SlideShare a Scribd company logo

EFFECTIVENESS OF THE EXISTING LEGAL FRAMEWORK GOVERNING CYBER-CRIMES IN SRI LANKA

V
Vishni Ganepola

In compliance with the Budapest Convention, the CCA has recognised almost all the cyber-crime offences that are provided in the convention. Mere fact that the legal system recognises certain cyber-offences or that it provides a special mechanism to conduct investigations does not render the legislative framework effective. For the legislative framework to be considered effective, it should be capable of achieving the objective for which it was established. Accordingly, the effectiveness of the contemporary legislative framework shall be assessed based on its success in identifying and preventing cyber-crimes, conducting investigations, enforcing the enacted laws and in protecting human rights and liberties which are the objectives behind the enforcement of the cyber-crime legislative framework.

Law
1 of 13
Download to read offline
EFFECTIVENESS OF THE EXISTING LEGAL FRAMEWORK GOVERNING CYBER- CRIMES IN SRI LANKA By Vishni Lakna Ganepola Attorney-at-Law LLB (Hons)(London), LLM (London) Introduction In compliance with the Budapest Convention, the CCA has recognised almost all the cyber- crime offences that are provided in the convention. Mere fact that the legal system recognises certain cyber-offences or that it provides a special mechanism to conduct investigations does not render the legislative framework effective. For the legislative framework to be considered effective, it should be capable of achieving the objective for which it was established. Accordingly, the effectiveness of the contemporary legislative framework shall be assessed based on its success in identifying and preventing cyber-crimes, conducting investigations, enforcing the enacted laws and in protecting human rights and liberties which are the objectives behind the enforcement of the cyber-crime legislative framework. Identification of Cyber-Crimes The preamble to an act states the objectives behind the introduction of the particular act. So does the preamble of the CCA and the other legislative enactments that were discussed. According to the preamble of the CCA, one of the main objectives behind the introduction of the act was for the identification of cyber-crimes.1 Identification of cyber-crimes was given much consideration under the acts, since the law on cyber-crimes was a novel, untouched area of law. Since most of the offences were new to the framework and the subsistent framework didn’t provide for identification of many offences, considerable attention had to be paid on achieving the objective of identification of offences. In pursuance with the above objective the CCA in its Part I identifies eleven unique offences while some other enactments such as IPA, SLTA, OPO too recognise various other cyber-crimes that didn’t fall under the 1 Computer Crimes Act No.24 of 2007, Preamble
purview of the CCA. The contemporary legislative framework recognises almost all the offences that were provided measures to be taken at national level under the Convention on Cyber-Crimes.2 Eventhough, the enactments had made a considerable effort in identification of the offences, there exist certain loopholes. These loopholes are not identified in many literature and therefore an information gap exist for discussion on the effectiveness of the legislative framework on cyber-crimes. The offence, computer cracking i.e. unauthorised access to commit an offence, is identified in the CCA. The term “offence” refers to any offence recognised under the CCA or under any other provision.3 Therefore, a person who commits offences such as theft of information, identity theft, computer-related fraud and forgery shall be punished under the section 3 of the CCA. However, there exist an issue as to whether these elements of the “offences described under other provisions” are sufficiently described to fall under the scope of a cyber-crime. For example, when the offence theft is considered, the PC provides that only movable property can be stolen.4 The term “movable property” is defined in the PC as follows; “corporeal property of every description, except land and things attached to the earth or permanently fastened to anything which is attached to earth”5 A close examination of the above definition and the rest of the chapter relating to offences against property, may reflect that in most instances, offences are confined to include only tangible and movable property.6 Further, attempts to expand the meaning of the term “movable property” to include intangible property in past had also failed. In the popular case of Nagaiya v. Jayasekara7, limiting the scope section 20 held that the offence theft was limited to movable property which didn’t include intangible property such as electricity. The above decision had not been overturned by any subsequent judgement for the last 90 years.8 2 Jayantha Fernando, 'THE IMPACT OF THE BUDAPEST CYBERCRIME CONVENTION ON SRI LANKAN LEGAL SYSTEM' (2016) <http://www.apbsrilanka.org/articales/28_ann_2016/7_28th_conv_a_Jayantha_Fernando.pdf> accessed 19 March 2017 3 Computer Crimes Act No.24 of 2007, section 4 4 Penal Code, section 366 5 Penal Code, section 20 6 See also: Kalinga Indatissa, The Law Relating To Computer Crimes And Credit Card Frauds (1st edn, Kalinga Indatissa 2005) 66 7 Nagaiya v Jayasekara 28 NLR 467 8 Kalinga Indatissa, The Law Relating To Computer Crimes And Credit Card Frauds (1st edn, Kalinga Indatissa 2005)
Therefore in the view of this restrictive interpretation, it is highly improbable that a theft conducted with the intervention of computer would be considered an offence, especially, when the property is “identity” or “information”. Therefore, it can be submitted that offences such as identity theft and theft of information which are considered to be two major cyber- crimes needs a specific interpretation. Under the aspect of computer-related crimes the most prevalent types of cyber-crimes are computer-related fraud and forgery. An accused to be convicted of forgery, it is essential that the offence committed falls within the definition of “documents”. Term “documents” is defined in the PC as follows; “any matter expressed or described upon any substance by means of letters, figures, or marks or by more than one of those means, intended to be used, or which may be used, as evidence of that matter.”9 Accordingly, it has to be considered whether information stored in a computer system would fall within the ambit of the above interpretation. In the case of Benwell v. Republic of Sri Lanka10, where an Australian national was found to have committed the above by altering information stored in a computer, court held that information stored in any magnetic medium didn’t fall within the purview of section 452 of the PC. The restrictive approach adopted in the above case illustrates that a person charged with computer-related forgery might not get convicted of the offence under the PC or under section 4 of CCA. Further, the offence fraud has not been specifically identified under the PC. However, the PC has recognised offences cheating11 as punishable offences. The main ingredient which constitute the offence of cheating is “deceiving a person”. If cheating is committed as a cyber- crime i.e. using a computer, then a person is not deceived. It is the computer that is deceived. Therefore, a person who commits cheating through unauthorised access, might easily get acquitted due to the loopholes in the contemporary legislative framework.12 9 Penal Code, section 27 10 (1978-1979) 2 SLR 178 11 Penal Code, section 398 12 See also: Sunil D. B Abeyaratne, Introduction To Information And Communication Technology Law (1st ed, Sunil D, B. Abeyaratne 2008) 91
All above-mentioned offences are identified under the Penal Code, yet, their definition is not broad enough to constitute a cyber-crime. However, there are also cyber-crimes which are not even identified under any legislative enactment. Some of them are cyber-defamation, cyber-bullying and cyber-stalking. Unrecognition of cyber-defamation can be justified, since the offence defamation itself has not been recognised under any statute and the law in that relation is governed through common law. Yet, with the lack of statutory instrument recognising cyber-defamation as an offence, the investigators become helpless in front of the complainants. Half of the cases reported to the Computer Crime Unit are cyber-defamation cases, but all that complaints have to be sent back, since the current legal framework doesn’t recognise an offence called cyber-defamation.13 Further, SLCERT has identified cyber-bullying and cyber-stalking as two of the most prevalent offence in Sri Lanka.14 Yet it is very unfortunate that the above two offences are not given a proper identification.15 In conclusion, it can be said that the existing legal framework had succeeded in identifying almost all the cyber-crimes that are required to be identified under the Convention on Cyber- Crimes and definition of most of the recognised offences are specific. Therefore, in that relation the existing legal framework is effective. Yet, the above discussed issues hinders the existing legal framework being identified a perfectly effective legal framework. Prevention of Cyber-Crimes One main purpose behind the introduction of a legislative framework is to build up a peaceful society with law and order well maintained. One way of achieving the above is by implementing measures that would prevent the commission of crimes. The existing legislative framework can be considered to be an effective one, only if the implemented laws and measures had succeeded in preventing the commission of cyber-crimes and thereby had 13 The above fact was revealed by an Investigating Officer of the Computer Crimes Division, Crime Investigation Department, at the Interview conducted on the 24th March 2017 at Colombo 14 Sri Lanka CERT, 'Sri Lanka CERT Cyber Security Awareness Survey, 2015' (Sri Lanka CERT 2015) <http://www.slcert.gov.lk/Downloads/Survey.pdf> accessed 21 March 2017 In the survey conducted in 2015, 14 cases on cyber-bullying and 11 cases on cyber-stalking were reported. This is a considerable increase compared to the previous years. 15 See also: Randima Attygalle, 'How Ready Are We To Combat Cyber Crime?' The Island (2014) <http://www.island.lk/index.php?page_cat=article-details&page=article-details&code_title=109816> accessed 22 March 2017 Mr. Sunil Abeyratne, Attorney-at-law expresses his opinion in this relation stating that the offences cyber- bullying and cyber-stalking should be specifically identified as punishable offences under legal provisions
reduced the cyber-crime rate. SLCERT and Sri Lanka Police has taken various preventive measures to control cyber-crimes. Yet, the recent reports suggest that the enacted laws and regulations had failed in achieving their objective. This is because, when compared with the past the cyber-crime rate has significantly increased while new types of cyber-crimes been added to the list of cases reported. The following figure 1 which illustrates the data collected in 2014 is a good example which proves the above statement.16 Figure 1 From the above statistics, it is visible that the cyber-crime incidents reported had increased at a rate of 85% in 2014 compared to 2013. 16 See also: Nushka Nafeel, 'New Laws To Curb Cyber Crimes' Daily News (2015) <http://dailynews.lk/2015/11/05/features/new-laws-curb-cyber-crimes-0> accessed 21 March 2017.
As per Cyber Security Awareness Survey, 2015 conducted by CERT 602 online victimizations were reported. The figure 2 below graphically illustrates the results of the above survey.17 Figure 2 Accordingly, the most common type of cyber-crime reported in Sri Lanka is computer viruses i.e. 67%. According to the SLCERT statistics published in 2007, only 17 cases were reported out of which 41% cases were sexual harassment cases. When the statistics of the two years are analysed, it is evident that there is a drastic increase in the number of cyber-crime cases reported. Does this mean the existing legal framework had succeeded in combatting the cyber-crimes? Or had it had no impact on combatting the cyber-crimes? After evaluating the issues pointed above, it can be submitted that the effectiveness of the existing framework in relation to preventing crimes is at an unfortunate state. Provide for an Investigating Procedure The need for a new set of rules to govern the law relating to cyber-crimes arose due to improvements in the technology. With these improvements, the criminal minds began to constantly use the computer systems as a weapon to commit crime. In order to provide an effective investigating procedure to inspect into cyber-crime matters, in addition to the CPC, the CCA introduced few special provisions. 17 See also: Sri Lanka CERT, 'Sri Lanka CERT Cyber Security Awareness Survey, 2015' (Sri Lanka CERT 2015) <http://www.slcert.gov.lk/Downloads/Survey.pdf> accessed 21 March 2017
Provisions in relation to the appoint of the panel of experts attracted the attention of many. In order to carry out an investigation on a cyber-crime, it is essential that the investigator possess a good knowledge and experience on information technology. Since the police officers who generally carry out the investigations lack the required knowledge, the appointment of the experts had made the process much easier. Further, a major challenge faced by the legal system is the lack of reporting of cyber-crimes. Main causes behind lack of reporting is that the victims fear that their data might get destroyed or they might lose the confidentiality of their private data. Since, now with the new regulations enacted by the CCA, the reporting rates have increased. Through these special provisions the law enforcing bodies ensures that the victimised data and devices are at safe hands and the confidentiality of the data are well protected. The special powers rendered to the experts to enter any premises along with a SIP, to access and perform any function on data and computer systems, to search and seize any information, to intercept any wire or electronic communication at any stage of communication and especially the immunity given to the experts from legal proceedings make the duty of the panel much easier. Further, the provisions on preservation of information and normal use of computer not to be hampered have made the investigating procedure more effective.18 Even with such a set of effective rules, there are few practical problems that are faced by the investigators in conducting an investigation. Eventhough the investigators are capable of seeking the assistance of the experts, most of the experts are unwillingly to get involved in the investigations. This is mostly because of the harsh cross-examinations they are subjected to. The cost of obtaining the assistance of the experts is extremely high and the Police Department lack funds to conduct such expensive investigations. When the cases are instituted in the MC, the maximum penalty that can be imposed on a convicted is Rs.1500. Yet, the cost of investigation is more than ten times the penalty which results in a wastage of government funds.19 18 See also: Saptha Wanniarachchi, 'Sri Lanka Computer Crime And Criminal Procedure' <http://www.saptha.com/blog/random/sri-lanka-computer-crime-and-criminal-procedure/> accessed 22 March 2017 19 The above ideas were expressed by an Investigating Officer of the Computer Crimes Division, Crime Investigation Department, at the Interview conducted on the 24th March 2017 at Colombo
Further, due to the extraterritorial nature of the cyber-crimes, the investigators have to seek the assistance of the international organizations such as INTERPOL. These international organizations are not very much keen on providing their assistance in these minor cyber- crime matters. Therefore, the investigation procedure takes a long time to get completed or the investigations get stuck in the midway. Further, when cases associated with social media such as Facebook are reported, investigators are unable to conduct investigations, since these organizations unwilling to disclose information, such as IP addresses, required to conduct an effective investigation.20 However, with Sri Lanka’s accession to the Convention on Cyber- Crimes, there are slight improvements in the investigations, since the investigators are now capable of seeking the assistance of the mutual legal assistance. Further, the Police Department is now in the process of establishing a digital forensic lab to provide the victims with a speedy investigation and the department is also conducting training programmes to train officers on conducting cyber-crime investigations.21 Yet, under the legal provisions, only evidence admissible in relation cyber-crimes are the reports of the panel of experts.22 There is hardly anything exists to state the current investigation procedure is ineffective. Even then the effectiveness of this investigation procedure could be enhanced further by providing the experts a proper training before they are put into the field of investigation and by increasing awareness among the public about the merits of the investigation procedure. Today, Sri Lanka’s prime issue is whether the law is equal to all. If the investigators will be competent enough to provide a positive answer to the above issue, that would further enrich the effectiveness of the system, because, success of the legal framework mostly depends on the effectiveness of the investigating team. Enforcement of the Enacted Cyber-Crime Legislative Framework The law enforcement procedure is the end result of the identification of offences and the investigation procedure. Therefore, the effectiveness of the law enforcement procedure depends on the success of the above two procedures. 20 The above ideas were expressed by an Investigating Officer of the Computer Crimes Division, Crime Investigation Department, at the Interview conducted on the 24th March 2017 at Colombo 21 The above ideas were expressed by an Investigating Officer of the Computer Crimes Division, Crime Investigation Department, at the Interview conducted on the 24th March 2017 at Colombo 22 See also: Nushka Nafeel, 'New Laws To Curb Cyber Crimes' Daily News (2015) <http://dailynews.lk/2015/11/05/features/new-laws-curb-cyber-crimes-0> accessed 21 March 2017.
In order to enhance the law enforcement in relation cyber-crimes, with the interference of the government, few institutions had been established namely, Computer Crime Division of the Police Department and SLCERT. The above institutions render an immense service in order to provide the Sri Lankans a just and an effective legal framework on cyber-crimes. Computer Crime Division was recently established and currently, the division conducts number of investigations.23 To further enhance their scope of service, the department is in the process of instituting a digital forensic lab.24 Since it was established, the department is facing certain difficulties in performing their duties with the lack of human resources and expertise. However, now measures have been taken to train officers on how to conduct cyber- crime offences and to institute labs with standardised equipment.25 SLCERT is not a law enforcing body. Yet, the institution provides the victims with technical assistance at the instances where the law is silent on providing them with a relief. The responding service provided by SLCERT identify unusual events in the computer systems and advice the victims on how to eradicate such situations.26 Apart from the responding services, SLCERT also provide consultancy and awareness services as well. The CCA has an extradition applicability. Through extradition, the law enforcement in relation to cyber-crimes get more effective since, this allows the law enforcing bodies to enforce law against any person who commits the cyber-crime within or outside Sri Lanka. However, in reality, the law-enforcing bodies find it impractical to take actions against the persons who commits crime outside Sri Lanka. Main reason behind this impracticality is the disinclined nature of the international organizations in providing their assistance. In the eyes of the international criminal justice system, these cyber-crime matters are inconsiderable. Therefore, less significance and less assistance is given by the international organizations such as INTERPOL, in capturing the culprits and enforcing law against them. However, the situation has quite changed for the better with the increase in the world-wide cyber-crime rate and 23 The division has investigated over 100 cyber-crimes, including 50 complaint on cyber defamation, 21 on cases related to obscene publication, and 22 related to email hacking in 2015. See also: Nushka Nafeel, 'New Laws To Curb Cyber Crimes' Daily News (2015) <http://dailynews.lk/2015/11/05/features/new-laws-curb-cyber-crimes-0> accessed 21 March 2017. 24 The above fact was revealed by an Investigating Officer of the Computer Crimes Division, Crime Investigation Department, at the Interview conducted on the 24th March 2017 at Colombo 25 Nushka Nafeel, 'New Laws To Curb Cyber Crimes' Daily News (2015) <http://dailynews.lk/2015/11/05/features/new-laws-curb-cyber-crimes-0> accessed 21 March 2017. 26 The above fact was revealed by an expert in the area of Information Security Engineering at the Key Informant Interview conducted on the 27th March 2017 at Colombo
due to Sri Lanka’s accession to the Budapest Convention. In compliance with the Budapest Convention the parties to the convention are facilitated with the opportunity of mutual legal assistance of the other countries. Accordingly, now the countries show much keenness in providing assistance to the LEA in conducting an effective extradition investigation. One of the main drawbacks in the existing legal framework on cyber-crimes is that lack of case law. A limited number of cases are brought before the courts for hearing and there are no decided cases reported on cyber-crimes.27 All the matters are mostly solved at the lower courts. Currently, the Colombo High Court is hearing 10 cases28, but the SLCERT reports suggest that in 2015, 602 cases were reported.29 This gap is mainly due to the various loopholes that exist in the existing legal framework in identification of offences and in conducting investigations. Further, since the IT literacy of the individuals are at a low level, most of the individuals are not aware that they are victims of cyber-crimes. Some individuals are not aware about the legal reliefs available to the cyber-crime victims. Therefore, only a few number of cases are reported to the courts and the judges don’t get an opportunity to administer law against the offenders. Even where cases are brought before the courts for hearing, the law does not provide sufficient reported case law for the judges to address issues based on the stare decisis concept. Accordingly, it can be submitted that the lack of awareness and case law has largely contributed towards the ineffectiveness of the legislative framework on cyber-crimes. CCA has provisions to award compensation to the victims of cyber-crimes, where they have incurred a loss or damage or where a monetary gain is accrued by the offender.30 The provision has enhanced the effectiveness of the existing framework by providing the victims with reliefs where they have suffered a loss. Yet, this provision has also given rise to many __ 27 Sunil Abeyratne in an interview published in the “The Island” newspaper on 6th September 2016 states that a case on a cyber-crime matter is pending at the Court of Appeal. The respondent had been indicted for distributing child pornography using the internet. At the High Court, the prosecutors had failed to prove the case beyond reasonable doubt since the investigators of the National Child Protection Authority failed to conduct a proper investigation. The Hon. Attorney General has appealed against the decision of the High Court and the judgement is pending. See also: Randima Attygalle, 'How Ready Are We To Combat Cyber Crime?' The Island (2014) <http://www.island.lk/index.php?page_cat=article-details&page=article-details&code_title=109816> accessed 22nd March 2017 28 The above fact was revealed by an expert in the field of law at the Key Informant Interview conducted on the 20th March 2017 at Gampaha. 29 See also: See also: Sri Lanka CERT, 'Sri Lanka CERT Cyber Security Awareness Survey, 2015' (Sri Lanka CERT 2015) <http://www.slcert.gov.lk/Downloads/Survey.pdf> accessed 21 March 2017 30 Computer Crime Act No.24of 2007, section 14
that lead towards the ineffectiveness of the system. Since aggrieved parties are capable of recovering their damage by way of compensation through a civil matter, most of the parties opt to institute a civil matter to recover the losses. Further, most of the corporations opt a civil matter and recover damages, in order to avoid the negative publicity that would cause their brand image to get tarnished. Therefore, no formal complaints are made to the Police neither they receive information regarding cyber-crimes and thereby no cyber-crime cases are reported before the courts for hearing.31 Few major issues exist in relation to admissibility of electronic evidence in case of a cyber- crime. With the recent development in relation to admissibility of electronic evidence, computer generated evidence is now accepted to be admissible. Yet, there are few restriction imposed by law with regard to acceptance of electronic evidence. These restrictions have been slightly relaxed with the implementation of the ETA. However, the provisions of the ETA are applicable in relation to commercial transactions only and where cyber-crime occur in the course non-commercial transactions, only the Evidence (Special Provision) Act is applied. Further, law doesn’t provide for the admissibility of evidence produced by certain international organizations, digital forensic labs of the computer crime unit or for the admissibility of evidence obtained through the mutual legal assistance process. Due to these irregularities, the law enforcing officers have to face various issues in proving their case beyond reasonable doubt ultimately leading towards the ineffectiveness of the overall legislative framework. Once all above-mentioned prospects and challenges of the system are considered, it can be submitted that the legislative framework has much scope for improvement in enhancing its effectiveness in relation to law enforcement. Protection of Human Rights and Liberties One purpose of the introduction of a new legislative framework on cyber-crimes, is to protect the rights and liberties of the individuals. Once a person becomes a victim of a cyber-crime, most of his human rights are affected. For example, in case of cyber-defamation, a person’s right to privacy, right to equality, freedom from mental torture and even sometimes his 31 The above fact was revealed by an expert in the field of law at the Key Informant Interview conducted on the 20th March 2017 at Gampaha.
intellectual property rights are affected. If law is enforced against the offender, his freedom of expression of the offender is affected. Eventhough many human rights are affected through the commission of a crime, the main concern is victim’s privacy. Therefore, the CCA has introduced a provision in order to protect the confidentiality of the victimised information. Eventhough the victim’s right to privacy may get affected during commission of the cyber- crime, steps have been taken to ensure that during the investigation no such right is affected. Further, the Constitution of Sri Lanka32 and Universal Declaration of Human Rights provide for the protection of a wide range of human rights and liberties and under those provisions rest of the human rights can be protected. CCA provides only for the protection of the rights in course of investigation. Accordingly, it can be submitted that the existing law provide for an effective legislative framework on the protection of human rights and liberties related with cyber-crimes Summary Effectiveness of the existing legislative framework on cyber-crimes can be assessed based on its success at achieving the objectives behind its implementation. Accordingly, the effectiveness of the legal framework was analysed in relation to identification and prevention of cyber-crimes, provision of an efficient investigating procedure, enforcement of the enacted laws and in relation to protection of human rights and liberties. Since the current legal framework on cyber-crimes recognise most of the computer crimes, provide an effective mechanism to deal with such computer crimes with the assistance of a panel of experts and since the court have a wide jurisdiction to attend the matters irrespective of whether the person resides, the crime was committed or the damage was caused a person or corporation within or outside Sri Lanka and since measures have been implemented for the protection of information and rights of the individuals, in one aspect it can be submitted that the existing legal framework is effective. Yet, due to certain practical issues faced by the investigators, non-identification of certain prominent cyber-crime offences, lack of reporting by victims, shortage of resources, expertise and experience, irregularities in law enforcement due to transnational nature of cyber-crimes and due to significant challenges faced by LEAs in 32 Constitution of
obtaining admissible evidence the existing legal framework is said to be ineffective in one aspect.

Recommended

Computer crime and the adequacy of the current legal framework in sri lanka
Computer crime and the adequacy of the current legal framework in sri lankaComputer crime and the adequacy of the current legal framework in sri lanka
Computer crime and the adequacy of the current legal framework in sri lankaVishni Ganepola
 
Existing Sri Lankan Legal Framework on Cyber Crimes
Existing Sri Lankan Legal Framework on Cyber CrimesExisting Sri Lankan Legal Framework on Cyber Crimes
Existing Sri Lankan Legal Framework on Cyber CrimesVishni Ganepola
 
RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...
RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...
RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...Vishni Ganepola
 
International convention on cyber crime
International convention on cyber crimeInternational convention on cyber crime
International convention on cyber crimeIshitaSrivastava21
 
Cyber Crimes: The Transformation of Crime in the Information Age
Cyber Crimes: The Transformation of Crime in the Information AgeCyber Crimes: The Transformation of Crime in the Information Age
Cyber Crimes: The Transformation of Crime in the Information AgeVishni Ganepola
 
Law and Technology - Mobile Phone Crimes
Law and Technology - Mobile Phone CrimesLaw and Technology - Mobile Phone Crimes
Law and Technology - Mobile Phone CrimesMrityunjaySaraswat
 
Cyber Security law in Bangladesh
Cyber Security law in Bangladesh Cyber Security law in Bangladesh
Cyber Security law in Bangladesh Bangladesh Network Operators Group
 
Cyber law in bangladesh
Cyber law in bangladeshCyber law in bangladesh
Cyber law in bangladeshFM Consulting International
 

Recommended

Computer crime and the adequacy of the current legal framework in sri lanka
Computer crime and the adequacy of the current legal framework in sri lankaComputer crime and the adequacy of the current legal framework in sri lanka
Computer crime and the adequacy of the current legal framework in sri lankaVishni Ganepola
 
Existing Sri Lankan Legal Framework on Cyber Crimes
Existing Sri Lankan Legal Framework on Cyber CrimesExisting Sri Lankan Legal Framework on Cyber Crimes
Existing Sri Lankan Legal Framework on Cyber CrimesVishni Ganepola
 
RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...
RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...
RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...Vishni Ganepola
 
International convention on cyber crime
International convention on cyber crimeInternational convention on cyber crime
International convention on cyber crimeIshitaSrivastava21
 
Cyber Crimes: The Transformation of Crime in the Information Age
Cyber Crimes: The Transformation of Crime in the Information AgeCyber Crimes: The Transformation of Crime in the Information Age
Cyber Crimes: The Transformation of Crime in the Information AgeVishni Ganepola
 
Law and Technology - Mobile Phone Crimes
Law and Technology - Mobile Phone CrimesLaw and Technology - Mobile Phone Crimes
Law and Technology - Mobile Phone CrimesMrityunjaySaraswat
 
Cyber Security law in Bangladesh
Cyber Security law in Bangladesh Cyber Security law in Bangladesh
Cyber Security law in Bangladesh Bangladesh Network Operators Group
 
Cyber law in bangladesh
Cyber law in bangladeshCyber law in bangladesh
Cyber law in bangladeshFM Consulting International
 
Cyber security and prevention in Bangladesh
Cyber security and prevention in BangladeshCyber security and prevention in Bangladesh
Cyber security and prevention in BangladeshRabita Rejwana
 
Present Trend of Cyber Crime in Bangladesh
Present Trend of Cyber Crime in BangladeshPresent Trend of Cyber Crime in Bangladesh
Present Trend of Cyber Crime in BangladeshSoutheast university, Bangladesh
 
Laws governing the internet service provider & there rights and liabilities
Laws governing the internet service provider & there rights and liabilitiesLaws governing the internet service provider & there rights and liabilities
Laws governing the internet service provider & there rights and liabilitiesGaurav Chordia
 
Jurisdiction in cyberspace
Jurisdiction in cyberspaceJurisdiction in cyberspace
Jurisdiction in cyberspaceDr. Arun Verma
 
Cybercrime convention
Cybercrime conventionCybercrime convention
Cybercrime conventionmoldovaictsummit2016
 
Pcactppt
PcactpptPcactppt
PcactpptDR SATYANARAYANA DASH,IAS (RETD.)
 
Online Crime and New Cyber Laws in Pakistan
Online Crime and New Cyber Laws in PakistanOnline Crime and New Cyber Laws in Pakistan
Online Crime and New Cyber Laws in PakistanShahid Jamal Tubrazy
 
Cyber Security & Crime In Bangladesh
Cyber Security & Crime In BangladeshCyber Security & Crime In Bangladesh
Cyber Security & Crime In BangladeshHome
 
Cyber Tribunal and Cyber Appellate Tribunal in Bangladesh
Cyber Tribunal and Cyber Appellate Tribunal in BangladeshCyber Tribunal and Cyber Appellate Tribunal in Bangladesh
Cyber Tribunal and Cyber Appellate Tribunal in BangladeshAbir Hossain Talukder
 
Jursdiction in cyber space
Jursdiction in cyber spaceJursdiction in cyber space
Jursdiction in cyber spaceRajeshPatil191
 
Historical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes newHistorical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes newDr. Arun Verma
 
Amendments to the Indian Evidence Act, 1872 with respect to IT ACT 2000
Amendments to the Indian Evidence Act, 1872 with respect to IT ACT 2000Amendments to the Indian Evidence Act, 1872 with respect to IT ACT 2000
Amendments to the Indian Evidence Act, 1872 with respect to IT ACT 2000Dr. Prashant Vats
 
Jurisdiction issues in cyberspace
Jurisdiction issues in cyberspaceJurisdiction issues in cyberspace
Jurisdiction issues in cyberspaceatuljaybhaye
 
Roots of Indian IT ACT 2000- UNCITRAL
Roots of Indian IT ACT 2000- UNCITRALRoots of Indian IT ACT 2000- UNCITRAL
Roots of Indian IT ACT 2000- UNCITRALRahul Gurnani
 
Cyberspace jurisdiction meaning and concept
Cyberspace jurisdiction meaning and conceptCyberspace jurisdiction meaning and concept
Cyberspace jurisdiction meaning and conceptgagan deep
 
Information Technology Act 2000
Information Technology Act 2000Information Technology Act 2000
Information Technology Act 2000Tirthankar Sutradhar
 
Cyber Crime and its Jurisdictional Issue's
Cyber Crime and its Jurisdictional Issue'sCyber Crime and its Jurisdictional Issue's
Cyber Crime and its Jurisdictional Issue'sDhurba Mainali
 
Cyber crime lecture one definition and nature
Cyber crime lecture one definition and natureCyber crime lecture one definition and nature
Cyber crime lecture one definition and natureDr. Arun Verma
 
Cyber crime p pt
Cyber crime p ptCyber crime p pt
Cyber crime p ptHemant
 
trademark issues in cyberspace
trademark issues in cyberspace trademark issues in cyberspace
trademark issues in cyberspacePanjab University
 
Cyber law & information technology
Cyber law & information technologyCyber law & information technology
Cyber law & information technologyTalwant Singh
 
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...Terrance Tong
 

More Related Content

What's hot

Cyber security and prevention in Bangladesh
Cyber security and prevention in BangladeshCyber security and prevention in Bangladesh
Cyber security and prevention in BangladeshRabita Rejwana
 
Laws governing the internet service provider & there rights and liabilities
Laws governing the internet service provider & there rights and liabilitiesLaws governing the internet service provider & there rights and liabilities
Laws governing the internet service provider & there rights and liabilitiesGaurav Chordia
 
Jurisdiction in cyberspace
Jurisdiction in cyberspaceJurisdiction in cyberspace
Jurisdiction in cyberspaceDr. Arun Verma
 
Online Crime and New Cyber Laws in Pakistan
Online Crime and New Cyber Laws in PakistanOnline Crime and New Cyber Laws in Pakistan
Online Crime and New Cyber Laws in PakistanShahid Jamal Tubrazy
 
Cyber Security & Crime In Bangladesh
Cyber Security & Crime In BangladeshCyber Security & Crime In Bangladesh
Cyber Security & Crime In BangladeshHome
 
Cyber Tribunal and Cyber Appellate Tribunal in Bangladesh
Cyber Tribunal and Cyber Appellate Tribunal in BangladeshCyber Tribunal and Cyber Appellate Tribunal in Bangladesh
Cyber Tribunal and Cyber Appellate Tribunal in BangladeshAbir Hossain Talukder
 
Jursdiction in cyber space
Jursdiction in cyber spaceJursdiction in cyber space
Jursdiction in cyber spaceRajeshPatil191
 
Historical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes newHistorical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes newDr. Arun Verma
 
Amendments to the Indian Evidence Act, 1872 with respect to IT ACT 2000
Amendments to the Indian Evidence Act, 1872 with respect to IT ACT 2000Amendments to the Indian Evidence Act, 1872 with respect to IT ACT 2000
Amendments to the Indian Evidence Act, 1872 with respect to IT ACT 2000Dr. Prashant Vats
 
Jurisdiction issues in cyberspace
Jurisdiction issues in cyberspaceJurisdiction issues in cyberspace
Jurisdiction issues in cyberspaceatuljaybhaye
 
Roots of Indian IT ACT 2000- UNCITRAL
Roots of Indian IT ACT 2000- UNCITRALRoots of Indian IT ACT 2000- UNCITRAL
Roots of Indian IT ACT 2000- UNCITRALRahul Gurnani
 
Cyberspace jurisdiction meaning and concept
Cyberspace jurisdiction meaning and conceptCyberspace jurisdiction meaning and concept
Cyberspace jurisdiction meaning and conceptgagan deep
 
Cyber Crime and its Jurisdictional Issue's
Cyber Crime and its Jurisdictional Issue'sCyber Crime and its Jurisdictional Issue's
Cyber Crime and its Jurisdictional Issue'sDhurba Mainali
 
Cyber crime lecture one definition and nature
Cyber crime lecture one definition and natureCyber crime lecture one definition and nature
Cyber crime lecture one definition and natureDr. Arun Verma
 
Cyber crime p pt
Cyber crime p ptCyber crime p pt
Cyber crime p ptHemant
 
trademark issues in cyberspace
trademark issues in cyberspace trademark issues in cyberspace
trademark issues in cyberspacePanjab University
 

What's hot (20)

Cyber security and prevention in Bangladesh
Cyber security and prevention in BangladeshCyber security and prevention in Bangladesh
Cyber security and prevention in Bangladesh
 
Present Trend of Cyber Crime in Bangladesh
Present Trend of Cyber Crime in BangladeshPresent Trend of Cyber Crime in Bangladesh
Present Trend of Cyber Crime in Bangladesh
 
Laws governing the internet service provider & there rights and liabilities
Laws governing the internet service provider & there rights and liabilitiesLaws governing the internet service provider & there rights and liabilities
Laws governing the internet service provider & there rights and liabilities
 
Jurisdiction in cyberspace
Jurisdiction in cyberspaceJurisdiction in cyberspace
Jurisdiction in cyberspace
 
Cybercrime convention
Cybercrime conventionCybercrime convention
Cybercrime convention
 
Pcactppt
PcactpptPcactppt
Pcactppt
 
Online Crime and New Cyber Laws in Pakistan
Online Crime and New Cyber Laws in PakistanOnline Crime and New Cyber Laws in Pakistan
Online Crime and New Cyber Laws in Pakistan
 
Cyber Security & Crime In Bangladesh
Cyber Security & Crime In BangladeshCyber Security & Crime In Bangladesh
Cyber Security & Crime In Bangladesh
 
Cyber Tribunal and Cyber Appellate Tribunal in Bangladesh
Cyber Tribunal and Cyber Appellate Tribunal in BangladeshCyber Tribunal and Cyber Appellate Tribunal in Bangladesh
Cyber Tribunal and Cyber Appellate Tribunal in Bangladesh
 
Jursdiction in cyber space
Jursdiction in cyber spaceJursdiction in cyber space
Jursdiction in cyber space
 
Historical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes newHistorical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes new
 
Amendments to the Indian Evidence Act, 1872 with respect to IT ACT 2000
Amendments to the Indian Evidence Act, 1872 with respect to IT ACT 2000Amendments to the Indian Evidence Act, 1872 with respect to IT ACT 2000
Amendments to the Indian Evidence Act, 1872 with respect to IT ACT 2000
 
Jurisdiction issues in cyberspace
Jurisdiction issues in cyberspaceJurisdiction issues in cyberspace
Jurisdiction issues in cyberspace
 
Roots of Indian IT ACT 2000- UNCITRAL
Roots of Indian IT ACT 2000- UNCITRALRoots of Indian IT ACT 2000- UNCITRAL
Roots of Indian IT ACT 2000- UNCITRAL
 
Cyberspace jurisdiction meaning and concept
Cyberspace jurisdiction meaning and conceptCyberspace jurisdiction meaning and concept
Cyberspace jurisdiction meaning and concept
 
Information Technology Act 2000
Information Technology Act 2000Information Technology Act 2000
Information Technology Act 2000
 
Cyber Crime and its Jurisdictional Issue's
Cyber Crime and its Jurisdictional Issue'sCyber Crime and its Jurisdictional Issue's
Cyber Crime and its Jurisdictional Issue's
 
Cyber crime lecture one definition and nature
Cyber crime lecture one definition and natureCyber crime lecture one definition and nature
Cyber crime lecture one definition and nature
 
Cyber crime p pt
Cyber crime p ptCyber crime p pt
Cyber crime p pt
 
trademark issues in cyberspace
trademark issues in cyberspace trademark issues in cyberspace
trademark issues in cyberspace
 

Similar to EFFECTIVENESS OF THE EXISTING LEGAL FRAMEWORK GOVERNING CYBER-CRIMES IN SRI LANKA

Cyber law & information technology
Cyber law & information technologyCyber law & information technology
Cyber law & information technologyTalwant Singh
 
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...Terrance Tong
 
It act 2000 & cyber crime 111111
It act 2000 & cyber crime 111111It act 2000 & cyber crime 111111
It act 2000 & cyber crime 111111Yogendra Wagh
 
Revamping the Computer Fraud and Abuse Act
Revamping the Computer Fraud and Abuse ActRevamping the Computer Fraud and Abuse Act
Revamping the Computer Fraud and Abuse ActDavid Sweigert
 
Presentation by Egya Kwamena Jallow to African Security Dialogue and Research
Presentation by Egya Kwamena Jallow to African Security Dialogue and ResearchPresentation by Egya Kwamena Jallow to African Security Dialogue and Research
Presentation by Egya Kwamena Jallow to African Security Dialogue and ResearchAmos Anyimadu
 
Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...
Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...
Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...Tech and Law Center
 
Grey Area of the Information Technology Act, 2000.pptx
Grey Area of the Information Technology Act, 2000.pptxGrey Area of the Information Technology Act, 2000.pptx
Grey Area of the Information Technology Act, 2000.pptxBharatMunjal4
 
Furio lerma cybercrime-final
Furio lerma cybercrime-finalFurio lerma cybercrime-final
Furio lerma cybercrime-finalAldrin SuperGo
 
Cyber crime legislation part 1
Cyber crime legislation part 1Cyber crime legislation part 1
Cyber crime legislation part 1MohsinMughal28
 
CYBER SECURITY :Cyber Law – The Legal Perspectives
CYBER SECURITY :Cyber Law – The Legal PerspectivesCYBER SECURITY :Cyber Law – The Legal Perspectives
CYBER SECURITY :Cyber Law – The Legal PerspectivesDrSamsonChepuri1
 
It Amendment ActIT Amendment Act, 2008 notified w.e.f. 27/10/2009
It Amendment ActIT Amendment Act, 2008 notified w.e.f. 27/10/2009It Amendment ActIT Amendment Act, 2008 notified w.e.f. 27/10/2009
It Amendment ActIT Amendment Act, 2008 notified w.e.f. 27/10/2009Neeraj Aarora
 
Hhs en12 legalities_and_ethics
Hhs en12 legalities_and_ethicsHhs en12 legalities_and_ethics
Hhs en12 legalities_and_ethicsShoaib Sheikh
 
Cyber jurisdiction in India
Cyber jurisdiction in IndiaCyber jurisdiction in India
Cyber jurisdiction in Indiashamvisingh
 
Danny Friedmann, Sinking the Safe Harbour with the Legal Certainty of Strict ...
Danny Friedmann, Sinking the Safe Harbour with the Legal Certainty of Strict ...Danny Friedmann, Sinking the Safe Harbour with the Legal Certainty of Strict ...
Danny Friedmann, Sinking the Safe Harbour with the Legal Certainty of Strict ...Danny Friedmann
 

Similar to EFFECTIVENESS OF THE EXISTING LEGAL FRAMEWORK GOVERNING CYBER-CRIMES IN SRI LANKA (20)

Cyber law & information technology
Cyber law & information technologyCyber law & information technology
Cyber law & information technology
 
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...
 
It act 2000 & cyber crime 111111
It act 2000 & cyber crime 111111It act 2000 & cyber crime 111111
It act 2000 & cyber crime 111111
 
Revamping the Computer Fraud and Abuse Act
Revamping the Computer Fraud and Abuse ActRevamping the Computer Fraud and Abuse Act
Revamping the Computer Fraud and Abuse Act
 
Presentation by Egya Kwamena Jallow to African Security Dialogue and Research
Presentation by Egya Kwamena Jallow to African Security Dialogue and ResearchPresentation by Egya Kwamena Jallow to African Security Dialogue and Research
Presentation by Egya Kwamena Jallow to African Security Dialogue and Research
 
Cyber Crimes.pdf
Cyber Crimes.pdfCyber Crimes.pdf
Cyber Crimes.pdf
 
Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...
Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...
Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...
 
Grey Area of the Information Technology Act, 2000.pptx
Grey Area of the Information Technology Act, 2000.pptxGrey Area of the Information Technology Act, 2000.pptx
Grey Area of the Information Technology Act, 2000.pptx
 
Cyber Law and Cyber Crime
Cyber Law and Cyber Crime Cyber Law and Cyber Crime
Cyber Law and Cyber Crime
 
Furio lerma cybercrime-final
Furio lerma cybercrime-finalFurio lerma cybercrime-final
Furio lerma cybercrime-final
 
Cyber law
Cyber lawCyber law
Cyber law
 
Cyber crime legislation part 1
Cyber crime legislation part 1Cyber crime legislation part 1
Cyber crime legislation part 1
 
It security & crimes
It security & crimesIt security & crimes
It security & crimes
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
CYBER SECURITY :Cyber Law – The Legal Perspectives
CYBER SECURITY :Cyber Law – The Legal PerspectivesCYBER SECURITY :Cyber Law – The Legal Perspectives
CYBER SECURITY :Cyber Law – The Legal Perspectives
 
It Amendment ActIT Amendment Act, 2008 notified w.e.f. 27/10/2009
It Amendment ActIT Amendment Act, 2008 notified w.e.f. 27/10/2009It Amendment ActIT Amendment Act, 2008 notified w.e.f. 27/10/2009
It Amendment ActIT Amendment Act, 2008 notified w.e.f. 27/10/2009
 
Hhs en12 legalities_and_ethics
Hhs en12 legalities_and_ethicsHhs en12 legalities_and_ethics
Hhs en12 legalities_and_ethics
 
Cyber jurisdiction in India
Cyber jurisdiction in IndiaCyber jurisdiction in India
Cyber jurisdiction in India
 
Introduction to cyber law.
Introduction to cyber law. Introduction to cyber law.
Introduction to cyber law.
 
Danny Friedmann, Sinking the Safe Harbour with the Legal Certainty of Strict ...
Danny Friedmann, Sinking the Safe Harbour with the Legal Certainty of Strict ...Danny Friedmann, Sinking the Safe Harbour with the Legal Certainty of Strict ...
Danny Friedmann, Sinking the Safe Harbour with the Legal Certainty of Strict ...
 

Recently uploaded

如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书SD DS
 
Arbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in IndiaArbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in IndiaNafiaNazim
 
如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书 如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书Fir sss
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》o8wvnojp
 
一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书E LSS
 
Understanding Social Media Bullying: Legal Implications and Challenges
Understanding Social Media Bullying: Legal Implications and ChallengesUnderstanding Social Media Bullying: Legal Implications and Challenges
Understanding Social Media Bullying: Legal Implications and ChallengesFinlaw Associates
 
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书Fir L
 
如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书
如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书 如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书
如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书Fir sss
 
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书SD DS
 
Cleades Robinson's Commitment to Service
Cleades Robinson's Commitment to ServiceCleades Robinson's Commitment to Service
Cleades Robinson's Commitment to ServiceCleades Robinson
 
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书Fs Las
 
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.pptFINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.pptjudeplata
 
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptxConstitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptxsrikarna235
 
如何办理提赛德大学毕业证(本硕)Teesside学位证书
如何办理提赛德大学毕业证(本硕)Teesside学位证书如何办理提赛德大学毕业证(本硕)Teesside学位证书
如何办理提赛德大学毕业证(本硕)Teesside学位证书Fir L
 
一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书 一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书SS A
 
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书FS LS
 
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝soniya singh
 

Recently uploaded (20)

如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
 
Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
 
Arbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in IndiaArbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in India
 
如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书 如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
 
一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书
 
Understanding Social Media Bullying: Legal Implications and Challenges
Understanding Social Media Bullying: Legal Implications and ChallengesUnderstanding Social Media Bullying: Legal Implications and Challenges
Understanding Social Media Bullying: Legal Implications and Challenges
 
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
 
如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书
如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书 如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书
如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书
 
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
 
Cleades Robinson's Commitment to Service
Cleades Robinson's Commitment to ServiceCleades Robinson's Commitment to Service
Cleades Robinson's Commitment to Service
 
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
 
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.pptFINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
 
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptxConstitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
 
young Call Girls in Pusa Road🔝 9953330565 🔝 escort Service
young Call Girls in Pusa Road🔝 9953330565 🔝 escort Serviceyoung Call Girls in Pusa Road🔝 9953330565 🔝 escort Service
young Call Girls in Pusa Road🔝 9953330565 🔝 escort Service
 
如何办理提赛德大学毕业证(本硕)Teesside学位证书
如何办理提赛德大学毕业证(本硕)Teesside学位证书如何办理提赛德大学毕业证(本硕)Teesside学位证书
如何办理提赛德大学毕业证(本硕)Teesside学位证书
 
一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书 一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书
 
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
 
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
 
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝
 

EFFECTIVENESS OF THE EXISTING LEGAL FRAMEWORK GOVERNING CYBER-CRIMES IN SRI LANKA

  • 1. EFFECTIVENESS OF THE EXISTING LEGAL FRAMEWORK GOVERNING CYBER- CRIMES IN SRI LANKA By Vishni Lakna Ganepola Attorney-at-Law LLB (Hons)(London), LLM (London) Introduction In compliance with the Budapest Convention, the CCA has recognised almost all the cyber- crime offences that are provided in the convention. Mere fact that the legal system recognises certain cyber-offences or that it provides a special mechanism to conduct investigations does not render the legislative framework effective. For the legislative framework to be considered effective, it should be capable of achieving the objective for which it was established. Accordingly, the effectiveness of the contemporary legislative framework shall be assessed based on its success in identifying and preventing cyber-crimes, conducting investigations, enforcing the enacted laws and in protecting human rights and liberties which are the objectives behind the enforcement of the cyber-crime legislative framework. Identification of Cyber-Crimes The preamble to an act states the objectives behind the introduction of the particular act. So does the preamble of the CCA and the other legislative enactments that were discussed. According to the preamble of the CCA, one of the main objectives behind the introduction of the act was for the identification of cyber-crimes.1 Identification of cyber-crimes was given much consideration under the acts, since the law on cyber-crimes was a novel, untouched area of law. Since most of the offences were new to the framework and the subsistent framework didn’t provide for identification of many offences, considerable attention had to be paid on achieving the objective of identification of offences. In pursuance with the above objective the CCA in its Part I identifies eleven unique offences while some other enactments such as IPA, SLTA, OPO too recognise various other cyber-crimes that didn’t fall under the 1 Computer Crimes Act No.24 of 2007, Preamble
  • 2. purview of the CCA. The contemporary legislative framework recognises almost all the offences that were provided measures to be taken at national level under the Convention on Cyber-Crimes.2 Eventhough, the enactments had made a considerable effort in identification of the offences, there exist certain loopholes. These loopholes are not identified in many literature and therefore an information gap exist for discussion on the effectiveness of the legislative framework on cyber-crimes. The offence, computer cracking i.e. unauthorised access to commit an offence, is identified in the CCA. The term “offence” refers to any offence recognised under the CCA or under any other provision.3 Therefore, a person who commits offences such as theft of information, identity theft, computer-related fraud and forgery shall be punished under the section 3 of the CCA. However, there exist an issue as to whether these elements of the “offences described under other provisions” are sufficiently described to fall under the scope of a cyber-crime. For example, when the offence theft is considered, the PC provides that only movable property can be stolen.4 The term “movable property” is defined in the PC as follows; “corporeal property of every description, except land and things attached to the earth or permanently fastened to anything which is attached to earth”5 A close examination of the above definition and the rest of the chapter relating to offences against property, may reflect that in most instances, offences are confined to include only tangible and movable property.6 Further, attempts to expand the meaning of the term “movable property” to include intangible property in past had also failed. In the popular case of Nagaiya v. Jayasekara7, limiting the scope section 20 held that the offence theft was limited to movable property which didn’t include intangible property such as electricity. The above decision had not been overturned by any subsequent judgement for the last 90 years.8 2 Jayantha Fernando, 'THE IMPACT OF THE BUDAPEST CYBERCRIME CONVENTION ON SRI LANKAN LEGAL SYSTEM' (2016) <http://www.apbsrilanka.org/articales/28_ann_2016/7_28th_conv_a_Jayantha_Fernando.pdf> accessed 19 March 2017 3 Computer Crimes Act No.24 of 2007, section 4 4 Penal Code, section 366 5 Penal Code, section 20 6 See also: Kalinga Indatissa, The Law Relating To Computer Crimes And Credit Card Frauds (1st edn, Kalinga Indatissa 2005) 66 7 Nagaiya v Jayasekara 28 NLR 467 8 Kalinga Indatissa, The Law Relating To Computer Crimes And Credit Card Frauds (1st edn, Kalinga Indatissa 2005)
  • 3. Therefore in the view of this restrictive interpretation, it is highly improbable that a theft conducted with the intervention of computer would be considered an offence, especially, when the property is “identity” or “information”. Therefore, it can be submitted that offences such as identity theft and theft of information which are considered to be two major cyber- crimes needs a specific interpretation. Under the aspect of computer-related crimes the most prevalent types of cyber-crimes are computer-related fraud and forgery. An accused to be convicted of forgery, it is essential that the offence committed falls within the definition of “documents”. Term “documents” is defined in the PC as follows; “any matter expressed or described upon any substance by means of letters, figures, or marks or by more than one of those means, intended to be used, or which may be used, as evidence of that matter.”9 Accordingly, it has to be considered whether information stored in a computer system would fall within the ambit of the above interpretation. In the case of Benwell v. Republic of Sri Lanka10, where an Australian national was found to have committed the above by altering information stored in a computer, court held that information stored in any magnetic medium didn’t fall within the purview of section 452 of the PC. The restrictive approach adopted in the above case illustrates that a person charged with computer-related forgery might not get convicted of the offence under the PC or under section 4 of CCA. Further, the offence fraud has not been specifically identified under the PC. However, the PC has recognised offences cheating11 as punishable offences. The main ingredient which constitute the offence of cheating is “deceiving a person”. If cheating is committed as a cyber- crime i.e. using a computer, then a person is not deceived. It is the computer that is deceived. Therefore, a person who commits cheating through unauthorised access, might easily get acquitted due to the loopholes in the contemporary legislative framework.12 9 Penal Code, section 27 10 (1978-1979) 2 SLR 178 11 Penal Code, section 398 12 See also: Sunil D. B Abeyaratne, Introduction To Information And Communication Technology Law (1st ed, Sunil D, B. Abeyaratne 2008) 91
  • 4. All above-mentioned offences are identified under the Penal Code, yet, their definition is not broad enough to constitute a cyber-crime. However, there are also cyber-crimes which are not even identified under any legislative enactment. Some of them are cyber-defamation, cyber-bullying and cyber-stalking. Unrecognition of cyber-defamation can be justified, since the offence defamation itself has not been recognised under any statute and the law in that relation is governed through common law. Yet, with the lack of statutory instrument recognising cyber-defamation as an offence, the investigators become helpless in front of the complainants. Half of the cases reported to the Computer Crime Unit are cyber-defamation cases, but all that complaints have to be sent back, since the current legal framework doesn’t recognise an offence called cyber-defamation.13 Further, SLCERT has identified cyber-bullying and cyber-stalking as two of the most prevalent offence in Sri Lanka.14 Yet it is very unfortunate that the above two offences are not given a proper identification.15 In conclusion, it can be said that the existing legal framework had succeeded in identifying almost all the cyber-crimes that are required to be identified under the Convention on Cyber- Crimes and definition of most of the recognised offences are specific. Therefore, in that relation the existing legal framework is effective. Yet, the above discussed issues hinders the existing legal framework being identified a perfectly effective legal framework. Prevention of Cyber-Crimes One main purpose behind the introduction of a legislative framework is to build up a peaceful society with law and order well maintained. One way of achieving the above is by implementing measures that would prevent the commission of crimes. The existing legislative framework can be considered to be an effective one, only if the implemented laws and measures had succeeded in preventing the commission of cyber-crimes and thereby had 13 The above fact was revealed by an Investigating Officer of the Computer Crimes Division, Crime Investigation Department, at the Interview conducted on the 24th March 2017 at Colombo 14 Sri Lanka CERT, 'Sri Lanka CERT Cyber Security Awareness Survey, 2015' (Sri Lanka CERT 2015) <http://www.slcert.gov.lk/Downloads/Survey.pdf> accessed 21 March 2017 In the survey conducted in 2015, 14 cases on cyber-bullying and 11 cases on cyber-stalking were reported. This is a considerable increase compared to the previous years. 15 See also: Randima Attygalle, 'How Ready Are We To Combat Cyber Crime?' The Island (2014) <http://www.island.lk/index.php?page_cat=article-details&page=article-details&code_title=109816> accessed 22 March 2017 Mr. Sunil Abeyratne, Attorney-at-law expresses his opinion in this relation stating that the offences cyber- bullying and cyber-stalking should be specifically identified as punishable offences under legal provisions
  • 5. reduced the cyber-crime rate. SLCERT and Sri Lanka Police has taken various preventive measures to control cyber-crimes. Yet, the recent reports suggest that the enacted laws and regulations had failed in achieving their objective. This is because, when compared with the past the cyber-crime rate has significantly increased while new types of cyber-crimes been added to the list of cases reported. The following figure 1 which illustrates the data collected in 2014 is a good example which proves the above statement.16 Figure 1 From the above statistics, it is visible that the cyber-crime incidents reported had increased at a rate of 85% in 2014 compared to 2013. 16 See also: Nushka Nafeel, 'New Laws To Curb Cyber Crimes' Daily News (2015) <http://dailynews.lk/2015/11/05/features/new-laws-curb-cyber-crimes-0> accessed 21 March 2017.
  • 6. As per Cyber Security Awareness Survey, 2015 conducted by CERT 602 online victimizations were reported. The figure 2 below graphically illustrates the results of the above survey.17 Figure 2 Accordingly, the most common type of cyber-crime reported in Sri Lanka is computer viruses i.e. 67%. According to the SLCERT statistics published in 2007, only 17 cases were reported out of which 41% cases were sexual harassment cases. When the statistics of the two years are analysed, it is evident that there is a drastic increase in the number of cyber-crime cases reported. Does this mean the existing legal framework had succeeded in combatting the cyber-crimes? Or had it had no impact on combatting the cyber-crimes? After evaluating the issues pointed above, it can be submitted that the effectiveness of the existing framework in relation to preventing crimes is at an unfortunate state. Provide for an Investigating Procedure The need for a new set of rules to govern the law relating to cyber-crimes arose due to improvements in the technology. With these improvements, the criminal minds began to constantly use the computer systems as a weapon to commit crime. In order to provide an effective investigating procedure to inspect into cyber-crime matters, in addition to the CPC, the CCA introduced few special provisions. 17 See also: Sri Lanka CERT, 'Sri Lanka CERT Cyber Security Awareness Survey, 2015' (Sri Lanka CERT 2015) <http://www.slcert.gov.lk/Downloads/Survey.pdf> accessed 21 March 2017
  • 7. Provisions in relation to the appoint of the panel of experts attracted the attention of many. In order to carry out an investigation on a cyber-crime, it is essential that the investigator possess a good knowledge and experience on information technology. Since the police officers who generally carry out the investigations lack the required knowledge, the appointment of the experts had made the process much easier. Further, a major challenge faced by the legal system is the lack of reporting of cyber-crimes. Main causes behind lack of reporting is that the victims fear that their data might get destroyed or they might lose the confidentiality of their private data. Since, now with the new regulations enacted by the CCA, the reporting rates have increased. Through these special provisions the law enforcing bodies ensures that the victimised data and devices are at safe hands and the confidentiality of the data are well protected. The special powers rendered to the experts to enter any premises along with a SIP, to access and perform any function on data and computer systems, to search and seize any information, to intercept any wire or electronic communication at any stage of communication and especially the immunity given to the experts from legal proceedings make the duty of the panel much easier. Further, the provisions on preservation of information and normal use of computer not to be hampered have made the investigating procedure more effective.18 Even with such a set of effective rules, there are few practical problems that are faced by the investigators in conducting an investigation. Eventhough the investigators are capable of seeking the assistance of the experts, most of the experts are unwillingly to get involved in the investigations. This is mostly because of the harsh cross-examinations they are subjected to. The cost of obtaining the assistance of the experts is extremely high and the Police Department lack funds to conduct such expensive investigations. When the cases are instituted in the MC, the maximum penalty that can be imposed on a convicted is Rs.1500. Yet, the cost of investigation is more than ten times the penalty which results in a wastage of government funds.19 18 See also: Saptha Wanniarachchi, 'Sri Lanka Computer Crime And Criminal Procedure' <http://www.saptha.com/blog/random/sri-lanka-computer-crime-and-criminal-procedure/> accessed 22 March 2017 19 The above ideas were expressed by an Investigating Officer of the Computer Crimes Division, Crime Investigation Department, at the Interview conducted on the 24th March 2017 at Colombo
  • 8. Further, due to the extraterritorial nature of the cyber-crimes, the investigators have to seek the assistance of the international organizations such as INTERPOL. These international organizations are not very much keen on providing their assistance in these minor cyber- crime matters. Therefore, the investigation procedure takes a long time to get completed or the investigations get stuck in the midway. Further, when cases associated with social media such as Facebook are reported, investigators are unable to conduct investigations, since these organizations unwilling to disclose information, such as IP addresses, required to conduct an effective investigation.20 However, with Sri Lanka’s accession to the Convention on Cyber- Crimes, there are slight improvements in the investigations, since the investigators are now capable of seeking the assistance of the mutual legal assistance. Further, the Police Department is now in the process of establishing a digital forensic lab to provide the victims with a speedy investigation and the department is also conducting training programmes to train officers on conducting cyber-crime investigations.21 Yet, under the legal provisions, only evidence admissible in relation cyber-crimes are the reports of the panel of experts.22 There is hardly anything exists to state the current investigation procedure is ineffective. Even then the effectiveness of this investigation procedure could be enhanced further by providing the experts a proper training before they are put into the field of investigation and by increasing awareness among the public about the merits of the investigation procedure. Today, Sri Lanka’s prime issue is whether the law is equal to all. If the investigators will be competent enough to provide a positive answer to the above issue, that would further enrich the effectiveness of the system, because, success of the legal framework mostly depends on the effectiveness of the investigating team. Enforcement of the Enacted Cyber-Crime Legislative Framework The law enforcement procedure is the end result of the identification of offences and the investigation procedure. Therefore, the effectiveness of the law enforcement procedure depends on the success of the above two procedures. 20 The above ideas were expressed by an Investigating Officer of the Computer Crimes Division, Crime Investigation Department, at the Interview conducted on the 24th March 2017 at Colombo 21 The above ideas were expressed by an Investigating Officer of the Computer Crimes Division, Crime Investigation Department, at the Interview conducted on the 24th March 2017 at Colombo 22 See also: Nushka Nafeel, 'New Laws To Curb Cyber Crimes' Daily News (2015) <http://dailynews.lk/2015/11/05/features/new-laws-curb-cyber-crimes-0> accessed 21 March 2017.
  • 9. In order to enhance the law enforcement in relation cyber-crimes, with the interference of the government, few institutions had been established namely, Computer Crime Division of the Police Department and SLCERT. The above institutions render an immense service in order to provide the Sri Lankans a just and an effective legal framework on cyber-crimes. Computer Crime Division was recently established and currently, the division conducts number of investigations.23 To further enhance their scope of service, the department is in the process of instituting a digital forensic lab.24 Since it was established, the department is facing certain difficulties in performing their duties with the lack of human resources and expertise. However, now measures have been taken to train officers on how to conduct cyber- crime offences and to institute labs with standardised equipment.25 SLCERT is not a law enforcing body. Yet, the institution provides the victims with technical assistance at the instances where the law is silent on providing them with a relief. The responding service provided by SLCERT identify unusual events in the computer systems and advice the victims on how to eradicate such situations.26 Apart from the responding services, SLCERT also provide consultancy and awareness services as well. The CCA has an extradition applicability. Through extradition, the law enforcement in relation to cyber-crimes get more effective since, this allows the law enforcing bodies to enforce law against any person who commits the cyber-crime within or outside Sri Lanka. However, in reality, the law-enforcing bodies find it impractical to take actions against the persons who commits crime outside Sri Lanka. Main reason behind this impracticality is the disinclined nature of the international organizations in providing their assistance. In the eyes of the international criminal justice system, these cyber-crime matters are inconsiderable. Therefore, less significance and less assistance is given by the international organizations such as INTERPOL, in capturing the culprits and enforcing law against them. However, the situation has quite changed for the better with the increase in the world-wide cyber-crime rate and 23 The division has investigated over 100 cyber-crimes, including 50 complaint on cyber defamation, 21 on cases related to obscene publication, and 22 related to email hacking in 2015. See also: Nushka Nafeel, 'New Laws To Curb Cyber Crimes' Daily News (2015) <http://dailynews.lk/2015/11/05/features/new-laws-curb-cyber-crimes-0> accessed 21 March 2017. 24 The above fact was revealed by an Investigating Officer of the Computer Crimes Division, Crime Investigation Department, at the Interview conducted on the 24th March 2017 at Colombo 25 Nushka Nafeel, 'New Laws To Curb Cyber Crimes' Daily News (2015) <http://dailynews.lk/2015/11/05/features/new-laws-curb-cyber-crimes-0> accessed 21 March 2017. 26 The above fact was revealed by an expert in the area of Information Security Engineering at the Key Informant Interview conducted on the 27th March 2017 at Colombo
  • 10. due to Sri Lanka’s accession to the Budapest Convention. In compliance with the Budapest Convention the parties to the convention are facilitated with the opportunity of mutual legal assistance of the other countries. Accordingly, now the countries show much keenness in providing assistance to the LEA in conducting an effective extradition investigation. One of the main drawbacks in the existing legal framework on cyber-crimes is that lack of case law. A limited number of cases are brought before the courts for hearing and there are no decided cases reported on cyber-crimes.27 All the matters are mostly solved at the lower courts. Currently, the Colombo High Court is hearing 10 cases28, but the SLCERT reports suggest that in 2015, 602 cases were reported.29 This gap is mainly due to the various loopholes that exist in the existing legal framework in identification of offences and in conducting investigations. Further, since the IT literacy of the individuals are at a low level, most of the individuals are not aware that they are victims of cyber-crimes. Some individuals are not aware about the legal reliefs available to the cyber-crime victims. Therefore, only a few number of cases are reported to the courts and the judges don’t get an opportunity to administer law against the offenders. Even where cases are brought before the courts for hearing, the law does not provide sufficient reported case law for the judges to address issues based on the stare decisis concept. Accordingly, it can be submitted that the lack of awareness and case law has largely contributed towards the ineffectiveness of the legislative framework on cyber-crimes. CCA has provisions to award compensation to the victims of cyber-crimes, where they have incurred a loss or damage or where a monetary gain is accrued by the offender.30 The provision has enhanced the effectiveness of the existing framework by providing the victims with reliefs where they have suffered a loss. Yet, this provision has also given rise to many __ 27 Sunil Abeyratne in an interview published in the “The Island” newspaper on 6th September 2016 states that a case on a cyber-crime matter is pending at the Court of Appeal. The respondent had been indicted for distributing child pornography using the internet. At the High Court, the prosecutors had failed to prove the case beyond reasonable doubt since the investigators of the National Child Protection Authority failed to conduct a proper investigation. The Hon. Attorney General has appealed against the decision of the High Court and the judgement is pending. See also: Randima Attygalle, 'How Ready Are We To Combat Cyber Crime?' The Island (2014) <http://www.island.lk/index.php?page_cat=article-details&page=article-details&code_title=109816> accessed 22nd March 2017 28 The above fact was revealed by an expert in the field of law at the Key Informant Interview conducted on the 20th March 2017 at Gampaha. 29 See also: See also: Sri Lanka CERT, 'Sri Lanka CERT Cyber Security Awareness Survey, 2015' (Sri Lanka CERT 2015) <http://www.slcert.gov.lk/Downloads/Survey.pdf> accessed 21 March 2017 30 Computer Crime Act No.24of 2007, section 14
  • 11. that lead towards the ineffectiveness of the system. Since aggrieved parties are capable of recovering their damage by way of compensation through a civil matter, most of the parties opt to institute a civil matter to recover the losses. Further, most of the corporations opt a civil matter and recover damages, in order to avoid the negative publicity that would cause their brand image to get tarnished. Therefore, no formal complaints are made to the Police neither they receive information regarding cyber-crimes and thereby no cyber-crime cases are reported before the courts for hearing.31 Few major issues exist in relation to admissibility of electronic evidence in case of a cyber- crime. With the recent development in relation to admissibility of electronic evidence, computer generated evidence is now accepted to be admissible. Yet, there are few restriction imposed by law with regard to acceptance of electronic evidence. These restrictions have been slightly relaxed with the implementation of the ETA. However, the provisions of the ETA are applicable in relation to commercial transactions only and where cyber-crime occur in the course non-commercial transactions, only the Evidence (Special Provision) Act is applied. Further, law doesn’t provide for the admissibility of evidence produced by certain international organizations, digital forensic labs of the computer crime unit or for the admissibility of evidence obtained through the mutual legal assistance process. Due to these irregularities, the law enforcing officers have to face various issues in proving their case beyond reasonable doubt ultimately leading towards the ineffectiveness of the overall legislative framework. Once all above-mentioned prospects and challenges of the system are considered, it can be submitted that the legislative framework has much scope for improvement in enhancing its effectiveness in relation to law enforcement. Protection of Human Rights and Liberties One purpose of the introduction of a new legislative framework on cyber-crimes, is to protect the rights and liberties of the individuals. Once a person becomes a victim of a cyber-crime, most of his human rights are affected. For example, in case of cyber-defamation, a person’s right to privacy, right to equality, freedom from mental torture and even sometimes his 31 The above fact was revealed by an expert in the field of law at the Key Informant Interview conducted on the 20th March 2017 at Gampaha.
  • 12. intellectual property rights are affected. If law is enforced against the offender, his freedom of expression of the offender is affected. Eventhough many human rights are affected through the commission of a crime, the main concern is victim’s privacy. Therefore, the CCA has introduced a provision in order to protect the confidentiality of the victimised information. Eventhough the victim’s right to privacy may get affected during commission of the cyber- crime, steps have been taken to ensure that during the investigation no such right is affected. Further, the Constitution of Sri Lanka32 and Universal Declaration of Human Rights provide for the protection of a wide range of human rights and liberties and under those provisions rest of the human rights can be protected. CCA provides only for the protection of the rights in course of investigation. Accordingly, it can be submitted that the existing law provide for an effective legislative framework on the protection of human rights and liberties related with cyber-crimes Summary Effectiveness of the existing legislative framework on cyber-crimes can be assessed based on its success at achieving the objectives behind its implementation. Accordingly, the effectiveness of the legal framework was analysed in relation to identification and prevention of cyber-crimes, provision of an efficient investigating procedure, enforcement of the enacted laws and in relation to protection of human rights and liberties. Since the current legal framework on cyber-crimes recognise most of the computer crimes, provide an effective mechanism to deal with such computer crimes with the assistance of a panel of experts and since the court have a wide jurisdiction to attend the matters irrespective of whether the person resides, the crime was committed or the damage was caused a person or corporation within or outside Sri Lanka and since measures have been implemented for the protection of information and rights of the individuals, in one aspect it can be submitted that the existing legal framework is effective. Yet, due to certain practical issues faced by the investigators, non-identification of certain prominent cyber-crime offences, lack of reporting by victims, shortage of resources, expertise and experience, irregularities in law enforcement due to transnational nature of cyber-crimes and due to significant challenges faced by LEAs in 32 Constitution of
  • 13. obtaining admissible evidence the existing legal framework is said to be ineffective in one aspect.