For many that are involved in one crime or the other, cybercrime is a curse in the 21st century. There are many criminal networks that have been developed the world over and are involved in cyber crime. The potential revenues that can be earned from the Internet are enormous but unfortunately, the tools that are used to catch the criminals are not reliable or sufficient enough to deal with these crooks. The bad thing is that the victims increase by the day. Things were not like this before. In the ancient days, cybercrime was thought to be for jokers who wanted to show the whole world how the knowledge they had on networks. This is no longer the case. With online banking and many other transactions, cyber-crime has come out to be sophisticated as it is driven by full professionals out to make a kill out of the online bank accounts. They have a well defined mission: to siphon money from online stores and bank accounts.
It is unbelievable that cybercrime was rising until recently when attorneys did not possess much information on this new field of information technology. Some of the laws that were used to curb cybercrime were not efficient enough to cover all aspects of the crime. This is no longer the case with the fact that many people are becoming enlightened on these crimes. There are many gadgets that help individuals to fight the crime. As many people got exposed to this crime, crimes like child trafficking and Internet pornography have been controlled. In the twentieth century, cyber crime was the leading earner for most of the criminal gangs. With lack of execution of cyber crime the world over, the war against this cyber crime is still far from being over.
When it comes to cyber crime, the possibility of a criminal to be in two different places is common. This is where cybercrime differ with the traditional criminal. A criminal can comfortably commit a crime in London while he is actually in Canada. For this type of crime to be fought successfully then, there is need to come up with a universal law and enforce it in all nations.
The Fourth amendment of the United States prohibits searches which are not reasonable and seizures. The particular law states: "The right of the people to be secure with their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the person or things to be seized."
On every important thing to note about the Fourth Amendment is that the restriction only apply government agents like the police and other public employees. A private entity is not in a position to violate a suspect's Fourth Amendment rights unless that private is acting under the instructions of the police or any other agency of the government. This implies that if a landlord starts searching the apartments of one of the tenants living in his flats, or an employer searching through the particulars of his employees, it cannot be said to be a violation of the Fourth Amendment. Although this is the case, this violation can be taken to be an invasion of privacy and in some cases it can be taken to be a civil case. In some cases, it cannot qualify to be a civil case. It has been generally taken that an employee does not guarantee protection from searches in property owned by the employer.
The Fourth Amendment can be applied to the seizure of computers. Like the other application, it is prohibited by the Fourth Amendment for a government agency to carry out searches on someone's hard drive. A case in the United State v. Hall found out that a repair person found child pornography in the owner's computer. The Fourth Amendment was said not to apply to this case. In this case, it was ruled out that the Fourth amendment does not apply to searches that are conducted by private agents who are not acting on behalf of the government. In the United States v. Jacobserr, the court ruled out that the Fourth Amendment is wholly inapplicable to searches where the agents are not from the government or even if there is the participation or knowledge of the government official.
In fact, a ruling of the Supreme Court has said that the enforcement of the law can reenact the private search initially without a warrant and that, according to this ruling; it does not in any way translate to a violation of reasonable expectation of privacy. One exception here is that if the search goes beyond the original search limit, the evidence can be suppressed. This happened in United States v. Barth a computer repair technician found child pornography on a client's computer. On further scrutiny, it was further found out that there were additional files in the same computer that he had not found out in the original search. The original evidence by the technician could have been used as enough evidence to search and seize the computer.
Data interception is another serious vulnerability to networks. Intruders can have unauthorized access to networks. Hackers who are within the company wide local area network can gain access to the network and control data and even alter this data. The data that is being sent in any network must be protected as much as possible to retain their integrity. Network administrators can make use of authentication systems to keep intruders at bay. Firewalls can also be configured to eradicate unauthorized access.
Systems within a network may fall prey to the unintended audiences. Types of unauthorized access may be caused by external persons or employees who are not supposed to access certain network resources. Unauthorized access falls into four categories of, causal intruders who are practicing the art of hacking, fun hackers who just probe systems to test their security levels, professional hackers who intentionally hack into systems for particular purposes such as data theft and industrial espionage (Soloman et al., 2004). These may lead to industrial espionage and data falsification that may result in fraud and losses to the institution the fourth and being unauthorized access by internal employees for any of the three reasons already discussed.
Internet privacy has two types of concern. The first concern is the collection of personally identifiable information (PII) by the operators of websites from those who visit government websites and commercial websites, or by software that are installed to collect information from remote computers for fraudulent purposes; the software is commonly referred to as spyware. The other is the monitoring of the e-mail and Web usage by Internet Service Providers or government agencies (Britz, 2009).
With the attacks of the September 11, 2001, there were raised concerns over the issue of security of the nation with the attacks. It was recommended that there be increased tools for law enforcement so that the terrorists are well monitored and put on check. Others were advocating for the fact that privacy should not be compromised in the process. It was them that Congress passed the 2001 USA PATRIOT Act (P.L. 107-56) that, inter alia, so that the monitoring of Internet activities will be made easier. The Act was amended later by the Homeland Security Act (P.L. 107-296), which loosened the restriction concerning when and to whom the Internet Service Providers can release the communication if they have a strong conviction that there is offing danger. It was then that the 9/11 Commission called for a full and informed debate concerning the USA PATRIOT Act, to ensure that Privacy and Civil Liberties Oversight Board be established as part of law that implements many recommendations of the Commission (P.L. 108-457, the Intelligence Reform and Terrorism Prevention Act).
The debate that concern website security is whether the industry should have a self-regulation or legislation as the best approach to taking care of consumer privacy. There have been recommendations by the Congress that require commercial website operators to follow certain regulations. The unfortunate thing is that neither of these recommendations has passed. There is legislation that has passed regarding information practices for federal government websites like the E-Commerce Act (P.L. 107-347) (Foster, 2004).
The increasing concern and controversy on the procedure of protecting users from spyware without bringing any dire consequences has been discussed in CRS Report RL 32706. Another issue is that identity theft is not about Internet privacy but more about how the Internet makes identity theft more prevalent. An example of phishing has been found out to contribute to identity theft.
After the terrorist attacks, Congress agreed unanimously to pass the Uniting and Strengthening America by Providing Appropriate Tools to Intercept and Obstruct Terrorism (USA PATRIOT) Act, P.L. 107-56, which gave the law the power to investigate Internet activities which have hitherto been difficult to monitor. Inter alia, there is modification of the definition of "pen registers" and "trap and trace devices" so that they include devices used for addressing and routing information for Internet communications. The programs that have carnivore-like characteristics now have the new definitions that include the Internet communications. The provisions of the Internet privacy that is found in the USA PATRIOT Act include as part of Title II; they are as follows:
- Section 210, has the provision of electronic devices so that it includes Internet usage like time and duration. Initially, there have only been records of electronic communications.
- There is Section 212 which has been modified so that it allows ISPs to give information in situations they strongly believe that there is danger or injury to the public.
- Section 216 which captures the routing and addressing information that are used in Internet communication so that it includes dialing information so that what the government captures in pen registers can be expanded. There is still the exclusion of wire electronic communications though.
- There is also Section 217 which allows someone acting under the color of law to intercept the information emanating from the computer of a hacker transmitted to a protected computer under special circumstances.
- There is also Section 224 which gives a period of 4 years for the provisions of the Title II provisions. It, however, does not include Sections 210 and 216.