By: Aditi Singh* |
“An invasion by armies can be resisted but not an idea whose time has come. In fact, nothing is more powerful than an idea whose time has come.”
Internet has revolutionized not only that actual physical, social, educational, political and real life is affected but the artefact has uprooted the established legal norms. Surpassing all the territorial borders, the digital world brings with it an array of criminal possibilities. Cyber Space opens the floodgates of possibilities of Cyber Crimes. “Cybercrime is an evil having its origin in the growing dependence on computers in modern life.”
The post-COVID world is moving towards a more vulnerable world. A world where crimes attack people even after being in the safety of their homes. Cyber-security problems are new to the world. Hence, countries have also come up with uncanny and unheard solutions.
CYBER-CRIMES AND CYBER ATTACKS
“Cybercriminals are becoming more agile, exploiting new technologies with lightning speed, tailoring their attacks using new methods, and cooperating with each other in ways we have not seen before.” Recent years have seen an increasing number of cyber-attacks against political targets, critical infrastructure, and the Web sites of commercial corporations.
In late 2014, Sony Pictures entertainment was hacked by a group that called themselves Guardians of Peace. The attack turned out to State sponsored as the hacker group was connected and indirectly working for certain North Korean officials. Since, no firm link could be established between Guardians of Peace, North Korea and their place and medium of execution of the attack by the national security agency. After the Sony Attack, North Korea was looked down upon in the global market for a considerable amount of time. Cyber space opens the floodgates of online frauds, misappropriation and cheating in the absence of vigilant tracing and security being followed by countries.
Cybercrimes are not always committed by groups or countries. Cyber-crimes in the decade have also been committed by individuals to ridicule a rival nation or for sheer pleasure. For instance, U.S. v. Vladimir Drinkman, one of the largest hack and data breach ever prosecuted in the US and U.S. v. Ivan Turchynov, where an individual hacker conducted the largest online hacking and fraud case of the US.
Owing to countries involved in cyber-attacks and the ones colluding to create cyber terrorism, the world has been divided into fragments. Cyber-crimes have been a cause of concern for international co-operation and relations at various levels. The superpowers of the world have been severely affected by the same.
It is believed by authorities and agencies that Russia has been devising and conducting subtle cyberattacks against post-Soviet countries for a decade. Soon after the advent of Vladimir Putin, in 2012, Russia expanded its strategic cyber operations of US and Germany as well. Russia and US go on a toe-to-toe competition of cyber espionage. While US manipulates information and plays a safe game, Russia outright starts a “information warfare.”
The countries have tried to put their differences aside and enter into a diplomacy since 1998. But nothing fruitful has been achieved so far. These encounters have become common with the advancement of technology. In order to prove their supremacy, countries are fighting among themselves and deteriorating their international diplomatic relations. This in turn is affecting their economic, political as well as social prosperity.
The US officials believe that the cyber-attacks received by their country are mostly sponsored by hostile states, mostly Iran, North Korea, China, and Russia. The US has been blaming China for the cyber-attacks that have been happening to its citizens. In 2013, China-US entered into a bilateral dialogue to maintain peaceful relations. The attacks and the breaches have not vanished after that, they have just been reduced considerably. The countries have taken a step towards understanding, co-operation, and trust and tried to overcome the cyber-security matter together. However, there still remain disagreements. On one hand where Russia and China emphasize on a comprehensive cyber security agreement. The US on the other hand is adamantly focused on controlling cybercrimes.
The digital world is affecting and collapsing at each step. The invasion of a global pandemic does not help to rectify or benefit the situation in any manner. After the advent of the COVID-19 pandemic, the internet has turned into a necessity. Third-world countries and the developing nations, which earlier were aloof from the digital intricacies have jumped into the sea. This not only makes the market more volatile but also makes the struggle of international consensus on cyber security difficult.
The collective response towards cybercrimes and cyber threats can be handled in two ways, one by indulging in the creation of organizations and statutes that govern and control the rising cases of cyberattacks. The other being by giving sanctions to countries that are found to be involved in international cybercrimes. Both the ways are being utilized by countries in the 21st century to curb the effect of cyber-crimes.
The first form of collective response to cybercrimes is seen through many international initiatives. Joint Cybercrime Action Taskforce (J-CAT) is a collaborative step by all countries of cyber security officials to control cyber-crime at an international level. J-CAT focuses on countering transnational cybercrime and has conducted highly effective operations against cybercrime in the financial sector. Countries might not agree with their ideology to commit to cyber-crime together that they definitely agree to adopt technologies that benefit their countries in handling a cyber threat.
The second way of collective response to tackle cybercrimes is a bit harsh and outright according to international standards. But has been used by mainly developed nations like the US against the Middle East nations. The reason why sanctions isn’t preferred over resolution and punishment is that sanctions cause long-term effects on the country’s economy and international affairs. Thus, sanctions can only be afforded by economically sufficient nations like the US, Europe, or even Russia. For example, the US imposed sanctions in 2019 against twenty-one members of Evil Corp, a Russia-based cyber-criminal organization responsible for the Dridex malware that targeted financial institutions and generated more than $100 million in stolen funds.
International co-operation along with collective response is the most efficient way to tackle the problem at the international level. The consensus among countries is difficult to achieve because of the lack of a unified legislation.
JUDICIAL AND LEGAL PERSPECTIVE
At an international level, cyber activities and crimes can be classified under five heads of e-commerce, internet governance, data protection and privacy, cybercrime, cyber warfare, and terrorism. Each of the mentioned categories severely affects the working of countries at an international level and needs to be curbed. Several attempts have been made by countries to come at an international consensus.
At this juncture, the Budapest Convention, also known as the Convention on Cybercrime, governs the countries in case of cyber-security at an international level. “The Budapest Convention is the only binding international instrument on this issue.” So far, 43 countries have signed the Convention and agreed to be a part of the legally binding agreement. Quite recently, the Convention on Cyber-Crime (2001) considered the most systematic approach towards regulating harmful and criminal activities in cyberspace. Countries like Brazil and India, have still kept themselves out of the mandate by specifying that they were not a part of the drafting process. The number of countries that understand the gravity of the situation is on the rise. The need for a legally binding and universally accepted treaty or law on cybercrime is deemed necessary.
Digital Sovereignty and International Law on Cyberspace
“Digital sovereignty is the idea to control and govern access, information, communication, network, and infrastructure in digital realm by international actors.” Thus, digital sovereignty is both threatened and misused in the absence of an international law governing cybercrimes.
At the current stage, the world is governed by multiple binding and non-binding legislations Arab League Model Cyber Law, Commonwealth Model Law on Computer and Computer-related Crime, ECOWAS Directive, Council of Europe Convention on Cybercrime, EU Directives being the most prominent ones being followed across the globe. Several initiatives were started to legalize cybersecurity. But none was formulated and implemented in the real sense. 11th Crime Congress Bangkok 2005, called upon member states and discussed the proposal to emancipate upon the UN Convention on Cybercrime. But the member states never began the process of implementation.
In 2019, the countries around the world gather as the member states of the UN to work upon a new and more efficient UN Treaty of Cyber Crimes. The talks are still under consideration. The devastating situation of the society under continuously increasing cyber threats and deteriorating international relations, an international treaty and law on Cyber Crime is necessary and appreciated.
SUGGESTIONS AND FUTURE POSSIBILITIES
Countries around the world must come together and agree upon terms that would tie countries together in spirit and also help them to look into the matter of devastating cyberattacks. Since it is an international issue, coming to a consensus would not only solve jurisdictional and territorial issues, it would also create a sense of fear in the criminals. Besides creating a legislation, what is required of the authorities is proper and stringent implementation. A number of laws are wonderfully drafted for the cause but can never create a difference in the society because of their weak or no implementation. Cyber situations to be handled in an appropriate manner requires appropriate implementation.
Apart from the official framework and the authorities and countries working towards a common goal, the onus is on the people as well. Proper legal and cyber awareness and the digital wellbeing of another individual must be respected in the virtual world. With almost everything shifting to an online platform, it is the individuals who must respect the boundaries of others. Keep themselves in their moral, ethical and social best behavior. And also, to keep themselves legally abreast of the happenings around the world.
In view of the difficulties in attributing cyber conduct to specific states, it is useful to identify when the responsibility of multiple states that are directly or indirectly implicated in a cyber operation can be engaged. Shared responsibility can allow victim states to identify the responsibility of more actors, without leading to a diffusion of responsibility.
*The author is a student at Damodaram Sanjivayya National Law University, Visakhapatnam.