Jurisdiction for Cybercrimes – Which Court Do We Turn To?
Cybercrimes happen in a space we cannot physically see, and there is no Court dedicated to internet crimes. This begs the question - where should these crimes be decided?
Non-cyber crimes usually have straight forward criteria that determine which court should hear the matter. For example, if someone steals from a shop in Sydney, there is no argument about which court has jurisdiction to hear the case. The internet however does not have the same physical boundaries that make jurisdiction clear. The following questions need answers before we determine the jurisdiction. What is the actual crime? Is it the illegal act itself or the harm caused by the offender? Is the location of the crime where it was committed or the place the harm was felt? Does the nationality of the offender change anything if the crime was not committed in the offender’s home country? These are all questions that have different answers in different nations.
Council of Europe Convention on Cybercrime (Cybercrime Convention)
This document is the first international treaty that addresses cybercrime. The objective of the treaty is to create a policy that protects society against cybercrime. It aims to do this by adopting relevant legislation and being a catalyst for international collaboration. The Cybercrime Convention is by no means perfect – there is an abundance of enforcement issues. International courts generally have limited powers, so the global community relies on domestic legislation in cooperating countries to create uniformity. However, because of individual state sovereignty different countries have different ideas on how legislation regulating cybercrime should be. This results in varying standards throughout the world. Despite the flaws, the Cybercrime Convention is the leading body because it is the only international guidance in this area.
In terms of jurisdictional issues, article 22(1)(a) of the treaty states that “effect” and “citizenship” are bases for jurisdiction. However, where more than one party claims jurisdiction over an offence, the parties need to consult and determine the most appropriate jurisdiction. This once again leaves uncertainty about how to determine jurisdiction correctly.
A case where the Cybercrime Convention’s criteria for jurisdiction, which is “effect” and “citizenship” was not sufficient is the Love Bug virus. The offender was based in the Philippines, but attempted to hack into banks in the US. The US could not request extradition of the offender as the Philippines did not have legislation against the crime in question. This was a classic case of one country attempting to enforce its laws and another country attempting to preserve its legal sovereignty.
The jurisdictional issues faced in the area of cybercrime are not new to the international law sphere. Unenforceability of international laws is still an unsolved problem, and will affect the area of cybercrime indefinitely. Until all countries are able to agree on the best way to approach jurisdictional issues in cybercrime, we will have a range of laws to become familiar with. If you have been affected by cybercrime and are unsure about which court has jurisdiction to hear your matter, contact an IT Lawyer today.
Have more questions? Contact a LawPath consultant on 1800 529 728 to learn more about customising legal documents and obtaining a fixed-fee quote from Australia’s largest legal marketplace.
Kayal is a Legal Tech Intern at Lawpath as part of the content team. She is currently studying a Bachelor of Laws with a Bachelor of Science (major in Cyber Security) at Macquarie University.