Technological Self-Help and Equality in Cyberspace

New technologies challenge the law in many ways, for example, they extend one’s capacity to harm others and to defend oneself from harm by others. These changes require the law to decide whether we have legal rights to be free from those harms, and whether we may react against those harms extrajudicially through some form of self-help (e.g., self-defence or defence of third parties) or whether we must resort to legal mechanisms alone. These questions have been challenging to answer in the cyberspace context, where new interests and new harms have emerged. The legal limits on permissible self-defence have historically been a function of necessity and proportionality to the threat.However, this article argues that case law and historical commentary reveal that equality between individuals is also an important policy issue underlying the limits on self-defence. The use of technologies in self-defence brings the question of equality to the fore since technologies may sometimes neutralize an inequality in strength between an attacker and a defender. A legal approach that limits resort to technological tools in self-defence would ratify and preserve that inequality.However, the relationship between technology and human equality is complex, and this article proposes an analytical structure for understanding it. The objective is to understand which technologies promote equality while imposing the least social costs when used in self-defence. The article proposes principles (including explicit consideration of the effects on equality) for setting limits on technological self-help, and illustrates their use by applying them to several forms of cyberspace counter-strikes against hackers, phishers, spammers, and peer-to-peer networks.Les nouvelles technologies posent de nombreux défis en droit. À titre d’exemple, elles augmentent la capacité des individus d’infliger du mal à autrui, mais aussi leur capacité à se défendre du mal. Ces changements exigent du droit de décider si nous avons ou non le droit, juridiquement parlant, d’être à l’abri du mal. Le droit doit aussi décider si nous sommes libres de réagir au mal de façon extrajudiciaire, par l’entremise d’initiatives personnelles (par exemple, l’auto-défense ou la défense des tierces parties) ou si au contraire nous devons nous en tenir aux mécanismes juridiques. Ces questions posent un défi particulier dans le contexte du cyberespace, d’où émergent de nouvelles menaces et des intérêts nouveaux. Les limites juridiques de l’autodéfense permissible dépendent historiquement de la nécessité et de la proportionnalité de la réaction face à la menace.Cet article soutient toutefois que la jurisprudence et les commentaires historiques révèlent que l’égalité entre individus constitue aussi une question de politique importante qui sous-tend les limites de l’autodéfense. L’utilisation des technologies dans l’autodéfense porte donc au premier plan la question de l’égalité puisque la technologie peut parfois neutraliser une inégalité de force entre une personne qui attaque et une autre qui se défend. Une approche juridique qui limiterait l’utilisation d’outils technologiques dans l’autodéfense entérinerait et préserverait cette inégalité.Pourtant, la relation entre la technologie et l’égalité entre humains est complexe. Cet article propose une structure analytique pour mieux saisir cette relation. L’objectif est de comprendre quelles technologies favorisent l’égalité tout en imposant les coûts sociaux les moins élevés lorsqu’elles sont utilisées pour l’autodéfense. L’article propose des principes pour mettre en place certaines limites aux initiatives personnelles technologiques. L’article illustre aussi l’utilisation de ces principes en les appliquant à de nombreuses formes de riposte contre les pirates informatiques, les hammeçonneurs, les polluposteurs et les réseaux pair à pair. Enfin, l’article considère explicitement les effets de ces principes sur l’égalité

The Internet of Things Connectivity Binge: What are the Implications?

Despite wide concern about cyberattacks, outages and privacy violations, most experts believe the Internet of Things will continue to expand successfully the next few years, tying machines to machines and linking people to valuable resources, services and opportunities

EXPLAINING STATE BEHAVIOUR DURING CYBER DISPUTES

This dissertation has the objective of answering two main research questions that tackle directly when and how states employ cyber weapons and engage in cyber disputes, namely: \u201cIs there a particular context within which cyber disputes take place?\u201d and \u201cWhat are the elements that influence the mechanisms of retaliation, and possible escalation, during cyber disputes?\u201d. The when aims at researching the main condition that causes states to employ cyber weapons against each other. It starts from the hypothesis that cyber disputes are more likely to begin and end within contexts of political, military, diplomatic tension between states as an alternative mean to signal power and force posture without recurring to physical measures, intended as political accusations, economic sanctions and military interventions. The how concerns the characteristics of the behaviour or states in cyber space, and how self-restraining mechanisms and symmetry - or the lack thereof - between dyads of states involved in cyber disputes influences how states engage against each other. This research presents two main original findings. The first finding is that, indeed, a condition of political tension or hostility, stemming from conflictual strategies and postures, between states - namely, the independent variable - is a condition common to all the analysed cases, namely dyads of states exchanging hostile CNOs, which represents the dependent variable. Counterfactually, there are no recorded cases in literature of allied countries engaging in cyber disputes. The second finding is that there is a causal mechanism between the states that confront each other in cyber space and the cyber weapon employed in such disputes. Retaliation between dyads of states constitutes the dependent variable of this research, and indeed it was shown clearly by this research how it is influenced by the two independent variables taken into consideration. In situations of asymmetry the most powerful state, both as an attacker as a responder to a previous attack, will show enough power to acquire a position of escalation dominance. Against this position the counterpart will be very likely to retaliate but in a less powerful way, de-escalating the intensity of the conflict, or surrender to the attack and avoid retaliating. In a situation of symmetry, the dynamics of attack are expected to follow a tit-for-tat movement, without increasing the intensity of the conflict. This, supposedly, to avoid an escalation into the physical realm that would easily create an impasse or a prolonged crisis, given the equality in power. Due to the fact that states employ cyber weapons in an internationally unregulated environment, and the sophistication as well the number of states employing these new weapons is increasing, this dissertation will also provide policy suggestion to propose a modification of International Law in order to better address the issue under a normative point of view, for the sake of international security and stability

Computer use and misuse: the constellation of control

This study is concerned with the nature of computer misuse and the legal and extralegal responses to it. It explores what is meant by the term ‘computer misuse’ and charts its emergence as a problem as well as its expansion in parallel with the continued progression in computing power, networking, reach and accessibility. In doing so, it surveys the attempts of the domestic criminal law to deal with some early manifestations of computer misuse and the consequent legislative passage of the Computer Misuse Act 1990. Having outlined the new criminal offences introduced by the 1990 Act, the study examines the extent to which the 1990 Act has been effective in controlling computer misuse, taking both prosecution rates and issues of judicial interpretation into account. It further examines the amendments made to the 1990 Act by the Police and Justice Act 2006 and their potential ramifications when they come into force. Having considered the position at domestic criminal law, the study turns to assess whether the solution to the effective regulation of computer misuse requires more than just the domestic criminal law. It explores the characteristics and purpose of the criminal law in the context of computer misuse and examines whether the domestic criminal law has limitations. The study then introduces theories of risk from realist, cultural and symbolic, ‘risk society’ and governmentality perspectives before considering the idea of a governance network as a means of responding to risk. It examines computer misuse and the role of the domestic criminal law in the light of these theories. Having established the theoretical governance framework, the study then explores the role of the law in general within this framework, examining potential new nodes of governance from the European Union, Council of Europe, Commonwealth, United Nations and Group of Eight. It considers whether there might be advantages in moving beyond the domestic criminal law in the response to computer misuse. The study then broadens the discussion of potential means of governance beyond the law to encompass extra-legal initiatives. It establishes a typology of these extra-legal initiatives and examines the contribution made by each to the governance of computer misuse. Finally, this study concludes with an examination of the complex governance network built up throughout the work and considers whether the regulation of computer misuse is only viable in a global networked society by a networked response combining nodes of both legal and extra-legal governance

Risques technologiques et sécurité sur Internet : production d'un outil pour favoriser la prévention et fournir des pistes de solution

Ce mémoire production vise, en premier lieu, à fournir des pistes d'explication sur la popularité et l'unicité du média Internet, pourtant jeune si on le compare aux autres grands médias traditionnels (journaux, télévision, radio). Ses caractéristiques intéressantes ont toutefois tendance à «éclipser» le risque omniprésent qui sévit sur le réseau. Les menaces sont non seulement plus nombreuses, mais aussi plus sournoises, dangereuses et potentiellement lourdes de conséquences. Plusieurs ressources sont offertes aux utilisateurs pour les aider à se protéger sur Internet et, s'il est trop tard, pour formuler un diagnostic et obtenir une piste de solution. Quelques-unes de ces ressources, accessibles en ligne, ont été examinées pour juger de leur adéquation au besoin en protection des internautes moyens. Force était de constater qu'elles étaient souvent pertinentes, mais qu'elles présentaient également souvent des lacunes d'utilité et d'utilisabilité; or celles-ci peuvent facilement rebuter les internautes à la recherche d'information et d'aide. Devant ce constat, il convenait, en second lieu, d'établir un cadre méthodologique pour guider l'élaboration d'un outil ergonomique pouvant être utilisé par les internautes moyens pour combler leur besoin en protection. La plateforme du site Web a été privilégiée, puisqu'elle facilite les mises à jour des contenus et des liens, un aspect essentiel pour assurer la pertinence de l'outil dans un univers virtuel en constante mutation. Ce site Web peut être consulté à l'adresse http://pages.usherbrooke.ca/securite_internet101/. Un retour sur la production de cet outil a permis, en troisième lieu, de faire ressortir les différents obstacles rencontrés en cours de conception (lesquels ont été documentés) de même que les solutions apportées pour les surmonter

The Legal Aspects of Cybercrime in Nigeria: An Analysis with the UK Provisions

Cybercrime offences know no limits to physical geographic boundaries and have continued to create unprecedented issues regarding to the feasibility and legitimacy of applying traditional legislations based on geographic boundaries. These offences also come with procedural issues of enforcement of the existing legislations and continue to subject nations with problems unprecedented to its sovereignty and jurisdictions. This research is a critical study on the legal aspects of cybercrime in Nigeria, which examines how laws and regulations are made and applied in a well-established system to effectively answer questions raised by shortcomings on the implementation of cybercrime legislations, and critically reviews various laws in Nigeria relating or closely related to cybercrime. This research will provide insight into current global cybercrime legislations and the shortfalls to their procedural enforcement; and further bares the cybercrime issues in Nigeria while analysing and proffering a critique to the provisions as provided in the recently enacted Nigerian Cybercrime (Prohibition and Prevention) Act 2015, in contradistinction to the existing legal framework in the United Kingdom and the other regional enactments like the Council of Europe Convention on Cybercrime, African Union Convention on Cybersecurity and Personal Data Protection 2014, and the ECOWAS Directive on Cybercrime 2011