BitDepthFeatured

Professional perspectives on new cybercrime laws

3 Mins read

Above: Photo by agsandrew/DepositPhotos

BitDepth#1446 for February 19, 2024

A spirited discussion of last week’s column on LinkedIn offered wider perspectives on the cybercrime laws which the Attorney General promises for later in 2024.

Kwesi Prescod, principal consultant for Prescod Associates noted that an ethical hacker would not be affected by the cybercrime act because that person would be acting with authorisation.

Kevon Swift, a digital policy expert, specialising in digital trust issues at the Latin American and Caribbean Internet Addresses Registry (LACNIC) went further, dismissing the concern as “nonsensical.”

“Cybercrime law squarely addresses unlawful conduct, which is defined and sanctioned according to international standards,” he said.

“Authorisation, based on a decision by a duly competent court is prescribed under the amended version of the Interception of Communications Act, 2020.”

Swift noted that there was an issue with clause six, which criminalised, “A person who, intentionally and without lawful excuse or justification, remains logged into a computer in a computer system or part of a computer system or continues to use a computer system.”

He noted that “[It] need not even be considered a law as automatic sign out is a prominent feature by design for secured computers. But unless we modernise the descriptions of unlawful behaviours in 2017 cybercrime bill, we will be sifting water with a colander.”

On the question of crafting legislation that’s flexible enough to evolve meaningfully in a changing environment, Prescod noted that, “The Digital Transformation Plan still isn’t published. The consultation hasn’t put a green paper out yet. This is the first time in 20 years that Trinidad and Tobago doesn’t have a published plan. That failure alone is an indictment of sorts.”

“The over-regulation narrative is hogwash. Enactment of existing laws such as Data Protection only requires the hiring of staff – without which the Digital ID thrust could be subject to Judicial attention – or Electronic Transactions, which only needs the establishment of certain administrative frameworks to recognise operations for legal grounding.”

“In the latter instance, the courts themselves have adopted the model proposed and forged ahead to become the most digitally transformed agency in the public sector.”

One commenter suggested that a consolidation of cybersecurity roles in the public service would follow its planned restructuring, strengthening the digital national security profile by centralising the function within government.

Prescod did not agree.
“The restructuring of the public service has been ongoing for 30 years, since Gordon Draper,” he argued.

Photo by Evegnly Shkolenko/DepositPhotos

“The reevaluation of public sector positions still isn’t done. The Service Commission is still hiring “typist/stenographers” when no one actually does stenography.”

“We are behind again, and talking while we become more uncompetitive,” argues Prescod.

“We pioneered the need for these frameworks in the Caribbean in 2008 then stalled. Jamaica and Barbados have functioning Data Commissioners. The OECS countries have digital IDs deployed for multiple government services and updated their telecoms laws to regulate the digital economy. Grenada has laws recognising NFTs.”

“In TT, we’re talking in circles, achieving nothing, without even a published plan. We’re seeking to undermine existing private sector endeavours – inconsistent with longstanding macro economic policy – instead of focusing on a role (laws and market structure) in areas where the private sector has failed to act.”

“One point we keep missing in national conversations is that the overwhelming majority of cybercrimes are transnational and would therefore require international cooperation, rooted in harmonised law, to facilitate investigations, evidence collection and eventually prosecutions,” said Kevon Swift.

“The proposed articles are not unique, nor are they expected to operate only locally or in a vacuum. If unlawful behaviours are not adequately criminalised locally, there is no basis on which law enforcement can work with foreign counterparts, or internet intermediaries (email, social media, cloud services providers), so no justice can be delivered.”

“Evidence transfer, for volatile evidence such as digital evidence, requires dual criminality to be established (harmonised/equivalent substantive provisions) with a minimum penalty of one year’s imprisonment in order for expedited assistance to occur outside traditional Mutual Legal Assistance Treaties, which can take 11 months or more to deliver results.”

“But there are a lot of informal cooperation activities, particularly involving threat monitoring and analysis, which can occur outside these laws. Local ethical hackers would need to bolster their affiliations with trust communities, such as [regional] CSIRT associations and even global ones such as FIRST.”

“At LACNIC events, we host the Latin American and Caribbean version of the FIRST conference and we’ve been fortunate enough to have actors such as TTCSIRT participate there. For things like penetration testing, a client’s authorisation is still key. Anything outside of that, especially probing secured computer systems, is globally accepted as an offence.”

America’s open mic moment

America’s open mic moment

What made online pundits so effective in the US election?
Read More
The press and the president-elect

The press and the president-elect

Beyond the president-elect's often-expressed intent to retaliate against journalists he believes are unfairly attacking him is the agenda of Project 2025.
Read More
All washed up

All washed up

Dirt on its own will simply shake out of fabric. What keeps it in place is oil and grease, readily generated by human skin.
Read More
The state of Caribbean digital transformation

The state of Caribbean digital transformation

Despite 87 per cent believing that digital will disrupt their industry, 87 per cent acknowledged that they don't have the right leaders
Read More
The WordPress War

The WordPress War

WPEngine and the websites of its customers were blocked from the WordPress log-in system theme and plug-in updates and other background processes that enable a Wordpress website.
Read More
A budget of concrete and asphalt

A budget of concrete and asphalt

Four years after Hassel Bacchus took up the pioneering role of Digital Transformation Minister, the 2025 budget could not identify any completed transformation project that's positively affected citizens.
Read More
Arima’s first step toward becoming a smart city

Arima’s first step toward becoming a smart city

The public WiFi was officially activated on September 28 at the hospital, and it's fast. A local ping registered 250 megabits of download speed and 126 for upload.
Read More
Now hear this!

Now hear this!

Budget headsets will effectively dampen ambient sounds, but tend to be an all or nothing solution.
Read More
A taxing time for all

A taxing time for all

Tax collection began using the least customer-friendly interface imaginable, lines outside a government building.
Read More
Mobile devices, a war of increments

Mobile devices, a war of increments

Mixing and matching the two rival ecosystems is essentially impossible, so it's the utility of the products combined that makes the biggest difference.
Read More
Why cash is king in Trinidad and Tobago

Why cash is king in Trinidad and Tobago

In 2017, 16 per cent of users owned a credit card, a figure that dropped to 15 per cent by 2023.
Read More
I shopped at Temu!

I shopped at Temu!

Temu is great fun to explore and offers many bargains but product quality can be wildly variable.
Read More
What’s needed to make e-Governance happen?

What’s needed to make e-Governance happen?

“If we look at successful governments that have achieved a certain level in of success in these programs, some things stand out."
Read More
Changing the education conversation

Changing the education conversation

There are local schools that aspire to continuous improvement and others that struggle to make it through a working day without bloodshed.
Read More
Practical steps to reducing cybersecurity risks

Practical steps to reducing cybersecurity risks

The process, to be effective, must be ongoing and managed to ensure that vendors meet required standards.
Read More
The consequences of careless code

The consequences of careless code

The cruel reality of Crowdstrike is that it wasn't a cybersecurity attack. It was a quality of service lapse and the incident puts IT professionals in an odd space.
Read More
What leaders are doing to enable digital transformation

What leaders are doing to enable digital transformation

If people in your organisation are coming to you, telling you we need to change these things, you really should listen.
Read More
Apple’s photography workflow

Apple’s photography workflow

Every Apple device has a Photos database and every image that's taken with a mobile iOS device or imported into the desktop Photos app gets added to it.
Read More
An apathy of cybersecurity concerns

An apathy of cybersecurity concerns

It's weird when a definitive statement about the importance of cybersecurity comes from the people who broke into your digital house.
Read More
Putting data to work to improve perception

Putting data to work to improve perception

When it comes to the data, the numbers are there, but it also has to work alongside your goals.
Read More
America’s open mic moment America’s open mic moment
The press and the president-elect The press and the president-elect
All washed up All washed up
The state of Caribbean digital transformation The state of Caribbean digital transformation
The WordPress War The WordPress War
A budget of concrete and asphalt A budget of concrete and asphalt
Arima’s first step toward becoming a smart city Arima’s first step toward becoming a...
Now hear this! Now hear this!
A taxing time for all A taxing time for all
Mobile devices, a war of increments Mobile devices, a war of increments
Why cash is king in Trinidad and Tobago Why cash is king in Trinidad...
I shopped at Temu! I shopped at Temu!
What’s needed to make e-Governance happen? What’s needed to make e-Governance happen?
Changing the education conversation Changing the education conversation
Practical steps to reducing cybersecurity risks Practical steps to reducing cybersecurity risks
The consequences of careless code The consequences of careless code
What leaders are doing to enable digital transformation What leaders are doing to enable...
Apple’s photography workflow Apple’s photography workflow
An apathy of cybersecurity concerns An apathy of cybersecurity concerns
Putting data to work to improve perception Putting data to work to improve...

🤞 Get connected!

A once weekly email notification of new stories on TechNewsTT. Just that. No spam.

Possible UI Glitch. Click top right corner to dismiss 👉

Get Connected!

A once weekly email notification of new stories on TechNewsTT.

Just that. No spam.

Related posts
BitDepthFeatured

The state of Caribbean digital transformation

3 Mins read
Despite 87 per cent believing that digital will disrupt their industry, 87 per cent acknowledged that they don’t have the right leaders
BitDepthFeatured

A taxing time for all

3 Mins read
Tax collection began using the least customer-friendly interface imaginable, lines outside a government building.
BitDepthFeatured

What’s needed to make e-Governance happen?

3 Mins read
“If we look at successful governments that have achieved a certain level in of success in these programs, some things stand out.”
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
×
BitDepthFeatured

The issues arising from new cybercrime laws

0
Share your perspective in the comments!x
()
x