Information technology and the Internet is possibly one of the most rapidly changing evolutionary industries of the modern age. In stark contrast, the law has long been criticized for not adapting, adjusting or keeping abreast of an ever changing society and these technological advances. As such, a grave conflict between the law, the internet and its technologies seems to have arisen worldwide and especially in the Commonwealth Caribbean. This is particularly worrisome as cybercrime continues to be a serious and growing threat to the region and the world. It is estimated that cybercrime costs the global economy upwards of $475 billion (US) per year.[i] While the bulk of these costs are incurred mainly by superpowers such as the United States of America, China and, other countries outside of the Caribbean region, one should not underestimate the negative impact cybercrime has had, financially and otherwise, in the region. Furthermore, this challenge has been compounded by the fact that, in the region, legislation required to tackle this issue, which includes harmonized policies and regulatory bodies, is either inadequate or nonexistent.
The regional governments’ uncommitted and haphazard efforts in making reasonable or effective efforts to tackle cybercrime, whether as individual countries or together as a region is partly to blame for these issues. These governments normally wait until a serious cyber threat has occurred before taking progressive steps towards enhanced cyber crime legislation and policies. While it is accepted that both technical and legislative solutions are needed to adequately address cybercrime issues, this paper will focus on legislative solutions. Part One of this paper will discuss the outcome of HIPCAR, which was intended to be the region’s harmonized policy approach to tackle computer crime, and Part Two will discuss the legislative frameworks of select Caribbean countries and the impact of cybercrime in the region.
The need for harmonized legislation
It seems to be a common view that the most effective way to tackle cybercrime and to bring offenders to justice is by having unified international policies on the subject matter. An act of cybercrime can easily transcend jurisdictions, making it a matter of international law. Thus, if there is no harmonization of policies in place, then it would be very difficult to prosecute an offender who, in one jurisdiction, commits an act of cybercrime against a website domain registered in another jurisdiction or unlawfully obtains an individual’s electronic data in another jurisdiction. An example of this is the “love bug” virus which was created in the Philippines in 2000 and affected computer systems worldwide. Investigations were hampered in bringing the perpetrators to justice because at the time of the cyber attacks there was no legislation in place. As such, even though charges had been initially brought against these offenders, they were eventually dropped because of nonexistent legislation criminalizing the cybercrime offences committed[ii] and no harmonized legislation was in place which would have made charging and prosecuting them for all offences they committed, easier.
It must be noted that an attempt to harmonize internet communications technologies policies, regulations and legislation has been made by the Commonwealth Caribbean. In 2008, after much discussions between regional leaders on the growing rise of cybercrime and breaches of data in the region, the Harmonization of ICT Policies, Legislation and Regulatory Frameworks in the Caribbean (HIPCAR) project was officially launched in Grenada by the International Telecommunication Union and the European Union. The beneficiaries of the project include Jamaica, Barbados, Trinidad and Tobago, Bahamas, St. Kitts and Nevis, Dominica, Belize and Antigua and Barbuda.[iii] The objectives of the HIPCAR project are generally to enhance competitiveness and social economic and cultural development in the region with the harmonization of ICT policies. In more detail, this project is intended to assist CARIFORUM[iv] countries in the Caribbean to harmonize their information and communication technology (ICT) policies, legislation, regulatory procedures and frameworks in order to create an environment which promotes ICT development and connectivity. Doing so would facilitate market integration, foster investment in more improved and modern ICT capabilities and services in the region and enhance the protection of ICT consumer interests across the region. [v] HIPCAR provides for model policy guidelines and model legislation on Cybercrime, advances compelling arguments as to why regional and international cooperation to create harmonized legislation is imperative to effectively battle cybercrime and gives a brief assessment of countries in the Caribbean which have some kind of computer crime/cybercrime legislation. The recommended legislative framework proposed by HIPCAR addresses a number of fairly modern cyber threats and issues including: a section on offences which should be covered by any cybercrime legislation, privacy and data protection, access to public information, issues of jurisdiction, procedural law and liability. Furthermore, it is interesting to note that the proposed legislation under HIPCAR seeks to make activities such as SPAM a crime. [vi] SPAM as defined by Section 15 HIPCAR includes “the transmission of electronic mail messages from or through a computer system with the intent to deceive or mislead users or any electronic mail or Internet service provider as to the origin of these messages or materially falsifies header information in multiple electronic mail messages and intentionally initiates the transmission of such messages.” Though, it is uncertain whether this definition would cover SPAM which exists on social media networks it is still a very modern provision.
However, to date, the HIPCAR project continues to be an assessment report. Even though since its launch there have been discussions, panel meetings, workshops and working groups on cybercrime within the region and on HIPCAR, on its contents and how to advance or improve its own individual legislation; to date the region is no closer to seeing harmonized policies and legislation to address cybercrime. Individual countries still continue to face challenges in enacting cybercrime legislation or improving on antiquated legislation, which is no longer capable of addressing today’s cybercrime threats.
Part Two will discuss the actions of certain regional territories in addressing cybercrime, cybercrime’s influence on the region and proposals the region should consider in its approach to dealing with cybercrime.
Shari-Ann Walker is a First Year student at the Norman Manley Law School
[iii] Establishment of Harmonized Policies for the ICT Market in the ACP countries: Cybercrime/e – crime Assessment Report: Harmonization of ICT Policies, Legislation and Regulatory Procedures in the Caribbean
[iv] The forum of the Caribbean Group of African, Caribbean and Pacific States (forming the ACP). The purpose of this body is to promote and coordinate policy dialogue, cooperation and regional integration. – http://www.caricom.org/jsp/community_organs/cariforum/cariforum_main_page.jsp?menu=cob
[v] Establishment of Harmonized Policies for the ICT Market in the ACP countries: Cybercrime/e – crime Assessment Report: Harmonization of ICT Policies, Legislation and Regulatory Procedures in the Caribbean – page 9
[vi] Establishment of Harmonized Policies for the ICT Market in the ACP countries: Cybercrime/e – crime Assessment Report: Harmonization of ICT Policies, Legislation and Regulatory Procedures in the Caribbean – Section 15; page 20