Cyber Law & Islamic Ethics CICT3523 COMPUTER CRIMES

DEFINITION of HACKER 1. A person who enjoys exploring the details programmable systems and how to stretch their capabilities as opposed to most users, who prefer to learn only the minimum necessary. 2. One who enjoys the intellectual challenge of overcoming or circumventing limitations. 3. A malicious meddler who tries to discover sensitive information by poking around.

 ‘Hack’ is unauthorised access and unauthorised use (breaking) into a computer system  Hacking is the act of obtaining unauthorised access to programs or data held on a computer system.  The initial act is often followed by attempts to modify or delete the contents of a computer system.  Hacking can be harmless; can be damaging phenomenon.

THE ADVANTAGES OF HACKING  Pure hacking is harmless; indeed socially desirable.  It points up security weaknesses in computer system which can be remedied before being exploited by less well intentioned individual. A lot of information about gaps in security of the computer system.

WHY CRIMINALIZING HACKING?  Hacking should be made a specific offence 1. Given the great and increasing important of computers in the society. 2. To protect public interest that those who use and rely upon computers should not fear that others may gain unauthorised access to material held on the computers especially confidential or sensitive information. 3. Hackers posed great danger to disrupting operation of computers in defense, nuclear power, air traffic or health services.

COMPUTER CRIMES ACT 1997  A quick glance at the content of the Act will reveal obvious similarities with the U.K Computer Misuse Act  The objective of the Act is to provide for offences relating to the misuse of computer.

FOUR SUBSTANTIVE OFFENCES 1. The unauthorised Access offence. 2. The ‘ulterior Intent’ offence. 3. The unauthorised Modification offence. 4. Wrongful communication.

1. The Unauthorised Access Offence  Section 3(1) “A person shall be guilty of an offence if; a) He causes a computer to perform any function with intent to secure access to any program or data held in any computer; b) the access he intends to secure is unauthorised; and c) he knows at the time he causes the computer to perform the function that is the case.

 It requires the accused to cause a computer to perform any function.  The reading of computer printout, the reading of data displayed on the monitor are outside the scope of the offence.  If a person breaks into a computer system but he does not do anything, he does not commit this offence.

 Under section 2(2), a person is said to secure access to any program or data held in a computer, if, by causing a computer to perform any function, he a) alters or erases the program or data b) copies or moves it to any storage medium c) uses it; or d) causes it to be output from the computer in which it is held whether by having it displayed or in any other manner.

 The accused must have intention to secure access to any program or data held in any computer.  The accused must know that the access is unauthorised.

2. The ‘Ulterior Intent’ Offence  Unauthorized access with intent to commit or facilitate commission of further offence.  The scope of further offence envisaged is narrowed to offence involving fraud and dishonesty.  It is also an offence where the unauthorised access is committed to facilitate the commission of such offence by a third party.

3. The Unauthorized Modification Offence  Section 5 (1) provides that a person shall be guilty of an act which he knows will cause unauthorized modification of the contents of any computer.  The spectrum ranges from the unauthorized deletion of data to the denial of access to authorized users.  E.g the introduction of computer virus, worms, logic bomb and such other disabling programs into a computer.

 It be considered as unauthorised if a) the person whose act caused it is not himself entitled to determine whether the modification should be made and b) he does not have consent to the modification from any person who is so entitled.  It is immaterial whether an unauthorized modification is intended to be permanent or temporary.

4. Wrongful Communication  Section 6 provides that a person shall be guilty of an offence if he communicates directly or indirectly a number, password or other means of access to computer to any person other than a person to whom he is duly authorised to communicate.  It is strict liability offence – the person still liable even though he does not has intention to commit the offence.

THE PROBLEMS  Problems of detection and prosecution may prove to be a major obstacle against the effective implementation of the Act.  Acts of computer misuse are difficult to trace. Electronic trails can be manipulated to escape detection of computer misuse.  Additionally, victim of the offences created may be unwilling to report. This is because, if they are bank and financial institutions, they do not want to publicize the fact that their computer systems have been access for fear that customers may feel insecure in utilizing the services offered.

THE PROBLEMS  Another problem is that our enforcement body lack of knowledge on the technology.  Special training should be given to the officers involved in the investigation of computer crimes.  E.g in US, the Federal Bureau of Investigation has offered specialized training for investigators of computer misuse at their training academy.

ISLAMIC CRIMINAL LAW  Criminal acts are divided into three categories: a) Hudud offences are crimes against God whose punishment is specified and required in the Qur’an. b) Qisas – are crimes of physical assault and murder, which are punishable by retaliation. c) Ta’azir - includes offences are those whose penalties are not fixed by the Qur’an or the sunnah but are within the discretion of the qadi.

 Mistake is a complete defense to an offence against the right of God, but not to an offence against the right of person.  Cyber crime: Hudud or ta’zir