The Fight Against Computer Crime

Computer technology has attracted its fair share of criminal activities from those looking to exploit and capitalise on people’s reliance on the computer to run their daily lives. After all, author Jolly John singled Singapore out for being ‘the most network-ready country’, signifying both our dependence on new-age technology and the capabilities of the talent we have. However, there are dire consequences to be dealt with should the intentions of those with the ability to manipulate the systems deviate to malice.

In their efforts to safeguard against computer crime, the Singapore Government has set up various measures through a multi-pronged approach. The first step is to keep up governing laws with the fast changing developments of technology and the opportunities for dismeanour it presents by passing new legislation. Singapore passed the Computer Misuse Act in 1993, which has since been amended four times.

The Computer Misuse Act punishes perpetrators of computer crime, rather than cyber crime. Computer crime refers to crimes against a computer through acts that attack a computer system. The Act covers unauthorised access to a computer, or computer material without authorisation, modifying the contents of a computer without authorisation, obtaining or intercepting any computer service or function, interfering with or obstructing the lawful use of a computer, impeding or preventing access to or impairing the usefulness or effectiveness of any computer program or data, or disclosing a password, access code, or other means of gaining access to a program or data. To take just the first example, any person who uses a computer to secure access to another computer without authorization shall be guilty of an offence.

On the other hand, the existing Penal Code governs cyber crime, which is traditional crime like fraud, theft or extortion abetted through the computer. As opposed to carrying out crime against a computer, perpetrators carry out their illegal acts through the computer.

Through the Computer Misuse Act, the law punishes and deters computer criminals by meting out harsh penalties including imprisonment and fines. Crimes targeting the bedrock of our nation’s critical industries like banking and finance, communications or transportation and public services warrants the harshest punishment – a fine up to $100,000 and/or imprisonment up to 20 years. It is also noteworthy that a Court can order compensation to be paid by the offender for any damage that is caused, and such compensation which is ordered does not prevent or restrict a civil claim for damages which exceeds the compensation amount.

The next step it has taken is to set up agencies that ensure the enforcement of these laws. These specialised agencies include the Singapore Computer Emergency Response Team, Computer Crimes Branch of the Criminal Investigation Department (CID) and Computer Forensics Branch of the Singapore Police.

Operated by professionally-trained tech experts, they can exercise their power with extra-territorial jurisdiction. They are trained in all aspects of computer investigation, one of which is the emerging field of computer forensics. This intricate process of investigation enables the retrieval of consequential data from computers, computer networks, data storage media and related equipment that may contain evidence which can be presented in court. They first analyse the data and meticulously document and preserve the evidence to be presented before court. This operation requires highly trained professionals as it involves delicate procedures where a single wrong move can destroy or modify the evidence.

If one suspects a breach but don’t want to bring it directly to the authorities, there is the option of approaching private forensic investigators like Adroit Data Recovery Centre (ADRC). Due to the increase in violations of the Computer Misuse Act, ADRC has set up a forensic investigation department to deal with the influx of such investigative requests.

With more than 10 years of experience in the data recovery market, ADRC is well equipped with certified computer forensic experts who are capable of securing and documenting digital evidence with full audit trail suitable for court submission and performing data recovery under all adverse situations. They also have their own class 100 clean laboratory. Without having to move evidence around, this minimizes the risk of evidence being contaminated.
Computer users should also adopt preventive measures to safeguard their computers against computer crime, which is a very real threat that has the potential to be even more damaging given our reliance on computers these days.
Adroit Data Recovery Centre (ADRC) Pte Ltd is South East Asia’s leading data recovery centre equipped with the first Class 100 clean laboratory in Singapore. It has an un-paralleled capability and the setup to acquire and collect the digital evidence from all kinds of working or damaged media while observing the strictest process of computer forensic investigation.

The team of qualified forensic experts is able to provide court-ready reporting of digital evidence for civil and criminal litigation through the installation of rigorous forensic methodologies in order to identify, acquire, preserve, analyze and document digital data (electronically stored information) for use as evidence in court or other legal or administrative proceedings.

Search Results

5 Ways to Choose the Best Lawyer for Your Legal Issue

When you are facing a serious legal issue, such as a criminal charge, you need to find someone who can represent your case efficiently and successfully. You are likely already very stressed and even scared, but you need to take the time to make sure that you are choosing the right person to represent you in your time of need. There are a few things to do to make sure that you are hiring the best lawyer to represent you.

Choose someone who is within your price range. It can be tempting to try to hire the first firm that you find in the phone book, but you need to take the time to figure out how much this will cost you. You do not want to run out of legal funds if your case takes longer than expected or if it becomes more complicated than you anticipated. Hire a firm that you can afford for the long term if the need arises.

If you cannot afford an attorney, you should have the option to have a public defender look after your case. While this is a great option for someone who absolutely does not have the monetary means to hire an attorney, the best chances of winning your case or getting the best outcome for it will likely come from an established lawyer. Do not dismiss the idea of hiring someone on your own because you think you may be able to get one for free.

Get someone who is experienced with the particular type of case that you have. Not every legal professional is trained with experience in certain cases. Lawyers who specialize in the type of case that you have will be best for your situation and will improve the chances that you will get the best outcome possible. His or her unique knowledge can lead you through the complexities of a courtroom that you may not understand.

Make sure you are able to communicate effectively with the lawyer. When sitting down with someone to talk about your case in a consultation, make sure you note how comfortable you are with the attorney. If he or she does not let you speak your mind or you feel as though you cannot tell him or her everything, then you need to find someone else that you will be comfortable with and who will listen to you.

Avoid hiring someone who is very hard to reach. If it is hard for you just to schedule a consultation with someone, then you need to find someone else who has the time to devote to you. You cannot afford to wait too long before talking to someone about your case. You need to speak with someone as soon as possible in order for work to begin in your defense.

Research the attorney online and see what type of reputation he or she has. It is always a good idea to look at online reviews about particular law firms and attorneys to see if he or she has a positive reputation. You should also be able to find out his or her background and whether or not he or she is very experienced in the type of case that you are facing. Avoid anyone who does not seem legitimate or cannot provide you with credentials when asked.

Do not give up in your search for someone who will defend you professionally. It is never wise to take on your own case, so make sure that you find someone who is experienced, that you can afford, and who will devote his or her time to your particular case.

Hawaii Law Briefing – Hawaii Security Breach Law and Identity Theft Notification

Identity theft is one of the fastest growing crimes committed throughout the United States. Criminals who steal personal information use the information to open credit card accounts, write bad checks, buy cars, and commit other financial crimes with other people’s identities.

Hawaii has the sixth worst record of identity theft in the nation, according to a 2007 report.

I. Hawaii’s Security Breach Law

Identity theft in Hawaii has resulted in significant losses to both businesses and consumers. This epidemic motivated the Hawaii legislature in 2006 to pass several bills whose purpose is to provide increased protection to Hawaii residents from identity theft:

Act 135: Requires businesses and government agencies that keep confidential information about consumers to notify those consumers if that information has been compromised by an unauthorized disclosure;

Act 136: Requires reasonable measures to protect against unauthorized access to personal information to be taken when disposing of records;

Act 137: Restricts businesses and government agencies from disclosing/requiring social security numbers to/from the public;

Act 138: Permits consumer who has been the victim of identity theft to place a security freeze on their credit report;

Act 139: Intentional or knowing possession without authorization of confidential personal information is a class C felony.

Together, the bills signed into law by Governor Linda Lingle as HRS Chapter 487R impose obligations on businesses in Hawaii to notify residents whenever their personal information maintained by the business has been compromised by unauthorized disclosure.

HRS Chapter 487R does not cover financial institutions subject to the Federal Interagency Guidance on Response Programs for Unauthorized Access to Consumer Information and Customer Notice, or Health plans and providers subject to HIPAA.

The underlying policy behind HRS Chapter 487R is that prompt notification will help potential victims to act against identity theft by initiating steps to monitor their credit reputation. Thus, it is critical that any business subject to HRS Chapter 487R audit the manner in which confidential personal information is maintained and have a security breach team prepared to comply with the notice obligations and effectively deal with any breach of personal information.

II. Security Breach

HRS 487R imposes obligations on the part of Hawaii businesses to notify an individual whenever the individual’s personal information that is maintained by the business has been compromised by unauthorized disclosure and to do so in a timely manner.

Under the statute, “Personal Information” consists of an individual’s first name or first initial AND last name in combination with any one or more of the following data elements, when either the name OR the data elements are not encrypted: Social Security Number, driver’s license or Hawaii Identification Number; or an account number, credit or debit card number, or password that would permit access to an individual’s financial account.

The personal information is protected if on a “record.” A “record” is any material on which written, drawn, spoken, visual, or electromagnetic information is recorded or preserved, regardless of physical form or characteristics. Thus, a “record” can be in digital form or on a paper document, which differs significantly from other states that might cover only digital information.

The notice obligations are triggered when a “security breach” occurs. A “security breach” is defined as an incident of unauthorized access to AND acquisition of unencrypted or unredacted records of data containing personal information, where illegal use of the personal information has occurred, OR is reasonably likely to occur; AND that creates a risk of harm to a person. As the definition indicates many times it is difficult to determine whether information has been “acquired” or to the extent that a “risk of harm” exists.

Several states, including Alabama, Connecticut, Delaware, and Florida have devised a risk of harm exception. Such exception generally relieves the business from the notice obligation requirement after consultation with law enforcement. Since Hawaii law has no such exception most incidents of unencrypted/unredacted theft or loss of records containing personal information should carry the presumption that illegal use is likely to occur and a risk of harm. In addition, even if a statutory obligation does not arise other legal obligations may exist with respect to the theft or loss.

III. Notification Obligations

To the extent a security breach has occurred, and personal information has been compromised, the business must satisfy the notification obligations imposed by HRS Chapter 487R. Form notices are made part of this article for educational purposes only. The notice obligations must be satisfied without “unreasonable delay.” The only exception would be if a law enforcement agency informs the business in writing that notification may impede a criminal investigation or jeopardize national security. Once it has been determined that the notice will no longer impede the investigation, the notice must be promptly provided.

Under HRS Chapter 487R, the business must notify the resident (and the Office of Consumer Protection/credit reporting agencies where notice has been provided to 1,000 persons).
The notice must be given to the last available address. The notice may be sent to the resident’s email address only if the person has “opted in” to receive notices in that manner. Direct telephonic notice may be given under the statute, but generally is not the recommended way to notify the resident given the potential legal risk with such form of communication.

Under the statute, “substitute notice” may be provided where the costs to provide if the business can demonstrate that the cost of providing notice would exceed $100,000 or that the affected class of subject persons to be notified exceeds two hundred thousand, or if the business does not have sufficient contact information or is unable to identify particular affected persons.

Substitute notice shall consist of emailing the person when the email address is known, the conspicuous posting of a notice on the website maintained by the business, and notification of the security breach to major statewide media.

IV. Penalties

Statutory penalties can be significant. However, government agencies are exempt from statutory penalties under HRS ยง 487R-3. Under the law, businesses can be fined not more than $2,500 for each violation. Such penalty can add up quickly where hundreds or even thousands of Hawaii residents are not informed that their personal information has been compromised.

In addition, a court may impose an injunction on the business and the business may be liable for actual damages and attorneys’ fees.

V. Final Word

Hawaii and other states have taken significant steps to combat the growing epidemic of identity theft. It is important that both Hawaii businesses and employers, and consumers take reasonable steps to protect their interests and reputations.

For Hawaii employers and businesses:

o Enter into agreements imposing obligations on third-party companies to handle sensitive and personal information of your employees and customers in a reasonable manner and to report security breaches immediately;

o Ensure reasonable administrative, physical, and technical safeguards are placed over the personal information handled both the third-party company and internally;

o Periodically have the IT department conduct a risk analysis over electronically-stored information and computer network systems of the company;

o Have IT draft and periodically review comprehensive security procedures to limit vulnerability of the company’s systems and a plan of action;

o Train and retrain employees on privacy policies;

o Ensure company employees collect only the minimum amount of information necessary to accomplish the business purpose.

For consumers:

o Ask your employer, doctor, bank, etc., what steps are taken to protect against misappropriation of private information;

o Treat your mail and trash carefully; use cross cut shredders;

o Use locked mailboxes;

o Keep private information kept in your home hidden and secure;

o Don’t give out private information over the phone;

o Use care when using your computer; create strong passwords;

o Use common sense and stay alert (for example, write to your creditor as soon as you believe you have not timely received a billing statement);

o File a police report and obtain the police report number when you learn that your personal information has been compromised and close accounts, e.g., credit card, bank accounts, etc.;

o Follow up with law enforcement in writing and maintain a file; dispute bad checks written directly with merchants;

o Place a fraud alert/freeze on your credit files (Equifax, Experian or Transunion);

o Periodically obtain your credit report and look it over carefully; note inquiries from companies you did not contact, accounts you did not open, debts you cannot explain and report such information immediately to law enforcement.

SAMPLE LETTER 1

Data Acquired: Account Number, Credit Card or Debit Number, Access Code or Password that would permit access to Individual’s Financial Account

Dear

We are writing to you because of a recent security incident at [name of organization].
[Describe what happened in general terms, what type of personal information was involved, and what you are doing in response, including acts to protect further unauthorized access.]

To protect yourself from the possibility of identity theft, we recommend that you immediately contact [credit card or financial account issuer] at [phone number] and tell them that your account may have been compromised. Continue to monitor your account statements.

If you want to open a new account, ask [name of account insurer] to give you a PIN or password. This will help control access to the account.

To further protect yourself, we recommend that you review your credit reports at least every three months for at least the next year. Just call any one of the three credit reporting agencies at a number below. Ask for instructions on how to get a free copy of your credit report from each.

Experian Equifax TransUnion
888-397-3742 888-766-0008 800-680-7289

For more information on identity theft, we suggest that you visit the Web site of the Hawai’i Department of Commerce and Consumer Affairs at ______________ [or the Federal Trade Commission at ___________________]. If there is anything [name of your organization] can do to assist you, please call [toll-free (if phone number].

[Closing]

SAMPLE LETTER 2

Data Acquired: Driver’s License or Hawai’i Identification Card Number

Dear

We are writing to you because of a recent security incident at [name qt. organization].
[Describe what happened in general terms, what kind of personal information was involved, and what you are doing in response, including acts to protect further unauthorized access.]

Since your Driver’s License [or Hawai’i Identification Card] number was involved, we recommend that you immediately contact your local DMV office to report the theft. Ask them to put a fraud alert on your license.

To further protect yourself, we recommend that you place a fraud alert on your credit files. A fraud alert lets creditors know to contact you before opening new accounts. Just call any one of the three credit reporting agencies at a number below. This will let you automatically place fraud alerts with all of the agencies. You will then receive letters from ail of them, with instructions on how to get a free copy of your credit report from each.

Experian Equifax Trans-Union
888-397-3742 888-766-0008 800-680-7289

When you receive your credit reports, look them over carefully. Look for accounts you did not open. Look for inquiries from creditors that you did not initiate and look for personal information, such as home address and Social Security number, that is not accurate. If you see anything you do not understand, call the credit reporting agency at the telephone number on the report.

If you do find suspicious activity on your credit reports, call local law enforcement and file a report of identity theft. [Or, if appropriate, give contact number for law enforcement agency investigating the incident for you.] Get a copy of the police report. You may need to give copies to creditors to clear up your records.

Even if you do not find any signs of fraud on your reports, we recommend that you check your credit reports at least every three months for at least the next year. Just call one of the numbers above to order your reports and keep the fraud alert in place.

For more information on identity theft, we suggest that you visit the Web site of the Hawai’i Department of Commerce and Consumer Affairs at _________________ [or the Federal Trade Commission at __________________]. If there is anything [name of your organization] can do to assist you, please call [toll free (if possible) phone number].

[Closing]

SAMPLE LETTER 3

Data Acquired: Social Security Number

Dear

We are writing to you because of a recent security incident at [name of organization]. [Describe what happened in general terms, what kind of personal information was involved, and what you are doing in response, including acts to protect further unauthorized access.]

To protect yourself from the possibility of identity theft, we recommend that you place a fraud alert on your credit files. A fraud alert lets creditors know to contact you before opening new accounts. Just call any one of the three credit reporting agencies at a number below. This will let you automatically place fraud alerts with all of the agencies. You will then receive letters from all of them, with instructions on how to get a free copy of your credit report from each.

Experian Equifax TransUnion
888-397-3742 888-766-0008 800-680-7289

When you receive your credit reports, look them over carefully. Look for accounts you did not open. Look for inquiries from creditors that you did not initiate and look for personal information, such as home address and Social Security number, that is not accurate. If you see anything you do not understand, call the credit reporting agency at the telephone number on the report.

If you do find suspicious activity on your credit reports, call local law enforcement and file a police report of identity theft. [Or, if appropriate, give contact number fur law enforcement agency investigating the incident, for you.] Get a copy of the police report. You may need to give copies of the police report to creditors to clear up your records.

Even if you do not find any signs of fraud on your reports, we recommend that you check your credit reports at least every three months for at least the next year. Just call one of the numbers above to order your reports and keep the fraud alert in place.

For more information on identity theft, we suggest that you visit the Web site of the Hawai’i Department of Commerce and Consumer Affairs at ____________ [or the Federal Trade Commission at ______________]. If there is anything [name of your organization] can do to assist you, please call [toll-free (if possible) phone number].

[Closing]

What Are the Major Causes of Crime and How Can Crime Be Prevented

The number of crime being committed in the United States of America is increasing day after day. There are many reasons as to why people commit crimes and it has been identified that there are no quick solutions to fix this problem in the country today. When people become victims of crime they usually consult the law enforcement agents. For example, people becoming victim of crime in the Chattanooga city may seek professional help from the Chattanooga attorneys. A Chattanooga attorney will be able to aid the person when it comes to dealing with court proceedings and other legal matters. Crime has a major impact on the society and there are many reasons as to why individuals indulge in criminal activities.

It has been revealed that kids who are being neglected by their parents choose the path of crime later in their lives. Peer pressure is also a major contributor to crime today. Students who are weak in education and are unable to perform up to the required standards often become criminals in future. Most of these unfortunate kids come from poor backgrounds where the parents are unable to afford for the clothes, books and other necessary things. These kids form groups and criminal gangs and resort to extortion, theft and fraud as a means of achieving material items which they had been deprived of.

Substance abuse such as drug and alcohol abuse has a strong influence on an individual’s ability to decide things. When people become addictive, they often commit crime to support their drug habits. Moreover, an addicted person can become a vulnerable target for another criminal due to his inattentiveness. The crime life has been made easier in the US through the easy access of handguns. In most reported cases of crime, the weapon which was used was a handgun which was either stolen or purchased from black markets.

Researches have also shown that most of the criminals are not well educated enough. This means that unemployment and poverty had caused them to become criminals so that they had means of supporting themselves and their families. Even if they had been employed at some point, the wages obtained from the workplace wouldn’t be enough to support a family. With that income it would be impossible to even cater for their basic needs and crime was the only profitable business that could help them in catering for their needs as well as their wants.

There are many ways in which crime can be prevented. Punishments and imprisonments are already in place to decrease crime levels. Another way is to reduce the opportunities of crime for the criminals. This can be achieved by better lighting, improved security systems, locking bars and guard dogs. Moreover, if people are given proper education then there will be an automatic reduction in crime rate as they will be able to get a job which will be able to provide for their basic needs and wants. There are also treatment programs available which influences people to make positive choices and refrain from criminal activities.