Legal Services

Technology, Media and Communications

Rodney D. Ryder

Crime and the Internet: [Challenging] Criminal behaviour in the Information Age

Introduction - Structure
Part 1 Crime and the Internet
Cyberspace: an introduction Understanding the impact of the new media Parameters of destruction: the logic bomb versus the truck bomb

Part 2 Theories on Cyber crime [Solutions and Perspectives]

Cyber crime theory Notes on Best Practice

Crime and the Internet

Understanding the impact of the medium

Regulating Communications: the layers of a networked environment

The physical layer [the wires, cables, fibres and the radio frequency spectrum] The Code [the software and the standards] The Content

The Rise [and fall?] of Cyberspace

<Cyberspace> as introduced by William Gibson [A place governed by its own laws] Law and Borders: the independent theory of cyberspace law [David Post and David Johnson, Stanford Law Review] a consensual hallucination [William Gibson, Neuromancer] <Cyberspace> as derived from <cyberkinetics> [the science of communications and control theory]

Greek <kybernetes> means steersman of a ship

The law of the net: legal consensus in cyberspace

Cyberspace as a distinct market place Minimising liability in the new medium [Dow Jones v. Gutnick] Targeting as the norm in cyberspace Jurisdiction and you: YAHOO!

The shift to the new media: putting challenges in perspective

Restructuring global commerce: the intense volume of information; simplicity of transfer Ownership of information increasingly hard to protect Evolving business methods: change or die

What is Science? [Science and the Scientific Process]

There are no forbidden questions in science, no matters too sensitive or delicate to be probed, no sacred truths. That openness to new ideas, combined with the most rigorous, skeptical scrutiny of all ideas, sifts the wheat from the chaff. It makes no difference how smart, august, or beloved you are. You must prove your case in the face of determined expert criticism.

-Carl Sagan
8

What is Computer Forensics?

Computer forensics is forensics applied to information stored or transported on computers It Involves the preservation, identification, extraction, documentation, and interpretation of computer media for evidentiary and/or root cause analysis There should be a process and that process should be followed, but flexibility is essential, because the unusual will be encountered.

Cyber Crime: Issues and Categories

Issues relating to the machine and computer forensics

David Carters categories

Computer as the target of a criminal act [intrusion, data theft] Computer as an instrumentality of the crime [credit card fraud] Computers as incidental to the crime [cyberstalking] Crime enhanced by computers [software piracy]

10

Crime, the device and the medium

Three situations where you might find evidence on a digital device: Device used to conduct the crime Child Pornography/Exploitation Threatening letters Fraud Embezzlement Theft of intellectual property Device is the target of the crime Incident Response Security Breach Device is used to support the crime

11

The nature of the evidence [medium, device, volume and relevance]

Can be anything!
As small as a few bytes Could be, and hopefully will be complete files
Could be Deleted Could be Encrypted

Likely will be fragments of files

A few Words A couple of sentences Hopefully some paragraphs

Registry entries, or log entries!

12

The scene of crime: handling evidence

Three As of Computer Forensics Acquire the evidence without altering or damaging the original. Authenticate that your recovered evidence is the same as the originally seized data.

Analyze the data without modifying it.

13

Acquiring and handling the evidence

How do we seize the computer? How do we handle computer evidence?
What is chain of custody? Evidence collection Evidence Identification Transportation Storage

Documenting the Investigation

14

Authenticate the evidence

Prove that the evidence is indeed what the criminal left behind. Contrary to what the defense attorney might want the jury to believe, readable text or pictures dont magically appear at random. Calculate a hash value for the data MD5 SHA-1,256,512

15

Analyse the Evidence

Always work from an image of the evidence and never from the original. Prevent damage to the evidence Make two backups of the evidence in most cases. Analyze everything, you may need clues from something seemingly unrelated.

16

Cyber Crime: Incident Handling [I]

1. Continuing Operations v. Preservation of Evidence 2. Identify the Incident Manager and Team usually department heads or officers 3. Assess Systems Impaired and Damages

4. Review Adequate Logging/Tracking

5. Note Unusual Activities By Employees or on Computer Network

17

Cyber Crime: Incident Handling [II]

Identify your LOSS, HARM, or DAMAGE lost asset, revenues, expenses, repair cost

Identify Capture or Quarantine Electronic or Computerized Equipment, Logs and Files

Maintain a Chain of Custody for Evidence

Begin a written chronology of events

Who may have to testify Identify one or two individuals to be your main point of contact with law enforcement

18

Cyber Security: Management Issues

#7 Pretend the problem will go away if they ignore it. #6 Authorize reactive, short-term fixes so problems re-emerge rapidly

#5 Fail to realize how much money their information and organizational reputations are worth.
#4 Rely primarily on a firewall. #3 Fail to deal with the operational aspects of security: make a few fixes and then not allow the follow through necessary to ensure the problems stay fixed #2 Fail to understand the relationship of information security to the business problem -- they understand physical security but do not see the consequences of poor information security. #1 Assign untrained people to maintain security and provide neither the training nor the time to make it possible to do the job.
19

Cyber Crime: Preventive Steps

Use anti-virus software and firewalls - keep them up to date Keep your operating system up to date with critical security updates and patches Don't open emails or attachments from unknown sources Use hard-to-guess passwords. Dont use words found in a dictionary. [Remember that password cracking tools exist] Back-up your computer data on disks or CDs often Don't share access to your computers with strangers If you have a Wi-Fi network, password protect it Disconnect from the Internet when not in use

Reevaluate your security on a regular basis

Make sure your employees and family members know this info too!
20

From the Internet to Convergence

The future is integrated!

21

Crime and the Internet

Theories on Cyber crime [Solutions and Perspectives]

22

The Act: Offences and Classification [Information Technology Act, 2000]

Hacking [S. 66], Source code attacks [S. 65], Obscenity and Pornography [S. 67], Accessing designated protected systems [S. 43], Making available Digital Signature for fraudulent purpose

Severe punishments prescribed for offences.

Police granted extensive powers of investigation, search and seizure.

23

Intermediaries: Internet Service Provider Liability

Intermediary liability under tort law Distribution of content: [a] copyright violations [music, films, images]; [b] prohibited content [hate, racism, pornography] Departure from global practice on liability.

Extent of third party liability left ambiguous

Borrowings from the Singapore Electronic Transactions Act, 1998

24

Theorizing Pornography
The concept of harm from sexual speech: 1868 [English] Queens Bench decision, Regina v. Hicklin [the famous Hicklin test, set the standard for the twentieth century, the deprave and corrupt test] Ginsberg v. New York [1968]: harm to minors; ethical and moral development American Civil Liberties Union v. Reno: no one accesses pornography by accident The Indian Penal Code [1860] and the Information Technology Act [2000]: old wine in a new bottle

25

Cyberstalking: Obsessional Criminal behaviour

Stalking is by no means a recent development now in an online form online stalking as an extension or variant of physical stalking Stalking: the elements unwanted attention and/or pursuit persons may be stalked or followed harassment intimidation often associated with a threat to life Case Studies For the love of Julie Mrs. Ritu Kohli The reach of the Internet in these case present a range of physical, emotional and psychological consequences to the victim.
26

Privacy and the Internet: Orwells <1984> or Benthams <Panopticon>

The dangerous developments relate to:
surveillance of communications surveillance of computer systems and networks monitoring of employees - internet, phone, drugs testing, genetic testing etc satellite surveillance biometrics and other identification technologies genetic testing

E.g. in UK:
Human Rights Act 1998 Telecommunications (Data Protection and Privacy) Regulations 1999 Regulation of Investigatory Powers Act 2000 Telecoms Lawful Business Practice Interception of Communication Regs 2000
27

Growth of importance of Privacy

Overview - major International and US regulations
HUMAN RIGHTS
1948 1970 1974 1976 1980 1980 1995 1994 UN Universal Declaration of Human Rights US Fair Credit Reporting Act US Privacy Act International Covenant on Civil and Political Rights OECD Guidelines on Protection of Privacy US Privacy Protection Act European Commission Directive on Data Protection US Communications Assistance to Law Enforcement Act

1996
1998 1998 1999

US Health Insurance Portability and Accountability Act

US Children's Online Privacy Protection Act European Member States implement Directive US Financial Services Modernization Act
28

BUSINESS ISSUES

Current law in India

There is no general data protection or privacy law in India:
Constitution Article 21
Right to life and liberty, interpreted by Supreme Court as including the right to be let alone

International Covenant on Civil and Political Rights 1966 Article 17:

No one shall be subject to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.

Law of privacy (Tort Law) Action for unlawful invasion of privacy

29

Current law in India

Information Technology Act 2000

Section 43 (a)
Penalty for unauthorised access to a computer system

Section 43 (b) Penalty for unauthorised downloading or copying of data without permission

Section 72 Offence of accessing any electronic record, book, register, correspondence, information, document or other material and, without the consent of the person concerned, disclosing such information to another person 30

Current law in India

Public Financial Institutions Act of 1993 codifies confidentiality of bank transactions ISPs prohibited from violating privacy rights of subscribers by virtue of the license to operate granted by the Department of Telecommunications A general data protection law in India? National Task Force on IT and Software Development 1998 Submitted IT Action Plan calling for National Policy on Information Security, Privacy and Data Protection Act for handling of computerised data but no Act introduced to date
31

Is the future to be aided or dictated by technology?

32

Any questions?

33

Legal Services

Technology, Technology, Media Media and and Communications Communications

Rodney D. Ryder