The Internet is a global phenomenon. It offers a fantastically quick access to information and communication by e-mails and is quite literally at our fingertips. However, it has its downside too-among them are spam, viruses, identity theft, malicious code, cyber-stalking and intellectual property violations.

Businesses are losing some $20 billion a year in productivity due to cyberspace disruptions. While Internet is global, there is no international legal response to cyberspace threats or crimes. A number of countries have national laws for these crimes, but they do not extend to other countries and are not harmonized with them. Given these serious problems for Internet users and providers, including businesses, it is rather surprising that the international community is not marshalling efforts to safeguard financial transactions and reduce public fear and frustrations. People seem preoccupied with current political events, such as Iraq, Iran and terrorism, and little time is spent for structural consideration of other important issues.

The Law of Cyber-Space-An Invitation to the Table of Negotiations, by Ahmad Kamal, Senior Fellow at the United Nations Institute for Training and Research (UNITAR), is a new book laying down the foundation for discussions that can lead to the first convention on cyberspace. It details the types of cyberspace crime, describes national laws and their loopholes, offers solutions for further work and invites stakeholders-Governments, private sector and civil society-to negotiations leading to an international law. While Mr. Kamal called on the United Nations to hold these negotiations, he quickly pointed out that discussions could not be purely intergovernmental, but that all stakeholders must fully participate. Governments have the power to legislate and enforce laws; the private sector conducts the research and develops the information technology; and civil society uses the technology. All three must therefore participate as equal partners.

Cover design

Statistics on Internet use and abuse show that the need for cyberspace law is becoming more critical every day. At the end of 2005, almost 973 million of the world's 6.4 billion people were using the Internet: 68 per cent in North America; 53 per cent in Oceania and Australia; 36 per cent in Europe; 13 per cent in Latin America and the Caribbean; 9 per cent in Asia and the Middle East; and 2.7 per cent in Africa.

Katherine Strandberg, professor at DePaul University's College of Law, created with her students a basic collection of cyberspace laws and organized them into 26 categories dealing with right of access, anonymity, data protection, software (including encryption), malicious code, spam, cyber-hooliganism, cyber-stalking, identity theft, cyberterrorism and cyberwar. They also collected laws on criminal liabilities and penalties, sovereignty and jurisdiction, standards of evidence, transnational extradition, telecommunication regulation, regulatory and investigatory powers, and dispute resolution. The research included issues, such as distance contracting, intellectual property, obscene publications, digital signatures and civil liberties and remedies.

Country-specific laws on cyberspace crimes show widely different definitions, legal views and levels or even lack of punishment. Perhaps the most common violation is "right of access" or breaking into someone's computer to read or steal data, and many times to take control of the computer or monitor the electronic actions of the user. Many countries have laws that criminalize unauthorized computer access, although others require proof that the hacker took some additional action. Article 323-1 of the French penal code (1994) states that "fraudulently obtaining or maintaining access to the whole or part of a system for automated data processing is punishable [by imprisonment and a fine]". Japan's computer crime statute of 1999 does not criminalize unauthorized access unless the intruder has circumvented a security measure: if a person has no security set on his computer, no crime has been committed. The United States makes it illegal to just break into a computer and has created a special statute to criminalize computer intrusion. The Netherlands has a two-tier system wherein accessing a person's computer without authority gets a maximum sentence of six months imprisonment, while accessing it and copying data gets four years. However, countries outside of the Western world have no laws on cyberspace crimes.

The first legal loophole in cyberspace crimes is the lack of consistent definition of hacking and other computer intrusions, followed by the lack of extradition among countries. Cyberspace criminals can attack or hack a computer in any country. But which country has jurisdiction over the crime: where the hacker is residing or where the hacked computer is located? And each country has different punishments. In Mr. Kamal's book, each cyberspace crime is defined and existing texts are summarized, after which the loopholes in the legislation are identified and explained, and practical solutions are suggested.

Ehab Al-Shaer, associate professor at DePaul University's School of Computer Science, Telecommunications and Information Systems, served as technical advisor for The Law of Cyber-Space. With his students, he has made significant contributions and improvements in Internet security technology management and speed. While leading universities like DePaul and businesses are making progress in developing more secure systems, Mr. Al-Shaer emphasized that "both Internet security technology and laws have to exist in order to offer a real solution to Internet attacks and threats. Internet security technology alone will not be sufficient, unless laws and social awareness are in place at the same time. Here we talk about local and international laws, regulations and enforcement".

As the Internet continues to attract thousands of new users each day, the number of cyberspace crimes will only increase, causing staggering financial losses and invoking fears among millions of users. The Law of Cyber-Space is our best tool to begin a global dialogue among Governments, technology developers and civil society to harmonize national cyberspace laws and create the first international convention on cyberspace crime, so that Internet transactions can be secure. It is therefore hoped that this book will encourage UN Member States to invite representatives of the private sector and civil society to the negotiating table to discuss this issue of vital concern to us all.

The Law of Cyber-Space is available for free download at http://www.un.int/kamal/thelawofcyberspace.