Recomendation

Recommendation: according to all the analyzes above, both phishing and

Spamming are violations of the digital world, which is sure to harm the user. Both violations
have the same nature, that is, the activities they carry out as if they were not an offense and they
use persuasion efforts in which the victims seem to agree with what they do or we can call it
"Subtle Coercion". Therefore, we suggest several things that can reduce both violations and we
think that, this will be able to protect users from those violations.
For spamming, although this problem has been covered by the mcmc act (1998), but there are
still problems that cannot be overcome by this law. Such as the lack of countermeasures for
spamming which is very common in emails or sms or even all social media, there are no
provisions to avoid this spamming, and even based on the official page of the MCMC, they
directly say that there is really no requirement to send messages with the detailed message which
makes this problem more complicated to overcome.1
Therefore, we are of the opinion that mcmc should make new provisions or clarify the provisions
of article 233 (1) (b) of the MCMC act, so that spam actions can be clearly included and make it
easy for users or law enforcement to identify such actions. Such as making a definition along
with its general designation, examples of cca articles 3 and 4 (hacking and cracking), it will
make the public or internet users in general know that this violates the provisions in the law or
make an example after the definition of the violation is mentioned in the article as in the example
of the dutch criminal code, there is an explanatory article at the end of the law on the law
For phishing, we know that in the penal code there are provisions that can be used to anticipate,
reduce and enforce justice for this violation. The most important provisions are in article 415 of
the penal code, which is continued by articles 416, 418, 420 of this law. But in the penal code it
is very difficult to implement and even quite vague. It becomes difficult for law enforcement to
act against this kind of violation. Therefore, judging from the increase in phishing crime data in
malaysia in 2008,2009 and 2010 which are increasing rapidly each year, this is only overcome
by using cca.2 even in some cases, victims suffered significant losses because the cca did not
serve the problem of "cheating". In this case, we believe that there is a very dangerous legal
vacuum here.
To overcome the above problems, the first solution we will provide in this case. Legislators
should imitate the european council convention on cyber crime, especially in article 8. This has
great benefits because it can reach cross-border departments, states and companies. Although
malaysia is not a party to this convention, it can be used to fill the existing legal vacuum. In its
application, we can see the fraud act in english3 , and in this case contained in article 2 of this law
and in this act, interpretation of violations can be implied or explicit, this makes it easier for law
enforcers to determine the abuses committed by the perpetrators. The second solution we can
provide is to expand the explanation of the penal code which can only indicate violations
originating from legal subjects "people" to "anything".4 because the problem why the violations
that occur now is only covered by the cca is that in the penal code only limits the perpetrators of
crimes as "people", this minimizes the interpretation of the public prosecutor or other law
enforcers, because the perpetrators of these actions which often occur now are scareware or
1
“Spam Laws.“ Malaysian Communications And Multimedia Commission.” 4 july 2020,
www.mcmc.gov.my/en/faqs/spam/spam-laws/spam-laws.
2
Rahman, Rizal. “Malware and The Law of Deception in Malaysia.” Malayan Law Journal Article 3, No.36 (2018), p
18
3
D Bainbridge, “Criminal Law Tackles Computer Fraud and Misuse.” 23 Computer Law & Security Report 276, 2007
4
F Kennedy et al, “Swarm Intelligence” San Francisco, Morgan Kaufmann Publishers (2001) at p 32
malware. This creates a legal loophole that can be read by cyber criminals to abuse this
opportunity.