ABU DHABI // Cyber crimes in the Emirates are evolving faster than the laws to catch the criminals, a federal judge and other legal officials warned yesterday as they called for urgent updates to statutes regulating technology.
The comments are backed by research that shows a disturbing increase in the incidence of cyber crime in the UAE.
Dr Mohammed al Kaabi, a judge in the federal court, said: “We are working on updating the UAE cyber crime law.”
He added that suggestions for a Gulf-wide cyber crime law were being collected, with the aim of developing a guide for countries that did not have their own laws, or whose laws lacked the scope to prosecute.
But closing gaps in the law at home so that cyber criminals can be brought to justice must take first priority, experts say.
Dr Ibrahim Baggili, the director of the advanced cyber forensic research laboratory at Zayed University, said cyber crime cases that reached Abu Dhabi courts increased from just three cases in 2007 to five in 2008 and 33 in 2009.
The number of court cases for last year was not available, but Abu Dhabi Police said 235 cyber crimes were committed last year. Not all resulted in arrests or referrals to prosecution.
“This does not necessarily mean that crimes have increased, it could also mean that there is more awareness on the nature of cyber crimes and reporting them,” Dr Baggili said.
But legal loopholes mean the criminals in some cases cannot be prosecuted. Dr al Kaabi said holes in the 2006 law could let some suspects entirely off the hook.
For example, he said the law did not penalise someone who steals passwords – that person can only be prosecuted if he uses the stolen password.
Websites such as those that demonstrate bomb-making or black magic, he said, could also not be prosecuted as cyber crimes.
“When we face such cases, we try to relate them to an existing law. But in some cases we cannot criminalise the offence,” Dr al Kaabi said.
Col Dr Rashid Bursheed, the head of the organised crime section at Abu Dhabi Police Criminal Investigation Department, added that defamation or blackmail via Facebook did not exist as crimes under the current law, but could be prosecuted under other laws.
According to a study conducted by Dr Baggili and a master’s student from Abu Dhabi Police, 25 per cent of the 200 people surveyed said their ATM PINs (personal identification numbers) were saved on their mobile phones, and many kept Bluetooth constantly active. The study also found that 23 per cent of those surveyed accept files from strangers via Bluetooth, and 70 per cent receive regular spam SMS messages.
These practices could easily lead to information being stolen, Dr Baggili said.
To keep up with crime trends, officials said extensive research was needed to detect problems and find solutions. For instance, in many cases evidence of a cyber crime can be easily erased.
“However, like we say in normal crimes, the offender will always leave a trace. There are IT programs that can retrace erased material,” Dr al Kaabi said.
Even when evidence is collected, however, labs around the world are backlogged. Dr Baggili said he had conducted research in collaboration with experts in the UK in developing “digital forensic triage” to help cope with the caseload.
“You can insert it on the computer at the crime scene to see if a case is worth investigating or not,” he said. Once inserted in a computer, it can retrace browser history and examine the hard disk. “We scanned 16,000 files in 15 seconds.”
The process saves time and effort compared to taking the hard disk to a forensics lab for examination.
Other obstacles are more esoteric. Language barriers and a lack of information among judges and lawyers can lead to confusion, he said.
“Most tools and methodologies used for investigating cyber crimes are in English, not in Arabic, and many people who are not proficient in English could miss out on some details and methodologies.”