This article is written by Deepanshi Tiwari of 7th Semester of BALLB (Hons.) of Shri Ramswaroop memorial university, Lucknow.
Abstract
With the quick development of technology and our growing reliance on digital space, it is more crucial than ever to create strong legal frameworks to regulate cyberspace. An outline of the study on cyber law undertaken within the context of the United Nations (UN) is provided in this abstract. The study’s objectives are to examine the UN’s involvement in addressing the legal issues raised by cyber activity and to evaluate the development of a complete cyber law framework.
In order to assess the UN’s initiatives to address cyber risks and foster global collaboration in cyberspace, the study takes a multidisciplinary approach that combines legal analysis, policy evaluation, and case studies. The International Telecommunication Union (ITU) and other important UN institutions are examined, as well as the General Assembly and Security Council.
The study explores a number of cyber legal topics, such as cybercrime, data security, privacy, digital rights, and state accountability online. It examines regional and national activities that support the evolution of cyber law as well as the current international legal instruments, such as conventions, treaties, and resolutions.
The report also looks into the difficulties the UN experienced in developing a unified, broadly recognized framework for cyber law. It looks at the inequalities in legal systems, the diverse interests of the member states, and the challenges of internet sovereignty and jurisdiction. The research also identifies new concerns including the Internet of Things, autonomous systems, and artificial intelligence that call for ongoing modifications to cyber legislation to take into account emerging technological advancements.
The study’s conclusions help to provide a thorough knowledge of the UN’s activities in the area of cyber law by highlighting the advantages and disadvantages of the current legal systems and offering suggestions for improving global cooperation. The study’s findings are intended to educate decision-makers, attorneys, and academics who work in the field of cyber law and to offer insightful information about the future of cyber law at the UN and elsewhere.
Keywords-
Cyberlaws, Cybersecurity, Law, Technology, Hacking, United Nations, Internet, Legislation, Digitalization, Information, Data, Threats.
Introduction
Any law that pertains to the internet and technologies connected to it is known as cyber law. One of the newest subfields of law is cyber law. This is due to how quickly internet technology is evolving. Internet users have legal safeguards thanks to cyber legislation. Both businesses and common people fall under this category. Anyone who uses the internet must understand cyber law at all costs. Another name for cyber law is “law of the internet.”
A cyber law is made, like any other legislation, to assist keep the peace and protect individuals and organizations from criminals online. If someone violates a cyberlaw or rule, it is possible for another individual or group to take legal action against them or to have them punished.
Cybercrime and cybersecurity both are connected to cyber law. Businesses and individuals may protect themselves from cybercrime with the correct cybersecurity. Cybersecurity aims to fix flaws in networks and computers. ISO 27001 is the abbreviation for the International Cybersecurity Standard.
The main goal of cybersecurity policy is to offer advice to anyone who might be at risk from cybercrime. This applies to organizations, people, and even the government. Many nations are searching for methods to encourage cybersecurity and stop cybercrime. For instance, the Information Technology Act was enacted by the Indian government in 2000. This law’s major objective is to increase online data security while also improving data transmission
Current scenario in the management of cyber laws-
In the year 2021, the COVID-19 epidemic significantly changed how business and government were conducted. The abrupt shift to a remote workforce, which frequently had fewer and weaker security safeguards in place, heightened cybersecurity threats. Cybercriminals discovered ways to profit from these circumstances as well as from people’s worries about the coronavirus.
The importance of the internet and its use are rising quickly on a global scale. The ability to complete anything from home has improved consumer convenience, but it has also made it easier for hackers to acquire whatever data and information that individuals voluntarily and involuntarily share online and offline. Therefore, it is essential that people are informed about and educated about cybercrimes in addition to having appropriate regulations to defend against and prevent them.
Also, Recently, unheard-of hacks, like the SolarWinds incident, which compromised the networks of numerous businesses and federal and state governments, have also maintained cybersecurity a top concern for many state lawmakers.
More than 250 bills or resolutions that include a substantial cybersecurity component have been introduced or are being examined in at least 45 states and Puerto Rico. The following are a few of the issues generating the most legislative activity:
• requiring government organizations to undertake cybersecurity training,
•establish and adhere to established security standards, rules, and procedures, as well as prepare for and practice responding to security incidents.
• dealing with cybersecurity insurance or regulating cybersecurity within the insurance business.
•establishing task groups, councils, or commissions to research and provide advice on cybersecurity-related issues.
• supporting initiatives or rewards for cybersecurity education and training.
New Cybersecurity legislation in U.S.
The law became operative on June 2021. It seeks to improve federal Cybersecurity personnel and encourage cooperation across branches of government.
U.S. President Joe Biden approved two cybersecurity laws on June 21, 2022. The new legislation is the most recent in a line of initiatives to strengthen the country’s cybersecurity.
It aims to increase the knowledge and expertise of the federal cyber workforce and foster coordination on security-related issues at all levels of government. The State and Local Government Cybersecurity Act of 2021 aims to enhance communication between state, local, tribal, and territory governments and the Cybersecurity and Infrastructure Security Agency (CISA). These organizations will be able to share security resources, protocols, and data more conveniently under the new regulation.
State and municipal governments are a desirable target for hackers, according to Rep. Joe Neguse (D-Colo.), the bill’s sponsor. In order for these organizations to upgrade their systems and better protect themselves from damaging cyberattacks, we must boost our support for them. Several ransomware attacks on state and local governments occurred just last month, affecting institutions such as the education systems in New Mexico and Ohio, the city of Quincy, Massachusetts, and Somerset County, New Jersey.
The Federal Rotational Cyber Workforce Program Act of 2021, the second new cybersecurity bill, will allow U.S. government personnel in IT, cybersecurity, and related sectors to cycle between responsibilities across agencies, allowing them to pick up new skills and experience in a range of job tasks.
A National Academy of Public Administration research that CISA commissioned in January concluded that the federal government “lacks a comprehensive, integrated government-wide strategy for developing a national cybersecurity workforce.” The rotation program intends to broaden the employment opportunities for cyber professionals while enhancing communication and collaboration within agencies.
The act “will grant federal cyber professionals’ valuable transferable skills and diversify their career paths,” according to Justin Fier, vice president of tactical risk and response at Darktrace, but he added that “it also adds to an industry already suffering peak burnout.” Nearly one-third of cybersecurity professionals who participated in a recent ThreatConnect poll said they experience significant levels of stress at work.
Some key U.S. cyber laws-
1. *Computer Fraud and Abuse Act (CFAA) 1986*: The CFAA is the leading federal law intended to combat hacking. The law prohibits individuals from accessing computers without authorization or in a way that exceeds their given authorization.
2. *Electronic Communications Privacy Act (ECPA) 1986*: It protects against the unauthorized interception of electronic communications. The Act was later expanded by the Stored Communications Act.
3. *Children’s Online Privacy Protection Act (COPPA) 1998*: COPPA obliges websites to gain parental consent before collecting data from children under the age of 13.
4. *Digital Millennium Copyright Act (DMCA) 1998*: The DMCA is a copyright law that tackles digital infringement issues. This law makes it a criminal offense to produce and disseminate technology, services, or devices that are intended to circumvent measures that control access to copyrighted works.
5. *Health Insurance Portability and Accountability Act (HIPAA) 1996*: It provides data privacy and security provisions for safeguarding medical information online.
6. *Federal Information Security Management Act (FISMA) 2002*: This act aims to bolster computer and network security within federal systems and affiliated parties.
7. *Cybersecurity Information Sharing Act (CISA) 2015*: Facilitates and encourages the sharing of Internet traffic information between the government and technology and manufacturing companies.
8. State Level Laws: Most states also have laws that relate to cybercrime, privacy, and data breaches, such as California’s landmark California Consumer Privacy Act (CCPA) that went into effect in 2020.
Conclusion-
Cybersecurity has been a problem for both the public and business sectors for more than a decade. Cybercrimes have increased as a result of the expansion of the US information technology and e-commerce industries, costing both the US government and its citizens significantly.
Today, if we’ll take a quick look at the rules and legislation governing cyber security in the US then we’ll find that effects of digitization on the financial, healthcare, SMEs, and other industries have made data breaches more prominent. Data breaches happened long before digitization became the norm, but as digital platforms became more and more popular, the significance, scope, and expense of data breaches all increased significantly.
The effects of digitization on the financial, healthcare, SMEs, and other industries have made data breaches more prominent. Data breaches happened long before digitization became the norm, but as digital platforms became more and more popular, the significance, scope, and expense of data breaches all increased significantly.
Between 2005 and 2015, there were 781 million data breaches in the United States, while the amount of exposed records climbed from roughly 67 million to 169 million. There were 1093 data breaches in the United States in 2016, exposing almost 36.6 million information.
If the United States’ cyber security laws and regulations are any indication, the government has been attempting to enact stronger rules to arm businesses with the tools they need to protect their data from the most recent cyber attacks.
Most cybersecurity attacks were not reported since, as of yet, the majority of countries’ cybersecurity-related policies have placed a greater emphasis on privacy than cybersecurity. Therefore, Private data theft involving names and credit card details must be reported to the relevant authority. That’s the least we can do by ourselves.
Bruce Schneier correctly noted that despite official attempts, successful cyberattacks on government networks continue to happen. The same is true for private businesses. It is suggested that businesses take a proactive approach to the security of their apps and data. Cybercriminals are constantly on the lookout and are evolving in how they attack. For the same reason, businesses should regularly audit their systems to find any weaknesses and close the gaps as soon as possible.
References-
- https://www.eccouncil.org/cybersecurity-exchange/executive-management/federal-cybersecurity-laws-june-2022/
- https://www.ncsl.org/technology-and-communication/cybersecurity-legislation-2021
- https://hbr.org/2022/08/new-cybersecurity-regulations-are-coming-heres-how-to-prepare
- https://www.upcounsel.com/cyber-law
- https://www.law.cornell.edu/wex/digital_millennium_copyright_act
0 Comments