The web that binds us all: the future legal environment of the Internet.

• Author: Steele, Howard L., Jr.

TABLE OF CONTENTS

1. INTRODUCTION

2. BACKGROUND

   1. The Growth of Internet Crime

   2. The Status Quo in Cyberspace

3. ALTERNATIVE APPROACHES

   1. Contract Law Paradigm

   2. Model Code

   3. International Convention

      1. Substantive Aspects

      2. Procedural Aspects

   4. International Criminal Court

   5. Combining Approaches

      IV CONCLUSION

1. INTRODUCTION

   The last half of the twentieth century has experienced an information revolution. Due to the rapid development of technology, the human race has advanced more in the last fifty years than in any other period in history. Of all the incredible achievements that have been made during this century, one stands Alone as arguably the single greatest technological advance of mankind: the invention of the computer and the ancillary instrumentalities it has subsequently produced. Of these instrumentalities, the Internet, a global system of interconnected computer networks, appears to possess the great potential to change our society profoundly.

   Since the Internet's inception, people from all over the world have enjoyed a relatively peaceful coexistence with each other in what has been deemed "cyberspace."(1) Recently, however, as literally millions of "cyberians"(2) of all nationalities have flocked to this new world, disorder has begun to occur on this "information superhighway."(3) The law, which is generally a conservative and slow changing institution, has had no chance of matching pace with the lightning speed at which cyberspace has developed.

   Society on the Internet is influenced by new developments such as "cyberporn,"(4) global digital cash,(5) and electronic malls. These developments mandate a need to rewrite statutes that were written to manage only printed materials. Underscoring this problem, however, is the realization that legislative bodies in one country, much less throughout the world, cannot keep up with these technological advancements.(7) The laws that are currently in place barely begin to address the global character of cyberspace.

   In Part II, this Comment will discuss the background of cyberspace, along with the international legal dilemma that cyberspace has created. Part III will address how the status quo has failed to deal with this problem in cyberspace, and some possible alternatives to the status quo.

2. BACKGROUND

   In the 1960s, with funding from the U.S. Department of Defense Advanced Research Projects Agency (ARPA), researchers created an interactive computer "community" known as ARPAnet which went online in 1969 utilizing electronic mail as a means of communicating.(8) The Internet technically began as a four site experiment by the U.S. government to guarantee uninterrupted communication between strategically important sites in the event of a nuclear war.(9) In the 1980s, this "network of networks" expanded at a phenomenal rate.(10) By the 19908 it was eventually opened to the public and has blossomed into what we now call the Internet.(11)

   From these humble beginnings, the Internet has blossomed to include in excess of six million host computers(12) and an estimated fifty million users around the world.(13) The exponentially staggering growth of the Internet makes any actual calculation of present users obsolete before it can be published.(14) The once small, homogenous, and primarily self-regulated Internet transformed into a large, heterogeneous, and rather Hobbesian creature.

   1. The Growth of Internet Crime

      The growth of cyberspace has resulted in an increasing number of computer crimes.(15) Presently, there is no single definition of what constitutes a "computer crime" on the Internet. Nevertheless, computer crime can be classified by looking at the role the computer plays in the offense.(16) First, it can include criminal activities such as theft, fraud, forgery, and embezzlement where a computer is used as the "instrument" of the crime.(17) Second, the computer can be the "subject" of the crime.(18) Under this classification, the computer is the actual physical site of the crime, or the "reason" or "source" for the unique loss of assets.(19) The use of "viruses"(20) and "logic bombs"(21) by "hackers"(22) also fits into this category.(23) Third, a computer may be "incidental" to the crime.(24) Under this classification, a computer is used to store records and/or information of illegal activity.(25)

      The scope of international computer crime is staggering. In the United Kingdom, the cost has been estimated at 2.5 billion pounds sterling annually.(26) In the United States, estimates are as high as five billion dollars a year.(27) This previously unheard of crime has become so prevalent that Lloyd's of London now provides insurance protection against computer crime.(28)

      Furthermore, damage from these crimes may also pose a threat to the security and public health of nations. High-tech spying of nations and corporations' secrets has become common place via computers on the Internet.(29) Attacks have even occurred on hospitals' patient files and on AIDS research facilities.(30)

      In addition, computer crime may actually be more prevalent than even these accounts suggest. Only a small portion of computer crimes are brought to the attention of the authorities.(31) Several factors tend to cause this phenomenon. First, the incredibly high degree of sophistication of computer crimes makes them very difficult to detect, even by victims.(32) Second, investigating officials and prosecutors generally do not have satisfactory training to deal with this sophisticated technology.(33) Third, many victims are reluctant to report this crime in the business sector for fear of adverse publicity and the resulting negative economic consequences.(34)

      Not only are the police ill-equipped to deal with the growing and ever-changing criminal activity on the Internet, but most of the world either has no criminal laws for these crimes, or retains outdated ones that are in need of updating.(35) The lack of a legal barrier has lead to a rapidly growing sub-culture which preys upon the inhabitants of cyberspace.(36)

   2. The Status Quo in Cyberspace

      Even if individual nations had adequate laws covering these crimes, they would still be largely ineffective due to the vastly transnational characteristics of cyberspace. Computer crime on the Internet is unlike most other international crimes because the perpetrator is often not present in the victim's country.(37) This presents a substantial problem to the authorities of the victim's country in obtaining jurisdiction over the criminal and in investigating the crime.(38) Therefore, domestic law is often circumvented.

      One such barrier to the execution of domestic law against a cyber-criminal is the tension caused by the concept of double criminality with reference to extradition treaties(.39) Double criminality is a basic concept under international law which provides that "`an act is not extraditable unless it constitutes a crime under the laws of both the state requesting extradition and the state from which extradition is requested.'"(40) This can often cause a loophole when the cyber-criminal's country does not have specific laws addressing cyber-crime, but the victim's country does.(41)

      Mutual assistance treaties are another barrier.(42) These treaties permit a victim's government to go directly into the criminal's country and seek assistance in gathering information.(43) Like an extradition treaty, a mutual assistance treaty may have strict limitations on matters such as the scope of offenses that may be investigated.(44) In addition, like extradition treaties, some mutual assistance treaties apply the double criminality concept and only allow investigation of offenses that are also a crime in the criminal's home country.(45)

      However, many countries do not even have extradition or mutual assistance treaties with other countries.(46) For example, many countries known for terrorist activities, such as Iran and Libya, do not have treaties with highly computerized countries such as the United States.(47) Because the present system depends upon domestic enforcement,(48) a cyber-criminal from one of these countries, who arguably has an incentive to terrorize people in cyberspace or rob them for the maintenance of terrorist activities, could avoid all legal penalties from the victim's country for the crime.

      Furthermore, international law has largely been ineffective.(49) Generally, in order for an individual to be held responsible under principles of international law, that person must commit a defined offense under customary international principles, as established by international treaties or norms.(50) Due to the relatively recent appearance of computer crimes on the Internet, no international norms presently exist in the form of treaties, conventions, or customs.(51) Therefore, an individual cannot presently be subject to international sanctions for crimes in cyberspace, unless the crime violates a pre-existing customary international principle.(52)

3. ALTERNATIVE APPROACHES

   1. Contract Law Paradigm

      Prior to the massive influx of people onto the Internet, the vastly homogenous Internet regulated itself.(53) This self-help paradigm handled many of the disputes that occurred due to their relative insignificance.(54) For example, someone putting out an unsolicited e-mail advertisement--the equivalent of junk mail--might be "flamed," meaning that person would be subjected to a stream of undesirable messages from those whom they annoy.(55) Another example of Internet self-regulation is a user's subjective choice to avoid objectionable things in cyberspace by merely withdrawing from participation in discussion groups or websites found objectionable.(56) Historically, these procedures were sufficient to defuse many conflicts.(57)

      Commentators have suggested that a contract law paradigm may work better than the self-help paradigm, or even the present criminal framework.(58) Rather than merely dealing with conflicts on a case by case basis...