TACKLING SPYWARE THROUGH LEGAL ACTION

Spywares as both legal and illegal

 

Spywares- often defined as a malicious software that tracks the user’s activity, having access to data and has even resulted in a lot more threats not just to few individuals or nations but also at the international level.

But this is just one side of the vast realm of spywares, you will be surprised to know that they have also been helpful to various governments and organisation as well. Spyware can be used for government organizations in order to ensure national security, law enforcement, and intelligence gathering when used with proper legal mechanism.

 

 

Laws Prohibiting Unauthorized Use of Spyware

 

There are proper rules and regulations made by different governments across the world to ensure the security of their country and individuals from malefic attacks through spyware. Here are some laws enforced by certain nations across the globe:

 

India

Information Technology Act, 2000

  • Section 43
  • Section 66
  • Section 69

 

United States

Computer Fraud and Abuse Act (CFAA)

Wiretap Act (Title I of the Electronic Communications Privacy Act)

Federal Trade Commission Act (FTC Act)

 

Europe (European Union)

General Data Protection Regulation (GDPR)

 

 

Notable Uses of Spyware in Governance

Some Spywares were made and used by governments for legal purposes. One such example is Pegasus made by an Israeli cyber-intelligence firm.

 

Pegasus: A case study

Pegasus (NSO Group) has been one of the most famous as well as controversial spyware used by various governments to counter terrorism, ensuring national security and various internal issues. This has often been a debatable context in various parliaments globally.

 

Pegasus: How does it work

A Pegasus attack starts with a simple phishing scheme: The attacker identifies a target and then sends that target a website URL via email, social media, text message, or any other message.

Once the user clicks on the link, all his/her activities are under the surveillance of the attacker. This includes reading your text messages, tapping phone calls, knowing all your call logs etc.

The only indication that something has occurred is that the browser closes after the user clicks the link. There’s no other indication that anything has happened or that any new processes are running.

 

 

Global Treaties for Tackling Spyware

 

Budapest Convention on Cybercrime 

It was a global treaty encouraging international cooperation for combating cybercrimes, including spyware and various other malware.

UN Convention Against Cybercrime

Proposals by UN bodies and human rights groups were given to ban or ensure that no illegal use of spyware is made.

Malabo Convention

Adopted by the African Union, the convention was held to address cybercrimes, ensuring data protection and capacity building.

 

 

Conclusion

 

Although various legal laws have been established in the name of protecting data, combating cybercrimes, and promoting cybersecurity infrastructure but unfortunately, we see a lack of unified law across the world for this cause. What is illegal in one country may be legal in another, which, in a way, has nullified a lot of discussion held on cybersecurity, resulting in difficulty establishing laws across territories. It is also a positive sign that these spywares often help to counter important issues like terrorism, which gives a ray of hope that this technology, if used well, can be used as a weapon for international threats.