11 min read
This is the guide to the Cyberlaws of Antigua and Barbuda, Australia, Bahamas, Canada, Commonwealth, Council of Europe, GCC countries, Jamaica, Japan, Malaysia, Mauritius, Nigeria, Singapore, Trinidad & Tobago, UK, United Nations, USA.
Cyber Law is the legal and regulatory framework relating to
- Artificial Intelligence
- Bitcoin & other crypto-currencies
- Cloud computing
- Cryptography Export
- Cyber Crime Investigation and Forensics
- Cyber Insurance
- Cyber security and incident response
- Cyber Terrorism & Warfare
- Data breaches and data privacy
- Digital Evidence
- Digital payments, credit, debit & cash cards, mobile wallets, net banking, UPI
- Domain name disputes
- E-governance, E-courts & E-tenders
- Electronic & Digital Signatures
- Electronic contracts
- Electronic voting machines
- Extradition of cyber criminals
- Hacking, malware, ransomware, and other cybercrimes,
- Information Technology Law Compliance
- Intermediaries like Internet Service Providers (ISPs), Social Media Platforms, Email services, video streaming services
- Internet of Things
- Online education
- Online gambling & gaming, and pharmacies
- Online share trading, banking, and tax filing
- Software licenses
- Spam, hate speech and trolling
- Torrents, dark web, p2p networks, and file-sharing
- Video conferencing
Cyber Law of Antigua and Barbuda
The cyber law ecosystem of Antigua and Barbuda comprises the Electronic Crimes Act 2013 and the Electronic Evidence Act 2013.
The Electronic Crimes Act 2013 penalizes several cyber crimes including unauthorised access, identify theft, electronic forgery. electronic fraud, misuse of encryption, child pornography, electronic terrorism, false websites & spam. The Electronic Crimes Act 2013 also enables mobile phone tracking in emergencies.
The Electronic Evidence Act 2013 contains detailed provisions relating to digital evidence.
Cyber Law of Australia
Australia has a very mature cyber law ecosystem comprising several Acts and Regulations.
The Cybercrime Act 2001 was enacted by the Parliament of Australia primarily to amend the law relating to computer offences. It penalizes serious computer offences.
The Criminal Code Act 1995 penalizes Unauthorised access, modification or impairment; Unauthorised access etc with intent to commit a serious offence; Unauthorised access or modification of restricted data; and Possession of hacking tools.
The Cybercrime Legislation Amendment Act 2012 implements the Council of Europe Convention on Cybercrime.
The Mutual Assistance in Criminal Matters Act 1987 allows for international assistance in criminal matters to be provided and obtained by Australia.
The purpose of the Mutual Assistance in Criminal Matters (Cybercrime) Regulation 2013 is to facilitate Australia’s ability to make and receive mutual assistance requests to and from States Parties to the Council of Europe Convention on Cybercrime in respect of the offences covered by the Convention.
The Enhancing Online Safety Act 2015 establishes an eSafety Commissioner and contains provisions relating to cyber bullying.
The Extradition Act 1988 codifies the law relating to the extradition of persons to and from Australia.
The Extradition (Cybercrime) Regulation 2013 read in conjunction with section 5 of the Extradition Act 1988, defines extradition countries.
The Privacy Act 1998 sets up a scheme for notification of eligible data breaches.
The Spam Act 2003 sets up a scheme for regulating commercial email and other types of commercial electronic messages.
The Telecommunications Act 1997 sets up a system for regulating tele-communications.
The Telecommunications (Interception and Access) Act 1979 establishes a system of preserving certain stored communications that are held by a carrier. The purpose of the preservation is to prevent the communications from being destroyed before they can be accessed under certain warrants issued under the Act.
- Cybercrime Act 2001
- Cybercrime Legislation Amendment Act 2012
- Criminal Code Act 1995 (Vol 1)
- Criminal Code Act 1995 (Vol 2)
- Mutual Assistance in Criminal Matters Act
- Mutual Assistance in Criminal Matters (Cybercrime) Regulation 2013
- Enhancing Online Safety Act 2015
- Extradition Act 1988
- Extradition (Cybercrime) Regulation 2013
- Intelligence Services Act 2001
- Privacy Act 1988
- Spam Act 2003
- Spam Regulations 2004
- Telecommunications Act 1997 (Vol 1)
- Telecommunications Act 1997 (Vol 2)
- Telecommunications (Interception and Access) Act 1979
- Crimes Act 1914 (Vol 1)
- Crimes Act 1914 (Vol 2)
- Communications Legislation Amendment (Online Content Services and Other Measures) Act 2018
- Enhancing Online Safety (Non-consensual Sharing of Intimate Images) Act 2018
- Surveillance Devices Act 2004
Cyber Law of Bahamas
The Computer Misuse Act of Bahamas punishes unauthorised access, modification of data, interception of computer service, obstruction and disclosure of access code. It also provides enhanced punishment for offences involving protected computers.
Cyber Law of Canada
Canada has a mature cyber law ecosystem comprising:
The Protecting Canadians from Online Crime Act, which amends the Criminal Code, the Canada Evidence Act, the Competition Act and the Mutual Legal Assistance in Criminal Matters Act.
The Criminal Code which contains provisions relating to unauthorized use of a computer, password misuse; possession of device to obtain computer service; credit card related crimes, voyeurism; luring a child by means of a computer system; child pornography; order of prohibition from using computer system; and warrant of seizure.
The Personal Information Protection and Electronic Documents Act which protects personal information that is collected, used or disclosed in certain circumstances, and amends the Canada Evidence Act, the Statutory Instruments Act and the Statute Revision Act.
The Canada Evidence Act which covers authentication of electronic documents, the application of best evidence rule to electronic documents, presumption of integrity and presumptions regarding secure electronic signatures.
The Mutual Legal Assistance in Criminal Matters Act which provides for the implementation of treaties for mutual legal assistance in criminal matters and amends the Criminal Code, the Crown Liability Act and the Immigration Act.
The Privacy Act, which extends the present laws of Canada, that protect the privacy of individuals with respect to personal information about themselves held by a government institution and provides individuals with a right of access to that information.
An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities which prohibits unsolicited electronic messages.
Electronic Commerce Protection Regulations, which excludes certain commercial electronic messages from being considered as unsolicited electronic messages.
- Protecting Canadians from Online Crime Act
- Criminal Code
- Personal Information Protection and Electronic Documents Act
- Canada Evidence Act
- Mutual Legal Assistance in Criminal Matters Act
- Privacy Act
- An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities
- Electronic Commerce Protection Regulations
Cyber Law of the Commonwealth
The Commonwealth of Nations, normally known as the Commonwealth, is a sui generis political association of 53 member states, nearly all of them former territories of the British Empire. The chief institutions of the organisation are the Commonwealth Secretariat, which focuses on intergovernmental aspects, and the Commonwealth Foundation, which focuses on non-governmental relations between member states.’, ‘The Commonwealth of Nations
Cyber Law of Council of Europe
The European Union (EU) is a political and economic union of 28 member states – Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden and the UK.
The Council of Europe is an international organisation whose stated aim is to uphold human rights, democracy and the rule of law in Europe. Founded in 1949, it has 47 member states. It “brings together governments from across Europe – and beyond – to agree minimum legal standards in a wide range of areas”. It also monitors how well countries apply the standards that they have chosen to sign up to. It also provides technical assistance, often working together with the European Union, to help them do so.
In today’s highly technology-driven world, borders are no longer boundaries to the flow of information and communications. Increasingly, criminals are located in places other than where their acts produce their effects. Since domestic laws are primarily confined to a specific territory, cyber crimes can be effectively handled by international law such as The Council of Europe Convention on Cybercrime and its Protocol on Xenophobia and Racism.
- Convention on cybercrime & Protocol on Xenophobia and Racism
- Council Framework Decision of 28 May 2001 on combating fraud and counterfeiting of non-cash means of payment
- Directive on on combating the sexual abuse and sexual exploitation of children and child pornography
- European Investigation Order in criminal matters
- Directive on attacks against information systems
Cyber Law of GCC countries
The Cooperation Council for the Arab States of the Gulf is a regional intergovernmental political and economic union consisting Bahrain, Kuwait, Oman, Qatar, Saudi Arabia, and the United Arab Emirates.
The purpose of the Arab Convention on Combating Information Technology Offences is to enhance and strengthen cooperation between the Arab States in the area of combating information technology offences.
The Member States have implemented the provisions of the Arab Convention on Combating Information Technology Offences through the following laws:
1. Law on Combating Cybercrime in the Kingdom of Bahrain
2. Cyber Crime Law of Oman
3. Cybercrime Prevention Law of Qatar
4. Anti-Cyber Crime Law of Saudi Arabia
5. Law on combatting cybercrimes of UAE
- Arab Convention on Combating Information Technology Offences
- Law on Combating Cybercrime in the Kingdom of Bahrain
- Cyber Crime Law of Oman
- Cybercrime Prevention Law of Qatar
- Anti-Cyber Crime Law of Saudi Arabia
- Law on combatting cybercrimes of UAE
Cyber Law of Jamaica
The Cybercrimes Act, 2010 provides criminal sanctions for the misuse of computer systems and the abuse of electronic means of completing transactions. It also facilitates the investigation and prosecution of cyber crimes.
Cyber Law of Japan
Japan signed the Convention on Cybercrime in 2001 and the Diet passed it in 2011.
Japan’s cyber law ecosystem comprises:
Act on Prohibition of Unauthorized Computer Access – which prohibits acts of unauthorized computer access. An interesting feature of the Unauthorized Computer Access Law is the requirement to publicize , at least once a year, the situation of occurrence of acts of unauthorized computer access and the situation of research and development of the access control function-related technology. This is required to be done in order to help protect against acts of unauthorized computer access.
The Penal Code, which penalises the “Obstruction of Business by Damaging a Computer” and “Computer Fraud”. This Code also applies to any Japanese national who commits Computer Fraud anywhere in the world.
The Code of Criminal Procedure, which contains provisions relating to, the investigation of criminal cases including those involving digital evidence.
The Rules of Criminal Procedure made to ensure the speedy and fair judicial proceedings expected under the Constitution.
The Act of Extradition, which governs Japan’s extradition process. Also related to this is the Act on International Assistance in Investigation and Other Related Matters.
The Basic Act on Crime Victims, which indicates the direction that policies for crime victims, etc. should take.
- Act on Prohibition of Unauthorized Computer Access
- Penal Code
- Code of Criminal Procedure (Part 1 and 2)
- Code of Criminal Procedure (Part 3)
- Rules of Criminal Procedure
- Act of Extradition
- Act on International Assistance in Investigation and Other Related Matters
- Basic Act on Crime Victims
Cyber Law of Malaysia
The Computer Crimes Act 1997 penalises unauthorized access to computer material, unauthorized modification of the contents of any computer and wrongful communication. It also makes abetments and attempts punishable as offences. The Act also details powers of search, seizure and arrest.
Cyber Law of Mauritius
The Computer Misuse and Cyber-Crime Act prescribes punishments for various cyber crimes. It also provides the legal framework for investigation of cases involving digital evidence. Issues relating to electronic records, contracts, digital signatures and liabilities of network service providers are covered by the Electronic Transactions Act.
- The Computer Misuse and Cyber-Crime Act
- The Electronic Transactions Act
- The Data Protection Act
- Child Protection Act
- The Information and Communication Technologies Act
- Independent Broadcasting Authority Act
- Postal Services Act
Cyber Law of Nigeria
The Advance Fee Fraud and other Fraud Related Offences Act 2006 prohibits and punishes offences pertaining to Advance Fee Fraud and other fraud related offences.
The Cybercrimes (Prohibition, Prevention, etc) Act 2015 provides an effective, unified and comprehensive legal, regulatory and institutional framework for the prohibition, prevention, detection, prosecution and punishment of cybercrimes in Nigeria.
- Advance Fee Fraud and other Fraud Related Offences Act 2006
- The Cybercrimes (Prohibition, Prevention, etc) Act 2015
- Guidelines for the provision of Internet service
Cyber Law of Singapore
The Computer Misuse Act penalizes several cyber crimes including unauthorised access to computer material, unauthorised modification of computer material, unauthorised use / interception of computer service, unauthorised disclosure of access code etc. It also provides for enhanced punishment for offences involving protected computers.
The Criminal Procedure Code empowers a police officer to access a computer suspected of being used for criminal purposes.
The Cybersecurity Act regulates owners of critical information infrastructure, and regulates to cybersecurity service providers. It also authorises measures to prevent, manage and respond to cybersecurity threats and incidents. The Cybersecurity (Critical Information Infrastructure) Regulations 2018 is also related to this issue.
The Evidence Act was amended in 2012, to do away with outdated and cumbersome requirements for admitting computer output as evidence, and to replace these with presumptions regarding the authenticity of electronic records.
The Remote Gambling Act regulates remote gambling services.
- Computer Misuse Act
- Cybersecurity Act 2018
- Criminal Procedure Code
- Cybersecurity (Critical Information Infrastructure) Regulations
- Evidence Act
- Penal Code
- Remote Gambling Act 2014
Cyber Law of Trinidad & Tobago
The Interception and Communications Act governs the interception of communications, and the decryption of encrypted electronic data and passwords.
The Computer Misuse Act penalises various cyber crimes.
Cyber Law of UK
The UK is party to the Budapest Convention, which contains provisions on Mutual Legal Assistance. The UK is also party to other Council of Europe Conventions, UN Conventions, EU instruments, and nearly 40 bilateral treaties on Mutual Legal Assistance.
The UK has implemented the Freezing Order Framework Decision in relation to evidence, and the Confiscation Order Framework Decision.
- Computer Misuse Act 1990
- Malicious Communications Act 1988
- Terrorism Act 2006
- Serious Crime Act 2015
- Police and Justice Act 2006
- Regulation of Investigatory Powers Act 2000
- Police and Criminal Evidence Act 1984
Cyber Law of United Nations
The United Nations is an international organization founded in 1945. It is currently made up of 193 Member States.
- Comprehensive Study on Cybercrime, UNDOC (2013)
- Legal issues on international use of electronic authentication and signature methods
- UNCITRAL Model Law on Electronic Commerce
- UNCITRAL Model Law on Electronic Signatures
- United Nations Convention on the Use of Electronic Communications in International Contracts
Cyber Law of USA
Being at the forefront of computer technology, and being the country that developed what is today referred to as the Internet, the USA has been the global leader in developing laws relating to cyber crime.
The relevant US laws are:
1. Identity Theft Act (18 U.S.C. 1028), which addresses fraud and related activity in connection with identification documents, authentication features, and information and (18 U.S.C. 1028A) which addresses Aggravated Identity Theft.
2. Access Device Fraud Act (18 U.S.C. 1029), which addresses fraud and related activity in connection with access devices.
3. Computer Fraud and Abuse Act (18 U.S.C. 1030), which addresses fraud and related activity in connection with computers.
4. CAN-SPAM Act (18 U.S.C. 1037), which addresses fraud and related activity in connection with electronic mail.
5. Wire Fraud Act (18 U.S.C. 1343), which addresses fraud by wire, radio, or television.
6. Communication Interference Act (18 U.S.C. 1362), which addresses interference to communication lines, stations or systems.
7. Electronic Communications Privacy Act (18 U.S.C. 2510-2522), which addresses interception of wire, electronic and oral communications.
8. Stored Communications Act (18 U.S.C. 2701-2712), which addresses voluntary and compelled disclosure of “stored wire and electronic communications and transactional records” held by third-party internet service providers (ISPs).
9. The Pen/Trap Statute (18 U.S.C. 3121-3127), which governs real-time interception of “the numbers dialed or otherwise transmitted on the telephone line to which such device is attached.”
10. Clarifying Lawful Overseas Use of Data Act or the CLOUD Act which amends the Stored Communications Act (SCA) of 1986 to allow federal law enforcement to compel US-based technology companies, via warrant or subpoena, to provide requested data stored on US and foreign servers.
- 18 U.S.C. 1028
- 18 U.S.C. 1028A
- 18 U.S.C. 1029
- 18 U.S.C. 1030
- 18 U.S.C. 1037
- 18 U.S.C. 1343
- 18 U.S.C. 1362
- 18 U.S.C. 2510-2522
- 18 U.S.C. 2701-2712
- 18 U.S.C. 3121-3127