“Eighteen people were charged in what may be one of the nation’s largest credit card fraud rings, a sprawling international scam that duped credit-rating agencies and used thousands of fake identities to steal at least $200 million, federal authorities said Tuesday.” The Associated Press (2013). This story has been in the news only in the last couple of days. It is a good example to show the severity of cybercrime and the extent to which it has a greater potential for harm than traditional crime. Robbing a bank traditionally meant isolated incidents at individual banks. Cybercrime opens new doors to criminals where they have the power to defraud entire institutions in ways that would not have been possible traditionally.
The complexities in catching cyber-criminals has meant that, in the past, many have gotten away with their crimes and do not face the same punishment as traditional criminals, which most likely lead to the attraction of committing the crime in the first place. While laws have been slow to adapt to these newer forms of criminal activity, progress has been made. In InfoWorld’s Security Central article on Cyber Crime, Roger Grimes reminds us that only a few years ago, malicious hackers could steal millions of dollars, cause mass damage and yet escape jail time. Nowadays prosecutions have greatly risen along with the prison time attached to such sentences. It is a difficult question to address whether cybercrime should be punished the same, more or less severely than traditional crime because there isn’t always a clear cut way to compare the two. In some ways laws are improving, however Grimes argues that the pendulum has swung too far in some instances. We only have to look back over the last year to the case of Aaron Swartz, threatened to 30 years of prison for attempting to get free access to a university database, which ultimately led to him taking his own life. In contrast to traditional crime, people have served less time in murder cases. Richard O’Dwyer, a 23 year old student in the UK, set up a website which provided links to pirated copyrighted films and television programs. He lost an extradition case where he would be sent to the US to be prosecuted, however this was later appealed. The case made worldwide headlines and many felt that the punishment was extreme. YouGov ran a poll confirming only 9% of British citizens felt he should be extradited to the US for trial. Jimmy Wales (founder of Wikipedia) launched a campaign calling for the extradition to be stopped.
I firmly believe that malicious hackers, those who seek to do harm to or defraud other individuals or organizations should pay the price, certainly in cases such as the credit card fraud incident mentioned earlier. It is however going to be on ongoing challenge as it is not always clear the type of response that should be warranted in individual cases. The laws will need to continue to adapt in a way that punishes real cyber criminals, criminal organizations and those that seek to do harm to others, and spend less time wasting resources on students who download the latest movie or post links to television programs they haven’t paid for.
References:
- BBC. (2012). ‘Piracy’ student Richard O’Dwyer loses extradition case. Sheffield & South Yorkshire. http://www.bbc.co.uk/news/uk-england-south-yorkshire-16544335
- Gardiner, B. (2012). O’Dwyer extradition. Retrieved from http://yougov.co.uk/news/2012/07/09/odwyer-extradition/
- Grimes, R. (2013). Cyber crime sentencing is out of whack. InfoWorld Security Central. Retrieved from: http://www.infoworld.com/d/security/cyber-crime-sentencing-out-of-whack-211700
- Zezima, K. (2013). 18 Charged in $200M global credit card fraud. The Associated Press. Retrieved from http://www.nbcnews.com/business/18-charged-200m-global-credit-card-fraud-1B8260642