Cybercrime in Canadian Criminal Law

Transcription

1 Cybercrime in Canadian Criminal Law Sara M. Smyth, LL.M., Ph. D. Member of the Law Society of British Columbia CARSWELL

2 Table of Contents Preface Table of Cases v xvii PART ONE Introduction to Cybercrime and the Regulation of Cyberspace Chapter 1: Introduction to Cyberspace and Cybercrime 3 Cybercrime and the Internet 3 Advanced Research Project Agency (ARPA) 5 The Net Expands 6 The Internet's Unique Layered Architecture 9 The Anatomy of a Computer 11 Cyberspace and Criminal Activity 15 What Challenges Does Computercrime Pose for Criminal Justice? 18 How Serious Is the Cybercrime Problem? 19 Why Should We be Concerned about Computercrime? 21 Conclusion 21 Questions for Further Thinking and Discussion 22 Chapter 2: Introduction to the Regulation of Cyberspace 23 Introduction 23 Cyberspace as a Unique Place 24 Social Contracts in Cyberspace 26 The Regulation Debate 28 Regulation in Cyberspace 31 The Role of Government 31 The Role of the Third Party 32 Government Cooperation 33 Conclusion 35 Questions for Further Thinking and Discussion 36 PART TWO Traditional Crime in Cyberspace Chapter 3.identity Theft and Cyber Fraud 39 Introduction 39 What Is Fraud? 40

3 xii / Cybercrime in Canadian Criminal Law What Is Identity Theft? 43 A Curious Tale of Mistaken Identity 44 Identity Theft Facts and Figures 45 How Does Identity Theft Happen? 45 Costs of Identity Theft 45 The Underground Economy 47 Information Targets 49 Phishing 50 How Is Phishing Carried Out? 51 Making the Lure Convincing 51 Technical Tricks 52 Pharming 52 Spyware 53 Keystroke Logging Software 53 Policy Approaches to Identity Theft 54 Legislation 55 Privacy Legislation 58 Data Breach Notification Legislation 59 Identity Theft Policies and Legislation in the United States 60 Conclusion 62 Questions for Further Thinking and Discussion 63 Chapter 4: Child Sexual Abuse and the Internet 65 Introduction 66 What Is Child Pornography? 66 Expansion with the Internet 68 The Legal Definition of Child Pornography 73 Child Pornography and Freedom of Expression 74 R. v. Sharpe and Subsequent Legislative Initiatives 76 Child Pornography Laws in the United States 82 Child Pornography and Border Searches 84 The Role of Third Parties - ISPs and Individuals 88 Individuals and Mandatory Child Pornography Reporting Laws in Canada 88 ISPs and Filtering and Blocking 92 The Need for International Cooperation 93 The Importance of International Conventions 94 The Need for an International Law Enforcement Network 96 Child Luring 98 The Nature of Child Luring Incidents 98 Child Luring and the Law in Canada 101 Online Sting Operations and Child Luring Cases 102 Conclusion 103 Questions for Further Thinking and Discussion 104

4 Table of Contents I xiii Chapter 5: Bullying, Stalking and Harassment on the Internet 105 Introduction jqg Cyber-Bullying: An Overview 106 The Law in Canada 109 Cyber-Bullying and Freedom of Expression 110 The Civil and Criminal Response to Cyber-Bullying 110 Canadian Law and Hate Speech on the Internet 114 The American Legal Framework 116 Cyber-Harassment and Cyber-Stalking 117 Proving Cyber-Stalking 120 Internet Defamation 120 Conclusion 122 Questions for Further Thinking and Discussion 122 PART THREE Computer Misuse Crimes Chapter 6: Viruses and Other Malicious Programs 127 Introduction 127 What Is a Virus? 128 What Is a Worm? 130 The Morris Worm 130 What Is a Trojan Horse? 131 What Is a Rootkit? 132 How Is a Malware Attack Carried Out? 133 Web Attacks 133 SQL Injection Attacks 134 Malicious Advertisements 134 Fake Codec 135 Rogue Security Software 135 Bot Networks 136 Policy Responses to Malware 138 Conclusion 139 Questions for Further Thinking and Discussion 139 Chapter 7: Hacking and Denial of Service Attacks 141 Introduction l4 ' Phone Phreaking: The Precursor to Hacking 142 The Definition of Hacking- A Form of Spying and Intrusion 143 Methods of Hacking - Digital Spying and Intrusions Explained 144 Password Cracking '44 Packet Sniffing and War Driving 144 Port Scanning 145 Scareware '*" Spy ware and Keystroke Loggers!46

5 xiv / Cybercrime in Canadian Criminal Law Social Engineering - The Art of the Con 146 Hacker Subculture and Hacker Ethics 149 Hacker Typologies and Hacker Motivations 149 The Culture of Hacking 151 Preventing and Managing Hacking - Regulatory and Non-Regulatory Measures 154 Attacks Against Servers 156 Denial of Service Attacks 156 DoS Attacks in the Metaverse 157 Distributed Denial of Service (DDoS) Attacks 159 Conclusions 160 Questions for Further Thinking and Discussion 160 Chapter 8: Spam in Cyberspace 161 Introduction 161 What Is Spam? 162 Why Did Spam Proliferate? 163 Spam Laws in Canada 166 Canadian Jurisprudence 166 Canadian Legislation 167 Spam Laws in the United States 170 Trespass to Chattels 170 The CAN-SPAM Act 173 Non-Legal Measures to Combat Spam 177 Conclusion 178 Questions for Further Thinking and Discussion 180 PART FOUR Specific Problems with the Regulation and Prosecution of Cybercriminals Chapter 9: International Jurisdiction and the Regulation of Cyberspace 183 Introduction 183 Specific Measures for Effective Inter-Jurisdictional Cooperation 184 The Importance of International Conventions 184 International Law Enforcement Cooperation 188 Conclusion 189 Questions for Further Thinking and Discussion 189 Chapter 10: Searching and Seizing Evidence in Cyberspace 191 Introduction 191 The Privacy and Charter Implications of Electronic Surveillance 194 Introduction to Computer Forensic Investigations 199 Lawful Access-The Future of Search and Seizure 201 Lawful Access Provisions 203 Requirements to Ensure Intercept Capability 203

6 Table of Contents I xv Requirement to Provide Subscriber Information 209 Orders for the Preservation of Data 211 Orders for the Production of Data 213 The Personal Information and Electronic Documents Act (PIPEDA) Conclusion 215 Questions for Further Thinking and Discussion 216 Chapter 11: Emerging Trends and Future Concerns 219 Questions for Further Thinking and Discussion 221 Glossary 223 Index 237