Perhaps because of the perceived technical knowledge required to commit these offences, there is a certain mystique regarding what the term actually means. Although computers and networks now facilitate a huge range of new social and commercial activities, it is possible for a criminal to commit a crime in many ways that are not immediately apparent in a physical sense.
This article sets out to demystify the term “cybercrime” and cover how Australian criminal law addresses these offences.
At the outset, it should be noted that a “computer” should nowadays be understood to include not only a desktop or laptop computer, but also a tablet or smart-phone. The definition of a “network” is likewise wider than the internet and includes a corporate intranet and even the various devices at your home connected by wi-fi. In the context of cybercrime, the computer and a network are either tools for committing a crime (usually for the purpose of obtaining some form of information), or the intended target of the criminal act.
The first category of crimes would include spam, phishing and financial scams, identity theft or electronic copyright infringement. The later category includes malware, viruses and a denial-of-service attack. To this end, classifying cybercrime revolves around what purpose a computer or network plays in the activity. The term “hacking” is, unfortunately, widely misunderstood and refers to both the re-configuration and re-programming of system for academic, interest, commercial or criminal related purposes. In this sense, a person could be called a “hacker” if they were obtaining full access to a smart-phone for the purpose of fixing a security flaw or for the purpose of misusing a person's identity.
Australian Cybercrime Legislation
Australia has a varied collection of provisions that address situations related to cybercrime. Many provisions of the Commonwealth, State and Territory criminal laws are general enough to encompass a crime that is merely facilitated by a computer. In theory, a person who collects and uses credit card details through use of the internet has not committed anything more exciting than garden variety fraud, although they may be exposed to more specific offences concerning telecommunications interception.
A number of new provisions have been developed to address the unique investigatory challenges created by cybercrimes. For example, under the Crimes Act 1914 (Cth), the Australian Federal Police may be able to compel a person to provide a means of accessing data protected by encryption (and provide for an offence of failing to reasonably cooperate with such an investigation). In addition, the Crimes Act 1914 could lawfully authorise the commission of offences by the police in investigating crimes (a tool that some have argued is necessary for addressing online child pornography).
However, Australia has a mixed record of success concerning cybercrime, as the international nature of the internet and the adaptability of networks and software tools continues to challenge the effectiveness of traditional law enforcement approaches.
Implications for the User and the Accused
Two key implications arise from the current state of cybercrime legislation. First, prevention (from the user's point of view) is better than a cure. Users should take it upon themselves to understand the potential security risks involved in utilising computers and networks and not necessarily assume that governments or commercial entities are completely effective in addressing such risks. Second, a person accused of a computer-related crime should seek the assistance of a criminal lawyer who has both a technical and a legal understanding of the complexities raised by cybercime offences.