Cyber Crime in the U.S. : Realities, Law & Practices
- LanguageKorean
- Authors Sanghyun Lee
- ISBN978-89-7366-860-1
- Date December 01, 2010
- Hit424
Ⅰ. Introduction
As computer got popular, nearly 60 % of all homes in the U.S. have been equipped with personal computers. The number of people using online resources has grown rapidly during the last two decades and it will continue to proliferate. 1) Recent emergences of mobile devices with internet accessibility, such as i Phone, and portable computer, such as i Pad, with wireless communication tools are expected to widen and expedite the usage of computer network supported by high technology. As usual in every human society, convenience obtained through the saving of time and money by using computer, however, unintentionally accompanies the problems of misuse or abuse. An increasing level of dependence on computers and internet has rendered the effect of cyber crime serious and devastating.
[ 1) Jessica Habib, Cyber Crime and Punishment: Filtering Out Internet Felons, in Indira Carr, Computer Crime, 464 (Ashgate Pub., 2009).]
In spite of growing interests of international community in cybercrime, this thesis will confine its research into the law which the U.S. Congress legislated to punish cybercrimes due to limitation of time and efforts. International approaches regulating cybercrimes will be researched with another research in the new future. The U.S. was the representative one of the advanced countries which penalized cybercrimes with criminal law. The U.S. Congress reacted with federal criminal code against damages through cybercrimes. On the other hand, American judicial rules have been developed to deal with the issue of cybercrimes for a few decades.
The main purposes of this research are to investigate reality and typical aspects of cyber crimes in the U.S., and to introduce its legislative responses and legal challenges, thereby offering comparative legal perspectives for developing countries to consider in adopting legislative measures to deal with cybercrimes. As the U.S. have the longest history in using computers and the level of settling ‘rule of law’ principle in its legal system is appreciated the highest among advanced countries, the U.S. is deemed to have the most sophisticated regime to deal with cyber crimes as negative side effects of widespread computer usage. Through researching legislative measures including statutes as well as case laws, this thesis is to summarize development of American laws regulating cybercrimes and to analyze characteristics of American laws controlling respective kind of cybercrimes.
Concretely speaking, the thesis consists of total six chapters. While chapter 1 is introduction of the thesis, chapter 2 addresses categories of cybercrimes and major characteristics of the crimes. Moreover, chapter 3 researches the U.S. criminal statutes regulating cybercrimes from the perspective of legislative history. Chapter 4 examines legal issues accompanied to the criminal statutes, and derivative discussions. Chapter 5 investigates into characteristics of overall criminal procedure dealing with cybercrimes, such as investigation, prosecution and judgment under criminal trial, and execution of the judgment. Chapter 6 summarizes all the researches, predicts the future aspects of cybercrimes, and suggests directives for future legal responsiveness.
Through this research, the countries where their legislative bodies are currently considering or preparing the enactment of criminal statutes penalizing cybercrimes can have precious lessons for driving their legislative policy regarding cybercrimes in light of the U.S. experiences.
Ⅱ. The Result of Research
1. Summary of Thesis
Overall, this thesis has reviewed current challenges, legal measures to deal with the challenges, judicial disputes, and practices of cyber crimes in the U.S. After in detailed review of diverse aspects of the American cyber crimes, this thesis pointed out their main characteristics and divided the aspects into three main categories. To each category of cyber crimes, the U.S. has developed legislative and judicial regimes. Chapter three demonstrated the development of legislative counter measures to cyber crimes and evolution of judicial rules regarding criminal procedure regulating cyber crimes. Major legislations from one controlling unauthorized access through one protecting national security and children’s sound mentality to one dealing with criminal procedure have been implemented through enactments in the U.S. Congress. The development of evidentiary rules was explained regarding qualification of expert witness and digital evidence through American courts.
As chapter four examined, however, several legislations have been decided as unconstitutional due to conflicts with the First and Fourth Amendment. This thesis introduced decisions of the U.S. judicial body regarding the legislations penalizing and regulating cyber crimes from the perspective of constitutionality of the laws with focus on constitutional disputes.
Chapter five of the thesis, moreover, reviewed collaborative organizations and works of the American criminal justice system treating cyber crimes, and basic application of forensic computer science. The chapter studied unique characteristics of cyber crime investigation, particularly on both obtaining and executing a search warrant for e evidence & on multiple participants. In terms of prosecution of cyber criminals, technological issues related to computer evidence tend to require sophisticated treatments and tips unlike ordinary criminal procedure, such as expert’s use of plain languages during his/her testimony. This thesis added sentencing issues in trials of cyber crime.
2. Lessons from Study over Cyber Crime in the U.S.
Globalization through using the Internet is transcending geographical borders and integrating computer networks spread out in the world. A regional issue in the past decades can become a global problem influencing other remote countries as well as neighboring countries. Under the globalized trend and widespread usage of computers, cybercrime and its counter veiling security issues have become common challenges which overall countries have faced and should contribute their efforts to overcome. The review of the U.S. cyber
legislations and practices regulating the cyber crimes would be precious data for other countries to take notice of before beginning the process of enacting/implementing the legislations controlling cybercrimes. It is because the U.S. is one of representative countries which have enjoyed both the widespread usages of computer and high leveled legal development.
As chapter 2 of the thesis demonstrates, since 1970s, the U.S. have experienced the evolving cybercrimes and addressed the crimes with enacting and implementing new laws. Practical wisdom to deal with the crimes has been accumulated through books, reports, and journal articles. Although some of legislators’ efforts to prevent cybercrimes have been stricken by constitutional problems, legislations dealing with cybercrimes have been developed to overcome the problems. The developed legislations are considered to overcome legal problems and work as effective foundations to punish cyber criminals. From the institutional perspective, politicians established new governmental agencies in charge of cybercrimes and operated them with the special treatment. There were division of works between state and federal agencies, but the division looked not to reveal fatal loophole in terms of jurisdictions of state and federal law. Law enforcement agencies’ cooperation with the private sector supports development of forensic science, and contributes to overcoming insufficient technical skills and building knowledge of sophisticated structure of computer network in the public sector. Overall development of law, institutional response, division of works in each jurisdiction, and cooperation of public sectors with private sectors are the important points worthy of being considered and adopted by other countries.
3. Prospects of Legal Responses to Cybercrime
There are doubts regarding whether legal system of which the development takes time can properly control high technology crimes in the future. It seems that the technology changes faster than rules and legislations. Biegel argues that code based regulation would be the alternative method to regulate crimes. The code based regulations have such advantage that cybercrimes involving up to dated development of technology may be effectively controlled through use of code preventing misuse. However, it should be noted that software designed to aid the commission of crimes has activated cybercrimes e.g. through virus program or malware. Therefore, code based regulation is expected to play a role to supplement loopholes of criminal statutes.
From the legal perspective, legislation, among other things, criminal statute, should be established to penalize illegal activities in cyberspace. Without statutes addressing the activities, it would be difficult for judicial body to make up new interpretation of penalizing cybercrimes from traditional crime statutes. On the basis of anti cybercrime statutes, appropriate judicial reasonings can be derived from new criminal phenomena in cyberspace.
Then, law enforcement agencies should be disciplined and operated so as to deal with cybercrimes in a professional way. Although it discourages policy decision makers that officers who had been trained to control cybercrimes through spending public fund moved to private sector, investment of money to educate and train individuals in computer forensic areas is necessary to build up the capacity of law enforcement agencies.
Code based regulation, legal response, and training of law enforcement agencies will work in an insufficient way if the public who uses the Internet do not have awareness of cybercrimes and their aspects. Preventing the Internet users from falling as potential victims needs the process of target hardening. The process includes awakening the internet users with instruction of unknown types of cybercrimes and their damages, and the convenient ways to protect themselves from the cybercrimes.
4. Suggestions for Other Countries regarding Measures Preventing Cybercrimes
(1) Developing Legislation Controlling Cybercrimes
In light of the difficulty to keep up with speed of cybercrime occurrence, Britz, a researcher argues that legislation should be neutral to technology and that it should establish users’ accountability for using network, particularly the Internet. He argues that newly established legislation should be generic enough to cover development of technology, thereby maintaining its effectiveness throughout rapid progress of information technology. His suggestion is acceptable in a point where elemental issues of cybercrimes in the legislation, such as intent or breaking into network, should provide a broad foundation for diverse methodologies under rapid development. However, as new types of technological devices and their derivative criminal misbehaviors are sometimes very difficult to be caught with old law and provisions, new law and provisions need to be enacted to effectively counter act the diverse challenges of cybercrimes.
(2) Promoting Security Measures
In addition to legal and political measures to effectively treat and punish cybercrimes, security measures to prevent the crimes in advance have been highlighted with the equal importance. The National Cyber Security Alliance (NCSA) under partnership with the industry sector has played an important role in promoting public awareness about the necessity of information security. The U.S. government responded to the efforts by declaring National Cyber Security Awareness Month, and academic institutions supported the national initiative through campaigning and holding academic conferences. The focus of future policy should be placed on development of information security as much as on that of information technology.
(3) Fostering Professionals through Education & Benefit
The U.S. government’s efforts to foster professional education regarding information security and cybercrime prevention with scholarship, fellowship, and grants are noteworthy. For several years, the National Security Agency in partnership with the National Science Foundation has sponsored a nation wide professional education to raise information security experts and the NSF have provided grants to academics to support their endeavors to research and teach information security. Currently, operating are professional certificate training programs such as the Certification in Information System Security Professional, and the Certified Information Systems Auditor. Governments in other countries need to establish their unique systems in light of the U.S. education and professional system because the formal education system and experts group in this area can work as continuously operating fountains which produce vital resources and promote cyber security.
As computer got popular, nearly 60 % of all homes in the U.S. have been equipped with personal computers. The number of people using online resources has grown rapidly during the last two decades and it will continue to proliferate. 1) Recent emergences of mobile devices with internet accessibility, such as i Phone, and portable computer, such as i Pad, with wireless communication tools are expected to widen and expedite the usage of computer network supported by high technology. As usual in every human society, convenience obtained through the saving of time and money by using computer, however, unintentionally accompanies the problems of misuse or abuse. An increasing level of dependence on computers and internet has rendered the effect of cyber crime serious and devastating.
[ 1) Jessica Habib, Cyber Crime and Punishment: Filtering Out Internet Felons, in Indira Carr, Computer Crime, 464 (Ashgate Pub., 2009).]
In spite of growing interests of international community in cybercrime, this thesis will confine its research into the law which the U.S. Congress legislated to punish cybercrimes due to limitation of time and efforts. International approaches regulating cybercrimes will be researched with another research in the new future. The U.S. was the representative one of the advanced countries which penalized cybercrimes with criminal law. The U.S. Congress reacted with federal criminal code against damages through cybercrimes. On the other hand, American judicial rules have been developed to deal with the issue of cybercrimes for a few decades.
The main purposes of this research are to investigate reality and typical aspects of cyber crimes in the U.S., and to introduce its legislative responses and legal challenges, thereby offering comparative legal perspectives for developing countries to consider in adopting legislative measures to deal with cybercrimes. As the U.S. have the longest history in using computers and the level of settling ‘rule of law’ principle in its legal system is appreciated the highest among advanced countries, the U.S. is deemed to have the most sophisticated regime to deal with cyber crimes as negative side effects of widespread computer usage. Through researching legislative measures including statutes as well as case laws, this thesis is to summarize development of American laws regulating cybercrimes and to analyze characteristics of American laws controlling respective kind of cybercrimes.
Concretely speaking, the thesis consists of total six chapters. While chapter 1 is introduction of the thesis, chapter 2 addresses categories of cybercrimes and major characteristics of the crimes. Moreover, chapter 3 researches the U.S. criminal statutes regulating cybercrimes from the perspective of legislative history. Chapter 4 examines legal issues accompanied to the criminal statutes, and derivative discussions. Chapter 5 investigates into characteristics of overall criminal procedure dealing with cybercrimes, such as investigation, prosecution and judgment under criminal trial, and execution of the judgment. Chapter 6 summarizes all the researches, predicts the future aspects of cybercrimes, and suggests directives for future legal responsiveness.
Through this research, the countries where their legislative bodies are currently considering or preparing the enactment of criminal statutes penalizing cybercrimes can have precious lessons for driving their legislative policy regarding cybercrimes in light of the U.S. experiences.
Ⅱ. The Result of Research
1. Summary of Thesis
Overall, this thesis has reviewed current challenges, legal measures to deal with the challenges, judicial disputes, and practices of cyber crimes in the U.S. After in detailed review of diverse aspects of the American cyber crimes, this thesis pointed out their main characteristics and divided the aspects into three main categories. To each category of cyber crimes, the U.S. has developed legislative and judicial regimes. Chapter three demonstrated the development of legislative counter measures to cyber crimes and evolution of judicial rules regarding criminal procedure regulating cyber crimes. Major legislations from one controlling unauthorized access through one protecting national security and children’s sound mentality to one dealing with criminal procedure have been implemented through enactments in the U.S. Congress. The development of evidentiary rules was explained regarding qualification of expert witness and digital evidence through American courts.
As chapter four examined, however, several legislations have been decided as unconstitutional due to conflicts with the First and Fourth Amendment. This thesis introduced decisions of the U.S. judicial body regarding the legislations penalizing and regulating cyber crimes from the perspective of constitutionality of the laws with focus on constitutional disputes.
Chapter five of the thesis, moreover, reviewed collaborative organizations and works of the American criminal justice system treating cyber crimes, and basic application of forensic computer science. The chapter studied unique characteristics of cyber crime investigation, particularly on both obtaining and executing a search warrant for e evidence & on multiple participants. In terms of prosecution of cyber criminals, technological issues related to computer evidence tend to require sophisticated treatments and tips unlike ordinary criminal procedure, such as expert’s use of plain languages during his/her testimony. This thesis added sentencing issues in trials of cyber crime.
2. Lessons from Study over Cyber Crime in the U.S.
Globalization through using the Internet is transcending geographical borders and integrating computer networks spread out in the world. A regional issue in the past decades can become a global problem influencing other remote countries as well as neighboring countries. Under the globalized trend and widespread usage of computers, cybercrime and its counter veiling security issues have become common challenges which overall countries have faced and should contribute their efforts to overcome. The review of the U.S. cyber
legislations and practices regulating the cyber crimes would be precious data for other countries to take notice of before beginning the process of enacting/implementing the legislations controlling cybercrimes. It is because the U.S. is one of representative countries which have enjoyed both the widespread usages of computer and high leveled legal development.
As chapter 2 of the thesis demonstrates, since 1970s, the U.S. have experienced the evolving cybercrimes and addressed the crimes with enacting and implementing new laws. Practical wisdom to deal with the crimes has been accumulated through books, reports, and journal articles. Although some of legislators’ efforts to prevent cybercrimes have been stricken by constitutional problems, legislations dealing with cybercrimes have been developed to overcome the problems. The developed legislations are considered to overcome legal problems and work as effective foundations to punish cyber criminals. From the institutional perspective, politicians established new governmental agencies in charge of cybercrimes and operated them with the special treatment. There were division of works between state and federal agencies, but the division looked not to reveal fatal loophole in terms of jurisdictions of state and federal law. Law enforcement agencies’ cooperation with the private sector supports development of forensic science, and contributes to overcoming insufficient technical skills and building knowledge of sophisticated structure of computer network in the public sector. Overall development of law, institutional response, division of works in each jurisdiction, and cooperation of public sectors with private sectors are the important points worthy of being considered and adopted by other countries.
3. Prospects of Legal Responses to Cybercrime
There are doubts regarding whether legal system of which the development takes time can properly control high technology crimes in the future. It seems that the technology changes faster than rules and legislations. Biegel argues that code based regulation would be the alternative method to regulate crimes. The code based regulations have such advantage that cybercrimes involving up to dated development of technology may be effectively controlled through use of code preventing misuse. However, it should be noted that software designed to aid the commission of crimes has activated cybercrimes e.g. through virus program or malware. Therefore, code based regulation is expected to play a role to supplement loopholes of criminal statutes.
From the legal perspective, legislation, among other things, criminal statute, should be established to penalize illegal activities in cyberspace. Without statutes addressing the activities, it would be difficult for judicial body to make up new interpretation of penalizing cybercrimes from traditional crime statutes. On the basis of anti cybercrime statutes, appropriate judicial reasonings can be derived from new criminal phenomena in cyberspace.
Then, law enforcement agencies should be disciplined and operated so as to deal with cybercrimes in a professional way. Although it discourages policy decision makers that officers who had been trained to control cybercrimes through spending public fund moved to private sector, investment of money to educate and train individuals in computer forensic areas is necessary to build up the capacity of law enforcement agencies.
Code based regulation, legal response, and training of law enforcement agencies will work in an insufficient way if the public who uses the Internet do not have awareness of cybercrimes and their aspects. Preventing the Internet users from falling as potential victims needs the process of target hardening. The process includes awakening the internet users with instruction of unknown types of cybercrimes and their damages, and the convenient ways to protect themselves from the cybercrimes.
4. Suggestions for Other Countries regarding Measures Preventing Cybercrimes
(1) Developing Legislation Controlling Cybercrimes
In light of the difficulty to keep up with speed of cybercrime occurrence, Britz, a researcher argues that legislation should be neutral to technology and that it should establish users’ accountability for using network, particularly the Internet. He argues that newly established legislation should be generic enough to cover development of technology, thereby maintaining its effectiveness throughout rapid progress of information technology. His suggestion is acceptable in a point where elemental issues of cybercrimes in the legislation, such as intent or breaking into network, should provide a broad foundation for diverse methodologies under rapid development. However, as new types of technological devices and their derivative criminal misbehaviors are sometimes very difficult to be caught with old law and provisions, new law and provisions need to be enacted to effectively counter act the diverse challenges of cybercrimes.
(2) Promoting Security Measures
In addition to legal and political measures to effectively treat and punish cybercrimes, security measures to prevent the crimes in advance have been highlighted with the equal importance. The National Cyber Security Alliance (NCSA) under partnership with the industry sector has played an important role in promoting public awareness about the necessity of information security. The U.S. government responded to the efforts by declaring National Cyber Security Awareness Month, and academic institutions supported the national initiative through campaigning and holding academic conferences. The focus of future policy should be placed on development of information security as much as on that of information technology.
(3) Fostering Professionals through Education & Benefit
The U.S. government’s efforts to foster professional education regarding information security and cybercrime prevention with scholarship, fellowship, and grants are noteworthy. For several years, the National Security Agency in partnership with the National Science Foundation has sponsored a nation wide professional education to raise information security experts and the NSF have provided grants to academics to support their endeavors to research and teach information security. Currently, operating are professional certificate training programs such as the Certification in Information System Security Professional, and the Certified Information Systems Auditor. Governments in other countries need to establish their unique systems in light of the U.S. education and professional system because the formal education system and experts group in this area can work as continuously operating fountains which produce vital resources and promote cyber security.
File
-
16-01미국_사이버범죄의_현실_법_실무_이상현.pdf
(1.99MB / Download:755)
Download