Create by : nabiah hamzah
Date : 15 December 2009
Size : A4 size (lanscape & portrait)
Objective : to increase awareness among people about the importance of data protection.
Wednesday, December 16, 2009
Poster
Create by : nabiah hamzah
Objective : to increase awareness among people about the importance of data protection.
Internet Censorship - Malaysia
Malaysia: A Step Closer To Internet Censorship?
The Malaysian government is looking into the feasibility of installing an Internet filter to block “undesirable websites”, along the lines of the People's Republic of China's abandoned “Green Dam” software. The reason for this new move is so that racial harmony in multicultural Malaysia is maintained, according to news site Malaysiakini.
According to the Malaysian Insider, the feasibility study is to be completed by December 2009 and “the results will be handed to a shadowy unit monitoring blogs and websites although the decision on implementation will lie with the National Security Council headed by Prime Minister Datuk Seri Najib Razak.”
The move is has critics and opposition politicians crying foul as it breaches the Multimedia Super Corridor (MSC) Bill of Guarantees. Furthermore, IT specialists have also said the move is “a waste of time”, which then makes the use of public funds in this endeavour questionable.
The Information, Communication and Culture Ministry has called for tenders for this proposed Internet filter. Unsurprisingly, this development comes hot on the heels of the previous proposal of getting bloggers registered.
The Honda Case of Copyright Infringement
The Honda case – Injunctive Relief in Industrial Design and Three Dimensional Copyright in Malaysia
3 November 2006 (MIP WEEK)
The High Court in Malaysia has delivered an important decision on the various issues pertaining to copyright and industrial design with special reference to an application for an interlocutory injunction.
In Honda Giken Kogyo Kabushiki Kaisha v Allied Pacific Motor (M) Sdn Bhd & Anor [2005] 3 MLJ 30, the famous Japanese marque for bikes and cars applied for an interlocutory injunction against a local manufacturer of a motorcycles in respect of two models manufactured by them. The first model was known as the COMEL MANJA JMP 125, to which Honda claimed had infringed its industrial design in respect of various designs filed embodying its HONDA WAVE 125 model motorcycle. The next was a claim against the defendants’ for manufacturing the COMEL MANJA JMP-100 (GS-5) motorcycle, for copyright infringement, on the grounds that the manufacture of the same was infringing the copyright of the design drawings embodying the plaintiff’s HONDA EX-5 DREAM motorcycle.
The key findings of the court on the law was that novelty for industrial designs in Malaysia is local, and thereby the publication or use of the design outside the country prior to registration will not render the design invalid.
In Honda Giken Kogyo Kabushiki Kaisha v Allied Pacific Motor (M) Sdn Bhd & Anor [2005] 3 MLJ 30, the famous Japanese marque for bikes and cars applied for an interlocutory injunction against a local manufacturer of a motorcycles in respect of two models manufactured by them. The first model was known as the COMEL MANJA JMP 125, to which Honda claimed had infringed its industrial design in respect of various designs filed embodying its HONDA WAVE 125 model motorcycle. The next was a claim against the defendants’ for manufacturing the COMEL MANJA JMP-100 (GS-5) motorcycle, for copyright infringement, on the grounds that the manufacture of the same was infringing the copyright of the design drawings embodying the plaintiff’s HONDA EX-5 DREAM motorcycle.
The key findings of the court on the law was that novelty for industrial designs in Malaysia is local, and thereby the publication or use of the design outside the country prior to registration will not render the design invalid.
COPYRIGHT
Copyright is a form of intellectual property that gives the author of an original work exclusive right for a certain time period in relation to that work, including its publication, distribution and adaptation, after which time the work is said to enter the public domain. Some jurisdictions also recognize "moral rights" of the creator of a work, such as the right to be credited for the work.
-- Wikipedia
http://en.wikipedia.org/wiki/Copyright
Copyright protection in Malaysia is governed by the Copyright Act 1987 which provides comprehensive protection for copyrightable works. The Act outlines the nature of works eligible for copyright (which includes computer software), the scope of protection, and the manner in which the protection is accorded. A unique feature of the Act is the inclusion of provisions for enforcing the Act, which include such powers to enter premises suspected of having infringing copies and to search and seize infringing copies and contrivances. A special team of officers is appointed to enforce the Act.
The Copyright Act (1987) provides for the enforcement of the law by the Ministry of Domestic Trade and Consumer Affairs, specifically the Enforcement Division, apart from the Police. The Act also provides the necessary clout to the enforcement agencies to effectively carry out anti-piracy measures.The Malaysian Copyright Act provides for a Copyright Tribunal whose function is to grant Licenses to produce and publish in the National Language a translation of a literary work written in any other language. The Act is currently amended to expand the power of the tribunal to include arbitration of disputes relating to use of copyright works.
WHAT WORK IS ELIGIBLE FOR PROTECTION UNDER THE COPYRIGHT ACT 1987 ?
-- A work that is eligible in fulfillment of the following conditions :
a) Sufficient effort has been expended to make the work original in character.
b) The work has been written down, recorded or reduced to material form.
c) The author is a qualified person or the work is made in Malaysia or the work is first published in Malaysia.
-- Works eligible for protection are:
a) Literary works
b) Musical works
c) Artistic works
d) Films
e)Sound recording
f) Broadcasts
g)Derivative works
h) Published editions
WHAT IS THE DURATION OF THE COPYRIGHT ?
Generally, copyright subsist during the life of the author plus 50 years after his death. However, if a work has not been published during the life time of the author, copyright in the work continue to subsist until the expiration of 50 years, following the year in which the work was first published. In the case of a work with joint authorship, the life of the author who dies last is used for the purpose of calculating the copyright duration of the work.
WHEN IS A COPYRIGHT WORK CONSIDERED INFRINGED ?
The copyright in a work is infringed when a person who, not being the owner of the copyright, and without license from the owner, does or authorizes any of the following acts :
i) Reproduces in any material form, performs, shows or plays or distributes to the public, communicates by cable or broadcast of the whole work or a substantial part thereof either in its original or derivative form
ii) Imports any article into Malaysia for the purpose of trade or financial gains
iii) Makes, lets for hire or by way of trade, exposes or offers for sale or hire any infringing copy
iv) Sells, lets for hire or by way of trade, exposes or offers for sale or hire any infringing copy
v) Distributes infringing copies
vi) Possesses, otherwise than for his private and domestic use, any infringing copy
vii) By way of trade, exhibits in public any infringing copy
viii) Imports into Malaysia, otherwise that for his private and domestic use any copy which if it were made in Malaysia would be an infringing copy
ix) Makes or has in the possession any contrivance used or intended to be sued for the purposes of making infringing copies or
x) Causes the work to be performed in public.
*The doing of (i) and (ii) above are termed as direct infringement and is actionable at the suit of the owner.
*The doing of (iii) to (x) are termed as indirect infringement and attract criminal sanction and enforceable by the Ministry of Domestic Trade and Consumer Affairs.
WHAT ARE THE LEGAL RIGHTS OF COPYRIGHT OWNERS ?
Generally, owner of copyright works have the exclusive right to :
a) Reproduce the work in any material form (including photocopying, recording, etc.).
b) Perform, show or play the work to the public (including performing a work live, or playing a recording or showing a film containing the work in a non-domestic situation).
c) Broadcast the work.
d) Communicate the work by cable and
e) Distribute copies of the work to the public by sale rental or lending.
http://www.lawyerment.com.my/intellectual/copyright.shtml
-- Wikipedia
http://en.wikipedia.org/wiki/Copyright
Copyright protection in Malaysia is governed by the Copyright Act 1987 which provides comprehensive protection for copyrightable works. The Act outlines the nature of works eligible for copyright (which includes computer software), the scope of protection, and the manner in which the protection is accorded. A unique feature of the Act is the inclusion of provisions for enforcing the Act, which include such powers to enter premises suspected of having infringing copies and to search and seize infringing copies and contrivances. A special team of officers is appointed to enforce the Act.
The Copyright Act (1987) provides for the enforcement of the law by the Ministry of Domestic Trade and Consumer Affairs, specifically the Enforcement Division, apart from the Police. The Act also provides the necessary clout to the enforcement agencies to effectively carry out anti-piracy measures.The Malaysian Copyright Act provides for a Copyright Tribunal whose function is to grant Licenses to produce and publish in the National Language a translation of a literary work written in any other language. The Act is currently amended to expand the power of the tribunal to include arbitration of disputes relating to use of copyright works.
WHAT WORK IS ELIGIBLE FOR PROTECTION UNDER THE COPYRIGHT ACT 1987 ?
-- A work that is eligible in fulfillment of the following conditions :
a) Sufficient effort has been expended to make the work original in character.
b) The work has been written down, recorded or reduced to material form.
c) The author is a qualified person or the work is made in Malaysia or the work is first published in Malaysia.
-- Works eligible for protection are:
a) Literary works
b) Musical works
c) Artistic works
d) Films
e)Sound recording
f) Broadcasts
g)Derivative works
h) Published editions
WHAT IS THE DURATION OF THE COPYRIGHT ?
Generally, copyright subsist during the life of the author plus 50 years after his death. However, if a work has not been published during the life time of the author, copyright in the work continue to subsist until the expiration of 50 years, following the year in which the work was first published. In the case of a work with joint authorship, the life of the author who dies last is used for the purpose of calculating the copyright duration of the work.
WHEN IS A COPYRIGHT WORK CONSIDERED INFRINGED ?
The copyright in a work is infringed when a person who, not being the owner of the copyright, and without license from the owner, does or authorizes any of the following acts :
i) Reproduces in any material form, performs, shows or plays or distributes to the public, communicates by cable or broadcast of the whole work or a substantial part thereof either in its original or derivative form
ii) Imports any article into Malaysia for the purpose of trade or financial gains
iii) Makes, lets for hire or by way of trade, exposes or offers for sale or hire any infringing copy
iv) Sells, lets for hire or by way of trade, exposes or offers for sale or hire any infringing copy
v) Distributes infringing copies
vi) Possesses, otherwise than for his private and domestic use, any infringing copy
vii) By way of trade, exhibits in public any infringing copy
viii) Imports into Malaysia, otherwise that for his private and domestic use any copy which if it were made in Malaysia would be an infringing copy
ix) Makes or has in the possession any contrivance used or intended to be sued for the purposes of making infringing copies or
x) Causes the work to be performed in public.
*The doing of (i) and (ii) above are termed as direct infringement and is actionable at the suit of the owner.
*The doing of (iii) to (x) are termed as indirect infringement and attract criminal sanction and enforceable by the Ministry of Domestic Trade and Consumer Affairs.
WHAT ARE THE LEGAL RIGHTS OF COPYRIGHT OWNERS ?
Generally, owner of copyright works have the exclusive right to :
a) Reproduce the work in any material form (including photocopying, recording, etc.).
b) Perform, show or play the work to the public (including performing a work live, or playing a recording or showing a film containing the work in a non-domestic situation).
c) Broadcast the work.
d) Communicate the work by cable and
e) Distribute copies of the work to the public by sale rental or lending.
http://www.lawyerment.com.my/intellectual/copyright.shtml
Monday, December 14, 2009
Cybercrime around the World
"More than 4,000 cyber crime cases were reported in Malaysia in the past two years. Cyber complaints mostly consisted of hacking threats, fraud, and denial of services and other computer problems of files lost or corrupted by viruses. The Malaysian police has received about 2, 000 complaints in 2007. In 2008, a total of 2,123 cases were lodged with the Cybersecurity Malaysia."
"Bangladesh is not lagging behind in the number of cyber criminal cases. The country’s government plans to prescribe 10 years of rigorous imprisonment for those involved in cyber crime. Besides, the proposed law also provides for a Taka ten million ($14,300 approximately or £8,708.37) in penalty for breaking into computer networks and putting false and indecent materials online."
"The first cyber crime incident took place in China in the mid-1980s, when the Chinese banking system was attacked. Through the 1980s and 1990s the growth of cyber crime in China was slow, but steady. However, the emergence of an unknown computer virus in the form of a malware program named, “Ping Pong” finally drew cyber crime to newer heights in the country. Five years ago, a Chinese government survey revealed that in 2003, 87.9% of Chinese PCs connected to the Internet were infected, and most were still infected in 2004."
"According to a survey released by the National Police Agency (NPA), cyber crime cases in Japan have increased at a whooping rate by 15.5 percent year-on-year to 6,321 in 2008. The number of cyber crimes cases in the last year, included internet-related cases of threat, libel, illegal access and fraud and it was three times as many as that of 2004, when it was only 2,081 cases. Incidents of threats and illegal access have leaped by 90 percent and 20 percent, respectively, to 112 and 1,740, according to the survey."
-- Suparna Sen, October 21, 2009
http://www.microexpert.com/2009/10/is-there-any-permanent-solution-to-end.html
http://www.microexpert.com/2009/10/is-there-any-permanent-solution-to-end.html
"In Saudi Arabia 796,000 cases of computer system crashes instigated by hackers were recorded in the past nine months, accounting for 64 percent of the total number of cases in the Gulf Cooperation Countries (GCC), according to Trend Micro, a firm specialized in network antivirus and Internet content security."
-- Mustapha Ajbaili, November 15, 2009
http://www.alarabiya.net/articles/2009/11/15/91411.html"US statistic of identity theft in 2002 (top ten states) : California 15115 victims, New York 7076 victims, Texas 6496 victims, Florida 5696 victims, Illinois 3784 victims, Pennsylvania 2704 victims, Georgia 2592 victims, Michigan 2589 victims, New Jersey 2575 victims, Ohio 2283 victims."
Phishing ...
Phishing is the criminally frauduletnt process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
(Source : Wikipedia) http://en.wikipedia.org/wiki/Phishing
What to look for in a phishing email (Source : PhishTank.com)
http://www.phishtank.com/what_is_phishing.php
1 -- Generic greeting. Phishing emails are usually sent in large batches. To save time, Internet criminals use generic names like "First Generic Bank Customer" so they don't have to type all recipients' names out and send emails one-by-one. If you don't see your name, be suspicious.
2 -- Forged link. Even if a link has a name you recognize somewhere in it, it doesn't mean it links to the real organization. Roll your mouse over the link and see if it matches what appears in the email. If there is a discrepency, don't click on the link. Also, websites where it is safe to enter personal information begin with "https" — the "s" stands for secure. If you don't see "https" do not proceed.
3 -- Requests personal information. The point of sending phishing email is to trick you into providing your personal information. If you receive an email requesting your personal information, it is probably a phishing attempt.
4 -- Sense of urgency. Internet criminals want you to provide your personal information now. They do this by making you think something has happened that requires you to act fast. The faster they get your information, the faster they can move on to another victim.
(Source : Wikipedia) http://en.wikipedia.org/wiki/Phishing
What to look for in a phishing email (Source : PhishTank.com)
http://www.phishtank.com/what_is_phishing.php
1 -- Generic greeting. Phishing emails are usually sent in large batches. To save time, Internet criminals use generic names like "First Generic Bank Customer" so they don't have to type all recipients' names out and send emails one-by-one. If you don't see your name, be suspicious.
2 -- Forged link. Even if a link has a name you recognize somewhere in it, it doesn't mean it links to the real organization. Roll your mouse over the link and see if it matches what appears in the email. If there is a discrepency, don't click on the link. Also, websites where it is safe to enter personal information begin with "https" — the "s" stands for secure. If you don't see "https" do not proceed.
3 -- Requests personal information. The point of sending phishing email is to trick you into providing your personal information. If you receive an email requesting your personal information, it is probably a phishing attempt.
4 -- Sense of urgency. Internet criminals want you to provide your personal information now. They do this by making you think something has happened that requires you to act fast. The faster they get your information, the faster they can move on to another victim.
Protect Your Identity!
Yes, it could happen to anyone. identity theft has become a major concern among Malaysians and other countries as well. tp prevent this, it is good to have some knowledge on how our identity can be stolen. our personal data are stolen through spam emails, virus attacks, and phishings. thus, we are advised not to reply to those spam emails and provide our personal data to unknown resources.
Identity Theft - Malaysian Concern
The Star Online, Monday June 9, 2008
Identity theft top concern among Malaysians
PETALING JAYA: Financial institutions may need to further improve their security systems to ensure that their customers’ personal data is safe, said Unisys Asia South vice-president and general manager Scott Whyman.
“Preventive measures that can be taken to combat identity theft (for example) include implementing the use of biometric data, such as fingerprint reading and iris scanning for validating online transactions,” he said.
According to him, fraudsters are always on the look out for “softer targets” — those that don’t possess tightened and up-to-date security measures.
“And everyone should also be wary of the websites they visit or the online merchants that they buy from,” Whyman said.
He said that in the past, people shied away from online transactions due to threats from viruses and hackers.
Today’s encryption technologies and other programs to safeguard online transactions have reduced such threats but Internet users should always keep their guard up.
“While many people (and organisations) are less concerned about these threats nowadays, they still need to be on the lookout (for them),” Whyman said.
He was speaking to the press after releasing the results of the latest Unisys Security Index survey.
According to the survey, 78% of Malaysians who responded said they were very or extremely concerned over identity theft.
“Though there has been a slight decrease in the overall level of concern, Malaysians are beginning to be more aware of these (online) security risks and are looking into ways to reduce them,” Whyman said.
Identity theft is one of the primary concerns across the entire Asia-Pacific region because more people are going online and are being targeted by online fraudsters looking for easy prey, said Unisys.
After identity theft, the next primary concerns among Malaysians are credit or debit card fraud (76%) and the war on terrorism (71%), in that order.
The survey polled 872 Malaysians, aged between 18 and 64 years, across Peninsula Malaysia. Updated twice a year, the survey aims to provide a snapshot of the country’s sense of security in four key areas — national, personal, financial and Internet.
Other countries are also surveyed by Unisys, including Singapore and Hong Kong.
“Preventive measures that can be taken to combat identity theft (for example) include implementing the use of biometric data, such as fingerprint reading and iris scanning for validating online transactions,” he said.
According to him, fraudsters are always on the look out for “softer targets” — those that don’t possess tightened and up-to-date security measures.
“And everyone should also be wary of the websites they visit or the online merchants that they buy from,” Whyman said.
He said that in the past, people shied away from online transactions due to threats from viruses and hackers.
Today’s encryption technologies and other programs to safeguard online transactions have reduced such threats but Internet users should always keep their guard up.
“While many people (and organisations) are less concerned about these threats nowadays, they still need to be on the lookout (for them),” Whyman said.
He was speaking to the press after releasing the results of the latest Unisys Security Index survey.
According to the survey, 78% of Malaysians who responded said they were very or extremely concerned over identity theft.
“Though there has been a slight decrease in the overall level of concern, Malaysians are beginning to be more aware of these (online) security risks and are looking into ways to reduce them,” Whyman said.
Identity theft is one of the primary concerns across the entire Asia-Pacific region because more people are going online and are being targeted by online fraudsters looking for easy prey, said Unisys.
After identity theft, the next primary concerns among Malaysians are credit or debit card fraud (76%) and the war on terrorism (71%), in that order.
The survey polled 872 Malaysians, aged between 18 and 64 years, across Peninsula Malaysia. Updated twice a year, the survey aims to provide a snapshot of the country’s sense of security in four key areas — national, personal, financial and Internet.
Other countries are also surveyed by Unisys, including Singapore and Hong Kong.
Tutorial on PDP
In the tutorial class, Sir Sonny had give us handouts of the privacy terms of some companies' websites in Malaysia. He asked us to read the privacy terms, compare it and summarize whether or not it is aligned with the Data Protection Principles that we've learned in the lecture. we have to discuss it in a group and present it to the class. As the groups were presenting after one another, we found that most of the privacy terms made by these companies in their websites are not fully aligned with the Data Protection Principles. most of these websites states that they are free to use and process the personal data collected with any means and for any purpose. another statement made by some of the companies is that they will disclose the personal data of their customers to other companies without having to inform the data subjects!
All this while, I have never care about the privacy terms when i'm surfing a website, but after this tutorial class, i found that i am seriously aware about a website's privacy terms and i am very careful before i provide my personal data to them.
As a data subject, i really hope that the companies in Malaysia will amend and align their websites' privacy terms according to the Data Protection Principles.
Data Protection Principles (summary from PDP lecture slides)
In the lecture, Sir Sonny mentioned about the government of Malaysia is in the process of legislating the Personal Data Protection law. The scope of the law is destined for any individuals or institutions including government, businesses, and e-commerce players. It is aimed to control the collection, possession, processing and use of personal data and to protect the privacy of an individual in relation to that data.
The Data Protection Principles (as in the First Schedule of the latest PDP Bill) :
1 -- Personal data shall be collected lawfully and fairly.
2 -- Purpose of collection of personal data.
3 -- Use of personal data.
4 -- Disclosure of personal data.
5 -- Accuracy of personal data.
6 -- Duration of retention of personal data.
7 -- Access to and correction of personal data.
8 -- Security of personal data.
9 -- Information to be generally available.
The Data Protection Principles (as in the First Schedule of the latest PDP Bill) :
1 -- Personal data shall be collected lawfully and fairly.
2 -- Purpose of collection of personal data.
3 -- Use of personal data.
4 -- Disclosure of personal data.
5 -- Accuracy of personal data.
6 -- Duration of retention of personal data.
7 -- Access to and correction of personal data.
8 -- Security of personal data.
9 -- Information to be generally available.
TUTORIAL (take-home task)
Question :
a) Andrew is a computer science attached with Microhard Corporation in Cyberjaya as a practical trainee. One day he managed to crack the company's information system but did not do anything afterwards. The following day he also managed to intrude into Microhard Corporation's website system and then posted his picture on the front page of the website and left his mobile number below his picture, hoping that someone will call him and make friends. Subsequently his phone rang, but unfortunately it was his training manager who called and later warned him that actions will be taken. Upon investigations, it was also revealed that Andrew had previously leaked the company's system access code to his friend at University, to whom he also sent emails telling bad things about his manager. Advise Microhard Corporation on various potential liabilitites of Andrew from the above incident, with reference to various cybercrime laws applicable in Malaysia.
Answer :
a) Issue 1 :
- Andrew cracked company's information system but did not do anything afterwards.
- Cracking a computer system can be defined as hacking a computer system or legally defined as accessing a computer system without authority.
- Computer Crimes Act, Section 3(1): A person shall be guilty of an offence if (a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer; (b) the access he intends to secure is unauthorized; and (c) he knows at the time when he causes the computer to perform the function that that is the case.
By virtue of this provision, the following acts are prohibited:
a. Unauthorized access to computer, computer system and computer network;
b. Recreational hacking;
c. Computer cracking to explore loopholes in the system;
d. System intrusion;
e. System and e-mail spoofing
The person guilty under this section is liable to a maximum RM 50,000.00 fine or to 5 years imprisonment or to both. [taken from the article "Computer Crimes in Malaysia" by Sonny Zulhuda]
Issue 2 :
- Andrew intrude company's website system and posted his picture and mobile number on the front page of the website.
- CCA Section 3(1):
By virtue of this provision, the following acts are prohibited:
a. Unauthorized access to computer, computer system and computer network;
d. System intrusion
Liable to a maximum RM 50,000.00 fine or to 5 years imprisonment or to both. [ "Computer Crimes in Malaysia" by Sonny Zulhuda]
- Computer Crimes Act, Section 5(1): A person shall be guilty of an offence if he does any act which he knows will cause unauthorized modification of the contents of any computer.
By virtue of this provision, the following acts are punishable offences:
a. Unauthorized alteration, amendment and modification of data;
b. System intrusion and sabotage;
c. Website defacing;
d. System and website destruction;
e. Spreading virus that will cause data alteration or system destruction
The offences under this section are punishable with a maximum RM 100,000.00 fine or to 7 years imprisonment or to both. However, if the act is done with further intention of causing injury, it can be punished up to RM 150,000.00 fine or 10 years imprisonment or both. [ "Computer Crimes in Malaysia" by Sonny Zulhuda]
Issue 3 :
- Andrew leaked company's system access code to his friend.
- Computer Crimes Act, Section 6(1): A person shall be guilty of an offence if he communicates directly or indirectly a number, code, password or other means of access to a computer to any person other than a person to whom he is duly authorized to communicate.
- This type of offence is punishable by a maximum RM 25,000.00 fine or a 3 years imprisonment or both. [ "Computer Crimes in Malaysia" by Sonny Zulhuda]
Issue 4 :
- Andrew sent emails to his friend telling bad things about his manager.
- Communication and Multimedia Act, Section 211(1) stipulates that no content applications service provider, or other person using a content application service, shall provide content which is indecent, obscene, false, menacing, or offensive in character with intent to annoy, abuse, threaten or harass any person.
By virtue of this provision, among other things, the Internet application and service providers as well as end users are prohibited from providing and distributing offensive contents through the computer system. This includes prohibition of offensive emails and offensive web pages from being published. It also makes the following actions as offences:
a. Online harassment through email or websites or other Internet content;
b. Hatred and abusive content;
c. False rumor spreading;
d. Indecent and/or obscene materials;
e. Threat Email
- The punishment for such an offence is a fine at maximum RM 50,000.00 or imprisonment of maximum one year or both. The provision also prescribes additional fines or jail term if the offence is continuing. [ "Computer Crimes in Malaysia" by Sonny Zulhuda]
a) Andrew is a computer science attached with Microhard Corporation in Cyberjaya as a practical trainee. One day he managed to crack the company's information system but did not do anything afterwards. The following day he also managed to intrude into Microhard Corporation's website system and then posted his picture on the front page of the website and left his mobile number below his picture, hoping that someone will call him and make friends. Subsequently his phone rang, but unfortunately it was his training manager who called and later warned him that actions will be taken. Upon investigations, it was also revealed that Andrew had previously leaked the company's system access code to his friend at University, to whom he also sent emails telling bad things about his manager. Advise Microhard Corporation on various potential liabilitites of Andrew from the above incident, with reference to various cybercrime laws applicable in Malaysia.
Answer :
a) Issue 1 :
- Andrew cracked company's information system but did not do anything afterwards.
- Cracking a computer system can be defined as hacking a computer system or legally defined as accessing a computer system without authority.
- Computer Crimes Act, Section 3(1): A person shall be guilty of an offence if (a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer; (b) the access he intends to secure is unauthorized; and (c) he knows at the time when he causes the computer to perform the function that that is the case.
By virtue of this provision, the following acts are prohibited:
a. Unauthorized access to computer, computer system and computer network;
b. Recreational hacking;
c. Computer cracking to explore loopholes in the system;
d. System intrusion;
e. System and e-mail spoofing
The person guilty under this section is liable to a maximum RM 50,000.00 fine or to 5 years imprisonment or to both. [taken from the article "Computer Crimes in Malaysia" by Sonny Zulhuda]
Issue 2 :
- Andrew intrude company's website system and posted his picture and mobile number on the front page of the website.
- CCA Section 3(1):
By virtue of this provision, the following acts are prohibited:
a. Unauthorized access to computer, computer system and computer network;
d. System intrusion
Liable to a maximum RM 50,000.00 fine or to 5 years imprisonment or to both. [ "Computer Crimes in Malaysia" by Sonny Zulhuda]
- Computer Crimes Act, Section 5(1): A person shall be guilty of an offence if he does any act which he knows will cause unauthorized modification of the contents of any computer.
By virtue of this provision, the following acts are punishable offences:
a. Unauthorized alteration, amendment and modification of data;
b. System intrusion and sabotage;
c. Website defacing;
d. System and website destruction;
e. Spreading virus that will cause data alteration or system destruction
The offences under this section are punishable with a maximum RM 100,000.00 fine or to 7 years imprisonment or to both. However, if the act is done with further intention of causing injury, it can be punished up to RM 150,000.00 fine or 10 years imprisonment or both. [ "Computer Crimes in Malaysia" by Sonny Zulhuda]
Issue 3 :
- Andrew leaked company's system access code to his friend.
- Computer Crimes Act, Section 6(1): A person shall be guilty of an offence if he communicates directly or indirectly a number, code, password or other means of access to a computer to any person other than a person to whom he is duly authorized to communicate.
- This type of offence is punishable by a maximum RM 25,000.00 fine or a 3 years imprisonment or both. [ "Computer Crimes in Malaysia" by Sonny Zulhuda]
Issue 4 :
- Andrew sent emails to his friend telling bad things about his manager.
- Communication and Multimedia Act, Section 211(1) stipulates that no content applications service provider, or other person using a content application service, shall provide content which is indecent, obscene, false, menacing, or offensive in character with intent to annoy, abuse, threaten or harass any person.
By virtue of this provision, among other things, the Internet application and service providers as well as end users are prohibited from providing and distributing offensive contents through the computer system. This includes prohibition of offensive emails and offensive web pages from being published. It also makes the following actions as offences:
a. Online harassment through email or websites or other Internet content;
b. Hatred and abusive content;
c. False rumor spreading;
d. Indecent and/or obscene materials;
e. Threat Email
- The punishment for such an offence is a fine at maximum RM 50,000.00 or imprisonment of maximum one year or both. The provision also prescribes additional fines or jail term if the offence is continuing. [ "Computer Crimes in Malaysia" by Sonny Zulhuda]
Tuesday, December 8, 2009
Protecting Your Password (Summary from lecture slides)
these are the steps should be taken to protect our password from being stolen :
1 -- Do not share your password!
2 -- Do not write down password in an insecure place or easily accessible.
3 -- Do not keep your password unchanged if you've already tell it to other people.
4 -- Change your password every now and then.
5 -- Do not let your friends, colleagues, or anybody to borrow your password.
6 -- Do not neglect your password unsafely.
7 -- Do not let your friends or colleagues to "shoulder surfing" with you!
Privacy
"The right to be let alone is indeed the beginning of all freedom."
i agree with this statement made by Justice William O. Douglas. privacy is the main key point of freedom. if there is no privacy, how could people have their freedom?
Subscribe to:
Posts (Atom)
