Hackers, beware! - Higher fines coming for cybercrime
Hackers face even harsher fines if refuse to provide password used
BY ALICIA DUNKLEY-WILLIS Observer senior staff reporter dunkleya@jamaicaobserver.com
Thursday, June 06, 2013
SUGGESTIONS for an increase in the fines and penalties under the 2010
Cybercrimes Act, now being reviewed by a joint parliamentary committee,
are to be taken on board.
Under the Act, an offence is committed when a person who knowingly
obtains, for himself or another person, any unauthorised access to any
programme or data held in a computer. That individual is liable upon
conviction before a resident magistrate to a Þne not exceeding $2
million or to imprisonment for a term not exceeding two years or to
both; or if any damage is caused as a result of the commission of the
offence, a Þne not exceeding $3 million or to imprisonment for a term
not exceeding three years or to both.
Proposals for the new fines have, however, not yet been put on the table.
The suggestion for a hike in the fines is one of several which have
been accepted in the report of the Legal Reform Department of the
Ministry of Justice following its review of the submissions and
recommendations made to the joint select committee so far.
In February this year, telecommunications giant Digicel; CEO of
Proficiency Labs International Dr Tyrone Grandison; and the Jamaica
Constabulary Force recommended that the fines and terms of imprisonment
under the Act should be increased, suggesting that they were not severe
enough and did not act as a deterrent.
The police, during that meeting, said hackers continued to laugh at the
law because the current penalties were just a slap on the wrist. They
further advocated for stiffer penalties where such individuals refuse to
provide an encryption password or pass code which they have used when
they are caught by the authorities.
"We agree," the Director of Legal Reform Maurice Bailey said yesterday.
In the meantime, suggestions that the Act should include provisions for
computer-related fraud offences have also been accepted by the Legal
Reform Department.
The recommendation that the Act should make provision for offences
related to computer-related fraud, forgery and identity-related crimes,
which are not now covered by the Act, was a common thread in the
presentations of the Office of the Director of Public Prosecutions, the
Jamaica Constabulary Force, telecommunications outfit LIME, Chief
Executive Officer of Proficiency Labs International Dr Tyrone Grandison;
Professor Dr Marco Gercke, director of the Cybercrime Research
Institute, an independent global think tank dealing with legal aspects
of cybercrime; and the Jamaican Bar Association to the committee
recently.
"The legislation is limited in its scope; there are no distinct
offences related to computer-related forgery, fraud and identity-related
crimes," the Office of the DPP said at the time. At the same time, it
said the legislation was further deficient as it had no provision
dealing with "cyber extortion and extortionate threats".
In the meantime, Bailey said the department had "no objections" to the
call by the Jamaican Bar Association that Jamaica become a signatory to
the Council of European Convention on Cybercrime. The convention is the
only binding international treaty on cybercrimes that has been adopted
to date and lays down the guidelines for all governments wishing to
develop legislation against cybercrime. The convention, which is open to
signature by non-European States, provides a legal framework for
international co-operation.