[ISN] Cyber Crimes Ordinance significant step to ensure secure ambiance for business: Dr. Abdullah

From: InfoSec News (alerts@private)
Date: Fri Jan 11 2008 - 00:40:59 PST


http://www.app.com.pk/en/index.php?option=com_content&task=view&id=25874&Itemid=2

Associated Press of Pakistan
January 10, 2008

ISLAMABAD, Jan 10 (APP): Caretaker Minister for Information Technology 
Dr. Abdullah Riar Thursday said the Cyber Crimes Ordinance 2007 is a 
significant step in enforcing a secure ambiance for business and 
encouraging e-commerce in the country.

The Ordinance outlined the knowledge about electronic crimes and illegal 
online intrusion to spread it among general public, he said while 
addressing a news conference here.

The Ordinance promulgated on December 31 2007, would help improve 
e-readiness in Pakistan that would rank the country among indices drawn 
by various international business journals and agencies.

The Minister said the government would constitute special IT tribunals 
in Islamabad and provincial capitals to investigate and check growing 
electronic crime incidents, which were going unpunished due to the lack 
of specific legislation.

He said the Ordinance covers various aspects, including criminal data 
access, data damage, system damage, electronic fraud, electronic 
forgery, misuse of electronic systems or electronic devices, 
unauthorized access to code, misuse of encryption, malicious code, cyber 
stalking, spamming, spoofing, unauthorized interception and cyber 
terrorism.

The Minister outlined the list of offences and penalties as follows.  
Cyber terrorism would be punished with death or life imprisonment and 
cyber stalkers would be sentenced to seven years imprisonment and/or a 
fine of Rs 300,000.

Electronic fraud and forgery cases will be liable to seven years 
non-bailable imprisonment. Cases of unauthorized interception of 
electronic communication, such as emails, will be subjected to five 
years imprisonment and/or a fine of Rs 500,000.

Cases involving misuse of encryption and using malicious code would be 
liable to five years imprisonment. Three years imprisonment has been 
approved for criminal data access-which is a serious violation of the 
right to protect personal data-and data damage crimes, involving illegal 
manipulation of an organisations financial records or other information.

A three-year imprisonment term has also been set for launching denial of 
service or distributed denial of service attacks, and for misuse of 
electronic systems or electronic devices wherein software or hardware is 
developed with trap doors for manipulation.

Unauthorized access to code, a crime in which software code is accessed 
by using an SAL injection to gain the system password and other 
information, will also be liable to three-year imprisonment.

Cases involving any attempt to obtain confidential information through 
electronic devices such as network systems or routers will be sentenced 
to two years imprisonment and/or a fine of 300,000 rupees.

Spamming will invite a Rs 50,000 fine and spoofing cases would be 
sentenced to three years imprisonment.

Dr. Abdullah said the e-crime law would require internet service 
providers to retain their traffic data for at least six months to enable 
relevant agencies to investigate e-crime cases.

He said similar laws being enforced in 42 countries have been studied 
before promulgating the Ordinance that would enable the government to 
seek extradition of foreign nationals through Interpol for involvement 
in criminal activities.


__________________________________________________________________      
Visit InfoSec News
http://www.infosecnews.org/



This archive was generated by hypermail 2.1.3 : Fri Jan 11 2008 - 01:09:18 PST