Right from the beginning, cyber criminals targeted customer data for breaches around the world. This vital information is a great attraction for criminals for their saleability. But that is not the only thing they are after.
The huge stakes involved and the widespread damage that can ensue has created an awareness to regulate and bring the activities of cyber criminals under the rule of law. Governments everywhere are keeping an eye on suspicious activities and legislating to put tough laws in place so as to discourage criminals on a global scale, with the help of Interpol and other policing organizations.
Laws pertaining to cyber security consist of measures that protect computer systems and the technology that runs them.
The sole aim is to build a protective barrier against cyber attacks which have a slew of names like viruses, worms, phishing, Trojans, denial of service attacks unauthorized access, control system attacks and several others.
The measures commonly in place to defend against these attacks are firewalls, anti-virus apps, intrusion detection and prevention systems, login passwords and encryption. Researchers and experts on cyber security are constantly working to improve the systems through various means including legislation and regulation. Collaboration between governments and private operators have become commonplace, improving the overall situation of cyber security. Industries including banking and finance have recognized the risks involved while conducting online business. Therefore, they are inclined toward allocating a sizeable budget for cyber security for smooth and trouble free operations.
On a worldwide scale, there is a lack of—rather absence of—legislation when it comes to cyber security. Difference of opinion and aggressive stance of those who wish to keep the cyber space free of binding controls contribute toward this deficiency. The academic debates—between those who believe in strict and punitive action against intruders who encroch upon privacy of other businesses or organizations and those who support the idea that the cyber space should remain free of encumbrances—are contentious. All these debates and also those that take place aside from academic circle reach one conclusion that cyber security is fraught with complex issues. The added disadvantage is to resolve these issues on global scale where there is a wide disparity in social and cultural sensibilities. To address these issues and bring everything under universally accepted regulations is plainly a herculean task.
This already complicated issue has been exacerbated by the fact that certain powerful states aligned themselves to exercise authority and promote the idea of digital sovereignty. The idea aimed at reclaiming control on information, communication, data and infrastructure related to the cyber world. In recent years, this idea gained popular following because of three historically important events: the alliance of China, Iran and Russia, Snowden and WikiLeaks cases and emergence of GAFA (Google-Apple-Facebook-Amazon). This tussle has created even harder challenges on formulating international laws to govern the way businesses and organizations conduct their operations.
Formulating laws and governing cyber space is not an altogether new notion. The efforts in this direction were initiated sometime in 1996. At the same time, the efforts met with their foes in the form of law experts, businesses and state actors who wanted to safeguard their interests. Three different schools of thought on how cyber space should be regulated are in vogue in these times: Liberal Institutionalism, Cyber Liberation and Pro State Activism. The first one of these emphasizes the importance of international institutions and rule based multilateralism in managing cyber space. Those of the second kind like John Barlow stress that cyber space should be free of any external influence that obstructs the right of free speech and internet freedom. Those who support the third idea like James Lewis propose that it is the state’s responsibility to legislate on and govern cyber space.
These three schools of thought further give rise to three challenges that relate to international law: jurisdiction, arbitration and legal instruments.
The China-Iran-Russia alliance on digital sovereignty is a major hurdle in promulgating laws on cyber security since both the states favour the idea to guard their countries’ interests related to economy and regional security. Both countries aim for greater control and authority on cyber space by citing non-interference in various global internet governance bodies like ITU, ICANN, IANA and Internet Governance Forum.
THIS ENGENDERS ANOTHER DEBATE:
Is digital sovereignty against internet transparency? The stance is further strengthened with the support of Saudi Arabia and Egypt which favour greater control because of their geo-political situation. The European Union also was forced to revisit their earlier stance of free and liberal cyber space after the incidents of WikiLeaks and Snowden. Concerns about security and data protection are constantly becoming the focus of attention in debates. With the unchecked growth of several internet companies, especially GAFA, economic considerations have also found a place in the deliberations. The phenomenal rise of GAFA forced the EU to review the digital ecosystem to avoid monopoly and support innovation and internet capabilities throughout Europe.
The answer to the question if international law applies to any state’s stance on cyber space is a particularly contentious one. The scenarios discussed above highlight the fact that cyber space is hardly manageable when state actors intervene. So, in future, the world would be a safer place if regulations are formulated on the basis of rules, freedom and inclusive internet norms. That seems to be the most logical and natural method to control the rising crimes and exploitation.
