Today we will be talking about the issues regarding internet law originating from the recent news about the major security breach at the NSA. There are two elements of a crime in which the hackers have subscribed to. The first one is “Actus reus” whereby it is a wrongful deed that is prohibited by law which is the action. The second element is “Mens rea” where the hacker had a guilty mind.
They had the intent and knowledge to carry out the act and is of sane mind. The law that we shall be relating this issue with is the Computer Crime Act 1997. The current issue with the Computer Crime Act 1997 is that it does not specifically cover the person who caused the data breach accountable.
Another similar incident occurred with Equifax where more than 150 million personal information of US citizens was leaked in a major data breach, however, Equifax was not held accountable for the data breach as they never fixed a critical vulnerability in their software despite repeated warnings from various agencies including the Department of Homeland Security. This particular data breach also raises the issue of whether or not intelligence agencies around the world should be allowed to exploit vulnerabilities in programs for their own spying use.
In conclusion, governments need to sit down and reform their laws and procedures which will maintain balance in both privacy and security. For example, intelligence agencies must report any vulnerabilities to the respective company after the exploit is discovered to ensure they can protect their customer. Companies should also be held accountable if important customer data is stolen due to vulnerabilities in their software.