"Because cyber crime is often transnational in character, offenders can take advantage of gaps in existing law to avoid apprehension and/or prosecution. It is therefore important that every legal system take measures to ensure that its penal law is adequate to meet the challenges posed by cyber crimes" 1
The concept of location through substantive rules is thus the measures applied by various jurisdictions to implicate "the challenges posed by cyber crimes". "Computer crime" has no generally accepted definition. However as a phenomenon computer crime is the use of new technology to commit old crimes in "new" ways. It also creates "new" form of criminal activity.
It follows that traditional offences to wit: crimes against persons, crimes against property, crimes against morality, crimes against the administration of justice and crimes against the state, may be committed using computer technology.
Whilst some penal laws already exist in some jurisdiction capable of dealing with the offences committed using computer, some computer related offences may not be punishable without amending existing laws or even legislating new ones, so as to criminalize such acts or render the perpetrator criminally liable within a physical location.
Traditional offences of murder may be committed from a remote location using computer e.g. by hacking into a hospital's computer system and altering a victim's drug prescription with fatal consequences. In this case it is assumed that once the perpetrator is located, he can be extradited (if outside) to the victim's forum for prosecution as the act of causing the death of another human being should ground criminal liability in every civilized state. In this instance, existing penal laws will adequately deal with the computer as an instrumentality in committing the homicide.
In content - related offences, existing substantive rules have been shown to be inadequate in various forums, thus impairing the imposition of criminal liability on the "offender". When in May 2000, a computer virus known as the "love bug" was introduced by a philippino perpetrator, which caused serious damage globally, he could not be prosecuted because no Philippine statute could implicate the act. This led to the Philippines adopting a cyber crime law, but the "love bug" disseminator could not be charged.
Whether existing laws deal adequately with cyber crime or new laws are created, the law courts play a crucial role in locating extra – territorial elements inherent in cyber crime. Where the language of a statute clearly identifies the extra – territorial reach of a cyber crime, full faith and effect is given to it. An example is the Computer Misuse Act 1990, which provides for "significant link" concept for assertion of jurisdiction. In effect, an offence of unauthorized access is committed within UK where the accused was in UK when he did the unauthorized access or if the computer accessed without authorization was at the time of accessing same within UK. Either of this presence is therefore link significant enough to make UK forum assert jurisdiction. Following strongly after the UK Act, the Australian Cyber Crime Act 2001, (S. 476.3) confers jurisdiction on her forum, for computer offences, where the conduct constituting the offence occurs wholly or partly in Australia, or on board an Australian ship or aircraft, or where the result of the conduct constituting the offence occurs wholly or partly in Australia.......... or the person committing the offence is an Australian citizen or company. It follows that an Australian citizen operating in a country where computer hacking is not an offence, who hacks into a computer system in a third country would face potential criminal liability under the Act.
Where the language of extra territoriality is missing from the statute but can be gleaned from the intention of the draft man, it should be interpreted as such.
In the US, the Computer Fraud Statute (18 U.S.C 1030) has no explicit extra territorial provision specifically dealing with acts of fraud. In its recent amendment by addition of "Uniting and Strengthening America by Providing Appropriate Tools required to Intercept and Obstruct Terrorism Act 2001". (U.S.A. PATRIOT ACT) "Protected Computer" now "includes, a computer located outside the US that is used in a manner that affects interstate or foreign commerce or communication of the United States".
Though the USA PATRIOT ACT deals with acts of cyber terrorism, the definition of "Protected Computer" can apply to both terrorism and fraud 2.
Also the FEDERAL WIRE FRAUD statute (18 U.S.C 1343) is not explicit on its extra territorial application. US Courts now assume extraterritorial jurisdiction in criminal cases if the criminal act affected or was intended to affect persons in the US.
See U.S. vs. PIZZARUSSO 388 F. 2d 8 (2d.cir.1968).
Most substantive rules, harbour consensual rules of international law, especially jurisdiction to prescribe. Substantive rules are therefore, sometimes interpreted by courts with the aid of these rules of international law to determine whether an otherwise extra-territorial act can be tried within a domestic forum.
The bases for asserting such jurisdiction are founded on principles of territoriality, nationality, passive personality, protective principle or universality. Where a criminal act occurs in a country, then that country unarguably has jurisdiction under the principles of territoriality. An extension of this principle is the objective territorial principle adopted to assume jurisdiction in respect of "acts done outside a jurisdiction but intended to produce and producing detrimental effects within it" 3.
The principle of nationality is based on the nationality of the offender, whilst jurisdiction exercised, based on the nationality of the victim is the passive personality principle. Jurisdiction founded on protective principle, "permits a nation to assert jurisdiction over a person whose conduct outside the nation's territory threatens the nation's security or could potentially interfere with the operation of its governmental functions".
Computer crime has become a focal issue in view of the exponential growth of computer technology. Tackling computer crime therefore requires some strategies, which include:
(i) Clear stipulation of offences, which constitute computer crime.
(ii) Locating the domestic criminal law for possible amendments, to meet the requirement of prevention of computer related crime.
(iii) Sustainable international collaboration 4
Footnotes
1 Susan W. Brenner: Cybercrime investigation and prosecution: The role of penal and procedural law: Murdoch University Electronic Journal Law, Vol. 8 No. 2 (June 2001)
2 Ellen S. Podgor: International Computer Fraud: A Paradigm for limiting national jurisdiction 35 U CDLR 267
3 Strassheim V Daily 221 US 280 @ 285 (1911)
4 See generally: Gulshan Rai, Dubash R. K., Chakravarti A. K.:- Computer Related Crimes, Government of India, Deepartment of Electronics, New Delhi
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
