Pace Law, Law 606B Cybercrime and Cybersecurity
Fall 2024
Weekly topics and reading
Much reading is from the book "Cybercrime Investigations: A Comprehensive Resource for Everyone". Other readings are from my website articles (generally a simpler read, but also with extensive references). Other readings are from statutes and cases.
Introduction
The weekly reading links are laid out below. Do the reading before class meets so you can participate, share, and learn more. The syllabus and LMS are your main course resources for course instructions and requirements. This page is provided as a convenience.
Menu (jump links)
- Week 0 and course resources
- Week 1 - Course introduction - Cybercrime introduced
- Week 2 - Computers, networks, internet, digital forensics, cybersecurity
- Week 3 - Substantive criminal law, financial crimes, criminal speech
- Week 4 - Cybercrime investigations - the procedure - Nine Tools
- Week 5 - Nation-state cyber conflict and influence
- Week 6 - Civil cyber laws, breach notification, cybersecurity laws, privacy
- Week 7 - Cybercrime investigations - three sectors/perspectives
- Week 8 - Private entity investigations, law enforcement's investigation part 1
- Week 9 - Law enforcement's investigation part 2
- Week 10 - Financial investigation, money laundering, virtual currency, cryptocurrency, attribution
- Week 11 - Apprehension, litigation
- Week 12 - Attorney ethical duties for cybersecurity
- Week 13 - Addressing cybercrime properly, cyber compliance, catch-up, wrap up,
- Bottom
Week 0 and throughout - Course Materials
Important course materials and resources include:
- The learning management system (LMS) which includes
- Syllabus
- Welcome & orientation video
- Announcements
- Assignments
- Discussion
- Course Resources
- Final paper project
- Pace Law Library
Week 1 - Course introduction - Cybercrime introduced
Topics
- Introduction to course
- Syllabus review
- Introduction of assignment on paper topic
- The evolution of cybercrime, from fun to profit
- The cybercrime economy
- Priority cybercrime threats
Reading (read before class, skim any basic level materials which you have already mastered)
- Syllabus
- Cybercrime Investigations, Chapter 1 Introduction: The Need for Good Cybercrime Investigators (pp 3-8)
- Chapter 2 What Is Cybercrime and Why Is It Committed? (pp 9-25)
- The Three Priority Cybercrime Threats, https://johnbandler.com/priority-cybercrime-threats/
- If that is too brief, skim my articles on the three priority cybercrime threats:
- Email based funds transfer frauds https://johnbandler.com/email-based-funds-transfer-frauds
- Ransomware, https://johnbandler.com/ransomware/
- Data Breach, https://johnbandler.com/data-breach/
- How to Write a Paper, https://johnbandler.com/how-to-write-paper/
- How to Learn and Study, https://johnbandler.com/how-to-learn-and-study/
- How to Take an Exam, https://johnbandler.com/how-to-take-an-exam
- Artificial Intelligence and Human Writing and Thinking, https://johnbandler.com/artificial-intelligence-writing-thinking/
- AI's promise and problem for law and learning, https://johnbandler.com/ai-promise-and-problem/
- A guide to citations and references, https://johnbandler.com/guide-citations-references/
- Helpful Legal Resources and Links, https://johnbandler.com/helpful-legal-links/
Reminder: An assignment and discussion this week
Week 2 - Computers, networks, internet, digital forensics, cybersecurity
Topics
- Computers, network, internet, digital forensics
- Cybersecurity & information security principles & practices
- Discuss final paper, and the topic assignment
Reading (read before class)
- Chapter 3 Introduction to Computers, Networks, and Forensics (pp 26-49)
- Chapter 4 Introduction to Information Security and Cybersecurity (pp 50-62)
- Technology basics, https://johnbandler.com/technology-basics/
- Things to know about Cybersecurity, https://johnbandler.com/things-to-know-cybersecurity/
- Introduction to Cybersecurity and Information Security, https://johnbandler.com/introduction-cybersecurity-information-security/
- Bandler’s Four Pillars of Cybersecurity, https://johnbandler.com/bandlers-four-pillars-of-cybersecurity/
- Cybersecurity Tips from John Bandler, https://johnbandler.com/cybersecurity-tips-from-john-bandler/
- Cybersecurity, Privacy, You, and Your Organization https://johnbandler.com/cybersecurity-privacy-you-and-your-organization/
- Artificial Intelligence and Human Writing and Thinking, https://johnbandler.com/artificial-intelligence-writing-thinking/
- Final Paper Project, https://johnbandler.com/final-paper-project/
- Paper Topic Assignment, https://johnbandler.com/paper-topic-assignment/
- Paper Topic Ideas and Areas, https://johnbandler.com/paper-topic-ideas/
- Writing, https://johnbandler.com/writing/
- How to Write a Paper, https://johnbandler.com/how-to-write-paper/
- Email Basics, https://johnbandler.com/email-basics/
Week 3 - Substantive criminal cyber law, financial crimes, criminal speech
Topics
- Criminal statutes applicable to cybercrime
- Financial crimes
- Criminal speech (harassment/stalking, etc.) vs. protected speech
- Reminder on paper topic assignment
Reading (read before class)
- SKIM: Chapter 5 Fundamental Principles of Criminal and Civil Law
(you should be familiar with all the concepts within) (pp 65-89)- SKIM, Criminal cyberlaw, https://johnbandler.com/criminal-cyberlaw/
- Chapter 6 Cybercrime Defined: The Criminal Statutes Outlawing Criminal Conduct Online (pp 90-109)
- First Amendment things to know, https://johnbandler.com/things-to-know-first-amendment/
- Free Speech, the First Amendment, and Social Media (2), https://johnbandler.com/free-speech-first-amendment-social-media-2/
- Budget a reasonable amount of time to read something from (i) NYS statutes, (ii) Federal Statutes, and (iii) about each case, as below.
- NYS Penal Law. Identify and skim some relevant sections relating to theft (larceny), identity theft, computer crime.
- https://ypdcrime.com/penal.law/
- https://www.nysenate.gov/legislation/laws/PEN
- NY PL 156.05, Unauthorized use of a computer, 156.10, Computer Trespass, etc https://ypdcrime.com/penal.law/article156.php
- NY PL 155.00, Larceny and definitions, Petit Larceny, Grand Larceny in the Fourth Degree, etc https://ypdcrime.com/penal.law/article155.php
- NY PL 190.77, 190.78, Identity Theft, definitions, Identity Theft Third Degree, etc., https://ypdcrime.com/penal.law/article190.php#p190.77
- NY PL 470.00, Money Laundering and definitions, Money Laundering in the Fourth Degree, etc. https://ypdcrime.com/penal.law/article470.php
- US Code selected sections. Identify and skim some relevant sections relating to theft, identity theft, computer crime in Title 18
- https://www.law.cornell.edu/uscode/text
- Computer Fraud and Abuse Act (CFAA), 18 U.S. Code § 1030 - Fraud and related activity in connection with computers, https://www.law.cornell.edu/uscode/text/18/1030
- Electronic Communications Privacy Act (ECPA),
- Title I: Wiretap Act 18 U.S.C. §§ 2510–2523, https://www.law.cornell.edu/uscode/text/18/part-I/chapter-119
- Title II: Stored Communications Act (SCA) 18 U.S.C. §§ 2701–2713, https://www.law.cornell.edu/uscode/text/18/2713
- Title III: Pen Registers and trap and trace devices 18 U.S.C. §§ 3121–3127, https://www.law.cornell.edu/uscode/text/18/part-II/chapter-206
- 18 U.S.C. §1028, Fraud and related activity in connection with identification documents, authentication features, and information, https://www.law.cornell.edu/uscode/text/18/1028
- 18 U.S.C. §1956 Laundering of Monetary Instruments, https://www.law.cornell.edu/uscode/text/18/1956
- 18 U.S.C. §1957 Engaging in monetary transactions in property derived from specified unlawful activity, https://www.law.cornell.edu/uscode/text/18/1957
- United States v. Valle ("Cannibal Cop) readings (find something and skim)
- United States v. Valle, 807 F. 3d 508 (2nd Circ. 2015), https://caselaw.findlaw.com/us-2nd-circuit/1719750.html
- Paper Topic Assignment, https://johnbandler.com/paper-topic-assignment/
Reminder: Paper topic assignment due Monday after class 3
Week 4 - Cybercrime investigations - the procedure - Nine Tools
Topics
- Laws for gathering evidence of cybercrime by government
- Privacy/consent, Nine tools, ECPA, CLOUD Act, outside of state/country
- Review of submitted paper topic assignment, prep for paper outline assignment
Reading (read before class)
- Chapter 7 The Law Enforcement Legal Toolkit for Investigating Cybercrime: Laws for Gathering Criminal Cyber Evidence (pp 110-135)
- SKIM and spend a "reasonable time" reviewing relevant parts of U.S. Department of Justice reference materials
-
- US DOJ: Searching & Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations (3rd, 2009?), https://www.justice.gov/d9/criminal-ccips/legacy/2015/01/14/ssmanual2009_002.pdf
- US DOJ: Prosecuting Computer Crimes (2nd, 2010?), https://www.justice.gov/criminal/file/442156/dl, or https://www.justice.gov/d9/criminal-ccips/legacy/2015/01/14/ccmanual_0.pdf
-
- US Attorneys’ Justice Manual (JM, formerly United States Attorneys’ Manual (USAM))
- Main https://www.justice.gov/usam
- Criminal, Title 9, https://www.justice.gov/jm/title-9-criminal
- US Attorneys’ Justice Manual (JM, formerly United States Attorneys’ Manual (USAM))
- Electronic Communications Privacy Act (ECPA) (procedural provisions)
- Spend about 30 minutes finding and reading those procedural sections, start your browse at these links
- Title I: Wiretap Act 18 U.S.C. §§ 2510–2523, https://www.law.cornell.edu/uscode/text/18/part-I/chapter-119
- Title II: Stored Communications Act (SCA) 18 U.S.C. §§ 2701–2713, https://www.law.cornell.edu/uscode/text/18/part-I/chapter-121
- Title III: Pen Registers and trap and trace devices 18 U.S.C. §§ 3121-3127, https://www.law.cornell.edu/uscode/text/18/part-II/chapter-206
- Spend about 30 minutes finding and reading those procedural sections, start your browse at these links
Week 5 - Nation-state cyber conflict and influence
Topics
- Nation state cyber conflict
- Cyber investigations linked to nation states or terrorists
- Propaganda, disinformation operations, and false conspiracy theories online
- Discuss paper outline assignment
Reading (read before class)
- Chapter 8, Cyber Investigations Linked to Nation-States or Terrorists (pp 136-152
- International cyber conflict, https://johnbandler.com/cyber-conflict/
- Mueller report Executive Summaries, available multiple outlets, including https://www.justice.gov/archives/sco/file/1373816/dl, and https://www.lawfareblog.com/full-text-mueller-reports-executive-summaries
- UN Charter Article 2(4) https://www.un.org/en/about-us/un-charter/chapter-1
- UN Charter Article 51 https://www.un.org/en/about-us/un-charter/chapter-7
- Read about the Tallinn Manual (but don’t read the Manual itself), including, https://ccdcoe.org/research/tallinn-manual/ and https://en.wikipedia.org/wiki/Tallinn_Manual
- Michael Schmitt, Grey Zones in the International Law of Cyberspace, Yale Journal of International Law (October 18, 2017), https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3180687
- Michael N. Schmitt, Foreign Cyber Interference in Elections, 97 INT’L L. STUD. 739 (2021), at https://digital-commons.usnwc.edu/cgi/viewcontent.cgi?article=2969&context=ils, via https://digital-commons.usnwc.edu/ils/vol97/iss1/32
Week 6 - Civil cyber laws, breach notification, cybersecurity laws, privacy
Topics
- Civil laws and regulations relevant to cybercrime and cybersecurity
- Data disposal
- Data breach notification
- Cybersecurity
- Privacy
- Discuss paper outline assignment
Reading (read before class)
- Chapter 9, Civil and Regulatory Implications of Cybercrime: Cyberlaw in the Civil and Regulatory Sectors (pp 153-170)
- Civil cyberlaw, https://johnbandler.com/civil-cyberlaw/
- FTC Act, https://johnbandler.com/ftc-act/
- 15 U.S.C. § 45(a)(1) [also known as FTC Act § 5(a)], https://www.law.cornell.edu/uscode/text/15/45
- New York Cybersecurity Requirements and the SHIELD Act, https://johnbandler.com/new-york-cybersecurity-requirements-and-the-shield-act/
- Spend a reasonable amount of time (at least ten minutes) reading the SHIELD Act (General Business Law (GBL) sections 899-aa and 899-bb), so you can tell us something about it:
- NY GBL 899-aa https://www.nysenate.gov/legislation/laws/GBS/899-AA
- NY GBL 899-bb https://www.nysenate.gov/legislation/laws/GBS/899-BB
- Spend a reasonable amount of time reviewing some recent NYS AG enforcement on the SHIELD Act at https://ag.ny.gov/press-releases
- Privacy, https://johnbandler.com/privacy/
- Five Components for Policy Work, https://johnbandler.com/five-components-for-policy-work/
- Bandler’s Three Platforms to Connect (for compliance), https://johnbandler.com/bandlers-three-platforms-to-connect/
- Your organization’s privacy policy — and privacy notice (Reuters article), https://johnbandler.com/organization-privacy-policy-notice/
- Cybersecurity Laws and Regulations 1, https://johnbandler.com/cybersecurity-laws-and-regulations-1/
- Cybersecurity Laws and Regulations Part 2, https://johnbandler.com/cybersecurity-laws-and-regulations-2/
- About the CIPP/US Certification, How to Study for It, and Reference List, https://johnbandler.com/cipp-us-certification/
Reminder: Paper outline assignment due Monday after class 6
Week 7 - Cybercrime investigations - three sectors/perspectives
Topics
- Three perspectives of a cybercrime investigation
- General investigation methods
- Attorneys could be working from any perspective of a cybercrime investigation
Reading (read before class)
- Chapter 10, Embarking on a Cybercrime Investigation: The Three Perspectives and Key Areas of Focus (pp 173-178)
- Chapter 11, General Investigation Methods: Organization, Open Source, Records, and Email (pp 179-200)
Week 8 - Private entity investigations, law enforcement's investigation part 1
Topics
- Private entity cybercrime investigation
- Law enforcement’s cybercrime investigation (part 1)
Reading (read before class)
- Chapter 12, The Private Entity's Cybercrime Investigation (pp 201-219)
- Chapter 13, Law Enforcement’s Cybercrime Investigation (pp 220-243)
- Recap/refresh, Email Based Funds Transfer Frauds, https://johnbandler.com/email-based-funds-transfer-frauds/
- Recap/refresh, Email Based Funds Transfer Fraud - The Details, https://johnbandler.com/email-based-funds-transfer-fraud-details/
Week 9 - Law enforcement's investigation part 2
Topics
- Law enforcement’s cybercrime investigation (part 2)
- Regulator’s investigation
Reading (read before class)
- Refresh re: Chapter 13 Law Enforcement’s Cybercrime Investigation
- Chapter 14 The Regulator’s Investigation (pp 245-251)
- Fall 2024 add on:
- Cyberlaw things to know, https://johnbandler.com/things-to-know-cyberlaw/
- Introduction to law things to know, https://johnbandler.com/things-to-know-introduction-to-law/
Reminder: Recorded presentation due Monday after class 9
Week 10 - Financial investigation, money laundering, virtual currency, cryptocurrency, attribution
Topics
- Financial investigation
- Money laundering
- Virtual currency
- Attribution
Reading (read before class)
- Chapter 15 Financial Investigation: Following the Cybercrime Money (pp 252-264)
- Chapter 16 Identification of the Suspect: Attributing Cyber Conduct to a Person (pp 265-284)
- Money Laundering, https://johnbandler.com/money-laundering/
- Money Mule, https://johnbandler.com/money-mule/
- A Brief History of Virtual Currency and Value, https://johnbandler.com/history-of-virtual-currency/
- Virtual Currency (including digital currency, cryptocurrency, virtual assets, and "value that substitutes for currency"), https://johnbandler.com/virtual-currency-virtual-assets-cryptocurrency/
- SKIM compilation of references at: Virtual Currency and Cryptocurrency Presentation References, https://johnbandler.com/virtual-currency-references/
- Spend about 30 minutes reading some of those references - FinCEN literature, regulations, and laws
Week 11 - Apprehension, litigation
Topics
- Apprehending cybercriminals
- Criminal litigation, including the step-by-step evidence admission method
- Civil litigation
Reading (read before class)
- Chapter 17 Apprehending the Suspect and the Investigation that Follows (pp 285-292)
- Chapter 18 Criminal litigation (pp 295-314)
- Chapter 19 Civil Litigation (pp 315-323)
- Final Paper Assignment, https://johnbandler.com/final-paper-assignment/
Week 12 - Attorney ethical duties for cybersecurity
Topics
- Attorney ethical duties regarding cybersecurity
- Cybersecurity revisited
Reading (read before class)
- Recap: Cybersecurity things to know, https://johnbandler.com/things-to-know-cybersecurity/
- Cybersecurity for Attorneys, https://johnbandler.com/cybersecurity-for-attorneys/
- Attorneys, know your client (and beneficiaries), https://johnbandler.com/attorneys-know-your-client/
- Attorneys on alert for cybersecurity threats: New York's new CLE training requirement, John Bandler, Reuters Legal News, July 19, 2023,
- Cybercrime and Fraud Protection for your Home, Office, and Clients, https://johnbandler.com/bandler-john-cybercrime-fraud-prevention-aba-gp-solo-septoct-2017/
- Bandler Article, A Day in the Life of an Attorney: The Cybersecurity, Technology, and Crime Risks We Face, https://johnbandler.com/bandler-nysba-journal-jul-2018-day-in-life-of-attorney-cybersecurity/
- ABA Committee on Ethics & Professional Responsibility
- SKIM Formal Opinion 477R, Securing Communication of Protected Client Information, May 22, 2017, https://www.americanbar.org/content/dam/aba/administrative/professional_responsibility/aba_formal_opinion_477.authcheckdam.pdf
- SKIM Formal Opinion 483, Lawyers’ Obligations After an Electronic Data Breach or Cyberattack, October 17, 2018, https://www.americanbar.org/content/dam/aba/administrative/professional_responsibility/aba_formal_op_483.pdf
Reminder: Final paper due Monday after class 12
Week 13 (last week) - Addressing cybercrime properly, cyber compliance, catch-up, wrap up
Topics
- Addressing cybercrime properly
- Cyberlaw compliance
- Course catch-up, wrap-up and review
Reading (read before class)
- Chapter 20 Conclusion (pp 324-325)
- Solving the cybercrime problem, March 21, 2023, Reuters Legal News,
- https://johnbandler.com/solving-the-cybercrime-problem/ (has link to a clean pdf of the article)
- https://www.reuters.com/legal/legalindustry/solving-cybercrime-problem-2023-03-21/ (contains some ads which can be annoying)
- Cybersecurity, Cybercrime, and our Government, https://johnbandler.com/cybersecurity-cybercrime-our-government
- Addressing cybercrime properly, https://johnbandler.com/addressing-cybercrime-properly/
- Five Components for Policy Work, https://johnbandler.com/five-components-for-policy-work/
Bottom
Remember to consult the course syllabus and learning management system (LMS).
About the book
- Book landing page: Cybercrime Investigations
- Course Resources
- Everything (search the site)
This page is hosted at https://johnbandler.com/pl-law-606b-cybercrime-cybersecurity-2024-fall, copyright John Bandler, all rights reserved.
Originally posted 8/16/2024. Updated 8/27/2024.