FRN 4301, Principles of Digital Forensics 1
Course Learning Outcomes for Unit IV Upon completion of this unit, students should be able to:
3. Explain methods for using forensic tools. 3.4 Explain how to prepare a computer for forensic examination. 3.5 Describe how to handle evidence appropriately.
4. Discuss legal implications for electronic crimes.
4.3 Explain legal implications related to computer crimes.
5. Examine procedures for law enforcement reporting. 5.1 Describe procedures for seizing, transporting, and preparing evidence.
Required Unit Resources Chapter 4: Collecting, Seizing, and Protecting Evidence In order to access the following resource, click the link below. Please review Part II, Chapter 7 of the High-Technology Crime Investigator\u2019s Handbook for information about collection of evidence. Kovacich, G. L., & Jones, A. (2006). High-technology crime investigator\u2019s handbook: Establishing and
managing a high-technology crime prevention program (2nd ed.). Butterworth-Heinemann. https:\/\/libraryresources.columbiasouthern.edu\/login?url=http:\/\/search.ebscohost.com\/login.aspx? direct=true&db=e000xna&AN=187426&site=ehost-live&scope=site
Unit Lesson
Legal Implications of Electronic Crime In Unit III, you learned about forensic management and why it is important that we adhere to a set of accepted industry standards and to the correct digital forensic framework. In this lesson, you will learn how cybercrime is not just a problem locally or regionally; rather, you will see that cybercrime is a global issue. Cybercrime knows no territorial boundary, nor does it recognize any treaty or agreement between countries. It is for this very reason that you, as a law enforcement professional, may be called upon to collaborate with a foreign counterpart located on the other side of the world. In this lesson, you learn about the legal implications of cybercrime\u2014not just in the United States but in other countries as well. Technology has had a profound influence on the world economy and touched every level of society. Everyday activities are now dependent on electronic media, and this dependency will continue to increase in the coming years, leading to a state known as hyperconnectivity. With this increasing influence, there comes new threats and exposure to an individual\u2019s privacy, which threatens organizations and even the country (Mendoza, 2017). The continuing rise of cybercrime has brought with it new laws and a need for better global cooperation among governments and law enforcement to combat the rise. There has been an emergence of updated cybersecurity legislation across the world including the European Union, the United States, Asia-Pacific regions, and the Latin American and Caribbean countries (Mendoza, 2017).
UNIT IV STUDY GUIDE
System Forensics Tools, Techniques, and Methods<\/p>\n
FRN 4301, Principles of Digital Forensics 2
UNIT x STUDY GUIDE
Title
Cybercrimes involve hacking, computer fraud, electronic money laundering, tax evasion, computer forgery and counterfeiting, malware, cyber-squatting, cyber warfare, theft of telecommunication services, fraudulent schemes, and online trading as well as various crimes that affect national security via cyber terrorism (Gill, 2012).
Organization and Collaboration of Countries Around the World for Eradicating Cybercrime Today, many countries have, or passing legislation and also cooperating to promote cybersecurity awareness and to help to protect their citizens\u2019 information at a national level (Mendoza, 2017). European Union (EU) The United Nations adopted the NIS Directive (Directive on the security of network and information systems), and it is the first piece of EU-wide legislation on cybersecurity that provided the EU with legal measures to boost its cybersecurity preparedness. It ensured cooperation among the member states by setting cooperation groups as well as preparing and equipping them via a Computer Security Incident Response Team (CSIRT) (European Commission, 2023). Latin America The region emphasized the importance of the legislative framework, the investigation of various cybercrimes, the processing of electronic evidence, and the training of judges and prosecutors in the field of cybersecurity. It followed the practices of the Budapest convention and various other methodologies and devised substantial criminal laws for offences against the confidentiality, integrity, and availability of computer data and systems, computer-related offenses, and content-related offenses (European Commission, 2023).
Asia-Pacific Cybersecurity awareness and legislation have also increased in Asia-Pacific regions. In 2016, various countries in this region established cybersecurity strategies. For example, Australia implemented a cybersecurity strategy that provided additional funds and requested an increased commitment from the private sector to work with the country\u2019s cyber policy. New Zealand\u2019s national cybersecurity strategy focuses on improving their resilience, promoting international cooperation, and improving their capability of responding to cybercrime (European Commission, 2023).
United States The United States approved the Cyber Security Act in 2015 to help in defending the country against cyberattacks (European Commission, 2023).
Laws for the Prosecution of Computer Crimes
Currently, there are multiple laws regarding the prosecution of cybercrimes in the United States. The U.S. Department of Justice (DOJ) participates in investigating various cybercrimes (Floyd, 2016) as discussed below. Computer Fraud and Abuse Act of 1986 (CFAA) The CFAA refers to the punishment of crimes relevant to the intentional access of someone\u2019s computer without authorization. The CFAA is listed as 18 U.S.C. \u00a7 1030, compiling a total of nine criminal offenses with a maximum statutory penalty ranging from 1 year to life in prison. According to Floyd (2016), a list of offenses with their approximate level of punishments are listed below.<\/p>\n
FRN 4301, Principles of Digital Forensics 3
UNIT x STUDY GUIDE
Title
Crime Punishment
Invading a government computer
The first offense is penalized with 1 year in prison and is followed by 10 years confinement for a second offense. This act falls under section (a)(3).
Inflicting damage by intentional access
The first offense is 1 to 5 years in prison and is followed by 20 years confinement for the second offense, which falls under section (a)(5)(B).
Extortion using a computer
The first offense is 5 years in prison and is followed by 10 years confinement for the second offense, which falls under section (a)(7).
Trafficking of passwords
The first offense is penalized with 1 year in prison and is followed by 10 years confinement for a second offense. This act falls under section (a)(6).
Acquiring national security information
The first offense is 10 years in prison and is followed by 20 years in prison for the second offense, which is stated in section (a)(1).
Approaching a computer and obtaining its information
The first offense is 1 to 5 years in prison and is followed by 10 years confinement for the second offense, which falls under section (a)(2).
Inflicting neglectful damage and loss of information by intentional access
The first offense is penalized with 1 year in prison and is followed by 10 years confinement for a second offense. This act falls under section (a)(5)(C).
Inflicting intentional damage by knowing transmission
The first offense is 1 to 10 years in prison and is followed by 20 years in prison for the second offense, which is stated in section (a)(5)(A).
Accessing computer for defrauding and obtaining value
The first offense is 5 years in prison and is followed by 10 years confinement for the second offense, which falls under section (a)(4).
However, according to The National Association of Criminal Defense Lawyers (NACDL, n.d.), the extensiveness and ambiguity of the CFAA is problematic. NACDL supports wholesale reform of the CFAA and believes that violations of website terms of services (ToS) should not be a federal crime. NACDL (n.d.) supports reform the CFAA instead of expanding it further. Wiretap Act The Wiretap Act is a federal law that aims to protect the privacy of communications between individuals. The word wiretap gives the impression of someone listening to phone calls, but the legislation protects more than that (Farkas, 2020). The Wiretap Act is also known as Title III, and it involves the use of wiretaps (i.e., the monitoring of telephone and internet conversations by a third party while investigating a crime). This legislation prohibits any person, including law enforcement, from making an illegal interception or revelation and from using illegally intercepted material (Floyd, 2016). The act is listed in 18 U.S.C. \u00a7 2511 and covers the offenses described below.
\u2022 Obstruction of communications: Communications have been intercepted by a third party, which could be in the form of listening to a person or reading their email, text messages, or other messages.
\u2022 Disclosing and revealing an intercepted communication: Disclosing refers to the act of sharing the content of communication with another person.
\u2022 Using intercepted communication: This offense requires much more than disclosure. The offender uses the intercepted communication to acquire something (e.g., a husband intercepting his ex-wife\u2019s conversation to attain child custody or intercepting information regarding the delivery of a certain product at a specific site and then planning a robbery).
A violation of the Wiretap Act is a Class D felony (is the lowest degree of a felony) and not considered dangerous. Therefore, the penalty for criminals involved in this offense is no more than 5 years and a fine. Unless there is a substantial loss, fines are typically not more than $250,000 for individuals and $500,000 for an organization (Floyd, 2016). The Electronic Communications Privacy Act of 1986 (ECPA) amended the Wiretap Act of 1968 and prohibited certain access, use, and distribution of wire and electronic communications. ECPA applied to businesses, private citizens, and government agencies (The Electronic Frontier Foundation [EFF], 2007). This legislation is listed as 18 U.S. Code \u00a7 2510, which protects email messages from interception and disclosure to third<\/p>\n
FRN 4301, Principles of Digital Forensics 4
UNIT x STUDY GUIDE
Title
parties. This act, however, has an exception that allows the employers to monitor employee emails in the ordinary course of business (Farkas,2020).
Other Computer Crime Statutes A wide variety of statutes associated with specified penalties and fines, depending upon the category of crime committed, are listed in this section. Unlawful Access to Stored Communications The Stored Communications Act (SCA), which is listed in 18 U.S.C. Chapter 121 \u00a7 2701\u20132712, is a law which labels the voluntary and compelled disclosure of transactional records and stored wire and electronic communications held by third-party internet service providers (ISPs). The statue was approved as Title II of the ESPA.
If a violation of 18 U.S.C. \u00a7 2701(a) was committed for commercial advantage, malicious destruction or damage, or private financial gain, the violator could receive up to a year in prison and a fine as provided by Title 18, United States Code, for the first offense and up to two years imprisonment and a fine as provided by Title 18 for a second or subsequent offense. (DOJ, n.d., para.4)
Identity Theft and Aggravated Identity Theft Congress passed Title 18 U.S.C. \u00a7 1028 and 1028A as a part of the Identity Theft and Assumption Deterrent Act in 1998. According to section 1028(a)(7), an individual commits identity theft if they knowingly transfer, possess, or use someone else\u2019s identification without legal authorization. This act is done with the intention of participating in unlawful activities that violate federal law or constitute a felony under state or local laws. Once someone\u2019s identity has been stolen, other crimes are often committed:
\u2022 18 U.S.C. Ch. 31: Embezzlement and theft
\u2022 18 U.S.C. 1341: Frauds and swindles
\u2022 18 U.S.C. 1343: Fraud by wire, radio, or television
\u2022 18 U.S.C. 1344: Bank fraud
\u2022 18 U.S.C. 922: Unlawful acts These crimes are punishable by fines up to $100,000 and prison sentences up to 30 years.
Global Cybercrime Laws Review cybercrime laws around the world.
\u2022 Cybercrimes Bill of South Africa (South Africa signed the Budapest Convention in 2001)
\u2022 Cybersecurity Information Sharing Act (CISA) of the United States of America
\u2022 EU Network and Information Security Directive
\u2022 Criminal Code Act 1995 of Australia
\u2022 Cybercrime Act 2001 of Australia
\u2022 Computer Misuse Act, 2007 of Brunei Darussalam
\u2022 Criminal Code of Canada of Canada
\u2022 Cybersecurity Law of China
\u2022 Criminal Code of France
\u2022 Computer Crimes Act of Malaysia
\u2022 Crimes Act, 1961 of New Zealand
\u2022 Cybercrime Prevention Act of 2012 of the Philippines
\u2022 Act on Computer Crimes of Thailand
\u2022 Cybercrimes Act of 2015 of Tanzania
\u2022 Computer Misuse Act of 2013 of the United Kingdom
\u2022 U.S. Code<\/p>\n
FRN 4301, Principles of Digital Forensics 5
UNIT x STUDY GUIDE
Title
Summary In this lesson, you learned that cybercrime is a global issue and being fought on many fronts. There are many federal and international laws dealing with everything from unfair and deceptive online acts, internet gambling, online securities fraud, and software piracy, to intellectual property theft. Depending on the type of cybercrime violation, the jurisdiction could cross two or more international boundaries. The lack of borders in cyberspace has caused many countries to begin cooperating to help control cybercrime.
References The Electronic Frontier Foundation. (2007, January 28). Privacy: Wiretap Act. Internet Law Treatise.
https:\/\/ilt.eff.org\/Privacy__Wiretap_Act.html European Commission. (2023, September 14). Directive on measures for a high common level of
cybersecurity across the union (NIS2 directive). https:\/\/digital-strategy.ec.europa.eu\/en\/policies\/nis2- directive
Farkas, B. (2020, May 27). How the Wiretap Act protects personal privacy. Lawyers.com
https:\/\/www.lawyers.com\/legal-info\/personal-injury\/types-of-personal-injury-claims\/wiretap-act- privacy.html
Floyd, J. (2016, March 8). A guide to cyber crime laws. Criminal Jurisdiction: A Criminal Law Blog From a
Defense Perspective. https:\/\/www.johntfloyd.com\/guide-cyber-crime-laws\/ Gill, H. S. (2012, December 13). Cyber crimes: A glimpse and legal implications. CLAWS Journal, Article 943.
https:\/\/archive.claws.in\/943\/cyber-crimes-a-glimpse-and-legal-implications-h-s-gill.html Identity Theft and Assumption Deterrence Act, 18 U.S.C. \u00a7 1028 (1998). https:\/\/www.congress.gov\/bill\/105th-
congress\/senate-bill\/512\/text Mendoza, M. \u00c1. (2017, March 13). Challenges and implications of cybersecurity legislation. WeLiveSecurity.
https:\/\/www.welivesecurity.com\/2017\/03\/13\/challenges-implications-cybersecurity-legislation\/ National Association of Criminal Defense Lawyers. (n.d.). Computer Fraud and Abuse Act (CFAA).
https:\/\/www.nacdl.org\/cfaa\/ Stored Communications Act, 18 U.S.C. \u00a7 2701 (1986). U.S. Department of Justice. (n.d.). Criminal resource manual: 1061. Unlawful access to stored
communications \u2013 18 U.S.C. \u00a7 2701. https:\/\/www.justice.gov\/archives\/jm\/criminal-resource-manual- 1061-unlawful-access-stored-communications-18-usc-2701<\/p>\n","protected":false},"excerpt":{"rendered":"
FRN 4301, Principles of Digital Forensics 1 Course Learning Outcomes for Unit IV Upon completion of this unit, students should be able to: 3. Explain methods for using forensic tools. 3.4 Explain how to prepare a computer for forensic examination. 3.5 Describe how to handle evidence appropriately. 4. Discuss legal implications for electronic crimes. 4.3 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3308","post","type-post","status-publish","format-standard","hentry","category-solutions"],"_links":{"self":[{"href":"https:\/\/academicwritersbay.com\/solutions\/wp-json\/wp\/v2\/posts\/3308","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/academicwritersbay.com\/solutions\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/academicwritersbay.com\/solutions\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/academicwritersbay.com\/solutions\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/academicwritersbay.com\/solutions\/wp-json\/wp\/v2\/comments?post=3308"}],"version-history":[{"count":0,"href":"https:\/\/academicwritersbay.com\/solutions\/wp-json\/wp\/v2\/posts\/3308\/revisions"}],"wp:attachment":[{"href":"https:\/\/academicwritersbay.com\/solutions\/wp-json\/wp\/v2\/media?parent=3308"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/academicwritersbay.com\/solutions\/wp-json\/wp\/v2\/categories?post=3308"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/academicwritersbay.com\/solutions\/wp-json\/wp\/v2\/tags?post=3308"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}