Tutorial 1

(Week 2)
Question 1
Cyberspace may be described as the non-physical “place” where electronic communications
happen and digital data is located.
Taking examples from the legal framework in Malaysia explain the challenges that are
presented in regulating computer networks in cyberspace.
(25 Marks)
Should I add the solution ? PDF notes
Intro: definition of cyberspace. Non-physical place-virtual
The Multimedia Super Corridor (MSC) was established to accelerate the growth of the
country's digital economy. It is a special economic zone designed to support the innovative
ecosystem of IT and IT-enabled industries and the growth of the country's digital economy.

The Internet is described as a universal network which connects a large number of

computers. Such networks include wired networks as well as wireless network. The
accessibility of the Internet promotes enhanced technology capacity and easy availability. At
the same time, the nature of the Internet carries certain deficiencies when compared to the
real world.

1. The problem of identity/ anonymous (who are they)

 Who’re we dealing with? The lack of ability to clearly identify the communicating
parties
 Subjected to different jurisdiction requirement
 Internet may be hampered by confidentiality / data protection obligation
What it is all about?
Anonymity in cyberspace is a major concern for the global community. The
development of cyberspace makes more people reluctant to reveal their true identity.
With respect to cyberspace, identities are easily cloaked in anonymity. With regards
to this issue, the question posed to us is that who was he or she? Was he or she a legit
person in the real physical world?

Rights of User
The problem of anonymity affected the right of user in Internet in many ways.
Popularly, this problem has always led to cyberbully and cause the use to be bullied,
and thereby affect mental health and tend to shy away from cyberspace. Due to the
problem of anonymity, people in Internet can say whatever they want including
offensive content which attacking people. Furthermore, due to the problem of
anonymity, the user will get cheated by the cheater who claiming themselves to be
another person, i.e. the cheater, an uncle may claims that he is a handsome teenager
and deceit young female teenager for sexual photo. This will affect the safety Not
only that, due to this problem, in cyberspace there’s a lot of people impersonating
another thereby using that person identity to cause injury to that person’s reputation
and etc. by posting offensive or obscene content.

Further Elaboration
One of the significant challenges from the legal point of view is the impossibility of
controlling and monitoring a virtual identity. This claim rooted in the unknown
identity of the user in the virtual space, which called anonymity. Anonymity makes it
possible for the users to behind on a virtual persona via a username. This is quite
different from the real world, as in real world, people are always controlled by
restricting factors, i.e. we have our own identity card and birth certificate.

In cyberspace, once a message sender’s identity is anonymous, cyberspace provides

the means to perpetrate wide spread criminal activity to the masses, with little chance
of apprehension. On the other hand, anonymity in cyberspace allows whistle-blowers
and political activists to express their opinions critically, and permits individuals to
express their views online without fear of reprisals and public hostility.

As a matter of fact, unlike the real world, we can be in several places at the same time
in the internet world. Therefore, the problem or identity in cyberspace will be faced
with many challenges. Regarding to identity, Cyberspace provides us with the
freedom to be anybody that we want to, it allows us to communicate almost with
anybody in the world. Everybody chooses a mask of some appearance, a certain social
role and comes in with a new shape of identity which is included in many manuscripts
of the information technology field with the titles like Virtual Identity. Therefore, the
problem of identity has led to many issues, i.e. Fraud, sending malicious email or
message, harassment and etc. In addition, to make the situation worse, terrorism often
use the ‘advantage’ of cyberspace to hide their identity in cyber terrorism to prevent
from being tracked down by the police forces. Furthermore, the anonymity issue of
cyberspace makes identity tracking a noteworthy predicament which poses obstacles
in detection and investigations process.

Examples
The problem of identity can be seen in the case of Godfrey v Demon Internet
Limited. In this case, the plaintiff (Godfrey), a lecturer alleged that an unknown
Internet user created an obscene and defamatory posting and fraudulently attributed
its authorship to him. The lecturer then complained to the defendant (Demon Internet
Limited) (DIL), the public forum platform company where the statement was posted.
Despite receiving the notification of fraudulently posting from Godfrey, DIL did not
remove the posting in the public forum. Godfrey then filed a claim against DIL. The
court held that DIL knew about the impugned statement was defamatory and posted
fraudulently as Godfrey had notified the company, DIL was therefore held liable. This
case shows that the problem of anonymity in cyberspace can lead to impersonation of
another to do things in bad faith. In another case of Regina v Reynolds, the accused
engaged in online chat claiming himself to be a 16 years old boy, attempting to make
young girls expose their bodies and transmit photographs to him over the internet. By
looking at this case, we can know that it is hard for us to identify the person behind
the monitor. In PP v Rutinin Suhaimin, which involved the posting of offensive
remark on the same state’s portal, the respondent (accused) was acquitted by the trial
judge. It was decided that there was no prima facie case against the respondent as the
appellant (prosecutor) failed to prove the offensive remark was posted by the
respondent and that the Internet could have been accessed by anyone from the same
computer. From this case, it clearly shown the hardship and difficulty faced by the
prosecution in proving such cases against the alleged offenders.

Besides, an internet user can also hide their identity by modified the IP address. There
are a number of IP scrambler programs, i.e. Virtual World Computing’s Cocoon. By
using Cocoon, it will reveals us as a ‘Cocoon user’ and only Cocoon's IP address can
be seen, and cookies can be easily blocked entirely. On the other hand, internet user
 can also hide their identity by using Virtual Private Network or widely known as
VPN. By using VPN, it will be hard for the internet user to be tracked and monitored,
hence hide their identity.

2. The problem of attribution (who contribute)

 Traits / characters of the person
 Tracking and identifying the perpetrator
 Signature is unique and hence binds the person signing to the document to which
it’s
attached
 Digital message typically not unique as it’s interchangeable.
What is it all about?
Traditionally, cyber attribution refers to allocating the responsibility of an attack to an
attacker or group of attackers, and subsequently, unveiling their real-world identity.
However, attributing attacks to specific perpetrators is often difficult in cyberspace,
where identities can be easily disguised. Consequently, if the attacker is misidentified,
there is a great risk of harming innocent individuals or targeting the wrong place, as
the counter strike may be potentially misguided towards “innocent” computer
systems, especially if the original cyber-attack has been routed through them. The
problem arose from this problem is, who contributes it?

Right of user
Due to the problem of attribution, the user on the internet if being attacked, it would
be hard for them to trace the attacker and find out who is the attacker. This problem
has therefore affect the right of user from using the internet peacefully as it is hard to
trace the offender, they will therefore continue to attack.

Further Elaboration
The idea that identifying the source of a cyber-attack or cybercrime is often
complicated and difficult because there is no physical act to observe and attackers can
use digital tools to extensively cover their tracks. In other words, it means that you
will not know who is behind the screen carrying out the attack or any illegal activities.

Example
Example of this issue can be seen in the incident of Russian interference in the 2016
United States elections. On 2016, Hillary Clinton attributed her loss in the 2016
election to Russian meddling organized by Putin, the reason of this is that she claimed
that Putin had a personal grudge against her, and linked his feelings to her criticism of
the 2011 Russian legislative election. In addition, the Director of National
Intelligence, James Clapper also attributed this Russian hacking attempt to Putin.
Besides, the Federal Investigators of U.S also attributed these attempts to Russian
government-sponsored hackers, and specifically to Russian intelligence agencies.
Although with this few attribution, it is still hard to attribute this 2016 interference in
the 2016 United States election to Russia as there is still lacking of evidence. Another
example of this problem is that, i.e. a professional hacker defame another by using a
fake account, it would be hard for us to trace back and determine the IP address of the
professional hackers, as they are good at modify the IP address. Hence, it is hard to us
to attribute the defamation to that professional hacker.
3. The problem of authentication (original)
 Whether it’s original or not?
 Electronic message can be easily fringed
 Even its identified party, there’s difficulty ensuring that message / signature is
identify / authentical

What is it all about?

The issue of authenticity in cyberspace always posed us a question, which is, is that
genuine? This problem applies to electronic records and e-contracts. There exists a
difficulty to authenticate the legal documents online as compared to in the real world.
In real world, there are well-known strategies for the authentication of individuals, i.e.
in the face of a person, an identity document helps identify and distinguish the
individual, or in the area of business transactions, they use the person’s signature for
authenticity, these strategies however is hard to be implemented in cyberspace. This
has therefore leads to the issue of forged documents or contracts available in
cyberspace. This is because cyberspace is a virtual world, and the contracting parties
hence cannot see others face to face, this will then give chance to another party to
forge the document as there is no witness. Another example that will happen due to
problem of authentication is free-riding of intellectual property. This is because
intellectual property has the characteristic of public goods which are non-rivalry in
consumption and non- excludability. It means the information can be used by
unlimited number of people for unlimited times without degradation in quality. As a
result, a lot of people will free ride it without paying.

Right of user
The problem of authentication in cyberspace can affected the users in many ways.
Firstly, due to this problem, the user will always get fraud by the forged and fake
document, which will cause them lost in money or property. Further, this problem will
also affect legitimate seller from making business online. This is because due to this
problem, the consumer tend to shy away from buying things online and thereby affect
the business of online seller.

Example
Example of the authentication problem in cyberspace is that, we hard to identify the
authenticity of digital signature on an electronic contract as it can be modified easily.
Further, for instances, we also hard to identify the authenticity of information that
being shared in Facebook, as it can be shared easily and may be false information, we
therefore not sure about the authenticity of that information.

4. The problem of non-repudiation (certain/ something that can confirm)

 To confirm (certainty)
 Ability to ensure that someone is not denying / contesting
 Electronic commence
 It’s problem in the internet world / e-commence in particular where that one party
cannot be confirmed as recipient / denies seeing / signing a contract / document.
 If the transaction is not guaranteed? of business may shy away from e-commence.
To repudiate means to deny or contest something. Therefore, non-repudiation must be
the ability to ensure that someone cannot deny or contest that thing. The problem that
arise from this problem is, is it certain? Non-repudiation is the assurance that someone
 cannot successfully deny the validity of something. Typically, non-repudiation refers
to the ability to ensure that a party to a contract or a communication cannot refuse the
authenticity of their signature on a document or that a message was actually sent. This
is usually seen in electronic communications where one party cannot be confirmed as
the recipient or denies seeing or signing a contract or document. Non-repudiation
means putting measures in place that will prevent one party from denying they
received or agreed to a transaction. As a result, if the transactions cannot be
guaranteed, then the men of business may shy away from e-commerce as there’s no
brick and mortar to the legitimacy of the transaction.

Right of user
Due to the problem of non-repudiation and its uncertainty, it will affect the right of
user from claiming that they have been giving their consent freely. For example, once
the user read the shrink wrap agreement or click the ‘I agree’ button on Click wrap
agreement, the user is said to be bound by the contract, even though the user might
not have consent to that contract, as nowadays a lot of user just simply click or scroll
through the agreement before proceed. This has therefore caused the user to be bound
by the contract even without their consent. Due to this problem a lot of people shy
away from online contract and will therefore affecting people those who doing online
business, as the transactions cannot be guaranteed.

5. Jurisdiction (who will govern it)

 Territorial area of authority to hear & judge the case.
 The internet has no territorial boundaries as it’s a virtual world of interconnected
computer networks aka cyberspace.
Jurisdiction in a simple term means the authority of a court to hear a case and resolve
a dispute. Jurisdiction in cyberspace is quite different from that in the real world.
Under the real world, the transactions between two parties when both are situated
indistinct territorial jurisdiction, are governed either by the laws of the country which
the parties agree will govern the transactions, or by the laws of the country in which
the transaction is performed. However, this traditional method of jurisdiction cannot
be carried out over the cyberspace, as the cyberspace is borderless, hence no
relevance to the location.
Since it is borderless, it therefore posed a question as to who shall have the power to
govern the crime happen on the cyberspace.

Right of user
The problem of jurisdiction has affected the user the right to choose where to settle
the dispute and has affected their choice of law. This is because cyberspace is a
borderless world and in one dispute it might involve parties from different
jurisdiction, the user therefore cannot choose the place of court to listen the matter
and the law to be tried against them.

Example
For example, a hacker based in Malaysia, hacked a bank in Switzerland. The question
here is which country shall have the jurisdiction to hear the case? Malaysia or
Switzerland? This has therefore become an issue in the cyberspace.
 Extradition treaties and law that allows us to bring that person in a diff country back
to Malaysia ( we have this in Malaysia in the CCA)

Question 2
“Governments of the Industrial World, you weary giants of flesh and steel, I come from
Cyberspace, the new home of Mind. On behalf of the future, I ask you of the past to leave us
alone. You are not welcome among us. You have no sovereignty where we gather.”
John Perry Barlow’s Declaration of Independence for Cyberspace,1996

Do you think the above comment holds true in modern times (especially in the year 2022) in
Malaysia?
(25 Marks)

Explain the statement as it doesn’t hold true to in modern times as we have so many laws that
have been enacted throughout the years which is used to regulate the internet – a set of laws
telling us what we can do or what we cannot do.