Review of Principles of Cybercrime (Clough)
Principles of Cybercrime
PUBLISHER: CAMBRIDGE UNIVERSITY PRESS
From the perspective of an investigator, national boundaries and the legal systems that go with them cause nothing but trouble when it comes to dealing with online crime. Something that may be clearly criminal in one jurisdiction may be completely ignored in another and the chances of being able to gather evidence, let alone identify and prosecute a perpetrator can be slim. Add in the exceptional rate of development of hardware and, particularly, software and the problem can seem insurmountable.
In this book, Jonathan Clough brings together four common law legal systems: Australia, Canada, the USA and the UK (treated as one because, in spite of fine detail differences between the operation of our legal systems, the legislation is, in essence, the same in all jurisdictions), to compare and contrast their differing approaches to definitions of various types of cybercrime. The helpful, and comprehensive, tables of legislation and case references at the front of the book list each precedent or the subsection of each relevant Act, including references to state legislation where relevant, and some pointers to other nations (such as New Zealand) which, although not used for the core of the discussion, do have some interesting features which merit consideration. International instruments are also listed.
Part 1 (of six) gives a good introduction to the history and development of cybercrime as a concept, giving due consideration to some landmark cases which led to changes in law, and covering (albeit at a fairly high level) the technologies and features of the online world which make it an attractive place for criminals. Thereafter, the following four sections concentrate on particular types of crime and examine how the legal systems have responded to the development of these.
In Part 2, Clough examines the problem of “Computer as Target”. Some researchers, myself included, might dispute the concept of the computer as the only target of a crime – after all, a computer only really has value inasmuch as it stores and processes data relating to human beings and their activities – but there is little doubt that computers are targets for criminals precisely because of the impact they can have on their human masters. With that accepted, the consideration turns to subcategories of crime, from unauthorised access, through modification of data and misuse of devices to interception offences. In each subcategory, the history of the development of legislation in each jurisdiction is considered and the solutions developed are compared with each other to give a very useful understanding of the underlying concepts which each law attempts to address.
Part 3 moves on to the general category of fraud, covering fraud itself, copyright infringement and unsolicited email, or spam. The same approach of comparing the development of, and responses found in, each legal framework is taken, leading again to a useful understanding of each system's approach to the problem under consideration and to the common unspoken agreements on the concepts which underpin them.
Part 4, on content offences, deals solely with child pornography (itself a hotly debated term, many preferring to use descriptions which remind others that these images and videos are evidence of child abuse, not just depictions of it). This time, the chapters start by trying to find common definitions of the chapter title and then lead on to the various types of offence from production through to possession. Rightly, part 4 concludes with a short consideration of defences which apply in each jurisdiction. These seem to fall into the same broad categories in each case, with fairly well defined parameters intended to stop the defences being abused or having their scope unduly extended.
Part 5 turns to offences against the person – those acts carried out online which can directly affect the mental or physical wellbeing of another. Grooming, of course, gets considerable coverage, as do harassment (including stalking and cyberbullying), and voyeurism.
Finally, part 6 addresses the issue of jurisdiction, helpfully (for this reader at least) drawing distinctions between prescriptive, adjudicative and enforcement jurisdictions and examining how the interplay between these concepts can aid or hamper effective policing of online activity.
Throughout the book, Clough makes good use of real examples, many of them well known from media reporting, to expand the points made without giving the feel that this is a work of opinion rather than a proper unbiased consideration of the facts.
Even for a non-lawyer, such as this reviewer, the concepts are well clarified and the language is accessible. It should probably sit on the shelves of anyone involved in the prevention, investigation or prosecution of cybercrime and, more importantly, be taken down, read and referred to regularly. It will certainly form part of my library and is likely to find its way onto my students' reading lists.
The only real weakness is in the fact that all four of the main legal systems considered are common law systems. Some examination of other systems would be most enlightening, but this would almost certainly require a second volume at least. Maybe we can look forward to this in a next edition?
Angus M Marshall Bsc, CEng, FBCS, CITP, FRSA, lecturer in cybersecurity and independent expert on digital evidence