Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
cyberlaw:crime [2016/10/12 08:38]
131.181.11.105 [Queensland legislation]
cyberlaw:crime [2019/10/30 16:27] (current)
nic
Line 1: Line 1:
-# Computer ​access ​and computer crimes+# Computer ​Access ​and Computer Crimes
  
-<WRAP box round 450px> +**Video Overview of Crimes Against Computer Systems by [Nicolas Suzor](https://​www.youtube.com/​watch?​v=c-HnNDF3lEs)**
-**Nicolas Suzor provides an overview of crimes against computer systems** +
- {{youtube>c-HnNDF3lEs}} +
-</​WRAP>​ +
- +
-The Cybercrime Act 2001 introduced a series of computer-related offences into the Commonwealth Criminal Code. These were later expanded after Australia joined the Cybercrime Convention. There are also numerous provisions in State law that prohibit unauthorised access and misuse of computers.+
  
 +The _Cybercrime Act 2001_ introduced a series of computer-related offences into the Commonwealth Criminal Code. These were later expanded after Australia joined the Cybercrime Convention. There are also numerous provisions in State law that prohibit unauthorised access and misuse of computers.
  
 ## The Cybercrime Convention ## The Cybercrime Convention
-<WRAP box round 280px right> 
-**Lucy Jorgensen explains the Convention on Cybercrime** 
-{{youtube>​M_23yYrzM9o?​small}} 
-</​WRAP>​ 
  
 +**Video Overview of the Convention on Cybercrime by [Lucy Jorgensen](https://​www.youtube.com/​watch?​v=M_23yYrzM9o)** ​
  
-**__The ​key components ​of the Convention on Cybercrime and how it helps Australia__**+**__The ​Key Components ​of the Convention on Cybercrime and How It Helps Australia__**
  
-The Council of Europe’s Convention on Cybercrime was the first international treaty on crimes committed via the Internet and other computer networks. It was ratified by Australia on the 1st March 2013 and currently ​has 47 ratifications ​worldwide. ​+The Council of Europe’s Convention on Cybercrime was the first international treaty on crimes committed via the Internet and other computer networks. It was ratified by Australia on the 1st March 2013 and has been ratified by 47 countries ​worldwide. ​
  
-**What ​is the Conventions ​main objective?**+**What ​Is The Conventions ​Main Objective?**
  
-Its main objective is to promote a common criminal policy, which aims to protect society against cybercrime, by adopting legislation and promoting international co-operation. ​+The Convention'​s ​main objective is to promote a common criminal policy, which aims to protect society against cybercrime, by adopting legislation and promoting international co-operation. ​
  
-**What ​does crimes does the Convention ​primarily deal with?**+**What ​Crimes Does the Convention ​Primarily Deal With?**
  
 * Copyright Infringement * Copyright Infringement
Line 44: Line 37:
 Mr McDonald, Attorney-General'​s Department, Transcript of Evidence, Canberra, 25 March 2011, p. 7. Mr McDonald, Attorney-General'​s Department, Transcript of Evidence, Canberra, 25 March 2011, p. 7.
  
-**How does the Convention ​help Australia?​**+**How Does the Convention ​Help Australia?​**
  
 Australia’s ratification of the Convention complements existing laws, increasing the capacity for international co-operation to deal with increasingly sophisticated forms of computer-related criminal activity. ​ Australia’s ratification of the Convention complements existing laws, increasing the capacity for international co-operation to deal with increasingly sophisticated forms of computer-related criminal activity. ​
Line 59: Line 52:
  
  
-## Commonwealth ​criminal offences+## Commonwealth ​Criminal Offences
  
 ### Definitions ### Definitions
Line 66: Line 59:
 * But access, modification,​ or impairment is “not unauthorised merely because he or she has an ulterior purpose for causing it.” * But access, modification,​ or impairment is “not unauthorised merely because he or she has an ulterior purpose for causing it.”
  
-### Fault elements+### Fault Elements
  
 Default fault elements are included in Criminal Code 1995 (Cth) s 5.6. Except where explicitly stated, all these offences require: Default fault elements are included in Criminal Code 1995 (Cth) s 5.6. Except where explicitly stated, all these offences require:
Line 77: Line 70:
 There is some overlap with State laws. In many cases, conduct will be prohibited under both State and Federal law. There is some overlap with State laws. In many cases, conduct will be prohibited under both State and Federal law.
  
-### Unauthorised ​access+### Unauthorised ​Access
  
-<WRAP box round right 280px> +**Friedrich Kuepper ​[Explains ​the Unauthorised Access Offences](https://​vimeo.com/141874460)**
-**Friedrich Kuepper ​explains ​the unauthorised access offences** +
-{{vimeo>​141874460?​small}} +
-</WRAP>+
  
 Section 477.1 creates the offence of "​Unauthorised access, modification or impairment with intent to commit a serious offence"​ Section 477.1 creates the offence of "​Unauthorised access, modification or impairment with intent to commit a serious offence"​
Line 91: Line 81:
 * Requires intent to commit a serious offence (5+ years imprisonment) * Requires intent to commit a serious offence (5+ years imprisonment)
  
-478.1   ​Unauthorised ​access ​to, or modification ​of, restricted data+478.1   ​Unauthorised ​Access ​to, or Modification ​of, Restricted Data
  
 * Maximum penalty: 2 years imprisonment * Maximum penalty: 2 years imprisonment
Line 98: Line 88:
 * Restricted data is any data within a computer that is protected by an access control system. * Restricted data is any data within a computer that is protected by an access control system.
  
-477.2   ​Unauthorised ​modification ​of data to cause impairment+477.2   ​Unauthorised ​Modification ​of Data to Cause Impairment
  
 * Maximum penalty: 10 years imprisonment * Maximum penalty: 10 years imprisonment
Line 104: Line 94:
 * Requires intent to modify (default fault element - s 5.6) * Requires intent to modify (default fault element - s 5.6)
 * Requires recklessness as to whether the modification impairs or will impair access to data, reliability,​ security, or operation. * Requires recklessness as to whether the modification impairs or will impair access to data, reliability,​ security, or operation.
- 
-478.1   ​Unauthorised access to, or modification of, restricted data 
- 
-* Maximum penalty: 2 years imprisonment 
-* Requires knowledge that access or modification is unauthorised 
-* Requires intent to access or modify 
- 
  
 ### Impairment ### Impairment
  
-477.3   ​Unauthorised ​impairment ​of electronic communication+477.3   ​Unauthorised ​Impairment ​of Electronic Communication
  
 * Maximum penalty: 10 years imprisonment * Maximum penalty: 10 years imprisonment
Line 126: Line 109:
 * Maximum penalty: 2 years imprisonment (s 105) * Maximum penalty: 2 years imprisonment (s 105)
 * There is also a summary offence: 6 months imprisonment (s 105) * There is also a summary offence: 6 months imprisonment (s 105)
- 
  
 A person shall not: A person shall not:
Line 136: Line 118:
 a communication passing over a telecommunications system. a communication passing over a telecommunications system.
  
- +### Other Computer Offences
-### Other computer offences+
  
 #### 478.2   ​Unauthorised impairment of data held on a computer disk etc. #### 478.2   ​Unauthorised impairment of data held on a computer disk etc.
Line 154: Line 135:
 #### 474.17 ​  Using a carriage service to menace, harass or cause offence #### 474.17 ​  Using a carriage service to menace, harass or cause offence
  
-## Queensland ​legislation+## Queensland ​Legislation 
 + 
 +**Video: Sarah Lawrence explains [how Section 359B of Queensland'​s Criminal Code regulates cyberstalking](https://​www.youtube.com/​watch?​v=SeEPjsLyGso)** 
 + 
 +Incidents of cyberstalking are recognised under the definition of unlawful stalking in Section 359b of Queensland’s Criminal Code. Through the inclusion of subsection (c)(ii) unlawful stalking extends to contact through the use of telephone, mail, fax, email or through any technology.  
 + 
 +Cyberstalking includes email stalking, phone stalking and computer stalking. Both email and phone are expressly stated in section 359B of the Criminal Code as methods of contact for unlawful stalking. Computer stalking, while not expressly stated in the provision, would likely be covered by the phrase ‘any technology’ and therefore would still be caught by the stalking offence.
  
-<WRAP box round 280px> +A major controversy surrounding the stalking offence is the that the victim must have suffered a real apprehension or fear of violence, however, ​cyberstalking ​is unlikely to meet this threshold due to its virtual ​and non-physical nature. In addition, ​the prosecution of cyberstalking is difficult and victims must turn to other avenues to find relief. The current and most realistic remedies for victims would be to approach social media services to have material removed, or to report the behaviour to the eSafety commissioner.
-**Future student video: explain ​cyberstalking and the Queensland Stalking offence** +
-</​WRAP>​+
  
-## Private ​lawelectronic contracts+## Private ​LawElectronic Contracts
  
 Access to computer systems is typically constrained by both code and contract law. The code that makes computer systems interactive will often have some system for controlling access to the system. For example, websites are often made accessible to the public, but webservers can be configured to ensure that different parts of the website are only accessible to logged-in users with the correct permissions. Similarly, login controls prevent people from gaining access to computer systems without the correct password or credentials. Accessing computer systems by breaking these authentication mechanisms will usually be an offence under the unauthorised access or computer trespass provisions in the criminal law. Access to computer systems is typically constrained by both code and contract law. The code that makes computer systems interactive will often have some system for controlling access to the system. For example, websites are often made accessible to the public, but webservers can be configured to ensure that different parts of the website are only accessible to logged-in users with the correct permissions. Similarly, login controls prevent people from gaining access to computer systems without the correct password or credentials. Accessing computer systems by breaking these authentication mechanisms will usually be an offence under the unauthorised access or computer trespass provisions in the criminal law.
  
-<WRAP box round 280px > 
-**student video topic: browsewrap, clickwrap, shrinkwrap** 
- ​{{youtube>​BLANK?​small}} 
  
-</​WRAP>​+### Shrink-wrap,​ click-wrap, and browse-wrap agreements
  
 +**Video: [What'​s the difference between a click-wrap and a browse-wrap agreement?​](https://​www.youtube.com/​watch?​v=pdk3e5Fnp2I&​feature=youtu.be) by Erin Laird**
  
 The link between access control systems and private law is typically made through a contract. Many websites now have contractual terms of use that purport to limit access to the website upon acceptance of those terms. When this is done in the registration process, where a user must affirmatively agree to contractual terms (typically by checking a box or clicking a button), this is called a '​clickwrap'​ contract. When contractual terms are instead incorporated by reference (for example, a link at the bottom of the page entitled 'terms of use'), this is called a '​browsewrap'​ contract. ​ The link between access control systems and private law is typically made through a contract. Many websites now have contractual terms of use that purport to limit access to the website upon acceptance of those terms. When this is done in the registration process, where a user must affirmatively agree to contractual terms (typically by checking a box or clicking a button), this is called a '​clickwrap'​ contract. When contractual terms are instead incorporated by reference (for example, a link at the bottom of the page entitled 'terms of use'), this is called a '​browsewrap'​ contract. ​
  
-Terms of Use documents typically deal with a series of different legal issuesThey might include limitations ​of liability clauses, standards ​of acceptable conductcopyright and other intellectual property policies, dispute resolution mechanisms, and many other terms. These can be very useful for online service providers. Because users must agree to the terms to use the website, these terms become enforceable through ​contract ​law and, in some cases, also through ​the criminal prohibitions on unauthorised access. In practice, the contractual component is the most important: through electronic contractsonline service providers are able to structure their rights and exposure to potential liability in a standardised,​ low cost manner.+'​Shrink-wrap'​ licence agreements are agreements found inside software packaged for saleThis raised the question ​of how software licence agreement ​of the provider was binding on the consumerwhen the consumer entered into the sale contract ​with the retail shop. In ProCD Inc v Zeidenberg 86 F 3d 1447 (1996), the Court held that consumers will be bound to the licence agreement if they open the packaging and subsequently install the softwareas they reliquished an opportunity ​to reject it by returning the software
  
-<WRAP box round 280px > +'click-wrap' ​agreement is an online agreement where the user actively gives consent to the terms and conditionsThe user will do this by either clicking on a button or checking a box next to a statement saying “I agree to the terms and conditions”. A browse-wrap agreement is an online agreement where the user is assumed to have given passive consent by merely being on the website because being on the website is stated ​to amount ​to entering into an agreement with the provider.
-**Matthias Klepper explains the authority in US v Drew that breach of Terms of Service does not constitute ​'unauthorised' ​access** +
-{{youtube>​negamd8UFq8?​small}} +
-</​WRAP>​ +
-Terms of Use documents are often criticised for the problems they pose for consumers. Clickwrap contracts are generally enforceable,​ regardless of whether the consumer has actually read the terms or notMany firms abuse this system ​by including quite harsh terms in the fine print of the contract in order to minimise their potential risk. In response ​to this general concern, Australia has recently introduced unfair terms legislation that will limit the enforceability of standard form contracts that are deemed to be unfair.+
  
-<WRAP box round 460px> +Click-wrap and browse-wrap agreements differ from how the terms are incorporated to the agreement by reference. To be enforceable,​ it must be done by signature or reasonable notice.((Toll (FGCT) Pty Ltd Alphapharm Pty Ltd (2004) 219 CLR 165 approving L’Estrange v F Graucob Ltd [1934] 2 KB 394.)) Click-wrap agreements do this by signature. Browse-wrap agreements attempt this through reasonable notice, but this is sometimes harder to enforce.((Hotmail Corporation v Van Money Pie Inc (1998) 47 USPQ 102.))
-**MissTakingTruth explains ​the eBay Creative Festival Entertainment contract dispute** +
-{{youtube>​hT4bMCR-a10}} +
-</​WRAP>​+
  
-<WRAP box round 280px> +Terms of Use documents are either click-wrap or browse-wrap agreements that typically deal with a series of different legal issues. They might include limitations of liability clauses, standards of acceptable conduct, copyright and other intellectual property policies, dispute resolution mechanisms, and many other terms. These can be very useful for online service providers. Because users must agree to the terms to use the website, these terms become enforceable through contract law and, in some cases, also through the criminal prohibitions on unauthorised access. In practice, the contractual component is the most important: through electronic contracts, online service providers are able to structure their rights and exposure to potential liability in a standardised,​ low cost manner.
-**student video topic: unfair ​terms** +
- ​{{youtube>​BLANK?​small}}+
  
-</WRAP>+**Matthias Klepper [Explains the Authority In US v Drew that Breach of Terms of Service Does Not Constitute '​Unauthorised'​ Access](https:​//​www.youtube.com/​watch?​v=negamd8UFq8)**
  
 +Terms of Use documents are often criticised for the problems they pose for consumers. Click-wrap contracts are generally enforceable,​ regardless of whether the consumer has actually read the terms or not. Many firms abuse this system by including quite harsh terms in the fine print of the contract in order to minimise their potential risk. In response to this general concern, Australia has recently introduced unfair terms legislation that will limit the enforceability of standard form contracts that are deemed to be unfair.
  
 +**Video Overview of the [Contract Dispute in eBay v Creative Festival Entertainment](https://​www.youtube.com/​watch?​v=hT4bMCR-a10)**
  • cyberlaw/crime.1476221910.txt.gz
  • Last modified: 14 months ago
  • (external edit)