CONFIDENTIAL LW/APR 2011/LAW572/342

UNIVERSITI TEKNOLOGI MARA

FINAL EXAMINATION

COURSE CYBER LAW

COURSE CODE LAW572/342
EXAMINATION APRIL 2011
TIME 3 HOURS

INSTRUCTIONS TO CANDIDATES

1. This question paper consists of three (3) parts : PART A (5 Questions)

PART B (3 Questions)
PART C (1 Question)

2. Answer ALL questions from PART A, PART C and TWO (2) questions from PART B in the
Answer Booklet. Start each answer on a new page.

3. Candidates are allowed to bring in the following statutes (unannotated):

i) Communications and Multimedia Act 1998

ii) Computer Crimes Act 1997
iii) Digital Signature Act 1997
iv) Electronic Commerce Act 2006
v) Electronic Government Activities Act 2007
vi) Personal Data Protection Act 2010

4. Do not bring any material into the examination room unless permission is given by the
invigilator.

5. Please check to make sure that this examination pack consists of:

i) the Question Paper

ii) an Answer Booklet - provided by the Faculty

DO NOT TURN THIS PAGE UNTIL YOU ARE TOLD TO DO SO

This examination paper consists of 5 printed pages
© Hak Cipta Universiti Teknologi MARA CONFIDENTIAL
CONFIDENTIAL 2 LW/APR 2011/LAW572/342

PART A

QUESTION 1

The Electronic Commerce Act 2006 aims to facilitate electronic commerce and strengthen
the cyberspace framework. The Act, however, was rushed through and it is with flaws.
Briefly discuss any three of them.

(6 marks)

QUESTION 2

The Uniform Domain Name Dispute Resolution Policy (UDRP) as adopted by ICANN
(Internet Corporation for Assigned Names and Numbers) is designed to provide an
arbitration service for "abusive registration of domain names". Explain, with examples the
three-fold test that must be established by a complainant under the UDRP.

(6 marks)

QUESTION 3

The Social Networking Sites (SNS) are one of the most remarkable technology phenomena
of the 21 st century. Most children and young people use the internet positively but sometimes
behave in ways that may place them at risk. Explain any three of these potential risks.

(6 marks)

QUESTION 4

Explain, with examples, the different approaches adopted by countries around the world to
protect personal data.
(6 marks)

QUESTION 5

Differentiate cyberwar from cybercrime.

(6 marks)

© Hak Cipta Universiti Teknologi MARA CONFIDENTIAL

CONFIDENTIAL 3 LW/APR 2011/LAW572/342

PARTB

QUESTION 1

Phishing is emerging as one of the crimes of the 21 s t century. Being one of the fastest
growing forms of Internet fraud, phishing has become the hottest and most troubling new
scam on the internet. In the United States and United Kingdom, credible estimates of direct
and indirect financial losses due to phishing alone exceed a billion dollars per year, in which
banks and financial institutions are normally the prime target.

a) Explain the different techniques of phishing and discuss why phishing succeeds and
the phishers are rarely caught.
(10 marks)

b) Anti-phishing laws have been enacted in several states in the United States.
Meanwhile, the United Kingdom has amended her Fraud Act. Explain the common
features of the anti- phishing laws and discuss to what extent the United Kingdom
law managed to curb the crime.
(10 marks)

QUESTION 2

"It was another sad day; sitting in the Dewan Rakyat observing the
'Wakil Rakyat' ... approving another new law. The Electronic
Government Activities Act (EGAA) 2007 was passed. ...The EGAA
contains loopholes and defects, some of which are so glaring. A
number of provisions are with missing words that made them
meaningless. The same mistakes as in an earlier law passed in less
than a year before it, are repeated."

Abu Bakar Munir & Siti Hajar Mohd. Yasin, Information and
Communication Technology Law: State, Internet and Information -
Legal and Regulatory Challenges (2010), at p 73, Thomson Reuters
(Sweet and Maxwell Asia)

Based on the above statements critically analyse the Electronic Government

Activities Act 2007. Identify its weaknesses and recommend proposals to rectify
them.

(20 marks)

© Hak Cipta Universiti Teknologi MARA CONFIDENTIAL

CONFIDENTIAL 4 LW/APR 2011/LAW572/342

QUESTION 3

The Malaysian Personal Data Protection Act (PDPA) 2010, like any data protection law of
other jurisdictions, seeks to regulate the processing of personal data in the country. The law
was passed by Parliament and received the Royal Assent in June 2010. However, it is not
yet enforced. With reference to the said Act, answer the following:

a) Explain the personal data protection principles which become the key elements of the
PDPA.
(10 marks)

b) Discuss the rights that are afforded to the data subjects.

(10 marks)

© Hak Cipta Universiti Teknologi MARA CONFIDENTIAL

CONFIDENTIAL 5 LW/APR 2011/LAW572/342

PARTC

QUESTION 1

Yayan, a graphic artist, creates, exhibits and markets cartoons under the name
'YayanCartoon.' Yayan licenses his cartoons to others for display on T-shirts, coffee mugs
and other items, many of which are sold at gift stores across Malaysia. He has marketed his
cartoons under the "YayanCartoon" label for the past fifteen years. Yayan has learnt about
the prospect of e-commerce. He came to you for advice as to how he can make his
presence on the Internet.

Jajai, Yayan's brother, is employed by G. Tenang Bank's Human Resources Department. He

is authorized as part of his duty to access and view personal information about employees
for purposes of staff administration. Yayan's former girlfriend, Miss Jons and her new
boyfriend Mr. Right, both work for G. Tenang Bank. Jajai accessed both Mr Right's and Miss
Jons' personal records after being informed by a colleague that they had moved to a new
address. Jajai told his brother that they had moved to Bukit Berugi. Mr. Right and Miss Jons
were angry when they learnt about the matter.

Murray.com provides an online general information service, called PrettyNara that

subscribers may access from a personal computer or terminal. Subscribers to PrettyNara
pay a membership fee and online usage fees, in return for which they have access to
thousands of information sources available on PrettyNara. Subscribers may also obtain
access to over 200 special interest forums, which comprised of electronic bulletin boards,
interactive conferences and topical databases. One of the bulletin boards of PrettyNara is
called 'Soksek', which is one of the leading and most widely read bulletin boards in the
country. On this board, Yayan posted some information concerning Miss Jons stating that
Miss Jons was a 'woman who would lie for a living' and that Miss Jons will 'soon be proven
to be a criminal'. As a result, Miss Jons and Mr. Right had received phone calls from their
friends asking about the matter which caused their relationship to turn sour.

Both Miss Jons and Mr. Right came to you for advice whether they can take any legal action
against either Yayan, Jajai, the Bank or Murray.com.

Advise all the parties to their rights and liabilities (if there is any).

(30 marks)

END OF QUESTION PAPER

© Hak Cipta Universiti Teknologi MARA CONFIDENTIAL