Cyber
crime
And
Prevention
of Electronic Crimes Ordinance, 2008
The Electronic Transaction Ordinance,
2002
Emergence
of Cyber Crime
The first recorded cyber crime took
place in the year 1820! That is not surprising considering the fact that the
abacus, which is thought to be the earliest form of a computer, has been around
since 3500 B.C. in India, Japan and China. The era of modern computers,
however, began with the analytical engine of Charles Babbage.
In 1820, Joseph-Marie Jacquard, a
textile manufacturer in France, produced the loom.
This device allowed the repetition
of a series of steps in the weaving of special fabrics. This resulted in a fear
amongst Jacquard's employees that their traditional employment and livelihood
were being threatened. They committed acts of sabotage to discourage Jacquard
from further use of the new technology. This is the first recorded cyber crime!
Cyber crime is an evil having its
origin in the growing dependence on computers in modern life. In a day and age
when everything from microwave ovens and refrigerators to nuclear power plants
are being run on computers, cyber crime has assumed rather sinister
implications
Definition
A generalized definition of cyber
crime may be “unlawful acts wherein the computer is either a tool or target or
both”
Thus, crimes are unlawful acts
wherein the computer is either a tool or a target or both.
Nature and areas of Cyber Crimes
- Mobile/Credit Card / Balance Transfer Fraud
- Bank Fraud Credit Cards/ ATM/Loan
- Mobile/Phone/ Threatening through SMS/Calls
- Tracing of IP/Email Address
- Threatening/Abusive/ Massages & Emails
- Hacking /Illegal access of Websites
- Hacking of Account/Email Address
- Fraudulent Emails
- Fraud through mobile messages regarding Winning of Vehicle
- Misuse of Information on Internet
- Lottery Award Cases
- Electronic Money Laundering and Tax Evasion
- Electronic Vandalism, Terrorism and Extortion
- Sales and Investment Fraud
- Illegal Interception of Telecommunications
- Telecommunications Piracy
- Electronic Funds Transfer Fraud
- Theft of Telecommunications Services
- Communications in furtherance of Criminal Conspiracies
- Dissemination of Offensive Materials
Domestic
Cyber Crime Laws of Pakistan
- Prevention of Electronic Crimes Ordinance, 2007
- Electronic Transactions Ordinance, 2002
- Pakistan Telecommunication (Re-organisation) Act, 1996
- Wireless Telegraphy Act, 1933
- Telegraph Act, 1885
- Federal Investigation Agency Act, 1974
- Payments & Electronic Fund Transfers Act, 2007
To restrict the crackers and
criminals within the social and legal parameters every nation has its own
defined ‘Cyber Crimes Law’ to control the crimes against IT infrastructure,
systems and data (information) using computer and network technologies. A
similar is introduced by government of Pakistan as an ordinance named ETO or
‘Electronic Transaction Ordinance’.
وَإِذَا قِيلَ لَهُمْ لاَ تُفْسِدُواْ
فِى ٱلأَرْضِ قَالُوۤاْ إِنَّمَا نَحْنُ مُصْلِحُونَ
|
Whenever it is said to them, "Spread not disorder on
the earth", their reply is,
"We only seek to put things
aright". [QURAN 2:11]
|
The
Electronic Transaction Ordinance is
an essential prerequisite for e-commerce growth and termed as "a landmark
decision for the IT development of the country"
The Ordinance aimed to achieve: -
1.
Great economic impact.
2.
E-commerce and projecting Pakistan’s
products such as textile, leather goods, sports goods and surgical items to the
world.
3.
Increased e-transactions.
4.
Major benefits for the small and
medium business enterprises as the cost of transactions are greatly reduced
electronically.
5.
Legal and safe trading to take place
as the necessary laws to protect the interests of both the buyers and the
sellers in the process of electronic sales and purchases are protected through
the promulgation of the Electronic Transaction Ordinance 2002
Electronic Transactions Ordinance, 2002 is basically
covers 2 areas:
1. Recognition
of Information in Electronic Form
2. Electronic
Contracts (by means of digital Electronic Contracts)
The offences under the ETO are:
1. Non
bail able
2. Cognizable
and
3. Compoundable
(Section38)
Prevention
of Electronic Crimes Ordinance, 2008
The Prevention of Electronic Crimes Ordinance, 2008
applies to every person who commits an offence under the said Ordinance
irrespective of his nationality or citizenship whatsoever or in any place
outside or inside Pakistan, having detrimental effect on the security if
Pakistan or its nationals or national harmony or any property or any electronic
system or data located in Pakistan or any electronic system or data capable of
being connected, sent to, used by or with any electronic system in Pakistan.
The ordinance i.e. Prevention of Electronic Crimes Ordinance,
2008 gives exclusive powers to the Federal Investigation Agency (FIA) to
investigate and charge cases against such crimes.
The ordinance covers provision for illegal and criminal acts
such as data access, data damage, system damage, electronic fraud, electronic
forgery, spamming, spoofing, cyber terrorism etc
Chapter II of the Prevention of Electronic Crimes Ordinance,
2008 deals with the Offences and Punishments. Punishments range from two years
to death penalty. For the general guidance offences and punishments are mentioned
below:
Section 3 of the
Prevention of Electronic Crimes Ordinance, 2008 deals with criminal access: The
said section states Criminal Access:
Whoever intentionally gains unauthorized access to the whole or
any part of an electronic system or electronic device with or without
infringing security measures, shall be punished with imprisonment of either
description for a term which may extend to two years or with fine not exceeding
three hundred thousand rupees, or with both. Criminal Data Access is an Offence
and Punishable.
Section 4 of the
Prevention of Electronic Crimes Ordinance, 2008 states Criminal data access:
Whoever intentionally causes any electronic system or electronic
device to perform any function for the purpose of gaining unauthorized access
to any data held in any electronic system or electronic device or on obtaining
such unauthorized access shall be punished with imprisonment of either
description for a term which may extend to three years or with fine or with
both.
Section 5 states Data
Damage:
Whoever with intent to illegal gain or cause harm to the public
or any person, damages any data shall be punished with imprisonment of either
description for a term which may extend to three years or with fine or with
both.
Section 6 states
System Damage:
Whoever with intent to cause damage to the public or any person
interferes with or interrupts or obstructs the functioning, reliability or
usefulness of an electronic system or electronic device by imputing,
transmitting, damaging, deleting, altering, tempering, deteriorating or
suppressing any date or services or halting electronic system or choking the
networks shall be punished with imprisonment of either description for a term
which may extend to three years or with fine or with both.
Section 7 states
electronic fraud:
Whoever for wrongful gain interferes with or uses any data,
electronic system or electronic device or induces any person to enter into a
relationship or with intent to deceive any person, which act or omissions is
likely to cause damage or harm to that person or any other person shall be
punished with imprisonment of either description for a term which may extend to
seven years, or with fine, or with both.
Section 8 states
Electronic Forgery:
Whoever for wrongful gain interferes with data, electronic
system or electronic device, with intent to cause damage or injury to the
public or to any person, or to make any illegal claim or title or to cause any
person to part with property or to enter into any express or implied contract,
or with intent to commit fraud by any input, alteration, deletion, or
suppression of data, resulting in unauthentic data with the intent that it be
considered or acted upon for legal purposes as if it were authentic, regardless
of the fact that the data is directly readable and intelligible or not shall be
punished with imprisonment for a term which may extend to seven years, or with
fine or with both.
Section 9 states
Misuse of electronic system or electronic device
Whoever produces, possesses, sells, procures, transports,
imports, distributes or otherwise makes available an electronic system or
electronic device, including a computer program, designed or adapted primarily
for the purpose of committing any of the offences established under this
Ordinance or a password, access code, or similar data by which the whole or any
part of an electronic system or electronic device is capable of being accessed
or its functionality compromised or reverse engineered, with the intent it be
used for the purpose of committing any of the offences established under this
ordinance, is said to commit of misuse of electronic system or electronic
devices. Whoever commits the offence shall be punishable with imprisonment of
either description for a term which may extend to three years, or with fine, or
with both.
Section 10 states unauthorized
access to code:
Whoever discloses or obtains any password, access as to code,
system design or any other means of gaining access to any electronic system or
data with intent to obtain wrongful gain, do reverse engineering or cause
wrongful loss to any other unlawful purpose shall be punished with imprisonment
of either description for a term which may extend to three years or with both.
Section 11 states
Misuse of encryption:
Whoever for the purpose of commission of an offence or
concealment of incriminating evidence, knowledge and willfully encrypts any
incriminating communication or data contained in electronic system relating to
that crime or incriminating evidence, commits the offence of misuse of
encryption shall be punished with imprisonment of either description for a term
which may extend to five years or with fine or with both.
Section 12 states malicious
code:
Whoever willfully writes, offers, makes available, distributes
or transmits malicious code through an electronic system or electronic device,
with intent to cause harm to any electronic system or resulting in the
corporation, distribution, alteration, suppression, theft or loss of data
commits the offence of malicious code. Provided that the provision of this
section shall not apply to the authorized testing, research and development or
protection of an electronic system for any lawful purpose. Whoever commits the
offence shall be punished with imprisonment of either description for a term
which may extend to five years, or with fine or with both.
Section 13 states
Cyber stalking:
Whoever with intent to coerce, intimidate, or harass any person
uses computer, computer network, internet, network site, electronic mail or any
other similar means of communication to communicate obscene, vulgar, profane,
lewd, lascivious, or indecent language, picture or image, make any suggestion
or proposal of an obscene nature, threaten any illegal or immoral act, take or
distribute pictures or photographs of any person without his consent or
knowledge, display or distribute information in a manner that substantially
increases the risk of harm or violence to any other person, commits the offence
of cyber stalking.
Section 14 states
Spamming:
Whoever transmits harmful, fraudulent, misleading, illegal or
unsolicited electronic messages in bulk to any person without the express
permission of the recipient, or causes any electronic system to show any such
message or involves in falsified online user account registration or falsified
domain name registration for commercial purpose commits the offence of
spamming.
Section 15 states
Spoofing:
Whoever establishes a website, or sends an electronic message
with a counterfeit source intended to be believed by the recipient or visitor
or its electronic system to be an authentic source with intent to gain
unauthorized access or obtain valuable information which later can be used for
any lawful purposes commits the offence of spoofing.
Section 16 states unauthorized
interception:
Whoever without lawful authority intercepts by technical means,
transmissions of data to, from or within an electronic system including
electromagnetic system carrying such data commits the offence of unauthorized
interception.
Section 17 states
Cyber terrorism:
Any person, group or organization who, with terroristic intent
utilizes, accesses or causes to be accessed a computer or computer network or
electronic system or electronic device or by any available means, and thereby
knowingly engages in or attempts to engage in a terroristic act commits the
offence of cyber terrorism.
Section 21 states
Offences by corporate body:
A corporate body shall be held liable for an offence under this
Ordinance of the offence is committed on its instructions or for its benefit.
The corporate body shall be punished with fine not less than one hundred
thousand rupees or the amount involved in the offence whichever is the higher
Provided that such punishment shall not absolve the criminal liability of the
natural person who has committed the offence. Corporate body includes a body of
persons incorporated under any law such as trust, waqf, an association, a
statutory body or a company.
These offences would be
tried in tribunal incorporated under this Ordinance and appeal would lie to the
High Court.
No comments:
Post a Comment