Cybersecurity Policies without Borders
Cyberspace and Cybersecurity Law Makers
Cybersecurity is how persons, organizations, or bodies work towards reducing cyber attacks by protecting data and programs from being damaged, stolen, or attacked by spammers or hackers. Several bodies provide cyber security laws, including the federal and state governments. The federal government is one of the bodies entrusted with the responsibility of making laws related to cybersecurity. The three major cybersecurity regulations passed by the federal government in the United States include the 1996 Health Insurance Portability and Accountability Act (HIPAA), the Hamm-Leach-Bliley Act enacted in 1999, and the 2002 Homeland Security Act (Kostopoulos, 2017). These three regulations were vital as they ensured that healthcare firms, financial bodies, and federal agencies protected their confidential information against access by unauthorized parties. However, these regulations do not address computer-related industries nor specify the cybersecurity measures that need to be implemented and only require a reasonable level of security to be maintained. The vague language used in drafting the laws found in these regulations gives organizations leeway for an extended set of interpretations (Kostopoulos, 2017). An evident argument is that companies are unwilling to invest sufficiently in securing their data unless the government compels them to do so.
The other entity that can also make cyberspace laws is the state government. State governments can formulate and pass state laws on cybersecurity to foster organizations’ visibility towards various security threats. California is one of the states that passed the Security Breach Act in 2003. This act required all the companies that maintained citizens’ personal information to disclose the details of the security breach upon their occurrence concerning social security number, credit card number, driver’s license number, or any other financial information (Kostopoulos, 2017). Other states in the United States have followed suit by crafting their security breach regulations. During the following year, California also passed the Assembly Bill 1950, which required businesses to maintain a record of citizens’ personal information to establish a reasonable level of security to prevent third-party infiltration (Kostopoulos, 2017). However, an appropriate level of cyber security leaves broader room for interpretation that may make the work of hackers easier concerning the accessibility of confidential information.
Laws that apply once cybercrime crosses national and international boundaries and their importance
Various laws apply once cybercrime crosses national and international boundaries. The first law is known as the Convention on Cybercrime Law. This law applies to international borders because it protects computer systems’ integrity by criminalizing unauthorized access to systems using various techniques. This law grants countries the right to develop laws in their domestic jurisdiction to prevent unauthorized access to part of the system by third parties without the right to do so (Siregar & Sinaga, 2021). This act covers a wide array of communication because access includes entering another system through internet attacks and unauthorized access to computers not connected to any network. The other law that governs cybercrime internationally is the commonwealth and computer-related crimes model law (Siregar & Sinaga, 2021). This law makes unauthorized access to personal information punishable with five years in jail, a fine of $10,000, or both.
Consistently, the Convention on Cybercrime Law also covers cybercrime internationally. This law protects data on non-public transmissions by criminalizing unauthorized interceptions. This act protects electronic transfers between two parties in various jurisdictions by protecting their voice conversations or data transfers against illegal tapping or unauthorized recording (Siregar & Sinaga, 2021). This law allows each country to formulate criminal laws against interception without rights. The respective domestic law may outline the punishment that may be meted out against parties that engage in interception with dishonest intent. In this law, interception relates to retrieving electronic data during transfer. This law does not cover access to information stored on a hard disk. Additionally, the term transmission covers all data transfers by telephone, fax, or file transfer (Siregar & Sinaga, 2021). The provisions in Article Three only apply to non-public transmissions, whereby the transmission process is deemed private and confidential.
Lastly, the Stanford draft convention law. This is the last law under consideration that governs cybercrime as it relates to the interference of computer data. This law stipulates two general conventions relating to illegal access or access without the organization’s or the owner’s consent. The first provision is that an individual is deemed engaged in unlawful engagement if he creates, alters, deletes, transmits, manipulates, or interferes with the data in a cyber-system to cause the cyber-system to cease functioning (Siregar & Sinaga, 2021). The second provision that holds an individual guilty under this law is if an individual alters, deletes, transmits, or manipulates the data in a cyber-system to inflict substantial damage to the person or property.
Who creates policy and enforces these laws
Various international bodies, for instance, the United Nations and the International Telecommunication Union, must create and enforce cybersecurity policies. The United Nations is a body that formulates cybersecurity policies through its Security Council secretariat. The United Nations established the Security Council in 1945, primarily aiming to maintain international peace and security (Delbert, 2018). It does so by investigating any dispute that may lead to international friction and determining the proper ways of fostering international peace and security. Since extensive Internet use has given rise to cybercrime, the Security Council has the legitimate authority to create binding international law (Delbert, 2018). Even though it operates under the U.N., the member states of the United Nations have agreed to execute the decisions reached by the Security Council regarding international peace and security.
The International Telecommunication Union is the other international body that initiates cybersecurity policies. ITU launched the Global Cybersecurity Agenda (GCA) in May 2007, which is focused on proposing strategies for solutions against various forms of cyber threats. The Global Cybersecurity Agenda has five pillars: legal measures, technical and procedural standards, organizational structures, capacity building, and international cooperation (Delbert, 2018). The legal measures pillar focuses on enhancing the citizens’ understanding of cybercrime laws, especially in developing nations. On the other hand, the technical and procedural measures focus on standardization and recommendation of the security standards roadmap. Organization structures outline how CIRT deployment, cooperation, and information work together to enhance a safe workplace environment (Delbert, 2018). Finally, capacity building entails offering technical assistance and conducting cybersecurity seminars to foster comprehension of cybersecurity measures. International cooperation seeks to unite organizations such as ABI Research, Interpol, Trend Micro, CCI, and UNODC to store and transfer confidential information between parties efficiently.
References
Delbert, R. J. (2018). Toward a human-centric approach to cybersecurity. Ethics & International Affairs, 32(4), 411-424.
Kostopoulos, G. (2017). Cyberspace and cybersecurity. Auerbach Publications.
Siregar, G., & Sinaga, S. (2021). The Law Globalization in Cybercrime Prevention. International Journal of Law Reconstruction, 5(2), 211-227.
ORDER A PLAGIARISM-FREE PAPER HERE
We’ll write everything from scratch
Question
Unlike countries, the Internet is not confined to specific national borders or geopolitical boundaries, defying traditional governance. Perform research in the CSU Online Library and the Internet, and answer the following questions:
1. Who can make the laws applicable to cyberspace and cybersecurity?
2. What laws apply once cybercrime crosses national and international boundaries? Why are they important?
3. Who creates policy and enforces these laws?
Provide examples within your paper. Your paper should be three to five pages long and in APA format. You may use your textbook as source material for your assignment. You must also use three outside sources,