Insufficiency of Laws and Regulations within the Cyber Security Realm
Insufficiency of Laws and Regulations within the Cyber Security Realm
For the research paper, I would like it to involve finding out why there is an insufficient number of laws and regulations on cybersecurity and the negative impact this makes.
Research papers are to be 8-10 pages not including title page and bibliography. Please utilize a MINIMUM of 3 DIFFERENT academic sources, **Note Wikipedia is NOT an academic source and should not be used for this paper. Academic journals, books, and government websites are the best sources to use. Papers should include:
(1) Title Page
(2) Body of the paper (8-10 pages)
Any questions please reach out. Thank you for your assistance.
The emergence of information and network technologies in the twenty-first century resulted in increased interconnectedness across the globe. These technological inventions that continue to emerge every day have been associated with a wide range of benefits, including the fact that they have resulted in increased communication trespassing local and international physical boundaries (Oren, 2015). However, this increased interconnectedness has also led to more risks of cyber-criminal activities. Many laws have been established and enacted to minimize the rampant cases of cybercrime being witnessed, especially with increased digitalization and the rise of social media. However, the cyber-criminal activities continue to persist, demonstrating the inadequacy and insufficiency of the laws and regulations within this realm.
Current Laws and Regulations
Cyber security has become an issue of much greater concern to individuals, organizations, and even the government. The advent of each new technological invention is accompanied by new risks that lawmakers have to develop laws for. The spontaneous emergence of new cyber security risks has become so common that it is gradually being accepted as a normal cost of operating in a digital era.; However, the government and regulation agencies have taken it upon themselves to develop a set of laws that can help minimize the damage caused by these risks despite the complexities that come along with trying to control and monitor the digital space. There are different types of laws that have been established by regulation agencies and the governments to prevent different types of cyber-criminal activities (Oren, 2015). The punishable crimes include the unauthorized access of data and information, distribution of cyber resources for criminal activities, extortion and fraud, possession of resources used in committing cyber-criminal activities, identity theft, phishing, electronic theft, and unsolicited penetration testing. Different laws have been developed to punish these crimes and minimize their occurrences, particularly in a shifting digital era.
Many laws have been established locally and internationally with an intention to provide safety and security in the complex cyberspace. The Federal Computer Fraud and Abuse Act (CFAA) was established to be the primary statutory system that can guide how cyber-criminal activities are dealt with and prosecuted. This law acts as the cover of other numbers of laws that look into the different types of cyberspace violation. The act also covers explains the types of criminal activities and how each crime should be punished and has specific prohibitions from unauthorized data and information (Ajayi, 2016). For instance, the act specifies that any individual who accesses national security information without any authority will be imprisoned for more than 10 years. Other crimes that the act covers include trafficking in passwords, fraud, extortion threats, and intentional damaging of a computer.
There are other laws that have been applied to control cybercrime, including the Electronics Communications Protection Act (ECPA), which is dedicated to the security of communications in transit and storage units. Under the ECPA, is the Stored Communications Act, which states that accessing a facility that offers an electronic communications service (ECS) without any authorization with an intent to cause damage is a criminal violation that could lead to more than 10 years imprisonment (Oren, 2015). It is important to acknowledge that these laws have played some instrumental role in trying to make the cyberspace safe. However, the laws are still considered inefficient considering the rampant cases of cybercrime activities that are still ongoing in the contemporary cyberspace today. Therefore, it is critical to explore the gaps and weaknesses of these laws and how they can be rectified.
Insufficiency of Above Laws and Regulations
Despite so many efforts to introduce laws and regulations, security screens and other efforts, cyber offenses continue to persist. In the beginning of this decade, popular e-commercial sites including Yahoo and eBay were hacked and shut down by cybercriminals. This attack captured the Congress attention leading to eliciting of many bills that would help prevent similar attacks in the future (Sai, 2013). However, the impact of these laws was yet to be felt as more attacks continued to persist even in the coming years. With the advent of digital technologies, the hacking techniques continued to become complex, with even the strongest national security systems being hacked. For instance, in 2020, the US federal government suffered from a series of data breaches committed by a group that the government of Russia allegedly backed. This attack was not only on the US Federal Government but also on other major organizations such as NATO, THE European Parliament, and Microsoft, the institutions that one would expect to have the strongest security systems that cannot be easily hacked. These are just a few examples of cyber-attacks in the 21st century that have demonstrated the vulnerability of many systems across the globe. As more technologies are being invented globally, the security challenges remain the same, raising the question about the effectiveness of the existing laws and regulations.
One of the main challenges is that the laws are not modified or amended to meet the dynamic needs of the digital world. A major challenge for existing cyber laws is the rapidly emerging trends influenced by the rise in the usage of digital technology. The rise in activities in the mobile ecosystem presents major challenges for mobile laws. The intensive use of mobile devices has resulted in a vast mobile ecosystem posing new challenges for cyber legal jurisprudence. The current laws do not consider this widening ecosystem and how to meet the legal challenges. With new trends and new inventions, governments and agencies need to design laws that align with the new changes (Oren, 2015). However, these institutions expect the traditional law framing techniques to apply to the emerging issues. The result is laws that are not applicable and are ineffective in solving the emerging issues.
New technologies present new ways for cyber-criminal activities. The 21st century saw a rise in social media usage with platforms such as Facebook, Instagram, Twitter, LinkedIn, and YouTube, becoming very popular among people of all ages. Simultaneously, there was a rise of other technological inventions; therefore, cybercriminals enjoy increased interconnectivity and modern and fast technologies that can help them commit their atrocities easily (Sai, 2013). However, most regulation and law agencies do not have the resources to keep up with the changing tactics of cybercriminals. Their inability to keep up with these dynamics makes it easy for cybercriminals to continue their atrocities without fear of being punished by the law.
The increased politicization of the issue and lack of collective actions by local and international agencies and states makes it impossible for the laws to work as expected. For instance, as mentioned above, the US Federal Government data breach was attributed to a group of hackers backed by the Russian government. This is one of the many cases where local and global leaders fail to act collectively in solving the issue of cybersecurity crimes. Yet, these leaders are supposed to enact and enforce these laws to ensure that a cyber-safe space is available to all individuals. When leaders break the laws they are intended to protect and enforce, it becomes impossible for these laws to bring in any positive changes. In addition, continued politicization and debates about the laws also prevent timely and effective implementation and monitoring.
Other external factors pose a major challenge to the implementation of the existing laws. The digital working environment has been posed by more challenges that will impact the cybersecurity industry, necessitating for more recommendations for more effective laws and policies. For instance, the Covid-19 pandemic triggered increased remote working which implies that a distributed work environment will lead to increase cybersecurity risks in number and scale. The 5G applications that have been ushered in in the last year will increase new cyber security risks due to their high speed and responsiveness. The increased use of blockchain and cryptocurrency will also lead to increased cases of identity theft and security breaches (Ajayi, 2016). The changes in the digital world necessitate better laws and policies as well as the modification and amendment of previous laws that are still proving to be ineffective. Some of these changes are unforeseen and unpredictable and regulators have to take their time analyzing them before introducing laws that are applicable and effective. The existing laws may not be highly applicable to these changes, and therefore, cybercriminal activities are very likely to happen. Moreover, it is important to point out that by the time lawmakers grasp and have knowledge of these changes and start formulating new laws, other important inventions or changes occur necessitating new laws. Simply put, it is difficult for lawmakers to keep up with the rapidly changing trends in the digital world.
There is no effective reporting of data, and most of all, agencies lack sufficient resources to help in the collection of this data for necessary measures to be introduced. Lawmakers and enforcers face major challenges when investigating cyber crimes, including the anonymity concept that has come along with social media and digital technologies. Cybercriminals use anonymity networks to conduct their criminal activities, including hiding IP address and encrypting traffic. Anonymity allows free flow of information without the user behind it fearing repercussions of the low. The lack of overriding legal reasons that restrict this free flow of information makes it impossible for lawmakers to track down and charge those who violate the cyberspace.
Conclusion and Recommendations
In conclusion, the digital space is rapidly changing, with new technologies being invented everyday. The rise of new technologies and the dynamic working environment has resulted in increased cyber security risks. The traditional law framing and effort’s of fighting cyber security crimes have demonstrated to be inefficient so far (Ajayi, 2016). Therefore, there is a need for governments and law agencies to devise new laws and techniques of making the cyberspace more safe. The recommendations below provide brief solutions that can be adopted to help in reducing these cyber risks and ensuring that effective laws are developed.
The first step is reviewing all existing laws, identifying the effective ones and eliminating the insignificant laws. Aforementioned, the traditional law framing is not applicable to the needs of the contemporary digital world. It is vital for the existing laws to be reviewed and be modified to align with the ongoing changes. This way more effective laws will be enacted, helping improve the cyberspace. In line with this resolution, governments should ensure that the concerned agencies have adequate resources to conduct extensive research and develop reports and recommendations regarding which laws should be improved and which should be eliminated. It should also allocate adequate resources to help in the implementation and enforcement of the new and modified laws to increase the chances of fighting cyber security risk.
Mass education and campaigns are critical in educating the public about the internet and its laws. It is important to remind the public about their role in observing laws even while using the internet and the consequences that arise if the laws are not followed. For instance, reminding them that impersonation and identity theft will increase their chances of going to jail will trigger fear and increased obedience to the law. Many people have become ignorant of cyber-criminal activities which have made them become easy targets for cybercriminals (Sai, 2013). For instance, many people fail to understand that issues such as viruses, malware and spam messages lead to one unconsciously providing access to hackers. Many have normalized such issues and fail to report to the right agencies increasing the vulnerability of their data and system. Therefore, these mass campaigns and educations will educate and empower people with knowledge regarding cybercrimes and when to get help.
The primary law enforcement dealing with cybercrime require continuous training and be equipped with legal knowledge pertinent to laws regarding cyber security. As mentioned the cyber-criminal activities are evolving with new technologies and inventions. Cybercriminals are sharpening their techniques, making it impossible for law enforcers without technology knowledge to deal with them. Therefore, it is important to continuously provide them with knowledge and ensure that their knowledge continues to keep up with that of cybercriminals.
For adequate data to be collected, criminal activities are followed through, and there be increased vigilance and monitoring,the law enforcement agencies require more manpower and resources. Cybercriminals take advantage of anonymity since it makes it difficult for law enforcers to track down the IP address or network of the criminal. These technologies will be instrumental in helping these agencies develop modern technologies that can track these IP addresses and catch these criminals. With these capabilities, more criminals will be afraid of engaging in cyber-criminal activities.
Strict laws also have to be introduced, including the requirement that logs and registers for internet usage have to be maintained per the service provider. This way, it becomes easy for law agencies to track down criminals. Currently, the difficulties in tracing have been linked to a lack of data on the ISP, making it easy to verify the identity of the customers. It should be made mandatory for these ISP to maintain login records of users to make it easy for law enforcers to track down criminals (Oren, 2015). These recommendations will be instrumental in reducing cybercrime cases and improving the effectiveness of cyber security law, which will result in safe and secure cyberspace.
Ajayi, E. (2016). Challenges to enforcement of cyber-crimes laws. Journal of Internet and Information, 6(1), 1-12.
Oren, G. (2015). Cyber Responsibility to Protect: Legal Obligations of States Directly Affected by Cyber-Incidents. Cornell International Law Journal , 48, 1-32.
Sai, S. (2013). EMERGING TRENDS & CHALLENGES IN CYBER LAW. International Journal of Advances In Computer Science and Cloud Computing, 1(1).