7/25/2019 Week 11 Lecture Ecommerce
1/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Defamation on the Internet
Defamation, Arts Law Centre [Online: Accessed 4th February !!4 "#L:
htt$:%%artslaw&com&au%reference%info!'%(
)utnic* and +eyond, FindLaw [Online: accessed: th -ay !!. "#L: htt$:%%
www&findlaw&com&au%ma/a0ine%Article&as$1id24(
http://artslaw.com.au/reference/info05/http://www.findlaw.com.au/magazine/Article.asp?id=428http://www.findlaw.com.au/magazine/Article.asp?id=428http://www.findlaw.com.au/magazine/Article.asp?id=428http://www.findlaw.com.au/magazine/Article.asp?id=428http://www.findlaw.com.au/magazine/Article.asp?id=428http://www.findlaw.com.au/magazine/Article.asp?id=428http://artslaw.com.au/reference/info05/7/25/2019 Week 11 Lecture Ecommerce
2/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Defamation A communication
from one $erson to at least one other,
that lowers the re$utation of an identifiablethird $erson,
where the communicator has no le/aldefence&
3he law of defamation aims to balance frees$eech with the ri/ht of an indiidual to $rotecttheir re$utation
7/25/2019 Week 11 Lecture Ecommerce
3/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Communication
-ust be made 56$ublished67 to at least one
$erson other than the $laintiff&
3he intention of the communicator does not
matter& Liability for defamation can arise from
errors&
8eryone inoled in the communication ise9ually liable
o defence to ar/ue that you are only re$eatin/
rumours or a comment made by somebody else
7/25/2019 Week 11 Lecture Ecommerce
4/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Identification 3he $erson must be identified
False names are no defence if the $erson canbe identified by other means&
;dentification can be accidental
A class of $eo$le cannot be defamed, but a
statement deni/ratin/ a /rou$ may bedefamatory of a member of that /rou$
A dead $erson cannot be defamed
Cor$orations can also sue for defamation&
7/25/2019 Week 11 Lecture Ecommerce
5/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Reputation
6Does the communication lower the $laintiff6s
$ersonal or $rofessional re$utation, ridicule
them, or lead others to shun and aoid them1ustification ?ualified $riile/e
Absolute $riile/e
;nnocent $ublication
7/25/2019 Week 11 Lecture Ecommerce
8/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Fair Comment
@tatement is 6fair comment6 on a matter of $ublic
interest&
-ust $roe:
;t is comment an o$inion, criticism, deduction,
=ud/ment, remar*, obseration, or conclusion
3he facts u$on which the comment is based must bestated unless they are widely *nown
3he communication has to be on a matter of $ublic
interest
7/25/2019 Week 11 Lecture Ecommerce
9/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
!utification ;f your im$utation is found to be defamatory, the
law $resumes it to be false&
3o use this defence you hae to $roe it6s true&
3his can be difficult as you can only use
eidence that is admissible in court
;n some states you also hae to $roe that your
$ublication was for the $ublic benefit
7/25/2019 Week 11 Lecture Ecommerce
10/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
"ua#ified Pri$i#e%e
A$$lies when you hae an interest or a le/al,
social or moral duty to communicate somethin/
to a $erson and that $erson has a corres$ondin/interest or duty to receie the information&
3he defence will fail if you were actually
motiated by malice to ma*e the communication
7/25/2019 Week 11 Lecture Ecommerce
11/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Ao#ute Pri$i#e%e
Brotects re$orts of court and $arliamentary
$roceedin/s
Innocent Pu#ication
For those such as newsa/ents 5and $ossibly
;@Bs7 who cannot reasonably be e$ected to be
aware of the defamatory content of material theydistribute
7/25/2019 Week 11 Lecture Ecommerce
12/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
'efore (ou pu#ih Consider the communication as a whole
includin/ any headlines or illustrations& Consider
the contet& Ehich /rou$s or indiiduals haebeen identified1 Ehat im$utations arise1 Arethey defamatory1
@ee if editin/ or clarification can remoe anyunintended defamatory im$utations
Chec* who is identified in the communication&Botential $roblems can be aoided by narrowin/the sco$e of the article, or remoin/ details thatcan lead to identification
7/25/2019 Week 11 Lecture Ecommerce
13/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
'efore (ou pu#ih )cont*+ Ehat defences mi/ht be releant1 ;f it is meant
to be comment, ensure that it is clearly identified
as such 5for eam$le by addin/ 6;n my o$inion
7/25/2019 Week 11 Lecture Ecommerce
14/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
DefamationDow >ones )utni* G Hi/h Court of Australia
3he law /oernin/ ;nternet defamation cases is the same
as for other ty$es of media& ;f a defamation case inoles more than one =urisdiction,
the Court will a$$ly the law of the $lace in which thecause of action arose&
8ach time a new $erson accesses and reads defamatory
material on a web site, a new cause of action arises andthe $lace in which each case of action arises is the $laceof the reader&
Discussed in Forder I ?uir* at $$ .J I .K
7/25/2019 Week 11 Lecture Ecommerce
15/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Defamation )cont*+
An ;nternet $ublisher will need to consider the
law in many =urisdictions
Freedom of @$eech defences may not a$$ly
Conflicts in international law
"@ decisions that each mass media
$ublication /ies rise to only one cause ofaction and that the a$$licable law is that of
the $lace of $erson that $ublishes the
material&
7/25/2019 Week 11 Lecture Ecommerce
16/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
C(erCrime
@ee: +renner @usan E, !!, Cybercrime ;nesti/ation and Brosecution:
3he #ole of Benal and Brocedural Law, [Online: Accessed . February
!!4 "#L: htt$:%%www&murdoch&edu&au%elaw%issues%n%brenner&tt(
http://www.murdoch.edu.au/elaw/issues/v8n2/brenner82.txthttp://www.murdoch.edu.au/elaw/issues/v8n2/brenner82.txthttp://www.murdoch.edu.au/elaw/issues/v8n2/brenner82.txt7/25/2019 Week 11 Lecture Ecommerce
17/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
The C(ercrime Cha##en%e 8nforcement a/encies lac* tools
Lac* of s$ecific cybercrime offences
Lac* of a$$ro$riate $rocedural rules
3ransnational nature of cybercrime
Lac* of international a/reement
Lac* of uniformity $reents etradition Offendin/ often inoles multi$le and /eo/ra$hic
dierse offences
Hi/h cost
7/25/2019 Week 11 Lecture Ecommerce
18/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
T(pe of crime
Crimes a/ainst the $erson
Crimes a/ainst $ro$erty
Crimes a/ainst the administration of =ustice
Crimes a/ainst the @tate
7/25/2019 Week 11 Lecture Ecommerce
19/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Preparin% for C(ercrime
-ost criminal law is /eneric
Brocedural law differs widely
Cybercrime can inole
"sin/ a new means to effect a traditional
crime
A com$letely new ty$e of offendin/
A surey of ' countries found that .. had yet to
u$date their laws to address cybercrime
7/25/2019 Week 11 Lecture Ecommerce
20/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Crime A%aint the Peron
on@eual Crimes
-urder
Assault
3hreats
@eual Crimes
#a$e
Child $orno/ra$hy
@tal*in/
7/25/2019 Week 11 Lecture Ecommerce
21/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
C(erta#,in% Facilitated by enormous amount of $ersonal
information on the web
;m$ersonal and anonymous nature of ;nternetcommunications remoe disincenties forstal*in/
Cyberstal*ers effort is minimal
Difficult to locate, identify and arrest offender
;nflicts $sycolo/ical but not $hysical dama/e
Conflicts with freedom of s$eech
7/25/2019 Week 11 Lecture Ecommerce
22/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
C(erta#,in% )cont*+ Ehen should criminal liability be im$osed for creatin/
and disseminatin/ artificial constructs and mani$ulatin/
information that is freely aailable about indiiduals1 3his is a MnewM criminal
e$loits com$uter technolo/y to achiee results that
would not hae been achieable in years $ast&
A nation must maintain a balance between $rotectin/ the safety and security of indiiduals and
/uaranteein/ the free dissemination of information
and o$inion&
7/25/2019 Week 11 Lecture Ecommerce
23/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Crime A%aint Propert(
3heft
For/ery
Fraud
-alicious dama/e
Hac*in/
7/25/2019 Week 11 Lecture Ecommerce
24/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Theft
"nlawfully ta*in/ $ro$erty
3hat belon/s to another
@o as to de$rie the owner of its use
+y
Carryin/ it away 5larceny7
"sin/ force 5robbery7 Dece$tion 5fraud7
+rea*in/ I enterin/ 5bur/lary7
8$loitin/ a $osition of trust 5embe00lement7
7/25/2019 Week 11 Lecture Ecommerce
25/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Theft )cont*+ 3he law has had difficulty in reconcilin/ the use
of new technolo/y with theft offences e&/&
=oy ridin/ in cars7 Che9ues
8lectronic funds
Cybertheft relies on the electronic transmission
and mani$ulation of datarather than acts andcommunications effected in the Mreal world
Cybertheft is traditional theft accom$lished by
rather nontraditional means
7/25/2019 Week 11 Lecture Ecommerce
26/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Theft )cont*+
#eal world theft is a 0ero sum offence the sole
$ossession and use of $ro$erty is transferred
from the ri/htful owner to the thief& Cybertheft may only inole co$yin/ information
+oth the owner and the thief now hae the
information 3he owner has lost alue due to loss of
eclusie use of the information
7/25/2019 Week 11 Lecture Ecommerce
27/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
For%er(
"sin/ a com$uter to for/e:
$a$er documents
8lectronic documents
@ame offence G new means
o new $enal laws re9uired
7/25/2019 Week 11 Lecture Ecommerce
28/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
-ac,in% Analo/ous to traditional law of tres$ass
Difficulties with
Consent Nirtual worlds
#e9uires s$ecific $enal laws
HactiismAnalo/ous to andalism
-ore dama/e caused
;s it free s$eech1
7/25/2019 Week 11 Lecture Ecommerce
29/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Denia# of Ser$ice
Cannot be $rosecuted as:
Nandalism
3heft
#e9uires new $enal laws
7/25/2019 Week 11 Lecture Ecommerce
30/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Crime A%aint Adminitration of !utice
)eneratin/ false eidence
Alterin/ court records
3hreatenin/ =ud/es, law enforcement officials
etc&
False re$orts of crime
;m$ersonatin/ $olice officers etc&
-ostly, com$uter technolo/y is sim$ly a tool that
is used to commit an eistin/ offence
7/25/2019 Week 11 Lecture Ecommerce
31/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Crime A%aint Adminitration of !utice
3wo new ty$es of offendin/
Cyberi/ilantism
#aises similar issues to cyberstal*in/
3hreats
Conflict with freedom of s$eech
Nirtual actiities may not be seen as a
direct threat
Com$ilation of $ublicly aailable material
7/25/2019 Week 11 Lecture Ecommerce
32/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Crime A%aint the State
3reason
8s$iona/e
@abota/e
3errorism
One mans terrorist is another mans freedom fi/hter
Counterfeitin/
7/25/2019 Week 11 Lecture Ecommerce
33/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Procedura# La.
>urisdiction
Blace of offence
8tradition
@earch and @ei0ure laws
Ehat is a le/al search in one country may not be in
another Often only coer tan/ible eidence
7/25/2019 Week 11 Lecture Ecommerce
34/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Internationa# A%reement
3he Council of 8uro$e6s Draft Conention on
CyberCrime see*s Mto im$roe the means to
$reent and su$$ress com$uter or com$uter related crime by establishin/ a common
minimum standard of releant offences&M
3he conention $ro$osed by the Center for;nternational @ecurity and Coo$eration 5C;@AC7
has similar $roisions
7/25/2019 Week 11 Lecture Ecommerce
35/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Internationa# A%reement )cont*+
3he Council of 8uro$es conention addresses
misuse of com$uter data and com$uter systems
com$uterrelated for/ery and fraud
child $orno/ra$hy
infrin/ement of co$yri/ht
$roisions /oernin/ the im$osition of aidin/ and
abettin/ and cor$orate liability& and
the aailability of certain $rocedures used to
inesti/ate cybercrime and a$$rehend cybercriminals&
7/25/2019 Week 11 Lecture Ecommerce
36/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
The Autra#ian Repone
Cybercrime Act !!
Creates . new serious offences
"nauthorised access, modification or
im$airment with intent to commit a serious
offence
"nauthorised modification of data
"nauthorised im$airment of electronic
communications
7/25/2019 Week 11 Lecture Ecommerce
37/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
C(ercrime Act /001 )cont*+ Creates 4 lesser offences
"nauthorised access to, or modification of,
restricted data "nauthorised im$airment of data held on a
com$uter dis*
Bossession or control of data with intent tocommit a com$uter offence
Broducin/, su$$lyin/ or obtainin/ data withintent to commit a com$uter offence
7/25/2019 Week 11 Lecture Ecommerce
38/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
C(ercrime Act /001 )cont*+
increases inesti/ation $owers relatin/ to search
and sei0ure of electronically stored data
Defines com$uter terms e&/&
Access to data
Data held in a com$uter
8lectronic communication modification
"nauthorised access
7/25/2019 Week 11 Lecture Ecommerce
39/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
-ac,er Ori/inally, an e$ert $ro/rammer
3oday, someone who brea*s into com$uters
3y$es of hac*ers Ehitehat hac*ers
+lac*hat hac*ers 5crac*ers, dar* side hac*ers7
8lite hac*ers
Superior technica# ,i## 2er( peritent
Often pu#ih their exploits
@amurai G a hac*er for hire
7/25/2019 Week 11 Lecture Ecommerce
40/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
@cri$t*iddie 5$ac*et mon*eys, lamer07 Hac*er in trainin/
Disdained by the elite hac*ers
Bhrea*er Berson who crac*s the tele$hone networ*
;nsider
3rusted em$loyee turned blac*hat hac*er Nery dan/erous
7/25/2019 Week 11 Lecture Ecommerce
41/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Pa.ord Theft 8asiest way to /ain access
"ser carelessness
Boor $asswords Eai#( %ueed
Dum$ster diin/
Obseration, $articularly for insiders
The tic,( note on the monitor Human en/ineerin/, or social en/ineerin/
@tandard $atterns 5e&/&, -iami "niersity7
Gue the pa.ord from the pattern
7/25/2019 Week 11 Lecture Ecommerce
42/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Pa.ord Crac,er Soft.are
Aailable oer the ;nternet
#ecoer lost $asswords
Crac*in/ techni9ues
Eord list or dictionary
+rute force
Hybrid G lOphtcrack
Brecaution G store encoded $asswords
7/25/2019 Week 11 Lecture Ecommerce
43/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Pa.ord are tored in encoded form
-inimi0e ris* if
hac*er steals
$assword file "nencoded
$assword needed
Bassword
crac*in/ $ro/rams Dictionary based
Aoid 8n/lish
words
Encode
password
Read
encoded
password
Encoded
password
file
Match
?
Grant
access
Deny
access
Enter
password
No
Yes
User Server
7/25/2019 Week 11 Lecture Ecommerce
44/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Pac,et Sniffer @oftware wireta$
Ca$tures and analy0es $ac*ets
Any node between tar/et and ;nternet +roadcast ris*
8thernet and cable broadcast messa/es
@et wor*station to $romiscuous mode Le/itimate uses
Detect intrusions
-onitorin/
7/25/2019 Week 11 Lecture Ecommerce
45/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
A pac,et niffer
Server
Wiringcloset
Sniffer
Promiscuous mode
Ethernet is abroadcasttechnology
7/25/2019 Week 11 Lecture Ecommerce
46/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
'ac,door "ndocumented access $oint
3estin/ and debu//in/ tool
Common in interactie com$uter /ames Cheat and Eater e%%
Hac*ers use bac*doors to /ain access
Bro/rammer fails to close a bac*door
3ro=an horse
;nserted by hac*er on initial access
'ac, Orifice 3 the Cu#t of the Dead Co.
7/25/2019 Week 11 Lecture Ecommerce
47/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Potentia##( Detructi$e Soft.are
Lo/ic bomb
Botentially ery destructie
3ime bomb G a ariation
#abbit
Denial of serice
3ro=an horse
Common source of bac*doors
7/25/2019 Week 11 Lecture Ecommerce
48/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
2irue
Barasite
#e9uires host $ro/ram to re$licate
Nirus hoaes can be disru$tie
4orm
Nirusli*e
@$reads without a host $ro/ram
"sed to collect information
S(op 3 termina# tatu
-ac,er 3 uer ID and pa.ord
7/25/2019 Week 11 Lecture Ecommerce
49/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Structure of a t(pica# $iru
Pa(#oad can e
Tri$ia#
Lo%ic om
Time om
Tro5an hore 'ac,door
Sniffer
Macro $irue
Po#(morphic $irue
E6mai# attachment Toda(7 c#ic, attachment
Tomorro.7 888
C#uter $irue
Spa.n mini6$irue
C(erterrorim threat
Reproduction
logic
!oncealment
logic Payload
7/25/2019 Week 11 Lecture Ecommerce
50/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Anti62iru Soft.are
Nirus si/nature
"ni9uely identifies a s$ecific irus
"$date irus si/natures fre9uently
Heuristics
-onitor for irusli*e actiity
#ecoery su$$ort
7/25/2019 Week 11 Lecture Ecommerce
51/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
S(tem 2u#nerai#itie
nown security wea* $oints
Default $asswords G system initiali0ation
Bort scannin/
@oftware bu/s
Lo/ical inconsistencies between layers
Bublished security alerts
Ear dialer to find ulnerable com$uter
7/25/2019 Week 11 Lecture Ecommerce
52/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Denia# of Ser$ice Attac, )DoS+ An act of andalism or terrorism
A faorite of scri$t *iddies
Ob=ectie @end tar/et multi$le $ac*ets in brief time
Oerwhelm tar/et
3he $in/ o death Distributed denial of serice attac*
-ulti$le sources
7/25/2019 Week 11 Lecture Ecommerce
53/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
A ditriuted denia# of er$ice attac,
C(er e9ui$a#ent of
thro.in% ric,
O$er.he#m tar%et
computer
Standard DoS i a
fa$orite of cript
,iddie
DDoS more
ophiticated
"arget system
7/25/2019 Week 11 Lecture Ecommerce
54/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
Spoofin%
Act of fa*in/ *ey system $arameters
D@ s$oofin/
Alter D@ entry on a serer
#edirect $ac*ets
;B s$oofin/
Alter ;B address
@murf attac*
7/25/2019 Week 11 Lecture Ecommerce
55/55
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE
IP poofin% Preparation Proe tar%et )A+
Launch DoS attac, on truteder$er )'+
Attac, tar%et )A+ Fa,e mea%e from '
A ac,no.#ed%e ' ' cannot repond
DoS attac,
Fa,e ac,no.#ed%ement from ' Acce A $ia 16.a(
communication path
#lpha server
$the target%
&eta server
$trusted source%
'ac(er)s
computer
2
*nder DoS attac(
1
3
4 +ne,way connection
-alse message claiming to come from &eta
!ounterfeit
ac(nowledgement
#c(nowledgement to &eta
No response possi.le