omission that adversely
affects a person property. The ICT Act, 2006 provides the backbone for e-commerce and
Bangladesh’s approach has been to look at e-governance and e-commerce primarily from
the promotional aspects looking at the vast opportunities and the need to sensitize the
population to the possibilities of the information age. There is the need to take in to
consideration the security aspects. In the present global situation where cyber control
mechanisms are important we need to push cyber laws. Cyber Crimes are a new class of
crimes to Bangladesh rapidly expanding due to extensive use of internet. Getting the right
lead and making the right interpretation are very important in solving a cyber-crime.       The
pace of the investigation however can be faster; judicial sensitivity and knowledge need to
improve. Focus needs to be on educating the police and district judiciary. IT Institutions can
also play a role in this area. We need to sensitize our investigators and judges to the
nuances of the system. Most cyber criminals have a counter part in the real world. A lengthy
and intensive process of learning is required. This is an area where learning takes place
every day as we are all beginners in this area. We are looking for solutions faster than the
problems can get invented. We need to move faster than the criminals. The real issue is how
to prevent cyber-crime. For this, there is need to raise the probability of apprehension and
conviction. Bangladesh has a law on evidence that considers admissibility, authenticity,
accuracy, and completeness to convince the judiciary. The challenge in cyber-crime cases
includes getting evidence that will stand scrutiny in a foreign court. For this Bangladesh
needs total international cooperation with specialized agencies of different countries. Police
has to ensure that they have seized exactly what was there at the scene of crime, is the

57
     Ibid, pp.61-69.
58
     Ibid, p.61.

                                                                                        pg. 28
same that has been analyzed and report presented in court is based on this evidence. It has
to maintain the chain of custody. The treat is not form the intelligence of criminals but form
our ignorance and the will to fight it.




                                                 Conclusion
As we move forward into the 21st century, technological innovations have paved the way for
us to experience new and wonderful conveniences in the how we are educated, the way we
shop, how were entertained and the manner in which we do business. Capacity of human
minds is immeasurable. It is not possible to eliminate cyber-crime form the cyber space. It is
quite possible to check them. History is the witness that no legislation has succeeded in
totally eliminating crime from the globe. The only possible step is to make people aware of
their rights and duties and further making the application of the laws more stringent to
check crime. Undoubtedly the ICT Act is a historical step in the cyber world. Further it
cannot be denied that there is a need to bring changes in the Information Technology Act to
make it more effective to combat cyber-crime law are not made so stringent that it may
retard the growth of the industry and prove to be counter-productive. The Penal Code, 1860
was found insufficient to cater to the needs of new crimes emerging from Internet
expansion. Even some of the traditional crimes such as conspiracy, solicitation, securities,
fraud, espionage etc. are now being committed through Internet which necessitates a new
law to curb them. It was in the background that the ICT Act, 2006 was enacted in Bangladesh
for prevention and control of cyber-crimes. Prior to the enactment of this Act, the law
applicable to cyber offences was the Penal code, 1860 which was enacted long back in 1860
when no one even thought of computer technology or cyber criminality. With the coming
into force of ICT Act, 2006, it become necessary to introduce certain consequential change
in certain provisions of the Penal Code, 1860 as also in the Evidence Act, 1872, in order to
meet the new requirements of the cyber space crimes.59

However, the conception of cyber-crime is relating to the age of information super highway
of the contemporary world. Now-a-days crimes are spreading at an alarming rate in the field
59                                               th
     N. V.Paranjape, Criminology and Penology, 13 ed., (Allahabad: Central Law Publications,2008-09), p.141.

                                                                                                      pg. 29
of online communication system by the intellectual criminals. Through the development of
technology crimes have been developing in different ways and means. So laws should be
developed in such a way that crimes in the field of technological arena can be controlled in
an iron hand. But no such effective legal provisions exist at home and abroad. Though there
are some laws and convention, they cannot be implemented due to some technical
difficulties like procedural complexities and lack of proper executing system. Taking these
advantages, the criminals are occurring heinous crimes like Hacking, Sending malicious
mails, spreading vulgar pictures, cyber terrorism & and illegal using of intellectual
properties. It causes harm to the privacy of individuals as well as creates threat to the
international peace and solidarity. Now it is the demand of time to prevent such type of
crimes for keeping individual privacy as well as international peace and security. Every
country of the world can enact effective legal provisions within the purview of their national
boundary to protect cyber-crimes. United Nations can also take necessary steps to prevent
cyber-crimes from the cyber space.60




60                                                                             st
  Abdul Halim& N. E. Siddiki, The Legal System of Bangladesh after Separation, 1 ed., (Dhaka: University
Publications, 2008), p.387.


                                                                                                     pg. 30
                                        References



BOOKS
1. Abdul Halim& N. E. Siddiki, The Legal System of Bangladesh after Separation, 1st ed.,
(Dhaka: University Publications, 2008).

2. N. V. Paranjape, Criminology and Penology, 13th ed., (Allahabad: Central Law Publications,
2008-09).

3. R. K. Chaubey, An Introduction to Cyber Crime and Cyber Laws, 1sted., (Kolkata: Kamal Law
House, 2009).


4. Zulfiquar Ahmed, A Text Book on Cyber Law in Bangladesh, 1st ed., (Dhaka: National Law
Book Company, 2009).




STATUTES
1. The Constitution of the People’s Republic of Bangladesh.
2. The Computer Misuse Act (1990).
3. The Computer Fraud and Abuse Act, 1984.
4. The Information and Communication Technology Act (ICT), 2006.
5. The United Nations Commission on International Trade Law (UNCITRAL), 1996.

                           6. The Penal Code, 1860.

                                                                                      pg. 31
7. The Evidence Act, 1872.
8. The Bankers’ Books Evidence Act, 1891.
9. The Criminal Procedure Code, 1898.
10. The Bangladesh Bank order, 1972.
11. The Lunatic Act, 1912.
12. The Convention on Cyber Crime, 2001.

JOURNAL
1. M. Abul Hasanat, ‘Cyber Crime: An Ill-going Techno - Culture’, Journal of Law, Vol. i, no.1
(June 2003).



NEWSPAPER

1. The Prothom Alo (21 March 2010).




ELECTRONIC DATA

1. Maya Babu, ‘What is cybercrime’ (Mysore GrahakaraParishat), 11 October 2004,
[http://www.crime-research.org/analytics/702/, Last visited 25 March 2010].


2. [http://en.wikipedia.org/wiki/Cyber_crime, Last visited 25 March 2010].


3. [http://www.techterms.com/definition/cybercrime, Last visited 25 March 2010].



4. Joe Thomas, ‘Cybercrime: A revolution in terrorism and criminal behavior creates change
in the criminal justice system’, 21 July 2006,
[http://www.associatedcontent.com/article/44605/cybercrime_a_revolution_in_terrorism.
html?cat=37., Last visited 25 March 2010].


5. M. E. Kabay, ‘Salami fraud’ (Network World Security Newsletter), 24 July 2002,
[http://www.networkworld.com/newsletters/sec/2002/01467137.html, Last visited 25
March 2010].



                                                                                        pg. 32
6. DaBoss ..., ‘Logic Bombs’ (VTutor Introduction), 3 May 2006
[http://www.cknow.com/cms/vtutor/logic-bombs.html, Last visited 20 March 2010].




                                                                                  pg. 33
pg. 34
pg. 35
pg. 36
pg. 37
pg. 38
pg. 39
pg. 40
pg. 41
pg. 42
pg. 43
pg. 44
pg. 45

								
To top