Cyberspace has become, in present times, the fifth common space, along with land, air, space and sea. Technology has grown rapidly, and law has not been able to keep pace. Since the Internet and crimes committed thereon are not limited by geographic or territorial boundaries, it is becoming increasingly imperative that an effective mechanism be set up to curb the rampant growth of crime and terrorism online, by means either of an international legislation in this regard (which may be in the form of modifying existing legislation to suit cyberspace, or by way of setting up international agencies under the aegis of the United Nations to deal specifically with cyber crime and cyberterrorism) or to ensure international cooperation to achieve the end of harmonising existing national and regional cyber crime legislation to create a seamless, borderless cyberspace.
The main obstacles in meeting cyber threats have been identified as: technical hurdles, lack of social responsibility, and inadequate international cooperation.15 While the first and second issues can be overcome by increasing investments in technology, education and R&D, the greatest obstacle remains the reluctance of states to cooperate in cyberspace. Being transnational crimes, cyber crimes can only be tackled with the combined efforts of the international community.
Regulations and cooperation agreements or the inclusion of an additional protocol on cyber crime to the Geneva Convention that may enable countries to assist each other in bringing to book offenders who use to their advantage the lack of an effective punitive mechanism are essential. The long-established national and international criminal codes were developed in an era prior to the Internet; criminal codes therefore need to be amended to create criminal offences to ensure the protection of information and communication in cyberspace. An impartial international body on the lines of Interpol can be set up to coordinate international efforts with regard to prevention of cyber crimes. Such an organisation could also act as a facilitating body in bringing about harmonisation of cyber crime legislation among the member nations. In the last couple of years alone, a large number of countries, including Russia, Japan, Australia, USA, Canada, Ireland, Cameroon, Namibia, Kenya, Bangladesh, Jordan, UAE, Jamaica, Portugal and Norway have enacted laws relating to cyberspace or amended substantially the existing national law in this regard. Over a period of two decades, regional organisations have sought to establish uniform Internet regulations at a regional or local level, including the Council of Europe, ITU, ASEAN, OECD, NATO, Commonwealth of Nations, APEC, League of Arab States, Organisation of African States, Shanghai Cooperation Organisation and the G-8 countries.
Despite the efforts made by countries and regional organisations in last 20 years, apart from a few common trends, there are considerable variations in national cyber crime legislation. The main reason for this is the variance of the effect of cyber crimes on different countries. Spam, for instance, is a bigger threat to developing countries than developed countries. Similarly, certain online content may be unlawful in some countries while others may protect it under the freedom of speech. It is therefore clear that such issues cannot be addressed at a local or regional level and it is necessary to develop a common understanding in the international community and harmonise legislation. Consequent to the need for an effective machinery to address cyber crime in India, the IT Act, 2000 was enacted in keeping with the Model Law on Electronic Commerce adopted by the UN General Assembly in 1997. The IT Act criminalised tampering with computer source documents, hacking, and publishing of obscene information in electronic form under Sections 65, 66 and 67. These provisions were, however, found inadequate and the 2008 amendments, which came into force in 2009, widened the scope of cyber crime, criminalising a greater number of offences than its predecessor. Section 66F was the most significant as it for the first time defined and criminalised cyberterrorism, making it punishable with life imprisonment.
Amendments have also been made to the IPC to criminalise cyber offences and set out procedures and punishments for the same. However, there still is a huge gap between existing laws and the required laws to fully combat cyber threats. To bridge this gap DIT issued a Discussion draft on NCSP on 26 March 2011. It called for greater international cooperation which can be achieved through the harmonisation of national laws and enforcement procedures. Dynamic legal framework in synchronisation with technological changes and international developments in the area of information security has been pointed out as an area of priority.
