2. Agenda
1. Survey Global & Local Cybercrime scene
2. Highlight several pertinent characteristics of the victims and
perpetrators
3. Adopt Lessig’s 4 modalities to observe Singapore’s approaches
3. Why Singapore?
1. Highly connected nation
– Broadband penetration rate 142.4% (IDA, 2012)
– Mobile phone penetration rate 148.5% (IDA, 2012)
2. High global cybercrime victimization rate
– 80% of Internet users in Singapore have experienced cybercrime
– 4th highest rate in the world (Symantec Corporation, 2011)
3. Active promotion of Internet usage & posture towards cybercrime
– Intelligent Nation 2015 Masterplan (IDA)
– Consistently ranked 1st globally for infocomm development (Weizhen,
2009)
– INTERPOL’s Global Complex to be established in Singapore (MHA,
2010)
4. Scope of Cybercrimes
• Definition: “Any violations of
criminal law that involve a
knowledge of computer
technology, for their
perpetration, investigation and
prosecution.” (Keyser, 2003, p.
290)
• Common crimes (APCERT,
2010; Jin-Cheon, Hao, Yong,
Hao & Kandan, 2009;
Symantec Corporation, 2011)
– Virus/Malware, fraud, scams,
ID theft, cyber harassment etc.
– Exclude cyber-terrorist type
5. Observations (Perpetrators)
Misguided Rationalizations “As with most types of crimes, there is no
1. Curiosity single motive” (Kirwan & Power, 2012, p.
79) that accounts for all these behaviors.
– Virus/Malware creators, Hackers
However, many of these behaviors
2. Differential Association Syndrome observed stem from misjudgment of the
– Hacking - Colleagues taking paper consequences or inappropriate
clips and using photocopy machine rationalization, such that perpetrators do
for personal purposes, why cant I
use computer resources? not see their behavior as harmful or
criminal.
3. Higher Ethic Motive
– Theft/Scam/Fraud - An accountant
chose to embezzle company funds
instead of allowing his mafia-linked
bosses to profit from their ill-gotten
gains
4. Ignorance
– Harassment type – Ignorant of the
magnitude and consequences of
their actions
5. Others
– IP Violators – Not denying anybody
of its use, therefore not considered
theft (traditional definition)
6. Observations (Victims)
Lack of Astuteness
1. Fraud/Scams/Hacking
– typically prey on victims’
ignorance and gullibility (Parker,
1998)
– victims lack understanding on how
such scams exploit their
psychological weaknesses and
ignorance (KPMG, 2011)
2. Harassment Type
– availing of personal information
(Kirwan & Power, 2012)
7. Observations (Perpetrators/Victims)
High Involvement of Youths
1. Victims
– Harassment type, such as
cyberbullying and sexting (Gwee,
2008; Kirwan & Power, 2012;
Lenhart, 2009; Tham & Toh, 2012)
– Virus and Malware attacks -
consume and share contaminated
music and video content
frequently (Yar, 2006)
2. Perpetrators
– Intellectual Property violators
(Kirwan & Power, 2012)
– Virus creators/transmitters,
hackers (Ubas, 2008)
– Harrassments
8. 4 Modalities of Constraints (Lessig)
Internet behaviors can be regulated by 4 constraints
1. Law – stipulates which behaviors
can be carried out to avoid legal
punishment
2. Architecture – affordance of
technology or design of
technology
3. Markets – financial costs that
would constrain user behavior
4. Social Norms – “constrain through
the stigma that community
imposes” (Lessig, 2006, p. 124)
9. Law
1. Globally ineffective as a constraint
– 10% cybercrimes reported, and less than 2% of reported cases successfully
prosecuted (Jewkes, 2003; Symantec Corporation, 2011)
– Huge difficulties in cross-border enforcements
– Typically viewed as the worst constraint (Grabosky, et al., 2001)
2. Supporting international Internet laws
– Subscriptions: Wassenaar Agreement, The World Intellectual Property
Organization etc.
3. Continually updated (Attorney-General's Chambers, 2010; Brenner &
Koops, 2004; Leong & Wai, 2005; Urbas, 2008)
– To accommodate newer forms of cybercrime
– Extend its territorial jurisdiction
– Align with international interests
– Examples: The Electronic Transactions Act, Evidence Act, Spam Control Act
and Computer Misuse Act
4. Proficient use of existing legislations (Urbas, 2008)
– The Penal Code, Copyright Act and Trade Marks Act
10. Architecture
1. Globally unstable as a constraint (see-saw battle)
– Lessig claims that technology is the “predominant regulatory institution
for cyberspace” (Grabosky et al., 2001, p. 7)
– Cyberspace’s architecture created the potential for more criminal
activities to occur (Jewkes, 2003)
2. Heavy investments into security infrastructure
– S$70 million in the Infocomm Security Masterplan (MP2)
– 2-Factor-Authentication process for banking transactions (Leong & Wai,
2005)
3. Singapore has seen some success in this regard
– Absence of successful technological attacks
11. Markets
1. Globally limited as a constraint
– Movies/Music/Software: cheaper compared to physical counterparts and
the past
– IP violation increasing, and creative industry losing billions (Symantec
Corporation, 2011; Yar, 2006)
– Efforts, such has the implementation of the Digital Rights Management
(DRM) system, have little impact
2. Singapore has seen some success in this regard
– The Business Software Alliance in Singapore encourages whistle-
blowers, via a reward of S$20,000, to expose piracy activities.
– This has led to falling software piracy rates over the years (Tham, 2012)
12. Social Norms
1. Globally powerful as a constraint
– Stop Online Piracy Act [SOPA] episode:
Social norm of free speech VS stringent anti-piracy law
– SOPA successfully rallied against the Law
2. Locally powerful as a constraint (Singapore)
– Many cases of online shaming have been shown to influence Internet users’
behavior (Hou, 2010; Jin-Cheon et al., 2009; Wong, 2012)
3. Working on social norms would yield greatest impact
– How is this done: “Education is, in part at least, a process through which we
indoctrinate [users] into certain norms of behavior” (Lessig, 2006, p. 129)
– Moreover, cybercrime trends (local and globally) suggest that education
would be appropriate to reduce victimization and perpetration of cybercrime:
• Misguided Rationalizations
• Lack of astuteness
• High Involvement of Youths
13. Education Landscape in Singapore
1. Preventing Victimization messages are most prevalent globally
– Livingstone & Haddon, 2009; Media Development Authority of
Singapore, 2007, 2010; National Crime Prevention Council, 2012
– Yet, many youths feel they are not getting enough (Symantec
Corporation, 2011)
2. Avoiding Perpetration messages are lacking globally
3. Cyberwellness Education in Singapore
– Developed by Media Development Authority of Singapore
– Incorporated into national curriculum
– Promotes 4 core values:
• Balanced Lifestyle
• Embracing the Net and Inspiring Others
• Astuteness
• Respect & Responsibility
– Preventing victimization and avoiding perpetration
14. Conclusion & Future Challenges
Limitations:
No prior attempt has been made to review Singapore’s regulation of
Internet behaviors using the four modalities of constraint. Without actual
(versus reported) data on the cybercrime prevalence rate, which is
challenging to come by, the effectiveness of each constraint is hard to
assess well. Future studies would do well with such data available.
Conclusion:
The use of laws, architecture and market forces, as a constraint are
ineffective, unstable and limited respectively. Yet, Singapore has used
these constraints well. Recognizing the power of social norms, and the
strategically relevant (to cybercrime trends) process of manipulating it,
Singapore has done well to actively promote Cyberwellness education.
Future Challenges:
While Singapore develops a code of conduct for social media use, it has to
consider the challenges that each modality presents. This paper
recommends that this exercise be pursued holistically, with education as its
primary means of regulating social media behaviors.
15. Thank you!
• Electronic Transactions Act, Singapore Statues Online (2010, 19 May).
• Brenner, S. W., & Koops, B.-J. (2004). Approaches to Cybercrime Jurisdiction. Journal of High Tech Law, 4(1).
• Chen, T. (2010, 26 Aug). Arrested for 'inciting violence' on Facebook, The Straits Times.
• Chew, M. (2012, 6 Apr). Rules in real life must apply online: Yaacob, The Straits Times.
• Fight for the Future. (n.d.). SOPA Timeline Retrieved 21 May, 2012, from http://sopastrike.com/timeline
• Grabosky, P., Smith, R. G., & Dempsey, G. (2001). Theft and Cyberspace Electronic Theft: Unlawful Acquisition in Cyberspace (pp. 1-14). Cambridge: University Press.
• Gwee, S. (2008, 11 Mar). Caught in Web of Menace, The Straits Times.
• Hou, C. H. (2010, 13 Feb). Racist Facebook postings: Three youths won't be charged, The Straits Times.
• IDA. (2008). New S$70m Masterplan To Boost Singapore's Infocomm Security Competency And Resilience. Retrieved 16 May, 2012, from http://www.ida.gov.sg/News and
Events/20080417090044.aspx?getPagetype=20
• IDA. (2010). Securing Our Cyberspace, A Shared Responsibility Retrieved 16 May, 2012, from http://www.ida.gov.sg/News and
Events/20060530102030.aspx?getPagetype=21
• IDA. (2012). Statistics on Telecom Services for 2012 (Jan - Jun) Retrieved 10 Oct, 2012, from http://www.ida.gov.sg/Publications/20110209152802.aspx
• Jewkes, Y. (2003). Policing the Net: crime, regulation and surveillance in cyberspace. In Y. Jewkes (Ed.), Dot.cons: Crime, Deviance and Identity on the Internet (pp. 15-35).
Cullompton: Willan Publishing.
• Jin-Cheon, N., Hao, W., Yong, J., Hao, T. M., & Kandan, R. M. (2009). Analysis of Computer Crime in Singapore using Local English Newspapers. Singapore Journal of
Library & Information Management, 38, 77-102.
• Keyser, M. (2003). The Council of Europe Convention on Cybercrime. J. Transnational Law & Policy, 12, 287- 326.
• Kirwan, G., & Power, A. (2012). The Psychology of Cyber Crime: Concepts and Principles. Hershey, PA: Information Science Reference.
• KPMG. (2011). KPMG Singapore Fraud Survey Report 2011. In KPMG (Ed.). Singapore.
• Lenhart, A. (2009). Teens and sexting. Pew Internet & American Life Project. Retrieved from http://pewresearch.org/assets/pdf/teens-and-sexting.pdf
• Leong, C., & Wai, C. K. (2005). Cyber-Security: Country Report on Singapore, 2003. In R. Broadhurst & P. Grabosky (Eds.), Cyber-crime : the challenge in Asia (pp. 125-
140). Hong Kong: Hong Kong University Press.
• Lessig, L. (2006). Code 2.0 (2nd ed.). New York: BasicBooks.
• Lim, L. (2012, 11 Oct). Amy Cheong 'could face charges' for online rant, The Straits Times.
• Livingstone, S., & Haddon, L. (2009). EU Kids Online: Final report LSE, London: EU Kids Online. (EC Safer Internet Plus Programme Deliverable D6.5).
• MDA. (2007). MDA accepts NIAC’s recommendations (Annex A). Singapore: Retrieved from http://www.mda.gov.sg/Documents/mobj.1026.annex-a.pdf.
• MDA. (2010). Cyber Wellness Retrieved 4 Oct, 2010, from http://www.mda.gov.sg/Public/Pages/CyberWellness.aspx
• Parker, D. B. (1998). Fighting Computer Crime: A New Framework for Protecting Information. New York: John Wiley & Sons.
• Phair, N. (2007). Cybercrime: The reality of the threat. Canberra, Australia: E-Security.
• Power, R. (2000). Tangled Web: Tales of Digital Crime from the Shadows of Cyberspace. Indianapolis: Que Corporation.
• Putnam, T., & Elliott, D. (2001). International Responses to Cyber Crime. In A. Sofaer & S. Goodman (Eds.), Transnational Dimension of Cyber Crime and Terrorism (pp. 35-
66). Stanford, California: Hoover Institution Press.
• Singapore Customs. (n.d.). Partnership in global security. inSync - a Singapore Customs e-newsletter Retrieved 29 May, 2012, from
http://www.customs.gov.sg/insync/issue03/updates/security.html
• Symantec Corporation. (2011). Norton Cybercrime Report 2011 Retrieved 18 Apr, 2012, from
http://www.symantec.com/content/en/us/home_homeoffice/html/cybercrimereport/
• Tham, I. (2012, 16 May). One in two uses pirated software here: Survey, The Straits Times.
• Tham, I., & Toh, K. (2012, 28 Mar). Racist posts: Culprits 'tend to be young', The Straits Times.
• Urbas, G. (2008). An Overview of Cybercrime Legislation and Cases in Singapore (Vol. Working Paper Series No. 001): Asian Law Institute (ALSI).
• WIPO. (n.d.). The World Intellectual Property Organization Retrieved 4 May, 2012, from http://www.wipo.int/portal/index.html.en
• Wong, T. (2012, 21 Apr). NET VIGILANTES: Are they going too far with online witch-hunts?, The Straits Times.
• Yar, M. (2006). Cybercrime And Society. London: Sage.