Topic
9 Cyberlaws
LEARNING
OUTCOMES
By
the end of this topic, you should be able to:
1. Define cyberlaws; and
2. Discuss the effects of cyberlaws in
Malaysia.
INTRODUCTION
With
the creation of Multimedia Super
Corridor (MSC), Malaysia enacted three
new cyberlaws Computer
Crimes Act 1997,
Digital Signature Act
1997 and Telemedicine
Act 1997. These
legislations are part
of the “soft
infrastructure of supporting laws” which will sustain the
development of this project. Other laws
that have been or will be
enforced or may be enacted include
Communications and Multimedia
Act 1998, Amendments
to the Copyright
Act 1987, Electronic
Government Act, Data Protection Act and Electronic Transactions
Act.
9.1 COMPUTER CRIMES ACT 1997
The Computer
Crimes Act 1997 manifests
the government’s recognition
to criminalise computer crime
activities. The Computer Crimes Act 1997 (CCA) is an
act that provides
for offences relating
to the misuse
of computers. The
provisions of the
CCA largely focused
on the crimes
committed through the
use of computers. The offences under the CCA include:
(a) Unauthorised Access to Computer
Material
Section
3 provides:
(i) A person shall be guilty of an offence
if:
?
He causes a computer to perform any function with intent to secure access to
any program or data held in any computer;
?
The access he intends to secure is unauthorised; and
?
He knows at the time when he causes the computer to perform the function that
that is the case.
(ii) The intent a person has to have to commit
an offence under this section need not be directed at:
?
Any particular program or data;
?
A program or data of any particular kind; or
?
A program or data held in any particular computer.
(b) Unauthorised Access
with Intent to
Commit or Facilitate
Commission of Further Offence
Section
4 provides:
(i) A person shall be guilty of an offence
under this section if he commits and offence referred to in section 3 with
intent:
?
To commit an offence involving fraud or dishonesty or which causes injury as
defined in the Penal Code; or
?
To facilitate the commission of such an offence whether by himself or by any other person.
(ii) For the purposes of this section, it is
immaterial whether the offence to which this section applies is to be committed
at the same time whether unauthorised access is secured or on any future
occasion.
(c) Unauthorised Modifications of the Contents
of Any Computer
Section
5 provides:
(i) A person shall be guilty of an offence if
he does any act which he knows
will cause unauthorised modification of the contents of any
computer.
(ii) For the purposes of this section, it is
immaterial that the act in question is not directed at:
?
Any particular program or data;
?
A program or data of any kind; or
?
A program or data held in any particular computer.
(iii) For the purposes of this section, it is
immaterial whether an unauthorised
modification is, or is intended to be, permanent or merely
temporary.
(d) Wrongful Communications
Section 6
(1) provides that
a person shall
be guilty of
an offence if
he communicates
directly or indirectly a number, code, password or other means of access to a computer to any
person other than a person to whom he is duly authorised to communicate.
(e) Abetments and Attempts Punishable as
Offences
Section 7
(1) provides that
a person who
abets the commission
of or who attempts to commit any offence
under the CCA shall be guilty of that offence and shall on conviction be liable
to the punishment for the offence.
(f) Presumption
Section 8
provides that a
person who has
in his custody
or control any program, data or other information
which is held in any computer or retrieved from any computer which he is not
authorised to have in his custody or control shall be deemed to have obtained
unauthorised access to such program, data or information unless the contrary
is proved.
9.2 DIGITAL SIGNATURE ACT 1997
The
Digital Signature Act 1997 aims to regulate the use of digital signatures
and to
provide for matters
connected therewith. The
Digital Signature Act
1997 establishes a Controller of
Certification Authorities whose purpose is to monitor and oversee the activities of certification
authorities. Section 2 provides that “certification
authority” is a person who issues a certificate.
Section
2 provides that: “Certificate” for
the purpose of the Digital Signature Act 1997 is „a computer based record which:
(a) Identifies the certification authority
issuing it;
(b) Names or identifies its subscriber;
(c) Contains the subscriber’s public key;
and
(d) Is digitally signed by the certification
authority issuing it.
The
Digital Signature Act 1997 contains provisions in relation to the power of
the Controller and
the requirements and
duties of the
certification authorities and
subscribers. It also
explains the effect
of digital signatures.
Part V of
the Act provides that digital signatures are proper
substitutes for signatures if properly
used and issued (in accordance with the Act). Section 62 provides:
(b) Where a rule of law requires a signature or
provides for certain consequences
in the absence of a signature, that rule shall be satisfied by a digital
signature where:
(i) That digital signature is verified by
reference to the public key listed in a
valid certificate
issued by a licensed certification authority;
(ii) That
digital signature was
affixed by the
signer with the
intention of signing the message;
and
(iii) The recipient has no knowledge or notice that
the signer:
?
Has breached a duty as a subscriber; or
?
Does not rightfully
hold the private
key used to
affix the digital signature.
(c) Notwithstanding any written law to the
contrary:
(i) A document signed with a digital signature
in accordance with this Act
shall be legally
binding as a
document signed with
a handwritten signature, an affixed
thumb-print or any other mark;
(ii) A digital signature created in accordance
with this Act shall be deemed
to be a legally binding signature; and
(iii) Nothing
in this Act
shall preclude any
symbol from being
valid as a signature under any other
applicable law.
Section
64 provides:
(a) A message shall be as valid, enforceable
and effective as if it had been written on paper if:
(i) It bears in its entirety a digital
signature; and
(ii) That digital signature is verified by the
public key listed in a certificate which:
?
Was issued by a licensed certification authority; and
?
Was valid at the time the digital signature was created.
Section
65 provides:
A
copy of a digitally signed message shall be as valid, enforceable and effective
as the original of the message unless
it is evident that the signer designated an instance of the digitally signed message to be a
unique original, in which case only that instance constitutes the valid, enforceable and
effective message.
9.3 TELEMEDICINE ACT 1997
The
Telemedicine Act 1997 is an Act that provides for the regulation and
control of the practice of telemedicine.
Section 2 defines what telemedicine is.
Section
2 provides: „Telemedicine‰ means
the practice of
medicine using audio,
visual and data
communications.
Who
may practise telemedicine?
Section
3 provides:
(a) No person other than:
(i)
A fully registered
medical practitioner holding
a valid practising certificate; or
(ii)
A medical practitioner who is registered or licensed outside Malaysia:
?
Holds a certificate to practise telemedicine issued by the Council; and
?
Practises telemedicine from
outside Malaysia through
a fully registered medical
practitioner holding a
valid practising certificate may practise
telemedicine.
Section
4 further provides that in order to practise telemedicine, a person needs
to apply for a certificate to
practise.
9.4 OPTICAL DISC ACT 2000
The Optical
Disc Act 200
came into force
on 31 August
2000. It is
an Act to
provide for the licensing and regulation of the manufacture of optical
discs and matters connected therewith. “Optical disc” is interpreted under section
2 of the Act. Section 2 provides:
Section
2 “Optical Disc” means:
(a) Any medium or device listed in Schedule 1;
or
(b) Any other medium or device on which data
may be stored in digital form
and read by means of a laser and includes any such medium or device
manufactured for any purpose, whether or
not any data readable by means of a laser or any other means has been
stored on it. The Act also establishes
a “Controller of Optical Disc” whose duty is to perform the functions and duties imposed and may
exercise the powers conferred upon him
under the Act. The Act requires the manufacturer of optical disc to have a valid
licence failing which
an offence is
said to be
committed under the
Act. Section 13 provides that the
licence may not be transferred to a third person.
Section
19 provides that optical disc should be marked with the manufacturer’s code in accordance with the licence obtained
by the manufacturer. Sections 19 to 21
of the Act contain provisions on manufacturer’s code.
Section
19
Optical
discs to be marked with manufacturer's code
(a) A
licensee shall cause
each optical disc
manufactured by him
to be marked
with the manufacturer's code assigned to him under paragraph 7(2)
(b).
(b) A licensee who contravenes subsection (1)
commits an offence. In this
section, "marked" means
to be marked
in accordance with
the standards prescribed under section 20.
Section
20 Marking standards
(a) The
Minister may prescribe
standards for the
marking of the
manufacturer's code on
optical discs.
(b) Without limiting the generality of
subsection (1), the Minister may prescribe:
(i) Different
standards in relation
to different classes
or descriptions of optical discs; or
(ii) Standards
relating to the
manner in which,
and the means
by which, manufacturer's code are to
be marked on optical discs or on optical discs of any class or description.
Section
21 Applying false manufacturer's
code
(a) Any person who:
(i) Forges a manufacturer's code;
(ii) Falsely applies to an optical disc a
manufacturer's code or any mark so resembling a manufacturer's
code as to be calculated to deceive;
(iii) Makes any die, block,
machine or other
instrument for the purpose
of forging, or
which is capable of being used for forging, a manufacturer's code;
(iv) Disposes
of or has
in his possession
any die, block,
machine or other instrument for the purpose
of forging a manufacturer's code; or
(v) Causes to be done anything referred to in
paragraph (a), (b), (c) or (d), commits an offence. In any proceedings for an offence under
subsection (1), it shall be a defence for the person charged to prove that he acted
without intent to deceive or defraud.
The Optical Disc
Act 2000 gives
power to the
Controller to
issue a code
of conduct. Section 22, 24 and 25
provides:
Section
22 Controller may issue code of
conduct
(a) The Controller may issue a code of conduct
dealing with the conduct of any
person connected with the business of manufacturing optical discs.
(b) The
Controller may, before
issuing a code
of conduct under
subsection (1), consult with such body representing
the persons to whom the code of conduct
will apply and other interested persons as he thinks fit.
(c) The
code of conduct
issued by the
Controller under subsection
(1) shall be
published in the Gazette.
Section
24
Civil
penalty for non-compliance
(a) Notwithstanding Part VI, a person who fails
to comply with any provisions of
a code of conduct shall be liable to pay to the Controller a fine not
exceeding two hundred ringgit.
(b) Notwithstanding the
provisions of any
other written law,
the fine payable under this section may, without
prejudice to any other remedy or sanction, be recoverable as a civil debt.
Section
25
Compliance
with code of conduct a legal defence
Compliance
with a code of conduct shall be a defence against any prosecution, action or proceedings of any nature, whether in a
court or otherwise, taken against a person
who is subject to the code of conduct regarding a matter dealt with in
that code of conduct.
9.5 ELECTRONIC COMMERCE ACT 2006
The
Electronic Commerce Act 2006 came into force on 19th October, 2006. It is
an Act
that provides for
legal recognition of
electronic messages in
commercial transaction, the
use of electronic
messages to fulfil
legal requirements and
to enable and facilitate
commercial transactions through the use of electronic means and other
matters connected therewith. Commercial transactions are
defined under Section 5.
Section
5 “Commercial transactions” means
a single communication or
multiple communications of a
commercial nature, whether contractual or not, which includes any
matters relating to
the supply or
exchange of goods
or services, agency,
investments, financing, banking and insurance. Part II provides the legal recognition and
formation of electronic messages.
Section
6
(a) Any information shall not be denied legal
effect, validity or enforceability on the ground that it is wholly or partially
in an electronic form.
(b) Any information shall not be denied legal
effect, validity or enforceability on the ground that the information is not
contained in the electronic message that gives
rise to such
legal effect, but is
merely referred to
in that electronic
message, provided that
the information being
referred to is
accessible to the person against whom the referred
information might be used.
Section
7
(a) In the formation of a contract, the
communication of proposals, acceptance of proposals, and
revocation of proposals
and acceptance or
any related communication may be
expressed by an electronic message.
(b) A
contract shall not
be denied
legal effect, validity
or enforceability on
the ground that an
electronic message is used in its formation.
Part III of the Act provides for the legal requirements like writing,
signature, seal, etc and Part IV
provides the requirements as regards to the communications of electronic
message for example,
time of dispatch,
time of receipt,
contents of electronic message, etc.
SELF-CHECK
9.1
1. What are cyberlaws?
2. State the prohibitions under the Computer
Crimes Act 1997.
3. What is telemedicine and who may practice
telemedicine?
4. What is a digital signature and its
effects?
ACTIVITY
9.1 Discuss the practice of telemedicine
in Malaysia with your course mates
The Computer
Crimes Act 1997
criminalises computer crimes
and there is
express prohibition under the Act.
? The
Digital Signature Act 1997 legalises digital signature and it establishes
the authority to foresee activities
connected to digital signature.
? The
Telemedicine Act 1997 authorises the practice of telemedicine.
Abetment
Telemedicine Certificate Unauthorised access Certification authority
Unauthorised modifications Digital signature Wrongful communications
Presumption.
No comments:
Post a Comment