Wednesday, November 5, 2014

Chapter 9: Complexities in Cybercrime- International Issues

  • Council of Europe (CoE) Convention on Cybercrime:
    • Is an example to create a standard international response to cybercrime.
    • It is the first international treaty seeking to address computer crimes by coordinating national laws and improving investigative techniques and international cooperation.
    • Objectives include:
      • Creating a framework for establishing jurisdiction and extradition of the accused
  • Organization for Economic Co-operation and Development (OECD):
    • Global organization that move data across other country boundaries must be aware and follow the Organization for Economic Co-operation and Development (OECD).
    • The OECD is an international organization that helps different governments come together and tackle the economic, social, and governance challenges of a globalized economy. 
    • The OECD came up with guidelines for various countries to follow so that data are properly protected and everyone follows the same types of rules.
    • The core principles defined by the OECD are as follows:
      • Collection of personal data should be limited, obtained by lawful and fair means, and with the knowledge of the subject.
      • Personal data should be kept complete and current, and be relevant to the purposes for which it is being used.
      • Subjects should be notified of the reason for the collection of their personal information at the time that it is collected, and organizations should only use it for that stated purpose.
      • Only with the consent of the subject or by the authority of law should personal data be disclosed, made available, or used for purposes other then those previously stated.
      • Reasonable safeguards should be put in place to protect personal data against risks such as loss, unauthorized access, modification, and disclosure.
      • Developments, practices, and policies regarding personal data should be openly communicated. In addition, subjects should be able to easily establish the existence and nature of personal data, its use, and the identity and usual residence of the organization in possession of that data.
      • Subjects should be able to find out whether an organization has their personal information and what that information is, to correct erroneous data, and to challenge denied request to do so.
      • Organizations should be accountable for complying with measures that support the previous principles.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)