Navigation: Previous Page | Contents | Next Page
Chapter 6: Further Developments and Conclusion
Recent initiatives
6.1
The world wide growth of information systems has resulted in new crimes
and novel ways to perpetrate old crimes. As with any new development, the
response to these crimes has been at first almost ad hoc. The Committee is reassured to
find during the inquiry that a systemic approach is emerging.
6.2
The internet is a global phenomenon and any regulation of its use needs
to be international to have the greatest impact. Internationally, the United Nations
have addressed the issues and provided the parameters in which governments can
usefully contribute to the regulation of an industry that offers great
communication benefits to its citizenry.
6.3
Since the Committee commenced its Inquiry there have been some
developments in the regulation of the Internet, both within Australia and
internationally.
6.4
These include:
-
introduction
into Federal Parliament of the Spam Bill 2003; and
-
the
closure of certain internet chat rooms by Microsoft.
The Spam Bill 2003
6.5
The Spam
Bill 2003 (the Bill) resulted from a report released by the National Office for
the Information Economy in April 2003. In response, the government has
developed a number of initiatives, including an information campaign, and
legislation.
6.6
The
legislation focuses on:
-
the regulation of 'commercial electronic
messages'; and
-
the prohibition on the sending of unsolicited
commercial electronic messages (commonly referred to as spam).
6.7
The Bill
provides amendments to relevant legislation which will allow the Australian
Communications Authority (ACA) as the overseeing body, to monitor commercial
electronic message activity. It will also investigate complaints.
6.8
The scheme
will also have enforcement provisions as well as provisions for the development
of relevant industry codes and standards relating to commercial electronic
messaging The ACA can institute proceedings in the Federal Court for breaches
of the Act. Significant monetary penalties can be imposed, and the Court can
order compensation where a party has suffered damage due to the breach.
6.9
From the
evidence given and the submissions provided to the Inquiry one of the clear
messages is that legislation or policy initiatives must have an international
focus as well as a domestic application. The Explanatory Memorandum states:
The proposed framework contained in the Bill is aimed at
reducing Australia
as a source of spam, minimise spam for Australian end-users and extend Australia’s
involvement in worldwide anti-spam initiatives.[164]
6.10
The
Committee notes that the effect of the Bill is not intended to be confined to
the domestic sphere but to contribute to international anti- spam initiatives.
Internet Chat Rooms
6.11
In Chapter Three of this report, there was discussion of the concern
about the use of chat rooms, and the fact that control of their content and
activities is impractical. On 24 September 2003, Microsoft
announced it would close its chat rooms in 24 countries on 14 October. The
company will not be closing services in the United States, Japan,New Zealand, Brazil and Canada which are
subscriber-based. The subscriber-based services are paid for by credit card and
therefore any illegal activity is traceable.
6.12
The Committee notes that
Microsoft said that it wished to 'create a safer and more secure online
experience and we want to protect families, in particular children, from
unsolicited information and inappropriate communication online'.[165]
6.13
The Committee is also aware from the same press report that some experts
believe that this would not necessarily make any difference to Internet safety,
and disadvantages the 300,000 Australian users who will no longer be able to
use this facility.
6.14
While not in any way detracting from the possible effect of Microsoft’s
action, it is possible that those who engage in criminal activities in chat
rooms will simply use other technology such as mobile phones, which are
increasingly capable of becoming communication centres with all of the
capabilities of telephone, internet, video and television combined. The
activity is likely to be diverted but not eliminated.
Conclusion and recommendations
The ACC and the AHTCC
6.15
The Committee considers that the roles of the Australian High Tech Crime
Centre (AHTCC) and the Australian Crime Commission (ACC) in cybercrime
detection and enforcement should complement each other. The ACC’s role in
collection and dispersal of intelligence is a part of its enforcement role
function: the ACC is not a security agency.
6.16
The AHTCC’s can support this role in its monitoring of the technological
aspects of criminal activity, and keeping agencies apprised of the latest
technology as well as the ways in which it might be used to commit crime. As
two Commonwealth authorities, one of which includes the ACC the involvement of
the State and Territory jurisdictions, there is the potential to establish a
co-operative network of communication to act as a powerful weapon against
cybercrime.
6.17
During the Inquiry the Committee’s attention was
drawn to an article by Michael Sussmann published in the Duke Journal of
Comparative and International Law.[166]
Sussmann summarises the challenges and the responses necessary to achieve
cross-jurisdictional control of cybercrime. He notes that the former US
Attorney General Ms Janet Reno outlined four critical areas for attention:
legislation, commitment of personnel and resources, improved global abilities
and an improved regime for collecting and sharing information.
6.18
The four
categories apply equally to the three aspects of cybercrime under consideration,
and provide a framework for the ways in which the ACC and the AHTCC might
approach their roles.
Legislation
6.19
In an area such as cybercrime where new technologies are constantly
being developed and taken up to facilitate crime, the regular monitoring of the
adequacy of current legislation is essential to the success of enforcing the
law against cybercrime.
Commitment of personnel and
resources
6.20
As
information technology becomes a part of the routine of everyday life, it will
become part of crime. The current distinction between 'old' crime and e-crime
will become blurred as it becomes a part of every crime. Without a commitment
to training law enforcement personnel now, the capacity of LEA to respond to
these developments will be diminished. Resources for education as well as those
to ensure that the law enforcement bodies are apprised of all the available
technological devices and information are necessary to meet this requirement.
Recommendation 7
The Committee
recommends that the Government include in its cybercrime strategy, directed
training for law enforcement agencies, and the development of a whole of
government approach in which individuals can gain expertise which can be shared
between those agencies.
6.21
Further,
the Committee believes that education should include public
education, as well as that of the law enforcement agencies.
Improved global abilities
6.22
Australia’s
acceptance of its role in the international arena was demonstrated during the
inquiry. The recently introduced SPAM Bill (see paragraphs 6.5 to 6.9)
acknowledges its responsibilities. Further, Australia’s participation in the
work of APEC is an example of the initiatives being undertaken in the global
arena. In addition, the networks established by organisations such as the AFP,
the AHTCC and the ACC are vital to Australia’s participation in a consistent
international approach.
Improved regime for collecting and sharing information.
6.23
The Committee has made recommendations in recognition of the
need for a consistent national approach to ensuring that all relevant
information is available to the agencies which need it. It is clear that there
are opportunities for all law enforcement agencies to collect information on
technology and crime and in doing so identify trends. Unless that information
is shared, there is potential for duplication of activity leading to waste of
resources and time. This is also contrary to the acknowledged need for a whole
of government approach to combating cybercrime.
6.24
The Committee considers it is clear that isolated state or
national action cannot succeed in controlling any other aspect of cybercrime
unless there is a global commitment to a consistent regime of legislation and
regulation. These areas for development can be applied at the local (multi-
jurisdictional) Australian level, as well as the international level. With its
international relationships with similar bodies, and its multi-state
representation, the ACC is ideally placed to contribute to developing that
regime, but not necessarily leading it.
Recommendation 8
The Committee
recommends that the Australian Crime Commission continue its current level of
involvement in cybercrime investigation, and intelligence gathering, as well as
further developing its international liaison role.
Recommendation 9
The Committee
recommends that the Australian Crime Commission ensure its information sharing
strategies, including liaison with the Australian High Tech Crime Centre,
maximise the opportunities for giving and receiving accurate and timely
information about cybercrime methods and technology.
6.25
It became
clear during the course of the hearings that there is no co-ordinating body
which combines the role of watchdog, investigator, and prosecutor in this area.
In his evidence to the Committee, Mr Melick said:
The trouble is that
there are too many players and no overarching coordinator.[167]
6.26
There is
no organisation which is across all of the associated issues. While the
Committee acknowledges that in other contexts combining these roles may not be
desirable, the nature of cybercrime is such that rapid response is essential.
6.27
The
Australian Federal Police submission noted that the new AHTCC has, as part of
its role, to provide a national co-ordinated approach to combatting serious
complex and/or multi-jurisdictional high tech crimes. In addition it also
assists in improving the capacity of all jurisdictions to deal with high tech
crime. The Committee is of the view that the AHTCC is in a position which would
enable it to take a national perspective on cybercrime. However in order to
develop this capacity, there must be a framework which supports it.
6.28
The Committee observed that Sussmann sets out this framework
as including:[168]
-
High technical standards which preserve public
safety.
-
The ability to preserve critical traffic data
routinely, with powers to require a longer period of storage.
-
The ability to share information across
jurisdictions quickly – this requires legal processes supplemented by
administrative procedures to facilitate the sharing of data.
-
Government-Industry co-operation. This involves
government minimising the compliance burden on industry, and simultaneously industry
considering the public safety and interest as being a top priority.
6.29
From the Committee’s observations of the evidence and the
submissions provided, there are many ways in which LEA’s, government agencies and
the private sector are already working within Sussman’s framework. However, it
believes that further work can be done at all levels and in all spheres to
develop strategies that will initiate innovative measures against cybercrime,
and respond rapidly to instances of cybercrime. The complementary roles for the
ACC and AHTCC can be identified in the following recommendations which are
designed to promote partnerships in this process of Commonwealth and State
governments as well as private industry.
Recommendation 10
The Committee recommends that the Australian Crime Commission seek
out opportunities to participate in appropriate public/private sector
cybercrime projects, to promote the sharing of information, and the efficient
prevention and investigation of cybercrime offences.
Recommendation 11
The Committee recommends that the Australian High Tech Crime
Centre act as a clearing house for information on cybercrime, in order to
explore initiatives to combat it.
6.30
The Committee believes that the ACC can make an important
contribution to the law enforcement agencies’ understanding and prosecution of
cybercrime in a number of ways:
-
Through its statutorily authorised intelligence
gathering function, the ACC can share its intelligence in the area with other
agencies. In particular, through its Board, State Police can remain informed of
these activities at the highest level.
-
The ACC can work with the AHTCC on the
prevention and investigation of cybercrime through the ACC’s knowledge of the
operational environment, and the AHTCC’s knowledge of advancing
technology.
6.31
The
Committee observed with some optimism that developments in providing that
protection are occurring in all areas: legislative, both private and public
sectors, law enforcement agencies, and with the Internet Service Providers
themselves. It is clear to the Committee that there are serious and sustained
efforts being made to counter cybercrime, and the recommendations contained in
this report are designed to enhance that effort.
Navigation: Previous Page | Contents | Next Page
Top
|