Introduction :

Cyber law is the law governing cyberspace. Cyberspace jurisprudence is evolving rapidly with various technological developments. Due to immense increase in the use of computers and other communication devices, there has been increase in cyber crimes worldwide. It has also given rise to various challenges dealing with the legal aspects of cyber law to the governments across the world.

The unprecedented rate of technological change has cropped up many challenges and problems, especially the problem of governance, formulation of new laws and amendments of the existing ones from time to time. Cyberspace has no limitations as to geographical boundaries which has given rise to many transnational crimes, which may affect any country across the globe.

It is likely that various challenges might arise in future due to such rapid increase in the information technology. There is a need for nations to enter into multi-lateral international agreements to establish new and uniform rules applicable to cyberspace. Also there is a need for creating an international organization to deal with problems relating to cyberspace.

Emerging global trends and developments in Cyber Law :

Globally, Various trends and challenges are likely to arise with the development and evolution of cyber law jurisprudence. Following are few of the Trends and challenges in cyberspace which has emerged in last few years and needs a serious attention of the governments across the world.

Trends in Mobile Laws :

The increased usage of mobile devices, cell phones, smart phones, personal digital assistants and all other kinds of communication devices in different parts of the world are becoming an integral part of day –to-day existence in life. This has widened the scope of Mobile Ecosystem and is likely to give rise to various complex legal issues and challenges across the world

In countries like India and China, wherein the usage of mobile devices is exceedingly high, the area of mobile law is emerging and different complicated legal, regulatory and policy challenges concerning the usage of mobile devices and  communication devices are coming to the forefront ,and it is expected that these countries would contribute towards the growth and development of Mobile law.

Also the increased usage of mobile devices is likely to give rise to more mobile related crimes. It is need of an hour for the governments to adopt direct legislations pertaining to mobile law as the existing laws, regulations and rules in different countries which have an impact on legal issues pertaining to mobile laws are applicable in an indirect manner.

It is expected that with increased usage of mobile devices across the world, mobile law would emerge as an distinct area of jurisprudence. There is a need for appropriate enabling frameworks for the governments across the world that will help, protect and preserve the rule of law in mobile ecosystem.

The growth of mobile law jurisprudence has led to the legal issues connected with it. Mobile crime is likely to increase leaps and bounds in the coming years. Increased usage of mobile apps, which majorly consists of an individuals private and personal information, are likely to bring up various legal issues which will need appropriate consideration in order to ensure mobile protection and privacy .With more and more mobile apps emerging the personal information of the user needs to be protected.

Social Media and Challenges :

One of the biggest problem cyber law is encountering is related to development of jurisprudence relating to social networking. Increased adoption and usage of social media are likely to bring various legal, policy and regulatory issues. Social media crimes are increasingly gaining attention of relevant stake holders. Misuse of information, other criminal and unwanted activities on social networking platforms and social media are raising significant legal issues and challenges. There is a need for the countries across the world to ensure that rule of law prevails on social media. Social media legal issues continues to be significant. In order to avoid social media crimes and protect the privacy related to social media, it is a challenge for cyber law makers across the world to not only provide appropriate legislative and regulatory mechanisms but also provide for effective remedies for redressal to the victims of various unauthorized, unwanted criminal activities done in cyber space and social media.

Cyber security and related issues :

With the growing activities of cyber crime across the world, there is a need for enacting a appropriate legislative, regulatory and policy framework pertaining to cyber security. The International Conference on Cyber law, Cyber crime and Cyber security which took place in November 2014 in India highlighted significant issues affecting cyber security and came up with various recommendations for international stakeholders. It is likely that countries of the world have to deal with issues pertaining to attacks and intrusions into computer systems and networks from location outside the territorial boundaries of the country. It has the potential of prejudicially impacting the sovereignty, integrity and security of the country. Thus there is a need for the nations across the world to amend their existing IT legislations which would help the protection, preservation and promotion of cyber security in the use of computers and communication devices.

Cloud Computing and Challenges:

Another important challenge in cyber space is the evolution and development of legal responses to the complicated legal challenges poised and raised by cloud computing and virtualization. Cloud computing being a popular phenomenon among corporate is likely to bring forth issues like data protection and data confidentiality. The relevant stakeholders including lawmakers and governments across the globe need to provide appropriate legal, policy and regulatory framework pertaining to legal aspects concerning cloud computing.

Spam Laws :

In the initial years, spam seemed to be targeted at computers but has now also targeted mobile phones. Email spam is the most common form of spamming, Mobile phone spam and instant messaging spam also exist. In majority of the countries there is no such anti spam law, which has led to the further growth of spam. There is an increased need for the countries to come up with regulatory and legal framework for spam as many countries have already become hotspots for generating spam.

Conclusion:

The aforesaid are some of the more significant and important cyber law trends which will have bearing on the growth and further evolution of international Cyber law ecosystem. The aforesaid list is only illustrative in nature and by no means exhaustive. With the tremendous growth in information technology worldwide, the society being more and more dependant on technology,  crimes related to computer, computer systems and electronic devices are bound to increase and the law makers have to go the extra mile to maintain the rule of law in the cyberspace ecosystem. What may happen in the future no one can predict due to the fast pace of technological growth. There lies a duty not only on lawmakers and governments, but also on the users at large, to understand their responsibility towards ensuring a safe and healthy technological development and that it is used for legal and ethical purposes to the utmost benefit of mankind.

Author : Sonia Tulse

Source : https://www.linkedin.com/pulse/emerging-global-trends-developments-cyber-law-growing-sonia-tulse

Categorized in Internet Ethics

 

IN THE AGE of big data analytics, the proprietary algorithms web sites use to determine what data to display to visitors have the potential to illegally discriminate against users. This is particularly troublesome when it comes to employment and real estate sites, which could prevent users from having a fair crack at jobs and housing simply by failing to display certain listings to them based on their race or gender.

But four academic researchers who specialize in uncovering algorithmic discrimination say that a decades-old federal anti-hacking statute is preventing them from doing work to detect such discrimination. They say a provision of the Computer Fraud and Abuse Act could be used to criminally prosecute them for research that involves scraping publicly available data from these sites or creating anonymous user accounts on them, if the sites’s terms of service prohibit this activity.

The researchers, along with First Look Media Works, which publishes The Intercept, filed a lawsuit today against the Justice Department, asserting that opening fake profiles to pose as job and housing seekers constitutes speech and expressive activity that is protected under the First Amendment. They further argue that because sites can change their terms of service at any time without informing visitors, this can suddenly turn any speech or activity on the site into a criminal act—a violation, they say, of the Fifth Amendment right to due process, which requires proper notice to the public of what constitutes criminal behavior.

They’re asking the US District Court in the District of Columbia to enjoin the government from enforcing what they say is an unconstitutional provision that prevents them from doing meaningful research.

“Being able to run socially beneficial studies like ours is at the heart of academic freedom,” Christian Sandvig, an associate professor of information and communication studies at the University of Michigan and one of the plaintiffs, said in a statement. “We shouldn’t have to fear prosecution just because we’re doing our jobs.”

The case gets at the heart of what many consider to be a problematic provision in the anti-hacking law. Ordinarily, violations of a site’s terms of service should only allow a site to bring civil action against users who breach those terms. But under the CFAA, federal prosecutors have interpreted terms-of-service violations as exceeding a site’s authorized access, a criminal hacking violation that carries a maximum prison sentence of one year and a fine. Subsequent violations can result in a sentence up to ten years in prison and a fine.

 

The risk of prosecution for violating a site’s terms of service isn’t limited to academics, nor is it theoretical; the government has already done so at least twice. In 2008, federal prosecutors charged a Missouri woman named Lori Drew with three counts of violating the CFAA after she and two others created a fake Myspace profile to bully a classmate of Drew’s daughter, who subsequently committed suicide. Myspace’s user agreement requires registrants to provide factual information about themselves; in creating a fake profile for a nonexistent teenage boy in violation of those terms, federal prosecutors asserted that Drew obtained “unauthorized access” to MySpace’s servers.

The next year, the government prosecuted the owners of the ticket-scalping service Wiseguy Tickets for using a script and botnet to bypass Captcha protections on several ticket-selling sites—in violation of the sites’ terms of service—and purchase concert and sporting event tickets in bulk. The defendants pleaded guilty.

That these prior cases involve bullying and scalping, rather than important academic research, matters little next to the precedent they established for how the government can invoke the CFAA.

Algorithmic Hijinks
The complaint (.pdf) was filed by the American Civil Liberties Union on behalf of First Look, Sandvig, and three other academics: Karrie Karahalios, an associate professor of computer science at the University of Illinois; and Alan Mislove and Christo Wilson, associate and assistant professors of computer science at Northeastern University.

All four academics have a track record in researching algorithms for discrimination. Sandvig and Karahalios were part of a 2014 study looking at how to audit for algorithmic discrimination (.pdf). Mislove and Wilson are part of the Algorithmic Auditing Research Group at Northeastern University and have co-authored several papers about measuring discrimination online. First Look’s interest in the lawsuit stems around the media outlet’s interest in doing similar discrimination research for stories.

 

Web sites often use algorithms to analyze user profile information, web surfing habits—determined through tracking cookies that sites place on the computers of visitors—and other information collected by data brokers from public records, social media sites, and store loyalty programs. The algorithms, which are proprietary and therefore not transparent in how they work, can determine not only the ads a site serves to visitors but can also determine things like the job and housing listings a visitor sees on them. This can lead to discrimination that is illegal under the Fair Housing Act and Title VII of the Civil Rights Act.

“Big data enables behavioral targeting, meaning that websites can steer individuals toward different homes or credit offers or jobs—including based on their membership in a class protected by civil rights laws,” the plaintiffs state in their complaint. Because of this, “[b]ehavioral targeting opens up vast potential for discrimination against marginalized communities, including people of color and other members of protected classes.”

Sandvig and Karahalios are currently researching popular housing and real estate sites like Zillow.com, Trulia.com, Redfin.com, and Homes.com to determine if they offer different property listings to users based on race and other characteristics. Mislove and Wilson are conducting similar research of job sites like Monster.com and CareerBuilder.com to determine if their algorithms assign lower rankings to people based on gender or color. Job recruiting algorithms often rank job seekers for employers based on relevance, which can have an effect on who employers contact and who gets a job. If an algorithm consistently gives certain classes of people a low ranking, this could cause them to miss out on potential jobs.

Similar types of auditing in the offline world has long been considered a critical tool by courts and the government for uncovering racial discrimination in housing and employment practices. Past tests, for example, have consistently found that Caucasian job applicants receive about twice as many callbacks or job offers as African-American ones.

For the online equivalent, researchers must audit algorithms for evidence of discrimination using scripts to scrape publicly available data on the web sites, and create fake user profiles. Sandvig and Karahalios, for example, plan to generate multiple fake user accounts, known as “sock puppets,” that exhibit behavioral characteristics associated with different racial groups to see if the housing sites discriminate against them.

But Zillow.com, Trulia.com, Realtor.com, Redfin.com, Homes.com, and Apartments.com all prohibit scraping in their terms of service, and many of these sites also prohibit users from providing false information. Job sites like LinkedIn, Monster.com, CareerBuilder.com, and TheLadders.com also prohibit this activity, raising the potential for the researchers to be criminally prosecuted.

Chilling Effects
The concern is that by threatening researchers who violate service terms with criminal prosecution, web sites could effectively chill research that helps determine if the web sites themselves are breaking laws. And because it’s the web sites that draft the terms of service, “the recipe for avoiding Fair Housing Act and Title VII liability for algorithmic discrimination is straightforward,” the plaintiffs write. “[M]erely employ terms of service that preclude subsequent speech about such discrimination, and it can continue unchecked.”

Indeed, the plaintiffs say, some web site terms of service specifically require researchers to obtain advance permission to conduct research on their site, making it easy for gatekeepers to refuse access to researchers who might portray the site in a negative light. Other companies include blatant non-disparagement clauses in their terms that prohibit site visitors—including researchers—from speaking negatively about them.

 

“The work of our clients has a clear social benefit and is protected by the First Amendment,” says Esha Bhandari, staff attorney with the ACLU’s Speech, Privacy, and Technology Project. “This law perversely grants businesses that operate online the power to shut down investigations of their practices.”

The plaintiffs say that by delegating power to companies to determine what constitutes criminal conduct, the government has essentially relinquished control of the lawmaking process to private companies, which they say is unconstitutional.

In 2008, that didn’t matter to the jury in Lori Drew’s case. Although they acquitted Drew of the three CFAA felonies with which the government charged her, they convicted her on lesser misdemeanor charges of unauthorized access, setting a dangerous precedent for others who violate a site’s terms of service. US District Judge George Wu served as the voice of reason, however, when he overturned the conviction on grounds that the government’s interpretation of the CFAA was unconstitutionally vague and set a dangerous precedent. The ACLU says that there’s ambiguity as to whether that ruling could have meaningful influence on future cases.

In giving federal authorities the power to criminally prosecute anyone who violated a site’s terms of service, the conviction, if allowed to stand, essentially converted “a multitude of otherwise innocent internet users into misdemeanant criminals,” Wu said.

That danger still looms today. The researchers’ lawsuit aims to change that.

Source:  https://www.wired.com/2016/06/researchers-sue-government-computer-hacking-law/

 

 

 

 

Categorized in Internet Privacy

The future of the internet is at risk from multiple scenarios, and quick action is needed to protect it, says the Internet Governance Commission.The internet has reached a crossroads in its history, and concerted and immediate action is needed to preserve the openness, transparency, security and inclusivity that have made it such an important factor in global social and economic improvement over the past two and a half decades.

This was the key conclusion of the Global Commission on Internet Governance’s final report and recommendations on the future of the internet, One Internet, which was released at the OECD Ministerial Meeting on the Digital Economy in Mexico.Set up two years ago, the commission was chaired by former Swedish prime minister Carl Bildt, and included among its members Wendy Hall, professor of electronics and computer science at the University of Southampton.

Speaking to Computer Weekly at the time of the commission’s launch in 2014, Hall said the internet was finely balanced between “controlled spaces” and “utter anarchy”, and an international approach to governance was vital, hence her decision to join the commission.

“We need to understand what we can expect when it comes to companies and governments accessing our data. The founders of the internet didn’t set it up for governments to gather data on us – that was never the intention, and we must explore this,” she said.

In the wake of the commission’s final report, Hall said the fundamental question that now had to be answered is how to meet the governance challenges the internet creates, without undermining those aspects that make it a powerful platform for social and economic growth around the world.

“The choice of not making a choice is, in itself, a choice – one that could lead to harsh consequences. We risk a world where the internet is closed, insecure and untrustworthy – a world of digital haves and have-nots,” said Hall.

“The action outlined by the report must be taken soon so that we can create an environment of broad, unprecedented progress where everyone can benefit from the power of the internet.”

Bildt added: “The threats to privacy and the risk that the internet will break apart are real.”

“If we want a future where the internet continues to provide opportunities for economic growth, free expression, political equality and social justice then governments, civil society and the private sector must actively choose that future and take the necessary steps to achieve it,” he said.

Recommendations for governments and companies

The One Internet report contained a number of recommendations for both national governments and IT companies.Among the most important of these recommendations are that governments should only intercept, collect and analyse communications data for legitimate, open and legal purposes, which does not include gaining a domestic political advantage, industrial espionage or repression.

Governments should not force the industry to compromise the security of their products through hidden backdoors, and should refrain from making companies their enforcement arms.It also suggested the private sector act to establish a system of transparency reporting that showed what content was being restricted or blocked by state-level actors, and why.

National governments should also collaborate to provide mutual assistance to deter and limit the damage inflicted by cyber attacks, and refuse shelter to those who commission or carry them out. Governments should also collaborate to create a list of off-limits targets.

When it came to the online security of the general public, the commission recommended consumers be free to choose what services they use and be given greater say in how their personal data was used by these services.It added that no user should be excluded from using an online service on the basis that they were worried about their security.

For industry, the commission recommended that the developers of new technologies ensure their creations remain compatible and open standards-based. It also suggested innovators ensure their creations conform to principles of openness to provide a platform for future innovators.

The commission also set out goals around ensuring the internet was as inclusive as possible, saying governments should act to provide public access where possible, do more to improve digital literacy through education in schools and ensure accessibility to disabled people and others more likely to be excluded.

Importantly, the report also suggested that refugees – of whom there are now 65.3 million in the world, according to the United Nations High Commission for Refugees (UNHCR) – be provided with access to the internet by host governments, NGOs, or a combination of both.

It added that the IT sector needed to come together with both governments and wider society to help understand the effects of online algorithms on what content is made available to users online.

Finally, it said, the process of international, multi-stakeholder internet governance should be open to evolution to ensure the ongoing presence of a single, unified internet.“The internet is the most important infrastructure in the world. It is the world’s most powerful engine for social and economic growth. To realise its full potential, the internet of the future must be open, secure, trustworthy and accessible to all,” said Hall.

“The commission has built a roadmap towards ensuring the future of the internet. If the roadmap is adopted, the internet will continue to be civilisation’s most important infrastructure. If the roadmap is ignored, the internet’s power to build a better world will erode. The time to choose is now.”

Source:  http://www.computerweekly.com/news/450298950/Act-now-to-save-the-open-internet-says-Internet-Governance-Commission

Categorized in Internet Privacy

 

Darktrace, a U.K. cybersecurity firm that positions its software as the "human immune system" for networks, has raised $65 million in a funding round led by U.S. private equity giant KKR, the start-up said on Wednesday.Existing investor Summit Partners contributed while new investors TenEleven Ventures and SoftBank joined the round. The British start-up is also backed by Autonomy founder Mike Lynch's Invoke Capital and London-based venture capital firm Hoxton Ventures.

Darktrace's solution sits in the middle of an organization's computer network and can detect cyber-threats in real-time, allowing the company's security team or the software to take action to protect the system.

 

The start-up has been developing its machine learning capabilities – advanced algorithms that can adapt and learn. Darktrace says that its machine learning techniques are based on the "biological principles of the human immune system".

Hackers pose a huge threat to businesses with cyber-crime forecast to cost businesses over $2 trillion by 2019, according to Juniper Research. Some of the biggest organizations in the world have been victims of cyber-attacks and this has meant cybersecurity companies have gained traction.

Start-ups like Darktrace are attempting to challenge established players such as FireEye and Symantec. And as cyber-attacks get more sophisticated, machine learning solutions are becoming increasingly important.

A new threat identified by Darktrace is the ability for hackers to program machines to carry out attacks. In this way, machines are attacking machines, something that can be hard to stop as computers are able to adapt their own attack methods.

Ransomware is another attack that has been on the increase which involves hackers locking a person's files and then demanding something in return for unlocking them.To combat these threats, Darktrace released a product called Antigena, which the chief executive describes as "machine fighting machine tech". Antigena allows a business's network to battle back against invading threats.

"We have some early customers using Antigena, and what we have seen as the first use case is slowing down the attack, allowing humans to catch up. One example of that would be Ransomware. We could detect ransomware as soon as it hit the machine, slow it down and stop it getting to the back-up servers," Nicole Eagan, CEO of Darktrace, told CNBC in a phone interview on Wednesday.

The start-up was founded in 2013 and has already grown to 300 employees and claims to have over 1,000 customers on board. Darktrace said it has achieved over 600 percent revenue growth in the latest financial year.

Cybersecurity has been one of the hottest sectors in the start-up world for investment and Darktrace faces competition from a number of players. Last month for example, cybersecurity start-up LightCyber raised $20 million. LightCyber has a product which it calls a "behavioral attack detection" platform capable of fighting against threats that have got past traditional security controls.

Eagan said that the $65 million funding will help Darktrace expand further into the U.S. and Asia as well as into new markets such as Latin America, hiring employees, opening offices on the ground and improving its technology.

"We are going to continue to invest in R&D. The initial Darktrace product is fully developed with a lot of the focus on machine fighting machine and the new wave of artificial intelligence attacks, so we will continue to build out our machine fighting machine tech," Eagan told CNBC.

Source:  http://www.cnbc.com/2016/07/06/cybersecurity-start-up-darktrace-raises-64-million-backed-by-kkr.html

 

 

Categorized in Internet Privacy

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.
Please wait

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Newsletter Subscription

Receive Great tips via email, enter your email to Subscribe.
Please wait

Follow Us on Social Media

Book Your Seat for Webinar GET FREE REGISTRATION FOR MEMBERS ONLY      Register Now