United are as stated under s 1 to

United Kingdom

            In this modern borderless world,
each nation-state of the world has their own authority to develop laws which
bind on things and all individual within its geographical entity.  So, each nations have different law to cover
the same matter, as a result, conflict of laws is unavoidable. As far as we
know, the current available laws that clearly prevent jurisdictional issues in
relation to cybercrimes from occurring in Malaysia are s 4 of Communications and
Multimedia Act 1998 and s 9 of
Computer Crimes Act 1997.

            Similarly,
in United Kingdom there are certain laws which protect the country from
cyber-attacks. The legislations in relation to cybercrimes developed by the UK
government are the Computer Misuse Act
1990, Data Protection Act 1998 and Communications Act 2003.1
Basically, the Computer Misuse Act 1990
is the most relevant law that establishes jurisdiction in UK for violation of
cybercrime. There are several crimes regarding to computer misuse are as stated
under s 1 to s 32
namely, unauthorized access to computer material, unauthorized access with
intent to commit or facilitate commission of further offence and unauthorized
modification of computer material.

            Besides
that, the principle of territoriality has also been developed in UK. Sometimes,
most of the cybercriminals often stay in their house, office, cafe or wherever they
chooses, with a desktop, laptop, or any computer devices which connects to the
Internet and carry out their illegal activities that would be affected
thousands of kilometers away from their origin. For this kind of instances, the
offences take place outside of the UK territories and UK would still have
jurisdiction to try the perpetrator of the crime under the Computer Misuse Act of 1990 (CMA). Section 4 and s 53
states the territorial scope of offences and the significant links with
domestic jurisdiction respectively. Both sections can be read together where it
provides that cybercrime need not necessary be committed within UK as long as
the crime would affect or bring damage to UK in relation to any aspects within
the cyber world. The UK
is amending s 5 of the CMA 1990 to
also include nationality jurisdiction in relation to access offences so that
the expansion of jurisdictional can help to counter the jurisdictional issue in
relation to cybercrime. Before amending s.5 of CMA 1990, there is no nationality jurisdiction included in the section
so that it does not affect anyone who is not a British. Thus, after the
amendment was made, anyone in the world regardless the nationality of the
person would be charge under this section.

 In simple words, the above two
sections provide that it
is not necessary for the cybercrime to be committed within the territory of
United Kingdom, but as long as the offence is significantly linked to the
United Kingdom then the cybercriminal would be charge under CMA 1990.4
Thus, even the act committed is not a crime in the place of commission but it
is a crime in United Kingdom and it is established that the offence is
significantly linked to it, then the CMA may be applied for purpose of
prosecution. For example, if Ali has committed a cybercrime outside the
territory of UK, he may not be charge under CMA. However, he would be liable
for the offence under CMA if he commits the offence which is significantly
linked to the UK such as hacking the computer system in UK while he was outside
the territory of UK.

The above
section under the CMA 1990 of UK are
similar with the s 9 of the Computer
Crimes Act 1997 in Malaysia. Both countries use the same law to deal with
the jurisdictional issue as Malaysia used the common law as the precedent to
develop its own law in its country.5
S.9 of CCA 1997 states that if an
offence was committed outside Malaysia, he will be handled as though the
offence was committed in Malaysia regardless nationality of the person. For instance, Ali who is a Malaysia was
charged for committing cybercrime but he has alleged that he was committed the
offence outside Malaysia. By applying S.9
of CCA 1997 and S.4 and S.5 of CMA 1990
in Ali’s situation, he would still be liable for the crime if the act that he
has been committed has affected and caused damage to Malaysia.  He has satisfied the element of the act which has
constituted a significant link to Malaysia.

            The UK is subjected to the Council
of European Cybercrime Convention. In
European Cybercrime Convention, Article 22 states about the
jurisdiction. In paragraph (a), it states
that if a crime is committed within its territory, it is necessary for the
parties to adopt the legislation in order to punish the commission of crime
while paragraph (d) states that the
people of a particular state cannot escape from criminal liability of their own
state even though they are committing the crime outside its territory. They are
still obliged to comply with their domestic law even when they are beyond the
territory of their own state. For example, a man who comes from
England goes to other
country which does not have any legislation against unauthorized access to
computer system, in the meantime, within the territory of the country uses a
computer to hack through a computer of a person in the United Kingdom is still
within the jurisdiction of his own state. As a result, the man would be liable
for the jurisdiction under UK. On the other hand, Malaysia is not subjected to
European Cybercrime Convention. However, a man who commits the cybercrime
outside Malaysia is still obliged to comply with their domestic law even when
they are beyond the territory of Malaysia provided that there is significant
link between the crime and Malaysia. The person still can be charged under section 9 of CCA 1997. From the
discussion we can prove that UK and Malaysia has adopted same principle when
dealing with the jurisdictional issue.

            Regarding
to the flaw of s 4 of Communications and Multimedia Act 1998
and s 9 of Computer Crimes Act 1997 in
Malaysia as discussed in above section, the provisions under the Computer Misuse Act 1990 in UK might face
the same issue. So, in 2003, UK has signed a new extradition treaty and Extradition Act 2003 is established to
prevent such issue from happening. Extradition basically means that the process
of returning someone to its natural country who is accused of a crime by a
different legal authority for trial or punishment. For example, if Ali is
alleged to have committed a cybercrime in one jurisdiction and escapes from his
own country to another country, the country where Ali has been escaped to could
return Ali who is the cybercriminal to the requesting country in order to face
the trial in his own country. According to Part
2 of the Extradition Act 2003, it prevents cybercriminals from fleeing to a
different country and at the same time allows the criminal to be tried in both
countries, hence, solving the issue of having to decide which country law will
be applicable to him.  Whereas, in s 4 of CMA 1998 and s 9 of CCA 1997 of Malaysia, it allows
the Act to be covered vastly within and across Malaysia however as discussed
earlier, the issue arises when the offender commits the offence in other
countries and if he were to be tried in Malaysia the laws governing such
offence in the said country would be rendered pointless. Unlike in the UK, they
have signed the extradition treaty and enacted the Extradition Act 2003 thus, allowing them to tried the offender in
UK at the same time allowing the offender natural country to bring him back
upon request to tried him as well. Thus, solving the issue of neglecting ones’
country jurisdiction.

With the use
of dual criminality clause in Part 2 of
Extradition Act 2003, there is no longer any need to amend or supplement
the new treaty as new offences become punishable under the laws of both states.
The new treaty therefore looks forward into the future by including any other
offences that may be punishable under the laws of both states by imprisonment
of one year or more.6
Dual criminality principle must be fulfilled which means that before a criminal
can be validly extradited and the alleged offence must be a crime punishable at
the jurisdiction seeking extradition.7

            In the case of Gary McKinnon,8
a systems administrator in England used his own desktop in his house and hacked
into United States military and NASA. After he gained the unauthorized access
to the computers, he deleted data and files from these computers. In the
consequence, due to the act which caused by the system administrator, the
United States became vulnerable to intruders for several hours. Furthermore,
the defendant also copied the data and files of US military and NASA into his
own computers.  This case later was
judged by the court based on the new Extradition Treaty which was signed
between the US and the UK. The crime was covered under the Extradition Treaty
between the US and the UK.  The US advise
the UK that it will be requesting for the extradition of Gary McKinnon and charges
were filed against Gary McKinnon which the judges subsequently issued a warrant
of arrest against him.9
The Extradition Act 2003, aid the UK
in this case by charging the offender in both countries namely UK and US, hence
preventing any jurisdictional issues from occurring. So, Malaysia has not
developed any legislation similar to the Extradition
Act 2003. If the criminal is only charge under one jurisdiction, sometimes,
the punishment is too lenient to impose on the criminal as compared to another
nation.

            In
conclusion, in order to prevent the conflict of laws between two countries, Malaysia
can follow UK to develop a legislation such as the Extradition Act 2003 to solve the issue so that wherever the
cybercriminal commits his act in different country or territory, the laws in
the particular nations would not cause a conflict of law between each other and
the cybercriminal could be charged by both country based on their own
jurisdictions.

 

Bibliography

1.      Cybercrime
– Legal Guidance (n.d). Retrieved from
https://www.cps.gov.uk/legal-guidance/cybercrime-legal-guidance

2.      Computer
Misuse Act 1990

3.      Computer
Crimes Act 1997

4.      Extradtion
Act 2003

5.      DR.
ADEL AZZAM SAQF AL HAIT. (2014). 
Jurisdiction in Cybercrimes: A Comparative Study, 22. Retrieved
from 
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.1004.5455&rep=rep1&type=pdf

6.      HollyGraceful.
(2016). UK Cyber Crime Law. Retrieved from

UK Cyber Crime Law

7.      Michea?l
Aaron O’ Flynn. (2014). Harmonisation and Cybercrime Jurisdiction: Uneasy
Bedfellows? An analysis of the jurisdictional trajectories of the Council of
Europe’s Cybercrime Convention. Retrieved from
https://qmro.qmul.ac.uk/xmlui/bitstream/handle/123456789/9548/O%27Flynn_Michael_PhD_Final_081015.pdf?sequence=1

8.      M.
Mohit. (2012). Issue of Jurisdiction in Combating Cyber Crimes: Issues and
Challenges Pornography and Indian Jurisdiction. Retrived from
http://www.legalservicesindia.com/article/article/issue-of-jurisdiction-in-combating-cyber-crimes-issues-and-challenges-pornography-and-indian-jurisdiction-1386-1.html

9.      Ajayi,
E. F. G. (2016). Challenges to enforcement of cyber-crimes laws and policy.
Retrieved from
http://www.academicjournals.org/journal/JIIS/article-full-text-pdf/930ADF960210

1 Cybercrime – Legal
Guidance (n.d). Retrieved from
https://www.cps.gov.uk/legal-guidance/cybercrime-legal-guidance

2 Computer Misuse
Act 1990

3 Ibid

4 DR. ADEL AZZAM
SAQF AL HAIT. (2014).  Jurisdiction in
Cybercrimes: A Comparative Study, 22. Retrieved from 
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.1004.5455&rep=rep1&type=pdf

5HollyGraceful.
(2016). UK Cyber Crime Law. Retrieved from https://www.gracefulsecurity.com/uk-cyber-crime-law/

6 Michea?l
Aaron O’ Flynn. (2014). Harmonisation and Cybercrime Jurisdiction: Uneasy
Bedfellows? An analysis of the jurisdictional trajectories of the Council of
Europe’s Cybercrime Convention. Retrieved from
https://qmro.qmul.ac.uk/xmlui/bitstream/handle/123456789/9548/O%27Flynn_Michael_PhD_Final_081015.pdf?sequence=1

7 M. Mohit. (2012). Issue of Jurisdiction in Combating
Cyber Crimes: Issues and Challenges Pornography and Indian Jurisdiction.
Retrived from
http://www.legalservicesindia.com/article/article/issue-of-jurisdiction-in-combating-cyber-crimes-issues-and-challenges-pornography-and-indian-jurisdiction-1386-1.html

8
Carroll. R. (2012). Gary McKinnon hacking prosecution called ‘ridiculous’ by US
defence expert. Retrieved from https://www.theguardian.com/world/2012/jul/10/gary-mckinnon-hacking-prosecution-us

 

9 Ajayi, E. F. G.
(2016). Challenges to enforcement of cyber-crimes laws and policy. Retrieved
from http://www.academicjournals.org/journal/JIIS/article-full-text-pdf/930ADF960210

BACK TO TOP