In my last article, I touched on Washington State's Computer Spyware Act. That piece of legislation immediately caught my interest, so I decided to research it further and share the results of my research with all of our readers. Needless to say, I am definitely a fan of this kind of legislation. As I wrote in my last article, "Detailed, on-point legislation like this is a necessary first step for combating cyber-crime. It is a huge step up from the maze of fraud charges and consumer protection statutes that some jurisdictions must navigate to shut down cyber-criminals."

Now that I have had a chance to read the entire act, I think I am even a bigger fan of this piece of legislation. Simply put, it is tough legislation that is built around 21st century crime. And, the more I read it, the more I realize that it is flexible enough to adapt to the next phase of cybercrime.

Perhaps my favourite aspect of the law is its focus on 'intentionally deceptive means'. Ultimately, this focus on 'intentionally deceptive means' provides a way for law enforcement to protect the innocent from the fraudsters who attack their computers. Consider the case of scareware - scareware revolves around intentional deception. Scareware attacks involve telling an innocent computer user that his/her computer is infected with horrible forms of malicious software. After the innocent computer user is sufficiently scared, the scareware presents a solution - pay x number of dollars and we will get rid of this malicious software for you. In many cases, it is an easy sell and a criminal has walked away with someone's hard earned dollars. The innocent user is left with less money, and a very bad piece of software on their computer. Under normal legislation, law enforcement would be forced to try and adapt fraud legislation to the world of computers. Then, the Crown (in Canada), or the District Attorney's office (in the United States), has to sell this to a jury which may or may not be technically savvy enough to understand how software like this is fraud, and not merely buggy software.

Enter Washington State's Computer Spyware Act. Suddenly, law enforcement has modern, on-point legislation to deal with computer crime. The Crown/District Attorney's office no longer has to make juries leap to interpret legislation that was written before the online age. And citizens have a concrete piece of legislation to turn to to decide what kinds of computer businesses are legal and what kinds are illegal.

All of this research makes me wonder why Canadian Law has fallen so far behind. While our privacy laws are first rate, our country has never even managed to pass a good quality anti-spam law. Rather, our law enforcement/Crown Prosecutors are forced to use tools like fraud/false pretense laws against cyber criminals. Wouldn't it be easier if juries did not have to perform acrobatics to apply laws that were written many decades ago?

I would like to leave you with two questions. First, is there any kind of cybercrime legislation where you live? And, if not, what kind of cybercrime legislation would you like to see?