Cyber Law & Beyond: International & Case Studies Perspective

Sai Sushanth , CEO, Sushanth IT Law Associates | Insights Success | Business magazine in India

Today, Cyber Law is emerging as a fastest growing legal discipline and needs to be looked beyond boundaries since its applicability extends all over. Different countries are waking up to the cyber legal ethical ramifications arising out of AI (Artificial Intelligence), Cyber Attacks & Breaches, Block-Chain, IOT (Internet of things), Cryptocurrency, Data Analytics, Cloud, Mobility, Social Media etc.
The application of AI extends to various domains including judiciary. The AI systems will play an increasingly important role in IP administration of the future per se. The AI software’s are also likely to predict the judgements of future based on the previous judgements. AI brings in a huge remit of legal issues including issue of legal liability, privacy issues, data protection, issues relating to big data sets fed into AI to name a few. The cyber security of AI is already beginning to be breached. It is hard to pounder over a through that if the Cyber Criminals on Dark Net use these AI services (these services are offered for consideration) for targeting other Corporates. Cyber Crime & AI go hand in hand, and this shall be to determent to the people of the Govt and of Nations per se. Will AI strip people of their privacy? Cyber Security should now be built as part of AI Structures failing which it shall be like building a devastation bomb that’s going to be used without your consent and often with undesirable results.
GDPR (General Data Protection Regime) has consequently changed the dimensions of data protection law and has impacted almost every nation. An illustration will help understand the impact of GDPR in India. Further, if you could be fined for 4% of your global annual turnover, then it is a lot to worry in case of non-compliance.
Today, if a European Citizen lands in an Airport in India, the immigration department in that Airport has be GDPR Compliant since there are dealing, handling with European Citizen’s data. Moving a little further from the time he/she takes an Uber/ Ola to reach the Hotel and orders for food and uses a mobile or a credit card for payment, all these service providers need to be GDPR compliant.
Cyber Attacks are coming galore, and Ransomware attacks specifically has become the jewel of the crown. One of the latest Symantec Report identified a major cyber security breach in the Defence Contractor and even satellite. Recently, a satellite of one country was suddenly taken over by the other country and lost control of the same for 16 odd hours. Huge Data Breaches are happening since the data is new resource of the collaborative economy. Data back is the need of the hour to at-least keep safe during Cyber Attacks. Cyber Emergencies are the new toast of the times. The Cyber Insurance has also started to emerge.
There are many IoT devices hacked so far. The legal policy issues on IoT have not yet been addressed at both National & International Levels. IoT malware is going to be massive and cyber law frameworks must be doing something substantive to move in this since big data is all around.
Data Analytics is going to be increasingly important since there will be issues of data retention, jurisdiction, privacy, archival and all of these needs to be properly addressed.
A smart refrigerator was used to hack a system in an office since it was capable of being connected to the internet.
The IoT devices like Alexa, Google Home keep listening to our conversations. In one such case, the IoT device not just heard the conversation, but went a little further and interpreted an order and ordered for something based on the conversation. This case raises lot of issues on privacy.
In 2015, James Bates was charged with the murder of Victor Collings, who was found strangled and drowned in Bates’s hot tub. Though Bates claims it was probably accidental drowning and that he was asleep at the time of death. However, based on inconsistencies in the timeline and his story, the police suspected him of the murder.
Further, among the IoT devices possessed by Bates, the police sent a warrant to Amazon asking for recordings from his Amazon Echo. Home Assistant Devices such as Google Home, Echo have mics that are always recording. This data could potentially break open the case.
The entire database of a Casino was comprised using a fish tank as the fish tank’s temperature is connected and controlled via the internet.
Today, schools are being targeted for Cyber Extortion and the cyber criminals are using the school system’s for extorting money through Salami Transactions wherein students are asked to pay 1$ or 2$ before they could actually open their system.
One person defrauded the Amazon’s system 166 times, however 167th time he was caught, however luck runs out sometimes.
Cyber Security Law is the new evolving Paradigm. Currently, there is no single International Treaty on Cyber Law, Cyber Security. Countries are now trying to come up with distinctive Cyber Security Laws to keep their houses in order. However, in the absence of International Treaty or Framework, it would still be a challenge how the National Approaches would help in addressing issues pertaining to Cyber Space as a global paradigm.
China has been a thought leader in Cyber Security Law in two years, three legislations on Cyber Security Law. The cumulation of all these is a massive message that Cyber Security is a part of National Security, so it shall do everything possible to protect and preserve Cyber Security and all kinds of Cyber Security Breaches have been included within the ambit of National Security. The Cyber Security Law has put in place the rights, duties and obligations of various stake holders and there is a dedicated department working for the same.
The concept of Cyber Sovereignty has already seen evolution wherein countries have included not just the physical boundaries, but also have extended the same to the Outer Space, Deep Seabed, Arctic and Antarctic regions.
Russia has adopted an approach of Data Localisation which essentially means that in case any entity intends to do business with a Russian Entity, then data of Russians should be physically present in Russia only. This approach is now adopted by many nations including China, Vietnam
Germany has come up with a law to deal Critical Information Infrastructure that outlines the rights, duties, obligations of stake holders on the same.
Vietnam has brought in a new National Cyber Space Law as per which the entire internet is their National Cyber Space and therefore the same is amenable to Vietnam’s Law.
Belarus has come up with a dedicated law on Crypto currencies which has legalised Crypto-currencies and Crypto- currency mining. They have identified specified areas where Crypto-Currencies can be mined and are used as Legal Tender which have legal sanction of the law.
The Blockchain brings across large no of legal issues including the issue of legality of a blockchain contract. Liechtenstein has recently come up with a new regulation concerning Blockchain and Tokens. Further, the Blockchain intends to regulate all activities possible on technical systems including blockchain systems, distributed ledgers thereby providing legal certainty and security through a reliable framework of digital and digitalised assets. The Blockchain Law also enables every possible asset to be tokenized and listed on Cryptocurrency Exchange.
The legal issues relating to 3D Printing have already seen light specifically relating to breach of Intellectual Property and creation of guns, arms etc. and legal framework needs to be created to deal with issues specifically relating to 3D Printing.
The wearable devices raise a lot of questions on data processing, security since a lot of sensitive and personal information relating to health, medical vitals, biometrics are processed, shared across and can be prone to Cyber Attacks. The devices in the hands are being made as a basis of Cyber Crimes.
The Quantum Computing has already arrived and many companies like IBM, Google have already developed 50-cubit & 20-cubit Quantum Computers. These Quantum Computers is going to break all algorithms, passwords within couple of hours. The legalities of Quantum Computing also need to be addressed properly as we go forward.
Driverless Cars were fabulous, and everybody’s imagination was hunky dory until the first accident happened. This raises lots of questions regarding liability, is it the car owner or the car manufacturer or the coder who has put the code, since this car is 70% code (source code) per se.
Fake News is a big epidemic in India and is likely to grow further. Legal Frameworks need to step in to address the issues of Fake News. Malaysia has come up with a new law on Fake Law i.e. Anti-Fake Law, which states that in case you disseminate, transmit Fake Law, then you shall be liable for fine and imprisonment. There are already convictions in Malaysia over Fake News issue.
Cyber Law as a discipline evolving from a mere e-commerce enabling mode to a fire fighting mode to fight Cyber Security Breaches & Attacks. Many countries are giving centre stage attention to Cyber Law and are not just updating their Cyber Laws but are coming up with new Cyber Legal Frameworks. It is the time for transformational leap frogging. However, if you were to write a book on Cyber Law today, I think we just could fill in only 5 or 6 pages and a lot of work need to happen in the niche area as time passes by.
Sai Sushanth is a Cyber Law Expert and Techno Legal Consultant. He is the CEO of Sushanth IT Law Associates, a full service cyber laws consulting firm in Hyderabad.

Related Posts