The digital age has brought about rapid developments in information technologies. Paramount among these technologies is the internet, which has made communication more efficient than ever before. Cyber law is a relatively new area of the legal system that governs the complex way that individuals and businesses use the internet. Regulation of online conduct is increasingly important as nearly every person, business and organisation in the modernised world relies on the internet in some way. Cyber law serves to protect them from the criminals and pests who take advantage of the anonymity the internet can afford.
Cybercrime investigations for criminal and civil cases
Regardless of whether a case is criminal or civil in nature, a private forensic investigator can almost always provide some level of assistance to help achieve a desired outcome where cybercrime is involved. Forensic investigators are not only available to corporations or law firms – they’re also able to be used by small businesses and individuals. There are 2 main areas when it comes to computer forensics. The first of these relates to the analysis of physical hardware, like mobile phones or computer hard drives, to recover or preserve relevant data. The second area concerns internet activity where webpages and online accounts are subject to analysis. A technician may need to examine a physical device or an online account/website or both in the course of an investigation. See further below for some common examples of computer forensics investigations. When it comes to cybercrime, police regularly fail to provide adequate assistance to victims. This is because they are overwhelmed by reports about online criminal activity and generally lack the resources to tackle all but the most serious transgressions. The police will, however, be more inclined to treat the case seriously if a forensic investigator can provide them with solid digital evidence, making their job much easier.
Investigators are especially useful in civil matters, where the standard of proof in Australia is reduced from beyond reasonable doubt (in criminal courts) to the balance of probabilities. Defamation, for instance, is usually carried out anonymously online. Investigators can work toward uncovering the identity and the whereabouts of the culprit for the purposes of serving him or her with legal notices. Even in cases that are initially treated as criminal, an investigator can potentially assist a person or business in pursuing civil action if law enforcement is unhelpful. We recently dealt with such a case regarding a dispute our client had in a 2-party contract. After one of the parties was hacked, the perpetrators substituted in their own bank details and intercepted a substantial payment made between the parties. The dispute itself was over which party had been hacked and, therefore, who was financially liable for the lost money. The case ended after we were able to produce evidence that, on the balance of probabilities, showed that it was likely our client had not been hacked. Although this matter revolved around the criminal action of the hackers, it serves as an example of how an investigator can assist in civil action when the police are unhelpful.
The common cases of Cybercrime
Just as technology continues to evolve at an exponential pace, so too do the techniques that cyberbullies use in their malicious digital activity. Cyber investigators in law enforcement and the private sector are often impressed by the clever techniques used by today’s savvy criminals and digital tormentors. Regardless of how clever cybercriminals are, however, investigators have more sophisticated capabilities than ever before so there’s always a chance a culprit will be able to be identified and caught.
Hacking, the most common cybercrime, is a malicious practice that plagues individuals and businesses alike across the globe. It’s said that in 2018 close to a third of Australian adults were affected by cyber-attacks. Hacking itself is quite a broad category of cybercrime, encompassing attacks using different forms of malware like viruses, spyware and ransomware in order to hijack systems or networks to gain access to confidential information. Ransomware allows cyber criminals to block access to a device or system until a ransom is paid, usually in bitcoin.
It has also become common for employees to misuse confidential company information, trade secrets, patented material or intellectual property. We recently worked on a case where our client operated a health care centre and the employee in question gained unauthorised access to a substantial list of clients’ personal information. This could have created a number of problems for the clinic. We were required to show that the employee was solely responsible for the data breach and help manage the clinic’s response. So as to be prepared for situations like this, employers should have a workplace surveillance policy in place at the point of employment so that such risks can be managed effectively.
The installation of programs that compromise privacy can quickly become illegal if they are used improperly. For example, the use of a keystroke logger is illegal if it is installed on somebody’s personal device without the subject person’s knowledge or consent. This often occurs when partners become suspicious of infidelity, and a wife or husband uses a keystroke logger to monitor his or her significant other’s personal social accounts. As outlined in the Commonwealth Criminal Code, by accessing password protected material without the consent of its owner, you are breaking the law and can be imprisoned for up to 2 years.
Sadly, the widespread circulation of material depicting child exploitation is also becoming more prevalent. In fact, on average, the non-profit NGO National Center for Missing and Exploited Children reviews over 25 million images per year. If an investigator discovers any such material in the course of an investigation, they must report it to the police straight away.
How an investigator can help
In cases involving online harassment, defamation, hacking or threats, all evidence of untoward activity should be documented. Criminal or bullying activity on the internet can be difficult to investigate, so any known evidence that could assist an investigator with their task will increase the likelihood of a successful outcome. Online platforms are conducive to anonymous activity so careful work by a digital forensics expert may be required to uncover the identity of the perpetrator. Disputes over contracts can also warrant the use of an investigator. A digital forensic technician can work to prove whether or not an email was sent or received or if hacking has taken place on a server or device. Sometimes, access to a device such as a smartphone or a personal computer will be required so that the device’s storage can be forensically copied.
An investigations firm like Lyonswood can provide advice to an individual or business about how to improve cybersecurity and minimise their risk of compromise. Generally, people are reactive to situations involving cybercrime and act once a problem has arisen, as opposed to being proactive and trying to prevent it from occurring in the first place. Any business is advised to take adequate steps to try and minimise the risk of hacking and fraud. So too are individuals, and especially those engaged in family law disputes who may have their email and social media accounts hacked by their former partners.
What the law says
Laws pertaining to online activity and cybercrime differ between international, federal and state levels, but all 3 work in unison to protect users. Federally, Australia accedes to the Council of Europe Convention on Cybercrime (Cybercrime Convention), which remains the only international treaty pertaining to cybercrime. This means that our laws are based on the principles of this treaty, incorporated into our own law through sections of the Criminal Code Act 1995 (Cth) and more recently through the Cybercrime Legislation Amendment Act 2012 (Cth). A stated purpose of the Cybercrime Convention is “fostering international cooperation”, which is important because cybercrime is borderless. Member states to the convention are therefore required to provide mutual assistance to each other, which is crucial because much of the malicious cyber activity targeting Australian individuals and businesses comes from offshore.
Since the 2012 amendment expanded the scope of offences covered by The Criminal Code, any modification, unauthorised access or impairment of relevant data is an offence, regardless of where it was sent to or from and how it was obtained. Prior to the amendment, the data had to have been owned by the Commonwealth, sent to or from a Commonwealth-owned device, or the impairment had to have been caused through a carriage service. In basic terms, the amendment provides better protection to businesses and individuals across Australia. This article from Lexology has more detailed information on the specifics of these laws.
The Australian Federal Police have the responsibility to investigate and respond to cybercrime of national importance, as well as transnational cybercrime involving child sex offences (exploitation, trafficking, tourist sex offences, etc). The Commonwealth Director of Public Prosecutions also has the responsibility of prosecuting offences involving carriage services to harass, as well as unauthorised access/impairment of data. Each state then has its own specific cyber laws, with the corresponding police forces and Director of Public Prosecutions for each state having the jurisdiction to investigate and prosecute the offenders of a broad range of offences respectively.
