Lecturer, Defence Authority College of Business, Karachi
July 20 - 26, 2009

Cyber crime, e-crime, hi-tech crime or electronic crime usually refers to criminal action where a computer or network is the cause, instrument, target, or place of an offense. These categories are not limited and many activities can be distinguished as falling in one or more.

Furthermore, though the terms computer crime and cyber crime are more correctly limited to describing criminal activity in which the computer or network is a necessary part of the offense, these terms are also sometimes used to include conventional crimes, such as fraud, theft, blackmail, forgery, and misuse, in which computers or networks are used. As the use of computers has grown, computer crime has become more important.

Computer crime problem has become high-profile, apart from adjoining issues of hacking, child pornography, and child grooming. There are also problems of privacy when secret information is lost or intercepted, lawfully or otherwise.

The swift growth of information and communication technologies over the past decade has transformed business practices. Transactions accomplished through electronic means that has created new legal issues. The change from paper-based to electronic transactions has raised questions concerning the identification, authenticity, and enforceability of electronic documents and signatures. The challenge for legislators has been to balance the sometimes conflicting goals of safeguarding electronic commerce and encouraging technological development.

The Information Technology Act of 2000 aims at to help the development of a secure regulatory environment for electronic commerce by providing a legal infrastructure governing electronic contracting, security and integrity of electronic transactions, the use of digital signatures and other issues related to electronic commerce.

In recent past, it is observed that criminals are using most up-to-date technology to execute their plans. These criminals are involved in financial matters, information stealing and at times even in terrorism. To offset their activities it was considered necessary that there must be an organization in the country to monitor, track, and catch all such criminals. Keeping this in view, National Response Center for Cyber Crimes (NR3C) was formed.

NR3C is providing single point of contact for all local and foreign organization for all matters related to cyber crimes. It is imparting trainings and related security education to persons of government/semi-government and private sector organizations. It has also conducted a number of seminars in different cities of the country to educate sensitive government organizations regarding cyber attacks on their information resources, information breach and to make their systems secure against all such threats.

The legislation relating to cyber crimes is important as the relevant traditional criminal provisions in Pakistan Penal Code and elsewhere exclusively protects physical, tangible, and visible objects against traditional crimes. Computer-related crimes not only violate traditional objects in the form of new media but additionally also involve intangible objects e.g. computer programs and date. Traditional legal provisions for damage to property and mischief were developed to protect tangible objects and hence their application to electronic information poses several challenges.

The contemporary concept of unauthorized access is sometimes compared to the traditional law concept of trespass but this concept cannot be stretched to protect information stored in computers.

The draftsmen of these laws while drafting the Electronic Crimes Bill, has examined similar legislations of around 42 countries, Cyber crime Convention of Council of Europe (Commonly known as Budapest Convention) and domestic criminal legislations.

The draft Bill is divided into six Chapters. Chapter 1 contains title, extent, commencement, territorial scope, and interpretation clauses. The second Chapter describes offences ranging from simple "access" to "waging cyber war" with appropriate punishments. The punishments provided in the draft Bill have been taken from the closest offences mentioned in the Pakistan Penal Code and other Pakistani laws.

The link between imprisonment and fine is that for every one year a fine of one hundred thousand rupees has been fixed, so if for an offence punishment is three years, fine will be three hundred thousand rupees. Chapters 3 and 4 deal with powers of investigation and trial of offences. Chapter 5 contains provisions regarding international cooperation, whereas Chapter 6 includes provisions regarding amendment in Electronic Transactions Ordinance and gives this law overriding effect.

Surprisingly, this law does not address the crimes related to pornography.

The area of child pornography is particularly sensitive as all the developed countries have started a war against such criminals so if child pornography is not a crime in Pakistan, this place will be a haven for predators. Interestingly in the first draft child pornography was a crime but in the latest draft it is missing.

Recently, Minister of Interior has taken action to prevent people from spreading malicious and fictitious stories against the civilian leadership of the country through emails and text messages. He warned that offenders would be apprehended within 48 hours and be punished up to 14 years in jail. It was surprising to note that the Government of Pakistan has engaged the service of Interpol to identify those international offenders.

It is a continuing combat to stay up with the criminals, particularly well thought-out crime, which has access to virtually unlimited resources. New challenges require new skills and knowledge. In relation to training, much more needs to be done to ensure that all law enforcement personnel have a basic understanding of search and seizure issues in relation to electronic evidence, for instance. There is also a need for more advanced and ongoing training for those involved in the investigation of electronic crime and for specialist training for a cadre of expert staff involved in the forensic computing area. Investigators involved in the investigation of complex e-crime will require some essential forensic computing skills and knowledge.

Many e-crimes of the future will be traditional crimes simply perpetrated via or facilitated with information technology. Many offenders will leave their 'footprints' in cyberspace and new skills and techniques will be required to enable the criminal justice system to deal with the e-crime issue and prevent its occurrence.