Module 7: Principals of Digital Forensics and Cyber Law

A 12-Unit Module that Started on March 2023 and was Covered in 12 Weeks by Maria Alvanou

Summary

In this Module, a jurisdiction-neutral overview of law that emphasized on cybersecurity-related principles like evidence collection and forensics was provided.

It established a foundation in common legal principles, ethics, regulatory challenges, and evidence gathering applicable to various situations and jurisdictions, focusing on legal and ethical considerations in cybersecurity.

Skills Acquired during this Module

Ability to identify and evaluate information to build up a case analysis, as well as practice research skills and apply critical assessment.

Ability to assess the quality of digital evidence and apply evaluation skills to a case study.

Gained knowledge on the issues concerning digital deviance, breaches of rights and the extent the criminal justice system can reach a balance between competing rights.

Gained Knowledge of the issues concerning cyber-victims and cyber-harms.

Awareness of the issues concerning ethics in the cyberspace.

Gained knowledge on the issues concerning international and transnational cooperation in combatting cybercrime.

Awareness of the various implications and limitations concerning evidence and evidence gathering.

Gained knowledge of the issues concerning the investigative context and problems concerning jurisdictions.

References Used

Below is a list of all the Sources (articles, books, reports, whitepapers, websites, etc) that I used through out this module (Using Harvard Referencing style).

Anon, 2013. Challenges of Implementing Cyber laws in Uganda. [Online] Available at: https://www.summitcl.com/wp-content/uploads/2017/01/Challenges-of-Implementing-Cyber-laws-in-Uganda.pdf [Accessed 16 April 2023].

N26, 2023. Debit card fraud—what you need to know. [Online] Available at: https://n26.com/en-eu/blog/debit-card-fraud [Accessed 14 April 2023].

Sherloc, N.D.. Case Law Database. [Online] Available at: https://sherloc.unodc.org/cld//case-law-doc/cybercrimecrimetype/uga/2015/gachev_ors_v_uganda_criminal_appeal_155_of_2013_2016_ughccrd_4_16_july_2016.html?lng=en&tmpl=sherloc [Accessed 11 April 2023].

Sherloc, N.D.. Case Law Database. [Online] Available at: https://sherloc.unodc.org/cld//v3/sherloc/cldb/search.html?lng=en#?c=%7B%22filters%22:%5B%7B%22fieldName%22:%22en%23__el.caseLaw.crimeTypes_s%22,%22value%22:%22Cybercrime%22%7D%5D,%22sortings%22:%22%22%7D [Accessed 11 April 2023].

Sherloc, N.D.. Database of Legislation. [Online] Available at: https://sherloc.unodc.org/cld/v3/sherloc/legdb/search.html?lng=en#?c=%7B%22filters%22:%5B%7B%22fieldName%22:%22en%23__el.legislation.crimeTypes_s%22,%22value%22:%22Cybercrime%22%7D,%7B%22fieldName%22:%22en%23legislation@country_label_s%22,%22value%22:%22U [Accessed 14 April 2023].

Anon, 2018. Laws of Kenya. [Online] Available at: http://www.kenyalaw.org/lex/actview.xql?actid=No.%205%20of%202018 [Accessed 29 April 2023].

Close, A. G., Zinkhan, G. M. & Finney, Z. R., 2006. Cyber-Identity Theft. Encyclopedia of E-Commerce, E-Government, and Mobile Commerce,, pp. 168-171.

Communications Authority of Kenya, 2022. October-December Cybersecurity Report, Nairobi: The National KE-CIRT/CC

Communications Authority of Kenya, N.D.. The National KE-CIRT/CC. [Online] Available at: https://ke-cirt.go.ke/ [Accessed 29 April 2023].

Karanja, J., 2017. Cybercrime Related Investigations in Kenya. [Online] Available at: https://www.researchgate.net/publication/331431758_Cybercrime_Related_Investigations_in_Kenya [Accessed 29 April 2023].

Ambani, B., 2023. Data chief seeks system to secure private details. [Online] Available at: https://nation.africa/kenya/business/data-chief-seeks-system-to-secure-private-details-4094746 [Accessed 23 May 2023].

Anon, N.D.. LifeLock. [Online] Available at: https://lifelock.norton.com/# [Accessed 20 May 2023].

Anon, N.D.. The computer misuse and cybercrimes act. [Online] Available at: https://nc4.go.ke/the-computer-misuse-and-cybercrimes-act/ [Accessed 21 May 2023].

Anyanzwa, J., 2021. Kenya's financial services firms prime target for fraudsters. [Online] Available at: https://www.theeastafrican.co.ke/tea/business/kenya-identity-fraud-financial-services-industry-3441762 [Accessed 25 May 2023].

Copes, H., Kerley, K. R., Huff, R. & Kane, J., 2010. Differentiating identity theft: An exploratory study of victims using a national victimization survey. Journal of Criminal Justice, 38(5), pp. 1045-1052.

Harbawi, M. & Varol, A., 2016. The role of digital forensics in combating cybercrimes. 2016 4th International Symposium on Digital Forensic and Security (ISDFS), pp. 138-142.

Holt, T. J., Bossler, A. M. & Seigfried-Spellar, K. C., 2022. Cybercrime and Digital Forensics: An Introduction. 3 ed. Oxon: Routledge.

Hussain, A. & Cheng, M., 2022. What Is Identity Theft? Definition, Types, and Examples. [Online] Available at: https://www.investopedia.com/terms/i/identitytheft.asp [Accessed 20 May 2023].

Kivuva, E., 2022. Two-step card payments pile pressure on vendors. [Online] Available at: https://nation.africa/kenya/business/two-step-card-payments-pile-pressure-on-vendors--3804556 [Accessed 20 May 2023].

Legal Guidance, 2019. Cybercrime - prosecution guidance. [Online] Available at: https://www.cps.gov.uk/legal-guidance/cybercrime-prosecution-guidance [Accessed 20 May 2023].

Mari, G., 2018. Why you should be worried if your phone or ID was stolen and you did not file a police report. [Online] Available at: https://www.pulselive.co.ke/news/local/identity-theft-why-you-should-be-worried-if-your-phone-or-id-was-stolen-and-you-did/524l4s9 [Accessed 20 May 2023].

Money254 Team, 2021. Identity Theft Nightmare: Kenyans Are Losing Millions to Fraudsters. [Online] Available at: https://www.money254.co.ke/post/identity-theft-nightmare-kenyans-are-losing-millions-fraudsters#:~:text=The%20pandemic%20has%20only%20exacerbated,were%20linked%20to%20online%20fraud. [Accessed 20 May 2023].

Mutung'u, G., 2021. Digital Identity in Kenya. [Online] Available at: chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://researchictafrica.net/wp/wp-content/uploads/2021/11/Kenya_1.11.21.pdf [Accessed 21 May 2023].

National council on identity theft protection, N.D.. 2023 Identity Theft Facts and Statistics. [Online] Available at: https://identitytheft.org/statistics/ [Accessed 20 May 2023].

Ndemo, B., 2019. We must curb identity theft crisis or face the consequences of our inaction. [Online] Available at: https://nation.africa/kenya/blogs-opinion/blogs/dot9/ndemo/we-must-curb-identity-theft-crisis-or-face-the-consequences-of-our-inaction-137432 [Accessed 20 May 2023].

Otieno, S., 2022. Puzzle of stolen ID used in Sh2.7m M-pesa transaction. [Online] Available at: https://nation.africa/kenya/news/puzzle-of-stolen-id-used-in-sh2-7m-m-pesa-transaction-3820176 [Accessed 21 May 2023].

PwC, 2020. PwC Kenya Economic Crime and Fraud Survey, Nairobi: PwC. Sunday, F., 2019. Phone users losing millions through identity theft. [Online] Available at: https://www.standardmedia.co.ke/business/article/2001287820/how-kenyans-lose-millions-through-mobile-phones [Accessed 20 May 2023].

Tajpour, A., Ibrahim, S. & Zamani, M., 2013. Identity Theft Methods and Fraud Type. [Online] Available at: https://www.researchgate.net/publication/273259976_Identity_Theft_and_Fraud_Type [Accessed 20 May 2023].

Wako, J., 2022. Data Protection and Cybersecurity Laws in Kenya. [Online] Available at: https://cms.law/en/int/expert-guides/cms-expert-guide-to-data-protection-and-cyber-security-laws/kenya [Accessed 21 May 2023].

Wambugu, S., 2023. Our data is our life — please protect it. [Online] Available at: https://nation.africa/kenya/blogs-opinion/opinion/our-data-is-our-life-please-protect-it-4111748 [Accessed 24 May 2023].

Zhang, Y. et al., 2012. A survey of cyber crimes. Security and Communication Network, Volume 5, pp. 422-437.

Tasks and Assignments Done throughout this Module

Below is a breakdown of the activities done weekly during the 12-Unit Module.

Week 1: Unit 1 - The Law and Legal Systems

After going through a Lecture cast, books and a having a introductory lecture, I got to explore the implications and limitations concerning cybercrime law.

Introduction to the paradigm of law - asking the question: What is law?, as well as aspects of the law was also covered.

Week 2: Unit 2 - Principles of Evidence and Proof

We looked at issues concerning proof and the issues concerning the standard and burden of proof.

Week 3: Unit 3 - What is 'Evidence' Anyway?

We had a Lecture cast and book reading that focused on exploring the topic of evidence gathering in the context of cybercrime, as well as the difficulties of identifying evidence, and how this has been affected by legislation.

Reading also included specific examination of the work of collecting evidence and the problems in connecting a suspect to the alleged crime.

Week 4: Unit 4 - Continuity and Reliability

With the use of books, practical examples and reading activities, we learned the quality and reliability of evidence.

We also read on different methods of evidence gathering; that is inconsistency of application which might lead to complications when the crime is transnational. The focus, as it has been in the past two weeks, is on evidence gathering by focusing more on the human-aspect of evidence gathering.

Week 5: Unit 5 - Virtual Crimes and Tangible Harms

With the use of a Lecture cast, books and a lecture, we explored issues concerning victims and the different harms suffered from a cybercrime.

The reading introduced the limitations of some legal jurisdictions in addressing vulnerabilities and victims' suffering.

We also got to evaluate the feasibility of legal systems of protecting the public from cyber-harms that it does not necessarily recognise in legislation.

Week 6: Unit 6 - Cybercrime and Social Perception

It explored public perceptions and public opinion about internet crime, whereby, being awareness of these perceptions is important because in liberal democratic states, public opinion plays an important role in shaping public policy.

We also explored the issues concerning social perceptions concerning cybercrime, and also how the costs of cybercrime and its harm have affected the extent of this being dealt with effectively by the Criminal Justice System (CJS).

We were also tasked on carrying out research to create a case study analysis on a particular cybercrime in the country of our choice through the UNODC database on cybercrime.

Below is my presentation in pdf and its transcript.

Research Presentation in pdf

Download PDF

Research Presentation Transcript

Download PDF

Week 7: Unit 7 - Rights in Cyberspace

After going through a Lecture cast, books and a having a lesson with the Lecturer, I gained knowledge of the human rights in the context of the cyberspace.

I got to investigate issues concerning the tension between competing interests, and the need to find a balance between rights such as the right to privacy and the right of freedom of expression.

I got to critically consider whether these rights have any meaning in a digital landscape, and whether when we put something 'out there' do we lose ownership of it.

Finally, I also investigated the effects and efficiency of the Data Protection legislation in ensuring compliance (The GDPR will be discussed in the relevant lecturecast).

Week 8: Unit 8 - Digital Deviance

We explored a very difficult question: why individuals commit cyberspace crimes. This is an important question, because the answer(s) might affect the way this crime is dealt with.

We also evaluated whether traditional criminological theories can explain this sort of deviance, or whether there is need to rethink our understanding of the reasons why people engage in cyber harmful activities.

We assessed the extent criminological theories can make sense of cyberspace deviance.

Week 9: Unit 9 - The Investigative Context and Investigative Pitfalls

We had a Lecture cast and book reading that explored issues concerning the digital investigate process.

We got to address issues concerning reporting, investigative agencies, and knowledge management. These will be addressed in national, international and transnational contexts.

We also reflected on issues concerning the admissibility of evidence digital evidence in court.

We had an Assessment that was to examine how we explore the challenges and opportunities of regulating and policing cyberspace. The assessment was to write a Blog Post that Investigates Cybercrime: Problems and Solutions' in my country. Below is the essay that I handed out.

Download PDF

Week 10: Unit 10 - Policing in a Digital Landscape

With the use of books, practical examples and reading activities, we explored issues concerning policing in a digital context. The learning addressed national, transnational and international nature of tackling cybercrime while considering issues concerning cooperation and problems related to jurisdiction.

We also got to review our peers' blog posts

Week 11: Unit 11 - The Expert Witness

With the use of a Lecture cast, books and a lecture, we looked at concerns related to the digital expert witness.

The learning led towards the questioning of bias and accuracy, as well as expertise.

Week 12: Unit 12 - Ethics in the Digital Landscape

It focused on the future of the Internet: How a number of alternative next generation internet solutions will operate and how these solutions address key challenges.

We had an Assessment that was to examine my critical evaluation of the different types of evidence and collection, and presentation techniques. The assessment was to carry out an extensive independent research and produce an Expert Report on all possible aspects of cyber-identity theft that apply to the country in question. Below is the report that I submitted.

Download PDF

E-Portfolio: Beatrice MUTEGI-ROYER