The crimes and get away with it because of

            The introduction of the internet has
brought us into a whole new era which is the Information Age. Information Age
is also known as Computer Age or Digital Age. Digital Age is a period in which
the human history shift from traditional industry to an economy based on
information technology. Undeniably, the Internet has brought benefits to us in
the field of business, science, education and others. But, Internet is just
like any other invention of human is a double edged sword. Internet allows us
to obtain information with just a single tap and share data almost
instantaneously but it also open the door wide for crimes. Internet has created
several new forms of crimes and made old crimes easier to commit. The examples
of cyber crimes are cyber-stalking, identity theft, child pornography, copyright
violations, hacking, fraud and scams.

            The growth in information has given
rise to cyber crimes and caused a huge loss. Due to impact of digitization on
financial, healthcare, small and medium sized enterprises and other industries,
data breaches have gained more attention Even though advanced countermeasures
and consumers awareness are applied, cyber crimes continues to climb. This is
mainly because the criminals finds smarter ways to install disruptive viruses,
steal intellectual property, commit identity theft, access to financial
information and shut down the corporation computer systems. In year 2016, we
have witnessed the largest data breach till date in United State history which
is amounted to 1093 million with close to 36.6 million records exposed as
online platform Yahoo revealed that hackers stole user data and information
related to at least 500 million accounts back in 2014.1

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

            Department of Justice has classified
cyber crime into three types.2 First of all, there are
criminal who target the computer. These crimes could be theft of data, hardware
theft or plantation of virus. Computers are used as a weapon to commit crime.
Criminals use the computers to commit many traditional crimes and get away with
it because of its unique nature that transcends national borders and the
anonymity. Besides these, computer also used as legal accessories for storing
incriminating information. Computer related crime involves both software and
hardware. In year 2003, a survey was conducted by Container Security Initiative
(CSI) with the participation of San Francisco Federal Bureau of Investigation’s
Computer Intrusion Squad. 530 respondents who have participated in the survey
are made up of United State corporations, government agencies, financial
institutions and 56% of them reported unauthorized use of their computer
systems. A major security service, Symantec estimates that direct crimes has
caused companies to lose $114billion annually while the cost of recovery from
cyber crimes is $274billion.3 Cyber crime costs have
surpassed the expenses caused by the sales of drug in the black market. It is
an unavoidable risk that all the computer and technology users have to face.
This is because brilliant computer skills cannot longer characterize computer
criminals since children can also download the hacking tools online and use
them easily.

            The issue arose is whether there is
laws which can deal with computer related crimes? Arguably, the United States
privacy system is the oldest and most effective in the world. The United States
privacy system relies more on post hoc government enforcement and private
litigation. The government of United States thinks that the security of
computer systems is important for two reasons. The first reason is that the
increased role of Information Technology and the growth of E-commerce sector
have made cyber security an essential component of the economy. The next reason
is that the cyber security is vital to the operation of safety critical systems
and the protection of infrastructure systems. Critical infrastructure is
defined in Section 5195C of United States Code as systems and assets whether
physical or virtual so vital to the United States that the incapacity or
destruction of such systems of assets would lead to a depilating impact on
security, national economic security, national public health or safety.

            The three main United States federal
government cyber security regulations are the 1996 Health Insurance Portability
and Accountability Act(HIPPA), the 1999 Gramm-Leach-Bliley Act and the 2002
Homeland Security Act which included the Federal Information Security
Management Act(FISMA). These regulations mandate that healthcare organization,
federal agencies and financial institutions should protect their systems and
information. But, these three regulations are not foolproof in securing the
systems and information as they do not specify what cyber security methods must
be implemented and only require a reasonable level of security. As an example,
FISMA which applies to every government agency only requires the development
and implementation of mandatory policies, standards, principles and guidelines
on information security. However, these regulations do not address numerous
computer related industries such as Internet Service Provider and software
companies. Furthermore, the language of the three main regulations are too
vague and it leaves much room for the interpretation. Bruce Schneier who is the
founder of Cupertino’s Counterpane Internet Security states that a company will
not make sufficient investments in cyber security unless government forces him
to do so.

            The effort to strengthen the cyber
security laws has never been stopped. Recently, the federal government is
introducing several new cyber security laws and amending the existing cyber
security laws for a better security ecosystem. Cybersecurity Information
Sharing Act (CISA) was introduced in the United States Senate on July 10, 2014
and passed in the Senate on October 27, 2015. Its objective is to improve cyber
security in the United States through enhanced sharing of information about
cyber security threats and for other purposes. The law allows the sharing of Internet
traffic information between the United States government and technology and
manufacturing companies. National Cybersecurity Protection Advancement Act of
2015 amends the Homeland Security Act of 2002 to allow the Department of
Security’s national cyber security and communications integration center to include
tribal governments, information sharing and private entities among its
non-federal representatives. The purpose of cyber security regulation is to
force companies and organizations to protect their systems and information from
cyber-attacks such as viruses, phishing, denial of service attacks,
unauthorized access and control system attacks.4

            Other than federal government,
attempts have been made by the state governments to improve cyber security by
increasing public visibility of firms with weak security. California passed the
Notice of Security Breach Act in year 2003. By this, it requires any company
that maintains personal information of citizens of California and has a
security breach must disclose the details of the event. The examples for
personal information are name, social security number, credit card number,
driver’s license number or financial information. There are several other
states which have followed California and passed the similar security breach
notification regulations. While giving the freedom to the firms on how to
secure their systems, these security breach notification regulations also
punish the firms for their cyber security failures. In fact, this regulation
creates an incentive to the companies which voluntarily invest in cyber
security. This could prevent the companies from suffering potential loss due to
a successful cyber attack. In year 2004, the California State Legislature
passed California Assembly Bill 1950 which applies to business that own or
maintain personal information for California residents.5 This regulation can be
said as an improvement on the federal standard because it expands the number of
firms required to maintain an acceptable standard of cyber security. It
dictates  that the businesses have to
maintain a reasonable level of security and these required security practices
extend to business partners. Besides this, the New York Cyber Security
regulation has been effective since March 1, 2017. This regulation is designed
to protect customer information as well as the information technology systems
of regulated entities. This regulation requires each company to access its
specific risk profile and design a program that addresses its risks in a robust

            In conclusion, the United State
government has been putting effort to introduce a stricter laws to equip
organizations to secure the data from the latest cyber threats. However, Bruce
Schneier has rightly said that successful cyber attacks on the government
systems still occur despite of the efforts putting into by the government. This
applies to private sector as well. Lately, the cyber criminals have sought to
exploit technological vulnerabilities to gain access to sensitive electronic
data. These criminals can cause a huge financial losses for Department of
Financial Service regulated entities as well as the consumers whose private
information may be revealed or stolen for illicit purposes. It would be better
for the organizations to be proactive about the security of their apps and data
as the cyber criminals are always on the prowl and are becoming sophisticated
in their approach to attack. Therefore, the companies should keep a regular
check on their systems to identify any vulnerabilities and address the
loopholes immediately.

1 Kelly and
Warner. CyberCrime Laws in the United States. Retrieved from

2 Federal Computer
Crime Laws. Retrieved from

3 CSI/FBI Computer
Crime and Security Survey(2003).Retrieved from

4 A Glance at the
United States Cyber Security Laws. Retrieved from

5 Cyber-Security
Regulation(2014). Retrieved from

6 Maria T.Vullo. Cyber Security Requirements for Financial Services
Companies. Retrieved from