Cyber (Computer) Laws

Welcome

In the laws section you will learn about laws that are important to the cyber world. These laws will help you make better judgements when you are in the cyber world. The laws in this section may be referenced in other sections.

Categories of Cyber Crime

Generally, there are three major categories of cybercrimes that you need to know about. These categories include:

• Crimes Against People: While these crimes occur online, they affect the lives of actual people. Some of these crimes include cyber harassment and stalking, distribution of child pornography, various types of spoofing, credit card fraud, human trafficking, identity theft, and online related libel or slander.
• Crimes Against Property: Some online crimes happen against property, such as a computer or server. These crimes include DDOS attacks, hacking, virus transmission, cyber and typo squatting, computer vandalism, copyright infringement, and IPR violations.
• Crimes Against Government: When a cybercrime is committed against the government, it is considered an attack on that nation's sovereignty and an act of war. Cybercrimes against the government include hacking, accessing confidential information, cyber warfare, cyber terrorism, and pirated software.

Most of these types of cybercrimes have been addressed by the IT ACT of 2000 and the IPC. Cybercrimes under the IT ACT include:

• Sec. 65, Tampering with Computer Source Documents.
• Sec. 66, Hacking Computer Systems and Data Alteration.
• Sec. 67, Publishing Obscene Information.
• Sec. 70, Unauthorized Access of Protected Systems.
• Sec. 72, Breach of Confidentiality and Privacy.
• Sec. 73, Publishing False Digital Signature Certificates.

Special Laws and Cybercrimes under the IPC include:

• Sending Threating Messages by Email, Indian Penal Code (IPC) Sec. 503.
• Sending Defamatory Messages by Email, Indian Penal Code (IPC) Sec. 499
• Forgery of Electronic Records, Indian Penal Code (IPC) Sec. 463
• Bogus Websites & Cyber Fraud, Indian Penal Code (IPC) Sec. 420 Email Spoofing, Indian Penal Code (IPC) Sec. 463 Web-Jacking, Indian Penal Code (IPC) Sec. 383
• Email Abuse, Indian Penal Code (IPC) Sec. 500

There are also cybercrimes under the Special Acts, which include:

• Online Sale of Arms Under Arms Act, 1959
• Online Sale of Drugs Under Narcotic Drugs and Psychotropic Substances Act, 1985

Cyber Law and Intellectual Property

An important part of cyber law is intellectual property. Intellectual property can include areas like inventions, literature, music, and businesses. It now includes digital items that are offered over the internet. IP rights related to cyber law generally fall into the following categories:

• Copyright: This is the main form of IP cyber law. Copyrights provide protection to almost any piece of IP you can transmit over the internet. This can include books, music, movies, blogs, and much more.
• Patents: Patents are generally used to protect an invention. These are used on the internet for two main reasons. The first is for new software. The second is for new online business methods.
• Trademarks/Service Marks: Trademarks and service marks are used the same online as they are in the real world. Trademarks will be used for websites. Service marks are used for websites that provide services.
• Trade Secrets: Trade secret laws are used to protect multiple forms of IP. This includes formulas, patterns, and processes. Online businesses can use trade secret protections for many reasons. However, it does not prevent reverse engineering.
• Domain Disputes: This is related to trademarks. Specifically, domain disputes are about who owns a web address. For instance, the person who runs a website may not be the person who owns it. Additionally, because domains are cheap, some people buy multiple domains hoping for a big payday.
• Contracts: Most people don't think contracts apply online. This is not the case. For example, when you register for a website, you usually have to agree to terms of service. This is a contract.
• Privacy: Online businesses are required to protect their customer's privacy. The specific law can depend on your industry. These laws become more important as more and more information is transmitted over the internet.
• Employment: Some employee contract terms are linked to cyber law. This is especially true with non-disclosure and non-compete clauses. These two clauses are now often written to include the internet. It can also include how employees use their company email or other digital resources.
• Defamation: Slander and libel law has also needed updating because of the internet. Proving defamation was not altered substantially, but it now includes the internet.
• Data Retention: Handling data is a primary concern in the internet age. An area where this has become a big issue is in terms of litigation. In lawsuits, it is now common to request electronic records and physical records. However, there are no current laws that require keeping electronic records forever. This is not true for physical records.
• Jurisdiction: Jurisdiction is a key part of court cases. Cybercrime has complicated this issue. If a cybercriminal is located in Minnesota and their victim is located in North Carolina, which state has jurisdiction? Different states have different rules about this issue. Also, it can depend on in what court, federal or state, a case was filed.

Protecting IP can be difficult over the internet. An example of this would be the popularity of pirated movies and music. Each business that relies on the internet needs to develop strategies for protecting their IP. Governments can also take part in this process. In 1999, India did just this by updating their IP laws.

New Cyber (Computer) Laws 

Technology is constantly updating. This means that laws must also be constantly updated. Although U.S. law has remained the same for a long time, five laws were passed in 2014:

• National Cybersecurity Protection Act (NCPA).
• Cybersecurity Enhancement Act of 2014 (CEA).
• Federal Information System Modernization Act of 2014 (FISMA 2014).
• Cybersecurity Workforce Assessment Act (CWWA).
• Border Patrol Agent Pay Reform Act (BPAPRA).

Most of these laws were meant to update existing legislation. FISMA 2014 updated the framework for security controls. NCPA was meant for information sharing between the private sector and the government. The CEA was one of the most important bills. It may affect private organizations. This is because it promotes developing voluntary cybersecurity standards. This law strengthens the informal mission of the National Institute of Standards and Technology (NIST). The CEA also covers areas once covered by the Federal Financial Institutions Examination Council (FFIEC). Both the NIST and FFIEC were informal standards. The CEA is a law and more binding. This is particularly useful for resolving disputes resulting from cybercrimes. Businesses need to understand the rules of the CEA.

return to top | previous page | next page