Cyber Laws in Saudi Arabia and the United States
Computer crime is a major issue in the legal community worldwide. The vice escalates despite the increased awareness and advanced countermeasures since smarter criminals discover new ways of programming disruptive viruses, stealing intellectual property, committing identity theft, accessing financial data, and shutting down corporate computer systems. Computer crimes comprise both software and hardware (Jewkes & Yar, 2010). The ability to illegally use the Internet and computers to commit scams, hacking, fraud, copyright infringement, service denial attacks, and web defacement fall under cyber crime. Both the Saudi Arabia and the United States face cyber crimes including phishing, hacking, identity theft, cyber stalking, and information ware.
The major targets of cyber crimes in most Middle Eastern countries are large financial organizations. By doing so, the scammers look for monetary gain, reputation, praises, and pride for outsmarting such companies. However, the cybercrime laws both in the U.S. and Saudi Arabia bestow huge penalties to cyber criminals. Hu et al. (2013) posit that computer espionage and abuse criminals in the United States usually face imprisonment of not more than ten years, although they may receive 20 years for repeated convictions or a fine under Title 18, 18 U.S.C. 1030(c)(1). In contrast, the penalty for the same crime in Saudi Arabia is imprisonment of ten or more years and a fine of $1.3 million (Almuqrin & Kustron, 2015). In the U.S., unauthorized computer access results in an imprisonment of one to five or ten years depending on the type of crime (simple or repeated) or a fine under Title 18, 18 U.S.C. 1030(c). In contrast, Saudi Arabia cyber criminals receive an imprisonment of not more than one year and a $130,000 fine according to Article 13 (Elnaim, 2013). Trespassing in government cyberspace leads to incarceration of ten years for repeated offenses and a fine under Title 18. Misdemeanors obtain a $100,000 fine while repeated felonies garner $250,000 in fine according to 18 U.S.C. 1030(a)(3). On the contrary, Saudi Arabia incarcerates the criminals with not more than ten years and a $1.3 million fine or any according to Article 3 (Elnaim, 2013).
The penalty for computer fraud in the United States includes imprisonment of not more than five years and ten years for repeated convictions (McCormick, 2013). Title 18, 18 U.S.C. 1030(c)(4) allows the use of fines without incarceration while 18 U.S.C. 1030(g) permits the compensation of victims. In contrast, Saudi Arabia imprisons computer fraudsters for not more than three years or a $520,000 fine according to Article 4. Additionally, computer access trafficking results in incarceration for not more than a year or a fine under Title 18, 18 U.S.C.1030(c)(2). In Saudi Arabia, computer access criminals face an imprisonment of not more than four years and an $800,000 fine under Article 5 (Elnaim, 2013). Thus, cyber laws in both countries are aimed at protecting people living in the countries from scammers who are to be punished for crimes they commit.
The ineffectiveness of the cyber laws in Saudi Arabia has resulted in the increased number of computer crimes in the country compared to the United States
This paper will discuss different types of cyber crimes facing both in the United States and Saudi Arabia. It will also explore the cyber laws established by these countries to curb cyber crimes. Lastly, the paper will provide major recommendations on how to deal with cyber crimes.
According to the National Crimes Agency (2017), cybercrime refers to an attack on corporate or individual networks and computer systems in order to steal information or compromise the available data. The Interpol (2017) notes that cybercrime has no strict definition but it can be grouped into two main categories: advanced cybercrime also known as high-tech crime, and cyber-enabled crime. Advanced cybercrime refers to sophisticated and complex attacks on computer hardware and software (Interpol, 2017). On the other hand, cyber-enabled crime refers to the conversion of traditional crimes into forms that can be done through computers due to their increased access and the presence of fast and reliable internet. Thus, cyber-enabled crimes include crimes such as financial crimes, terrorism, and crimes against children.
Scope of the Problem
Today, cybercrime has evolved into a complex and more challenging crime to deal with. Unlike in the past where it was committed by a few individuals or small groups, it is currently done by highly complex cyber criminal networks of individuals across the globe (Interpol, 2017). Although the crimes that are committed through cybercrime are not now, they are more extreme and complex to follow due to the use of fast and reliable internet, firewalls, and complex cybercriminal networks.
Currently, the common cybercrimes that occur to consumers are phishing, webcam manager, file hijacking, keylogging, screenshot manager, and ad clicker. Among businesses, the common cybercrimes are hacking and Distributed Denial of Service (DDOS) attacks (NCA, 2017). Due to the dynamic nature of activities done through the computer, it is always difficult to identify what constitutes cybercrime. As a result, there is always a challenge in distinguishing between cybercrime and malicious acts. Due to the lack of clearly identifying the criminal’s intent or motivation, it is difficult to identify if certain acts are criminal. Accordingly, certain terms such as cyber-attack, cyber espionage, and cyberwar are interchangeably used depending on the motivation of the actors (Finklea & Theohary, 2015). Accordingly, identifying the criminal attribution is an important factor in distinguishing between cybercrime and cyber threats.
Statistics on Cybercrime
Cybercrime is overwhelmingly expensive to its victims. In fact, its cost ranges in hundreds of billions. According to the World Bank, the cost of cybercrime was $400 billion in 2013 (Center for Strategic and International Studies, 2014). Noteworthy, this cost does not include the potential benefit of cybercrime. To elaborate, although cybercrime results in losses and unnecessary expenses on its victim, there is a spillover benefit, such as where theft of technological information results in the production of a similar or improved version by a competitor. According to the International Maritime Bureau, piracy costs about 0.02% of the global economy. Transportation crime costs 1.2%, counterfeiting piracy costs 0.89%, pilferage costs 1.5% in US, car crashes cost 1.0% in US, narcotics cost 0.9% globally, and cybercrime costs 0.8% globally (Center for Strategic and International Studies, 2014). It is important to note that the valuation of the cost of cybercrime varies since it is usually an estimate.
When it comes to analysis of the severity of cybercrime, the financial sector gives a better view of the seriousness of the problem. For example, as of 2013, banks in Mexico had an annual cost of $93 million due to online fraud. Japanese banks had a loss of $110 million, and a cyberattack on US retailer Target resulted in $200 million cost on banks. In the UK, the cost of cybercrime was $850 million in 2013 while in Australia it was $100 million (Center for Strategic and International Studies, 2014).
Current Situation in Saudi Arabia
According to Elnaim and Abdulaziz (2013), there has been a fast and rapid increase in the access of internet in Saudi Arabia. As of 2013, the kingdom had an internet penetration of 54.1%, which is far more than the 5% penetration rate that was in 2001. With this increase in the use of internet and computers, more and more people are becoming victims of cyber-attacks. This problem is coupled with the shortage of skillful information technology experts in the country. Rasooldeen (2017) notes that the cost of cybercrime in Saudi Arabia was about SR 2.6 billion in 2016. Rasooldeen notes that 3.6 million were victims of cybercrime and they had an average loss of $195 in 2016. Further, 40 % of the country’s users of social media became victims of cybercrime.
Characteristics of the Problem
The conceptualization of cybercrime involves identifying a number of important issues such as the location of the criminals in both the real and digital world, the motivation for their malicious acts, and the person involved in carrying out these activities (Finklea & Theohary, 2015).
In terms of location, cybercrime involves both the physical and digital domains. In cyberspace, location is nebulous and geographical locations that exist in the real/physical world are not found in the cyber world. However, it is still linked with the physical world since hard wares used in some of the cybercrimes, such as theft of credit card details through ATMs entails the physical attachment of gadgets on these machines. Finklea and Theohary (2015) opine that cybercrimes that require more technological expertise such as phishing, identity theft, and distributed denial of services (DDoS) are more firmly rooted in the virtual world.
Largely, cybercrime is conducted as a digitalized version of traditional offenses. These crimes include offenses such as identity theft and pornography. In the real world, for example, a criminal can physical steal a person’s wallet or physically credit and debit cards from mailboxes. In cybercrime, the same offense can be replicated by a hacker who stills the same personal information electronically. Currently, the US does not have laws that are specifically written for cybercrime. Therefore, law offenders are prosecuted using laws that are designed for cybercrime. In the Racketeer Influenced Corrupt Organizations (RICO) Act, the computer fraud law in the USA (18 U.S.C. §1030) is not considered in the determination of racketeering offenses. Nonetheless, the nature of cybercrime has continued to change in a manner that it now occurs in more organized forms such as the cases of wire, bank, and access device fraud (Finklea & Theohary, 2015).
Borders and Space
Unlike the physical world, the cyber world has no real borders. Accordingly, criminals can exploit opportunities presented by anonymity on the internet to make various malicious attacks. In addition, this environment broadens their potential targets. Nonetheless, both the victims of the cybercrime and the perpetrators exist in a physical world, in similar or different cities in the world. Moreover, the internet servers, computers, and other digital devices used to commit these offenses exist in physical location and may or may not coincide with the location of the criminal.
Cases of Cyber-attacks in the USA
The following are some of the major cybercrimes in the US.
- In 2013, two Romanian nationals were sentenced for being part of a ring of hackers that participated in a multi-million dollar scheme to remotely hack and steal payment card data from US merchant computers. These individuals stole information from about 100,000 individuals which they sold for a profit (US Department of Justice, 2011).
- In 2014, the GameOver Zeus botnet was ordered to stop the link between infected computers and criminal servers. The Zeus Botnet stole online banking information and transferred the money to mules. These mules than deducted their share and transferred the balance to hackers (US Department of Justice, 2014).
- In 2009, Google was attacked by a Chinese hacking corporation, Elder wood Gang. These attackers used a complex code to access Google’s source code repositories. During their attack, they were able to extract a lot of sensitive data that belonged to the company.
- In May 2006, a group of anonymous servers hacked TJX Corporation and stole a lot of sensitive information of the credit and debit card details of 94 million customers (Almuqrin & Kustron, 2015).
Cases of Cyber-Attacks in Saudi Arabia
- In August 2012, Aramco Company, a Saudi-owned oil company was attacked by hackers. In this incident, 30, 000 computers owned by the company were infected with a virus that deleted and destroyed data that was on the company’s hard drives (Elnaim & Abdulaziz, 2013).
- In 2012, the King Saud University was attacked by hackers who exposed its database, which had information about 812 students. The disclosed information was on addresses and passwords (Elnaim & Abdulaziz, 2013).
- In 2013, Saudi Arabia’s government website was attacked by hundreds of websites that disabled their functions (Elnaim & Abdulaziz, 2013). Generally, the virus, which is known as Shamoon wipes all data in the hard disk and disrupts the operations of the organization. (Reuters, 2017)
Influences on Victims
The motivation to engage in crime is the main distinction among cyber-based malicious acts, cybercrime, and state-sponsored espionage. Due to their close similarities, the invisibility of actors in cyber-attacks, coupled with high internet speeds, it is always difficult to differentiate these three groups According to the Federal Bureau of Investigations, organized criminals mainly target financial sector, state-sponsored attacks are mainly interested in data such as those on intellectual property, defense, government agencies, and major manufacturers. Finally, cyber-based-based malicious actors such as terrorists are usually interested in identifying critical infrastructure that they can distract.
Accordingly, the FBI opines that cybercrime is mainly done by organized groups that are mainly interested in financial gains. Clearly, the motivation for each group differs. Generally, criminal groups are motivated by profits, terrorists are motivated by ideologies, and government sponsored cyber threats have many non-specific reasons as aforementioned. Actually, in some cases such as collection of information on major industries looks like they are motivated by profits while in instances where they are interested in information on defense, the reasons appear to be more on strategy.
Impact of Cybercrime on Victims
A single incident of cyber-attack can have far-reaching effects on victims. To begin with, cyberattack can result in the loss of finance, data, intellectual property, and consumer confidence. When a person is a victim of identity theft, they may become victims of long-lasting effects on their life such as phishing, or loss of their private information (Rahaman, 2016). In addition, cybercrime is costly on individuals and organizations. According to EWeek, large companies spend as much as $8.9 million yearly on cyber security (Rahaman, 2016). Generally, these organizations incur more expenses in acquiring software and firewalls to prevent cyber-attacks. In addition, cyber-crime results in piracy and has major effects on the environment, music, gaming, and software industries. On the overall, piracy leads to financial losses in these businesses and reduces the incentive to innovate and develop better products.
Cybercrime also has negative social impacts such as increasing the level of cyber bullying and cyber pornography. These crimes involve the use of viruses, botnets, and denial of service attacks. Due to these negative effects of cybercrime, most of its victim usually have some levels of emotional strain and stress. In particular, most of them feel angry or cheated, and usually blame themselves for the attacks (Rahaman, 2016).
Response of NGOs on the Issue
NGOs play a major role in addressing cybercrime and preventing its occurrence. To begin with, NGOs are usually at the forefront in proposing various legislations that can be used to arrest cybercriminals. In addition, NGOs can be used to monitor and report incidents of cybercrimes. In New Zealand, for example, the private-public partnership enables NGOs, civil society and the private sector to participate in the prevention of cybercrime by offering advice (NewZealand.govt.nz, 2015).
Cyber-crime also was known as Computer crime generally refers to offenses committed by use of computers. These crimes may be targeted to an individual with an aim to harm their reputation, cause them mental or physical damage, and may be lead to them losing properties or money. They are also targeted to nations for the same reasons and in most cases threaten a nation’s security and financial affairs (Clough, 2015). A thriving cybercrime would mean the intruders get access to vital information on an individual’s or countries top secrets as sensitive data and trade secrets and even secret details on the operations of a state. Computer crimes comprise both software and hardware.
The ability to illegally use the Internet and computers to commit scams, hacking, fraud, copyright infringement, service denial attacks, and web defacement fall under cyber-crime. It is due to the weight of these crimes that various nations have enacted laws to govern or counter these crimes. The laws referred as cyber laws aid in regulating and punishing offenders that commit these crimes. The USA and Saudi Arabia have set cyber laws that present harsh and discouraging penalties on cyber criminals (Dunlap, 2011). Despite enacting these laws, the vices still escalate with the increased awareness and advanced countermeasures since smarter criminals discover new ways of disruptive programming viruses, stealing intellectual property, committing identity theft, accessing financial data, and shutting down corporate computer systems and many other cyber-related crimes.
Cyber Laws in the USA
The USA just like other nations are faced with the cyber menace as its corporates are targeted for trade secrets and sensitive data, its citizens are being targeted by online thieves while young children targeted by online sexual predators. Since the USA is an advanced and still doing great regarding research and development, the public research centers and colleges are also subject to these attacks to unveil their top secrets and vital data they may have. Due to the broad target base, the USA government has established and enacted laws to prevent and reduce these cyber-attacks. These laws are shaped by general law structure in a common law court. The laws are classified in various categories as follows:
Specific Cyber Laws
Substantive Cybercrime Laws
These are laws that aim to prevent cyber-crime on online identity theft, hacking, intrusion into Computer systems, child pornography, intellectual property and online gambling. These laws are followed keenly and offenders, those that may have aided in committing the crime knowingly, face clear set penalties (Halder et al…, 2012).
Procedural Cybercrime Laws
These are laws enacted to prevent cyber crimes regarding providing authorities to important cyber-crime fighting officers and include the authority to preserve and obtain electronic data from third-parties, including Internet service providers; authority to intercept electronic communications; authority to search and seize electronic evidence. They provide permission to the timely reaction as giving more time to these criminals had proved dangerous thus the fast response officials. These laws are backed with a strict and active surveillance from various cyber-crime fighting units.
The USA has invested heavily in acquiring an improved set of technological and investigative capabilities and even gone ahead to form partnerships with advanced firms fighting cyber-crime. The USA has set up a special unit in its leading investigative unit, Federal Bureau of Investigation (FBI) that offers coordinated and cohesive cybercrime investigations. Specially trained cyber squad unit complements this unit with agents and analysts to safeguard against computer intrusions, theft of intellectual property and personal information, child pornography and exploitation, and online fraud (Taylor et al., 2014). The USA has a New Cyber Action Team that reacts to any call for help in cyber crime actions from any nation. They are fast to the reaction and these provide them an opportunity to access the various crimes outside the country and gather more information on how to prevent such occurring to them regarding security threats and other crucial fields. They keep the country a step forward in matters cybercrime. The various investigative units in the USA i.e. department of defense, Homeland Security Department and the FBI have partnered in the line of cyber-crime attack prevention and also involve locally advanced organizations in this sector to help gather as many ideas as there may be to curb cyber crime.
Cyber Laws in Saudi Arabia
Despite the rising concerns and nature of cybercrime risks, Saudi Arabia does not have clear set legislation to fighting cyber-crime. Companies operating in Saudi Arabia have been subjected to legal fights due to legal vacuum in the issue concerning cyber-crime. Cyber related crimes are solved in the local courts under the guidelines from the sharia, which is the laws governing the country. In Saudi Arabia, cyber criminals are regarded as being technically and technologically advanced than their counterparts who they are stealing from (Halder et al., 2012). In 2007, an anti-cyber-crime law was issued by a Royal Decree they that would ensure identification of such crimes and determine their punishments to ensure information security, protection of rights about the legitimate use of computers and information networks, protection of public interest, morals and protection of the national economy.
A ministry in Saudi Arabia, the Ministry of Interior and the Communications and Information Technology Commission was the one tasked with charging cyber criminals and determining the penalties to be offered to such crimes. The penalties issued by these bodies have proved ineffective as the rate of cyber-crime has escalated.
Comparison of Specific Cyber Laws in the USA and Saudi Arabia
Unfair or Deceptive Acts or Practices; False Advertisements Law
In the USA, this law is used to punish those that commit internet fraud. A criminal in this section is described as one who knowingly accessed a computer without permission and obtained information deemed private by the state with intent to hold hostage, injury or extort the state or an individual. The penalty for this offense includes payment of a fine under, imprisonment for not more than five years or both. In Saudi Arabia, such crimes have no clear set penalties but determined by anti-cyber-crime laws with the aid of the Ministry of Interior and the Communications and Information Technology Commission (Taylor et al., 2014). It takes the time to establish the penalty, and at times the offenders make away with their as no clear set laws acknowledging the said actions as crimes let alone set penalties. The USA shows a clear guideline to this offense and by that has enabled reduce such cases.
Sexual Exploitation and Other Abuse of Children Law
This law is applied to Online Child Pornography, Child Luring, and Related Activities. In the USA, the law describes the offender as anyone who employs, uses, persuades, induces, entices, or coerces a minor through online means to sexual exploitation. The penalties for such crime as described in the law is that they are to be fined and imprisoned not less than 15 years nor more than 30 years. If the offender has one prior conviction in other sections related to abusing minors sexually, then they are fined under this title and imprisoned for not less than 25 years nor more than 50 years. Also, an offender having 2 or more prior convictions relating to the sexual exploitation of children, they are fined and imprisoned not less than 35 years nor more than life. In Saudi Arabia, the sharia explains matters about sexual abuse vaguely and in general, terms such that it becomes a challenge to quantify the charges to such like offenders (Clough, 2015). The sharia provides laws that are vague and thus their use may vary from one offender to the other. Another law that, provides a generalized penalty and description of all cyber cases under on context.
Cyber Crime Law to Include Naming and Shaming
Saudi Arabia’s general law on cyber-crime, i.e. the cyber-crime law which is applied to offenders ranging from those who are found in production, preparation, transmission, or storage of material impinging on public order, and religious values. Also, it includes public morals, and privacy, and through the computers. They are generally charged with five years’ in jail and/or a fine not exceeding three million riyals (USD 800,000).The determination of either or a combination being determined in the courts. It is the only law that is in use in Saudi Arabia regarding cyber-crime (Taylor et al., 2014). It acquired some additional penalty, where those who are found guilty of cyber-crime are to be named publicly with the intent of putting them to shame. The additional quote in the cyber laws has somehow heightened the fight on cyber-crime but not much effectively as it ought to. In the USA, there exists no such law as each and every offense related to cyber-crime has well spelled out penalties.
Criminal Infringement of a Copyright Law
In the USA, this law describes an offender as anyone who knowingly uses another person(s) work online for their personal benefit without considering the rights of the original person(s) who produced the work. It imposes a penalty of 3 years imprisonment, fined for the crimes or both penalties based on the extent of destruction they may have caused. In Saudi Arabia, this is punishable under the cyber-crime law which describes the offenders as those who are found in production, preparation, transmission, or storage of material impinging on public order, religious values, public morals, and privacy, through the computers. The crime falls within its jurisdiction and there punishable by five years’ imprisonment and a fine not exceeding three million riyals (USD 800,000).The generalization of cyber-crime punishments and definition of offenders in a way fails the whole process.
With the above critically analyzed cyber laws, it is safe to say that the USA has a clearly defined and well-structured system in fighting cyber-crime. It has a clear cyber curbing laws together with strict and dedicated units that aid in curbing cybercrime (Clough, 2015). As much as cyber-crime is a threat and the vice continues to escalate despite the increased awareness and advanced countermeasures since smarter criminals discover new ways of disruptive programming viruses, stealing intellectual property, committing identity theft, accessing financial data, and shutting down corporate computer systems. The USA has shown clear strategies and intentions to outdo the crimes that increase with an increase in technology.
Saudi Arabia, on the other hand, has demonstrated that it has no clear set strategies to aid in curbing cybercrime and has put to risk institutions both governmental and non-governmental and its computer literate citizens amounting to about 20.8 million use the internet in undertaking various activities. The majority of these users being between the ages of 16 and 35 years and the generation that is rapidly growing because over 50 percent of the population is under the age of 21 years. Saudi Arabia itself as a nation does not have a data protection center and thus can imagine the risk it is exposed to. The use of the general law on cyber-crime i.e. the cyber-crime cyber law has proved ineffective as it has broad definitions of cyber-crime and the penalties they are to be subjected to.
The other law that is used in the effort to curbing cybercrime is the sharia. The sharia itself presents general and vague definitions on the various crimes and the penalties thus making it difficult to ascertain what crimes to be punished in what ways (Dunlap, 2011). The lack of cyber laws leaves Saudi Arabia and other organizations in the country in a vulnerable state about cyber-crime.
Saudi Arabia uses the general cyber law and sharia law which always requires the court intervention to interpret as they are vague to curb cybercrime.The USA has clearly defined cyber laws that do not require expertise interpretation to apply. Also, area well-equipped and individual cyber law’s enactment units. It clearly outlines the difference in the weight and cases of cyber-crime in the two countries.
The use of the social media in Saudi Arabia has grown rapidly with almost every person who is over the age of 18 years in the country owning a social media account. The main social media account used in Sound Arabia includes Facebook, Twitter, Instagram, WhatsApp, LinkedIn, and Snapchat. Increased use of the social media has led do major development in Sound Arabia, including the emergence of cybercrime. There are various factors, including easy access to the internet, legal vacuum, and cultural issues, which have contributed to the problem of cybercrime in Sound Arabia.
Access to the Internet
Sound Arabia has undergone massive transformation since the 1930s after the discovery of oil. Sound Arabia was transformed from a poor country to one of the richest countries in the world. The development of the country made internet one of the vital tools in day to day lives of people in the communities. Saudis use the internet at exceptional levels mainly to communicate with people from different parts of the world and buying products online. Having learned about the importance of the internet to their lives, new Saudis are turning to the internet to undertake different activities.
In a population of 32.3 million residents in Saudi Arabia, about 20.8 million use the internet in undertaking various activities (IstiZada, 2017). The majority of these users are between the ages of 16 and 35 years, which is the generation that is growing rapidly because over 50 percent of the population is under the age of 21 years (IstiZada, 2017). Most of the internet users in the Saudi Arabia live in urban areas where there are more wealth and high internet access, particularly at home, office and public areas.
People in the age of 16 and 35 years, in Saudi Arabia, are most active in the social media. Individuals in this age group join the social media for different reasons, which include interacting with their friends, expressing their opinions, and trading goods and services (Elnaim, 2013). The increased use of the social media has led to increased cases of cybercrime. The main cybercrimes, which are common in Saudi Arabia, include identity theft, phishing, blackmail, embezzlement, and defamation.
Some internet users in Saudi Arabia use social media cites like Twitter and Facebook to undertake criminal activities. One of the main criminal activities undertaken by social media users includes phishing where they fraudulently send emails to individual purporting to be staffs of reputable companies so as to access personal details like credit card number and passwords. Other Internet users are involved in identity theft where they use the details of other people, including then name, credit card number to identify themselves without the authority of the owner (Alarifi, Tootell & Hyland, 2012). There is also a large group of internet users who use the social media to attack others through defamation which result into destroying the reputation of individuals. In a similar way, social media is used by young people in Saudi Arabia to perpetuate bullying, which in turns lead to psychological torture of the victim.
Increasing number of cybercrime in Saudi Arabia is highly contributed to easy access to the internet, particular to people in urban areas. This is because for the cybercrime to take place, the culprit must have access to the internet. Additionally, the environment where the cybercrimes are taking place must support internet activities. Cybercrime would not be possible in any country where people do not use the internet to communicate, interact or trade. Thus, easy access and increased use of the internet has led to the emergence of cybercrime problem in Saudi Arabia (Elnaim, 2013).
Table 1: Internet Usage in Saudi Arabia
Source: IstiZada (2017)
The Table 1 above presents data relating to Internet usage in Saudi Arabia. According to the table, the number of internet users in the country has been increasing every year from the year 2000. The table1 also shows that increase in internet users in Saudi Arabia increases with the increase in the population. Considering the fact that people use the internet in different ways, which could be legal or illegal, increased in numbers of internet users greatly contribute to the problem of cybercrime. The more there are people using the internet, the higher the chances that some of those internet users would be involved in cybercrime.
Although the internet infrastructure in Saudi Arabia has continued to grow, the legal relating to internet use is not developed (Ansary, 2008). This creates a situation where there are no clear laws relating to specific online activities. The increase in internet penetration in Saudi Arabia has led to the growth of e-commerce and e-government drives. However, due to lack of well-laid legal infrastructures many internet users are coming up with ways of undertaking cybercrimes, which are targeting e-business.
Lack of legal framework relating to online business in Saudi Arabia creates a situation whereby business transactions are undertaken in a legal vacuum. Lack of laws relating to various internet-related crimes encourages the online criminals because they understand that they are likely to evade punishment even when they are caught (Ansary, 2008).
The existing Internet-related law, for example, Anti-Cyber Crime Law of 2007, covers a wide range of activities without outlining specific rules on particular online activities. Although there are regulating agencies that have asked for the established of clear laws, nothing has been done. Additionally, even the general legal e-commerce laws have not been implemented by the relevant authority. This complicates the process of dealing with cybercrime in Saudi Arabia. As a result, internet users take advantage of the legal vacuum to undertake different cybercrimes, including embezzlement, identity theft, and phishing.
Another legal-related issue, which has contributed to the problem of cybercrime in Saudi Arabia related to the huge process of filing a complaint. In Saudi Arabia, Any person who is a victim of any cybercrime, and intends to sue the culprit must follow this procedure. The first step relates to reporting the crime to the police station. The officers in the police station are required to forward the report of the crime to Bureau of Investigation and Public Prosecution (BIPP) in the country so as to scrutinize the crime. Through the coordination of other agencies, BIPP undertakes investigation so as to identify the suspect (Elnaim, 2013). Once the suspect is identified, BIPP orders his interrogation, and the charge sheet is created and forwarded to the criminal court. Then, the victim has the right to join the public prosecution in the case, and demand compensation or damages.
The complicated and tedious process of seeking justice discourages people from prosecuting the offenders. Failure to prosecute those involved in cybercrime has contributed in worsening the problem.
Saudi Arabia is an original homeland to Islam and Arab people whereby the cultural identity expressed in the country relate to that of Arab and Muslim. One of the cultural aspects of people of Saudi Arabia relates to togetherness where people in the country belief on maintaining a connection with each other. With the development brought about by advancement in the level of technology, the connection among people in Saudi Arabia has been extended to the online platform. People in Saudi Arabia use the social media platform to communicate with their family members, friends and the business partners across the country and beyond (Basamh, Qudaih & Ibrahim, 2014). Through the interaction on the social media, the individuals share photos and videos, which can expose their personal details. With increase in the number of people accessing social media sites, those personal details can be noticed by cyber criminals who would use the to carry out cybercrime.
Another cultural issue, which has contributed to the problem of cybercrime in Saudi Arabia relates to the taboos observed by Arabs and Muslims in the country. It is a taboo for people in Saudi Arabia to discuss sex in public. It is also taboo for the Muslims to show love to the person of opposite sex in public. These taboos have greatly affected most young people in the country who feel that their cultural believes limit their behaviors on matters relating to love and sex (Alarifi, Tootell & Hyland, 2012). As a result, they have turned to the internet to explore matter related to sex, which has influenced them to take part in the exchange of pornographic materials. Publishing and exchanging through the social media have become one of the major cybercrime in Saudi Arabia.
It is put of the culture of the Arabs and Muslim in Saudi Arabia to ensure that they are economically empowered (Basamh, Qudaih & Ibrahim, 2014). Individuals work hard to ensure that they become successful and improve the standards of living. Parent teaches their children to work hard in school so that they can attain good grades, which will help them access higher education and succeed in their careers. The culture of attaining success has led to increased pressure to the youths to succeed. As a result, they end up engaging in cybercrime with the aim of getting money and become successful like other member of the community. This has led to increased cases of specific types of cybercrime, for example phishing. Some youths in Saudi Arabia get involved in phishing so as to con companies and individual with the aim of gaining huge amount of money. The youth feel victorious after conning the victims because they think that they have outsmarted them.
Having discussed various factors that have contributed to the problem of cybercrime in Saudi Arabia, it is clear that there is a need for creation of ways of dealing with the problem. It is recommended for the government of Saudi Arabia to come up with laws, which are aimed at preventing cybercrime. Most cybercrimes are committed by people who owner accounts of specific social media sites like Twitter and Facebook. There is need to introduce a law which ensures that the management or the companies, which own those sites take the responsibility of banning people who are using the social media to undertake cybercrime. Thus, the government of Saudi Arabia, through the legislature needs to create law, which allows the relevant authorities in the country to initiate legal proceeding against specific social media sites for the failure to suspend and block accounts that are involved in cyber-crimes. The creation of such law will help in ensuring that social media sites are involved in monitoring all accounts to ensure that they are not used to cause harm to the people or the government of Saudi Arabia.
It is also recommended for the government to come up with Anti-Cybercrime laws that outline specific punishment of perpetrators of particular cybercrimes. The government should ensure that cyber criminals are faced with severe punishments. Creation and implementation of such law will help in discouraging people from getting involved in cybercrime for fear of prosecution. This in turns will help in reducing the problem of cybercrime in the country.
Another recommendation of dealing with cybercrime in Saudi Arabia relate to regulating the use of the internet in the country. One of the major contributors to the increased cases of cybercrime in Saudi Arabia is easy to access to the internet to a large part of the population. Thus, there is need to limit the use of the internet, particularly by blocking specific sites. The government needs to employ Information Technology (IT) experts to block sites that have pornography materials so as to make sure that people in Saudi Arabia, particularly the youths are not involved in publishing or distribution of pornographic materials through the internet.
It is also recommended for the judiciary in the country to country to amend the process of prosecuting the offenders of cybercrime. One of the reasons why cybercrime is a serious problem in Saudi Arabia relates to a complicated process of initiating legal proceeding against the offender of cybercrime. Thus, there is need to simplify the process of persecuting cybercrime offenders so as to encourage the victims to report the suspects and ensure that justice is realized.
It is also recommended for the government to create employment opportunities so as to ensure that large part of the population in Saudi Arabia is involved in economic activities. This will help in dealing with idleness, which influences people to engage in cybercrimes, particularly pornography. Creation of jobs will give people chances to earn a living, and deal poverty-related issues. By reducing the rate of poverty in the country, the number of cyber criminals will reduce. This is because most people are forced to engage in cybercrime, particularly hacking other people’s bank accounts or credit card with the aim of improving their financial stability.
It is recommended for the government of the Saudi Arabia to introduce a campaign, which is aimed at educating the members of the public about the issue of cybercrime. This would help people understand the channels used by cyber criminals to plan and execute attacks on the victims. This understanding would help people to install security systems on various electronic devices like laptops and mobile phones. The members of the public would also learn how to improve their security online. Educating the members of the public would also help them to secure their personal information, and ensure they are not accessed by unauthorized users. This will help in eliminating loophole exploited by the cyber criminals to initiate attacks on their targets.
Almuqrin, A., & Kustron, K. (2015). Fighting cybercrime: A comparison of the cybercrime laws in Saudi Arabia and the United States. International Journal of Computer Science Engineering and Information Technology Research, 5 (4), 1-8.
Alarifi, A., Tootell, H., & Hyland, P. (2012, June). A study of information security awareness and practices in Saudi Arabia. In Communications and Information Technology (ICCIT), 2012 International Conference on (pp. 6-12). IEEE.
Ansary, A. F. (2008). Combating extremism: a brief overview of Saudi Arabia’s approach. Middle East Policy, 15(2), 111.
Basamh, S. S., Qudaih, H. A., & Ibrahim, J. (2014). An overview on cyber security awareness in Muslim countries. International Journal of Information and Communication Technology Research, 4(1), 21-24.
Center for Strategic and International Studies. (2014). Net losses: Estimating the global cost of cybercrime. Economic impact of cybercrime II. Intel Security. Retrieved from https://csis-prod.s3.amazonaws.com/s3fs-public/legacy_files/files/attachments/140609_rp_economic_impact_cybercrime_report.pdf
Clough, J. (2015). Principles of cybercrime. Cambridge University Press.
Dunlap Jr, C. J. (2011). Perspectives for cyber strategists on law for cyberwar. Strategic Studies Quarterly, 5, 81.
Elnaim, B. M. E. (2013). Cyber Crime in Kingdom of Saudi Arabia: The Threat Today and the Expected Future. In Information and Knowledge Management (Vol. 3, No. 12, pp. 14-19).
Finklea, K. &b Theohary, C. (2015) Cybercrime: Conceptual issues for Congress and U.S. law enforcement. Congressional Research Service Report, 7-5700, 1-31. Retrieved from https://fas.org/sgp/crs/misc/R42547.pdf
Halder, D., Jaishankar, K., & Jaishankar, K. (2012). Cybercrime and the victimization of women: laws, rights and regulations. Information Science Reference.
Hu, Y., Chen, X., & Bose, I. (2013). Cybercrime enforcement around the globe. Journal of Information Privacy & Security, 9(3), 34-52.
Internet World Stats. (2016). Saudi Arabia internet usage, broadband and telecommunications reports. Retrieved from http://www.internetworldstats.com/me/sa.htm
Interpol. (2017). Cybercrime. https://www.interpol.int/Crime-areas/Cybercrime/Cybercrime
IstiZada (2017) Saudi Arabia internet usage. Retrieved from http://istizada.com/saudi-arabia-internet-usage/
Jarrett, H. M., & Bailie, M. W. (2010). Prosecuting computer crimes: Computer crime and intellectual property section criminal division. Office of legal education executive office for United States attorneys, 1-207. Retrieved from http://www.justice.gov/criminal/cybercrime/docs/ccmanual.pdf
Jewkes, Y., & Yar, M. (2010). Handbook of internet crime. Cullompton, Devon: Willan Publishing
McCormick, W. C. (2013). The computer fraud and abuse act: Failing to evolve with the digital age. SMU Science and Technology Law Review, 16 (3), 481.
National Crime Agency [NCA]. (2017). Cybercrime. Retrieved: http://www.nationalcrimeagency.gov.uk/crime-threats/cyber-crime
NewZealand.govt.nz. (2015). National plan to address cybercrime. Retrieved from http://www.dpmc.govt.nz/sites/all/files/publications/nz-cyber-security-cybercrime-plan-december-2015.pdf
Rahaman, M. (2017). Cybercrime affects society in different ways. Financial Express. Retrieved from http://www.thefinancialexpress-bd.com/2016/07/04/36968/Cyber-crime-affects-society-in-different-ways
Rasooldeen, D. (2017). Saudi Arabia: Cybercrime costs Saudi Arabia SR 2.6 bn a year. Arab News. Retrieved from http://www.arabnews.com/saudi-arabia/cybercrime-costs-saudi-arabia-sr-26-bn-year
Reuters (2017). Saudi Arabia warns on cyber defense as Shamoon resurfaces. Retrieved from http://www.reuters.com/article/us-saudi-cyber-idUSKBN1571ZR
Taylor, R. W., Fritsch, E. J., & Liederbach, J. (2014). Digital crime and digital terrorism. Prentice Hall Press.
U.S. Department of Justice. (2011) Two Wellington Men Sentenced in Mail and Aggravated Identity Theft Ring. Press release, April 26, 2011; Wayne K. Roustan, “Two Plead Guilty to ID Theft That Cost Victims $786,000: They Admit Stealing Credit and Debit Cards from Mailboxes,”
U.S. Department of Justice. (2014). U.S. Leads Multi-National Action Against Game Over Zeus Botnet and Cryptolocker Ransomware, Charges Botnet Administrator. Press release, June 2, 2014.