Not a legal opinion: It would be very difficult to apply existing common law (analogous to jurisprudence) to electronic crimes committed in a new era, atleast within the local context.
 
For these reasons it is necessary to define the crimes under distinct and separate legislation. Due to the borderless nature of the Internet (see shared link), it is necessary for such legislation to take a broad approach into account.
 
For instance there ought to be provisions that allow local authorities to seek the arrest and extradition of foreign based suspects from other jurisdictions for electronic crimes committed against citizens or local infrastructure owned by individuals or entities even though the suspects at the time of commission of the crime were present in other jurisdictions.
 
The same provision can allow private parties to pursue civil remedies in a similar matter and give them the basis where possible to enforce the judgement in the defendant's jurisdiction.
 
This for example would close the possible jurisdictional loophole of individuals crossing borders so as to commit electronic crimes from a country that lacks electronic crime laws. Current law is ill equipped in ensuring civil remedies, prosecution or arrest of local or international cyber criminals, 419ers, lurers of minors, harassers, electronically transmitted or created threats (threats to a person, threats to infrastructure by way of viruses, malaware, DoS etc) etc neither is it likely to be in a position to ensure serious consequences or deterents for the same or allow for the definition of crimes as distinguished here for an international gang of culprits: http://www.secretservice.gov/press/GPA15-08_CyberIndictments_Final.pdf
 
It was recently reported that a bill or regulations to protect the data of consumers would be brought about as a means of regulating the CRBs. This could be model legislation/regulations to adopt to ensure that the public has a say in the manner in which their private information is used.
 
At the same time consumers ought to be able to instruct companies with whom they have business relationships with not to share that same information with 3rd parties without their prior consent (ie opt-in/out). This is only effective if there are laws or regulations to provide for consequences when businesses violate the same.
 
As CRBs take root, there will be a likelihood that similar bureaus or entities will eventually start sharing information in real time, for example an underwriter of an insurance policy might want to check an individual's claim history across the industry to determine the level of risk the insured poses in determining policy premiums. Similarly an organization may want to conduct background checks for prospective employees in privately maintained electronic databases.
 
It is important that instead of regulations or laws being formed for sectors of the economy, that national data privacy laws and regulations be defined (or ammended) and on that basis refinement of specific regulations/laws could be made for sectors that require specific data requirements. Such regulatory foresight can reduce or avert the occurence of issues such as those seen here: http://www.businessweek.com/magazine/content/08_31/b4094000643943.htm?campaign_id=rss_null
 
 
On Fri, Aug 15, 2008 at 12:21 AM, John Walubengo <jwalu@yahoo.com> wrote:
Mornings,

Today and next Monday, we intend to thrash out the legal dimensions of Internet Governance. The typical issues revolve around:
-Jurisdiction & Arbitration (who resolves e-disputes)
-Copyright & IPR (are they pro or anti-development?)
-Privacy and Data Protection (how is the e-Citizens data abused/protected?)

I do hope the 'learned' friends will chip in since I cannot pretend to be an expert here as I introduce the general legal principals.  Basically, dispute resolutions can be done through,
·       Legislation;
·       Social norms (customs);
·       Self-regulation;
·       Regulation through code (software solution);
·       Jurisprudence (court decisions);
·       International law.

There is however two broad conflicting schools of thought when it comes to resolving disputes occasioned by the Internet. One group claims that whatever happens online does have an equivalent 'off-line' characteristics and as such existing laws can easily be applied.  E.g stealing money electronically is no different from stealing money physically and so Robbery charges and subsequent jurisdictional procedures could apply.  However, the second group feels that electronic crimes have a totally different context and must have a separate and totally new set of legislation or methodologies for resolutions.

The borderless nature of the Internet brings to fore the Challenges of Jurisdiction and Arbitration as in yesterday's example, where content in one country may be illegal but is legal in another. Copyright and Intellectual Property Rights issues are also explosive as demonstrated by the Napster Case, where some young software engineers created software that facilitated sharing of (SONY) Music files across the Internet. Also related was the case of Amazon.com trying to Patent the 'single-click' method of buying goods online.

Other cases touch on Data Privacy where Business Companies have been known to sell customer records to Marketing firms without express authority from the Customers. Other times customer data is simply hacked into and Businesses are unable to own up (going public) to the detriment of the Customer.

Most of these issues are under discussion internationally at the Internet Governance Forum (IGF), World Intellectual Property Organization (WIPO) amongst other fora. They present emerging legal challenges and it would be interesting to know if stakeholders in the East African region are/should be involved in shaping the outcomes of any of these issues.

2days on this one, today and next Monday and feel free to belatedly respond to Day 1 through Day 5 issues.

References:
http://www.diplomacy.edu/ISL/IG/
http://en.wikipedia.org/wiki/Napster





_______________________________________________
kictanet mailing list
kictanet@lists.kictanet.or.ke
http://lists.kictanet.or.ke/mailman/listinfo/kictanet

This message was sent to: mike.theuri@gmail.com
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/mike.theuri%40gmail.com