1

Cyber Law

Musbri MohamedDIL; ADIL ( ITM )Pursuing MBL ( UKM )

2

Cyber Law in Malaysia

Rules & Regulations in relation with the protection of information infrastructure

Provisions of conventional laws that apply to Information infrastructure

Specific legal Instruments on Information Infrastructure

Copyright Act

Penal Code

Internal Security Act

Official Secrets Act

Evidence Act

Existing Instruments

Proposed Laws

Personal Data Protection Bill (draft)

E-Govt Activities (draft bill)

Communications and Multimedia Act

Computer Crimes Act

Digital Signature Act

BNM Minimum Guidelines on Internet Banking in Malaysia

Content Code

Electronic Commerce Act 2006

3

Cyber law describes the legal issues related to use of inter-networked information technology.

Some leading topics include:-

Intellectual property,Privacy, Freedom of expression , and Jurisdiction.

4

SEDARKAH kita kehidupan tanpa maklumat, tanpa berita dan tanpa ilmu pengetahuan boleh menjadikan individu umpama hidup pada zaman batu?

Frasa ini turut merujuk betapa berharganya maklumat yang memainkan peranan penting dalam kehidupan manusia apatah lagi ketika kita menuju ke era globalisasi.

5

Issues of jurisdiction and sovereignty have quickly come to the fore in the era of the Internet. The Internet does not tend to make geographical and jurisdictional boundaries clear, but Internet users remain in physical jurisdictions and are subject to laws independent of their presence on the Internet.

6

A new cyber law to protect consumer privacy is likely to come into force next year. The proposed Personal Data Protection Act breaks new ground not only in cyber-privacy but also in law-making. The law is based on the basic principles of transparency and clarity; more competition and less regulation.

The draft, which runs to more than 80 pages comes in 14 parts and five schedules

7

As such, a single transaction may involve the laws of at least three jurisdictions:

1) the laws of the state/nation in which the user resides, 2) the laws of the state/nation that apply where the server

hosting the transaction is located, and 3) the laws of the state/nation which apply to the person or

business with whom the transaction takes place.

So a user in one of the United States conducting a transaction with another user in Britain through a server in Canada could theoretically be subject to the laws of all three countries as they relate to the transaction at hand.

8

Its chief aim is to regulate the collection, possesion, processing and use of personal data by any person organisation so as to safeguard individual privacy. It also aims to establish a set of common rules and guidelines on handling and treatment of personal data by any person or organisation. The legislation is envisaged to be a world-class leading edge cyber law

that provides for higher level of personal data protection. It also seeks: Provide adequate security and privacy in handling personal information; Create confidence among consumes and users of both networked and non-networked industries Accelerate uptake of e-commerce; and Promote a secure electronic environment in line with Multimedia Super Corridor (MSC) objectives. The rationale is to promote Malaysia as a communications and multimedia hub where the national adoption of e-based transactions is expected to be high.

9

Net neutrality

Another major area of interest is net neutrality, which affects the regulation of the infrastructure of the Internet. Though not obvious to most Internet users, every packet of data sent and received by every user on the Internet passes through routers and transmission infrastructure owned by a collection of private and public entities, including telecommunications companies, universities, and governments, suggesting that the Internet is not as independent as Barlow and others would like to believe. This is turning into one of the most critical aspects of cyber law and has immediate jurisdictional implications, as laws in force in one jurisdiction have the potential to have dramatic effects in other jurisdictions when host servers or telecommunications companies are affected.

10

Free speech in cyberspace

In comparison to traditional print-based media, the accessibility and relative anonymity of cyber space has torn down traditional barriers between an individual and his or her ability to publish. Any person with an internet connection has the potential to reach an audience of millions with little-to-no distribution costs. Yet this new form of highly-accessible authorship in cyber space raises questions and perhaps magnifies legal complexities relating to the freedom and regulation of speech in cyberspace.

11

Internet regulation in other countries

While there is some United States law that does restrict access to materials on the internet, it does not truly filter the internet. Many Asian and Middle Eastern nations use any number of combinations of code-based regulation (one of Lessig's four methods of net regulation) to block material that their governments have deemed inappropriate for their citizens to view. China and Saudi Arabia are two excellent examples of nations that have achieved high degrees of success in regulating their citizens access to the internet.

12

Internet Overuse and Online Addiction

BEIJING — Chinese doctors released the country’s first diagnostic definition of Internet addiction over the weekend, amid efforts to address an increasing number of psychological problems that reportedly result from Internet overuse.Symptoms of addiction included yearning to get back online, mental or physical distress, irritation and difficulty concentrating or sleeping.Internet-addicted youths are more likely suffer frustration in interpersonal relations than their peers.

13

Cyber Crime New Zealand and Teenager

Police in New Zealand are investigating eighteen-year-old who is alleged to be the leader of a ring which has skimmed £10 million from bank accounts around the worldInvestigators in New Zealand, the US and the Netherlands believe the youth, who cannot be named but goes by the online name ‘Akill’ - wrote software used to attack more than a million computers.The software was allegedly used to bring down the computer server at the University of Pennsylvania last year.Police described the teenager as the ringleader of a ‘botnet’ - a network of computers infiltrated by a programme that surreptitiously installs itself to allow a hacker to control it.

14

Blogging in Malaysia

A leading Malaysian newspaper has sued two bloggers for defamation, a company executive and one of the defendants said on Thursday, in a case the opposition says could stifle freedom of expression.The New Straits Times, the country’s oldest newspaper group, had filed suits against Ahirudin Attan and Jeff Ooi over numerous postings in their respective blogs attacking top company officials, Ahirudin and a NST executive said.This is the first instance of bloggers being sued for libel in Malaysia, where Internet chatrooms are mushrooming amid tight government controls on mainstream media.

15

Individu

Berhati-hati ketika memberi maklumat peribadi di dalam laman web, e-mel, sistem pesanan segera, bilik bual atau pada papan mesej, terutamanya apabila tidak pasti. Individu berhak bertanya mengapa dan bagaimana maklumat itu digunakan.Individu perlu melindungi maklumat peribadi. Ia amat berharga.Kenali dengan siapa individu berurusan setiap masa.Menggunakan perisian anti virus, anti spyware dan firewall serta pastikan ia sentiasa dikemas kini.Memastikan sistem operasi dan penyemak imbas laman web ditetapkan dengan betul dan sentiasa dikemas kini.Melindungi kata laluan komputer, e-mel dan laman penting yang selalu dilawati.Membuat sandaran bagi fail yang penting.Kenali siapa perlu dihubungi jika sesuatu berlaku dalam talian.

Panduan keselamatan kepada individu bagi mengelakkan sebarang penipuan internet

16

Organisasi

Membuat jadual bagi data sandaran pada kekerapan yang boleh diharapkan.Mengekalkan data sandaran dalam tempoh tertentu untuk membenarkan pemulihan semula atau isu pembaikan yang tidak didedahkan serta-merta.Menggunakan sandaran secara automatik.Melakukan siri ujian kepada proses penyalinan.Sediakan komputer tambahan untuk sentiasa menyalin data.Memastikan data sandaran mempunyai log tarikh dan masa supaya dapat disahkan.Buat sandaran untuk pelbagai jenis medium (salinan cakera mudah alih, CD, VCD, USB).Meletakkan data sandaran di tempat yang selamat

Panduan keselamatan kepada organisasi bagi mengelakkan sebarang penipuan internet.

17

18

19

About HeiTech Padu Berhad:

A public listed company on the main board of the Bursa Malaysia Securities Berhad, HeiTech Padu Berhad (HeiTech) is one of Malaysia's key Information Security services providers whose solutions spread across the ICT Security spectrum and include the following offerings:Business Continuity and Availability Security Consulting, Assessment and Audit Services Customized Security Training, Seminar and vendor neutral certification

20

About CyberSecurity Malaysia:

We are a one-stop reference and specialist centre for cyber security. A Company Limited by Guarantee (CLG), we are under the purview of the Ministry of Science, Technology and Innovation (MOSTI). Our services include:Digital Forensics Malaysia's Computer Emergency Response Team (MyCERT) / Cyber999 Security management and best practices Security assurance Cyber security training and professionalcertification Outreach, awareness, and social responsibility programmes Cyber security policy and legal research

21

MSC boundaryPETALING JAYAKLCC

KLIA

AIRPORT CITY

PUTRAJAYA

KL Tower

CYBERJAYA