Fighting cyber crimes
Winahyo Soekanto, Lawyer, Consumer Care Foundation, Jakarta, winahyo@yahoo.com
Internet users may account for less than 1 percent of Indonesia's population of 210 million; but this is a country where some Internet cafes provide free cards for customers to hold cyber-transactions, thus opening the doors wide open to abuse. In fact, Interpol has already lodged at least 150 complaints with the Indonesian police concerning abuses of Internet transactions, mostly credit card fraud.
This is also a country that does not have a law on cyber crime. "So far, we have been able to handle less than 15 percent of those reported crimes," said Iman Santosa who works at National Police Headquarters. Why? "Because they're difficult to handle," Iman said recently. Very often, "the victim is a card owner in the United States, but the fraud has been committed via the Internet in Yogyakarta. The thief has purchased goods from online shops in Japan, and asked that they be delivered to Jakarta".
Suspects in those cases are usually charged under the articles 372, 378, 263, 362 and 480 (on forgery, fraud and theft) of the existing Criminal Code.
Indonesia has reportedly been identified as the second country, after Ukraine, with the most cases of cyber crime, according to Budi Rahardjo, an information technology expert at the Bandung Institute of Technology. Indonesia is finding itself overwhelmed by the sudden outburst of Internet crime, which more often that not takes place in either Bandung or Yogyakarta.
To give credit where credit is due, the Indonesian police have prepared themselves by establishing a cyber crime unit under its IT sub-directorate, which has been working for the past year. In fact, according to AKBP E. Brata Mandala, head of IT Sub- Directorate of the Directorate of Special Crimes of the National Police Headquarters, the sub-directorate was conceived 15 years ago when the police predicted the birth of "hi-tech crimes".
The 1997 economic crisis was to blame for the late development of the unit, Brata said.
The government has attempted to circumvent this legal void by taking some ad-hoc measures such as establishing cooperation with other countries. Australia and Indonesia have recently signed a memorandum of understanding that will help the two countries fight transnational crimes such as the trafficking of women and children, the smuggling of firearms, terrorism and cyber crime. The MOU on Transnational Crimes would provide a framework for preventing, investigating, disrupting and dismantling transnational crime involving both countries, according to Australian Justice Minister Chris Ellison.
Late last year, the Non Aligned Movement Center for South- South Technical Cooperation agreed to build e-linkages among developing countries as a way to boost connectivity and overcome the digital divide. That meant greater opportunities for Internet usage and an e-network for e-commerce and e-transactions.
Indeed, it took only six years for the developing countries of the Non-Aligned Movement to give birth to 88 million new users of the Internet. In India, 10 percent of its population now have access to the Internet and cellular telephones, bypassing the limited growth of fixed-line telephones and enabling farmers to obtain real-time changes in commodity prices.
In Indonesia, a large percentage of Internet service providers have collapsed, especially after the facility Voice over Internet Protocol was declared illegal; but the number of Internet users continues to grow even in remote areas as they go hand-in-hand with the growth of Wartel (telecommunication kiosks).
The European Council Convention on Cyber Crime, signed into being by 30 countries last November in Budapest, identifies cyber crimes as:
* Offenses against the confidentiality, integrity and availability of computer data and systems that cover illegal access, illegal interception, data interference, system interference and misuse of devices. Included in this category is hacking.
* Computer-related offenses such as forgery and fraud;
* Content-related offenses such as child pornography;
* Offenses related to the infringement of copyright and related rights including intentional aiding and abetting these offenses.
In short, a cyber crime is defined as a crime related to technology, computers and the Internet.
Legal expert Mardjono Reksodiputro recently suggested during a workshop at Surabaya University that cyber crime be treated as either:
* An ordinary crime using the hi-tech means of computer technology, which our Criminal Code (with some amendment) would be quite adequate to handle, or:
* A new breed of criminal acts that need a new, comprehensive legal framework to overcome its special characteristic of technological sophistication that would continue to develop, which means that Indonesia needs a separate provision outside the existing Criminal Code.
Another approach, however, would be to combine the two approaches as the U.S. government has done by amending its 1933 Securities Act and, at the same time, launching its Computer Fraud and Abuse Act.
There are about 20 other countries such as Australia, Canada, Japan, India and the Philippines that have updated their legal instruments by introducing provisions on computer-related crimes; but these have rarely been tested in court.
The Indonesian government is working to prepare legislation on telematics such as a draft bill on electronic transactions and a draft bill on e-signs (digital signatures). The Ministry of Justice and Human Rights has reportedly experimented with the concept in its administration. This is in addition to the work in progress on the new Criminal Code draft.
Several experts, including Budi Rahardjo and Mieke Komar of Padjajaran University in Bandung, West Java, have also drafted the Cyber Crime Bill, an effort that reportedly has yet to be taken seriously by the government.
What would be an equally important step in the campaign to fight the increase in cyber crime in the absence of a cyber crime code is to improve the implementation of existing legal instruments, because, regardless of whether it is a low-tech or hi-tech crime, damage and loss has been inflicted on its victims.
However, the law and government-sponsored measures are only a partial answer to the problem. IT-based organizations have to remain vigilant against the onslaught of cyber crime that threatens them once they enter the cyber world.
In fact, it is important for any institution or individual entering the cyber world to have cyber security plans. This means a commitment to train personnel to handle sensitive data, record transactions and build security technology such as a firewall system, anti-virus software and authentication services.