Criminal cyberlaw ("Cybercrime law")

by John Bandler

Criminal cyberlaw is that portion of cyberlaw that relates to crime, which means cybercrime.

Put differently, criminal cyberlaw is that portion of criminal law that relates to cyber.

Or we can call it "cybercrime law", the laws surrounding cybercrime, found within the area of criminal law.

"Criminal cyberlaw" is not an official legal term, it is just helpful to recognize two important parts of law and cyberlaw: the criminal arenas and the civil arenas. Consider that there are may civil laws that related to cybercrime, but those are within the body of civil law.

Let's break it down.

Explaining the terms and where you are

Let's unpack each word in the term "criminal cyberlaw" and "cybercrime law" with some rough definitions.

  • Cyberlaw = cyber + law. Areas of law that involve the internet and cyberspace
  • Criminal law = areas of law that are not "civil law" but involve crimes and their prosecution
  • Cybercrime = cyber + crime.  Crimes that are committed using computers or the internet.
  • Cybercrime law = cyber + crime + law = areas of law surrounding cybercrime. Think substantive laws and procedural laws (and we are focusing only on laws within the body of criminal law, not civil law)

Again, this article is about criminal cyberlaw. Cyberlaws relating to crime and within the criminal justice system.

Cyberlaw recap

Cyberlaw foundations 2023-7 (2) more detailed

Remember that cyberlaw is the merging of two words, "cyber" and "law".

Cyber essentially means using cyberspace, using the Internet and a computer.

Law is our system of laws, which is a continually evolving process that started hundreds of years ago (thousands even) and continues.

More on this in my article on cyberlaw.

The parts of criminal cyberlaw

Criminal cyberlaw is the portion of cyberlaw that relates to "crime". Think cybercrime.

Cybercrime involves people and organizations committing those crimes, usually for profit and greed and to make money.

Cybercrime involves victims and people and organizations trying to protect against cybercrime attacks, and responding to them. Here we need to think about civil cyberlaws, which impose obligations upon these people and organizations for data breach reporting, cybersecurity, privacy, and more. More on this civil cyber laws below.

Cybercrime also involves government investigating and attempting to prosecute cybercriminals.

As we think about criminal cyberlaw, we think about two important parts:

  • Substantive criminal law (the laws that cybercriminals violate and could be charged with, if identified and apprehended)
  • Procedural criminal law (the process of investigating and prosecuting cybercriminals)

As above, I put the "civil" cyberlaws into a different category, covering them separately.

Substantive criminal cyber specific laws

First, remember that there are a lot of "traditional" criminal substantive laws that can be applied to cybercrime.

Starting with:

  • Theft crimes
  • Identity theft crimes
  • Money laundering crimes.

Then consider specific cybercrime statutes that relate to cybercrime conduct, including:

  • Laws about intruding into computers and data systems
  • Laws about stealing data
  • Laws about monitoring communications.

These crimes will include:

  • Computer Fraud and Abuse Act (CFAA)
  • Electronic Communications Privacy Act (ECPA), which includes
    • Wiretap Act
    • Stored Communications Act (SCA).

More in my dedicated article on substantive cybercrime laws.

Procedural criminal cyber specific laws

Again, first remember that there are a lot of "traditional" criminal procedural laws that apply to cybercrime investigation and prosecution.

This starts with the U.S. Constitution and Amendments, including the Fourth Amendment regarding government search and seizure. Then it continues with all the established rules of criminal procedure being used in federal and state courts.

Then we look to how these traditional laws are applied to cybercrime, and we look to any cyber specific procedural mechanisms.

  • Electronic Communications Privacy Act (ECPA), which includes
    • Wiretap Act
    • Stored Communications Act (SCA).

More in my dedicated article on procedural cybercrime laws.

The value of thinking like a prosecutor

I encourage students and learners to "think like a prosecutor" when assessing cybercrime and criminal cyberlaw.

That requires important knowledge and skills and thinking about:

  • Facts
  • Law
    • Substantive laws (the crimes that could be charged)
    • Procedural laws to investigate (to gather evidence)
    • Procedural laws to prosecute (to litigate and prove guilt)
  • The interests of justice (what is fair)

More in subsequent articles.

Is there more to know about criminal cyberlaw?

Of course, see some of the references below, especially my 2020 book Cybercrime Investigations.

Conclusion

Criminal cyberlaw is a fascinating area built on traditional law. We can broaden our understanding of traditional law, and then see how it applies to cyber, and examine new rules relating to cyber.

This article is (of course) not tailored to your circumstances, nor is it legal or consulting advice.

Additional reading on this site

This article is hosted at https://johnbandler.com/criminal-cyberlaw, copyright John Bandler, all rights reserved.

Originally posted 6/2/2024, updated 9/29/2024.