澳大利亚打击网络犯罪政策与措施研

第一作者：姜琳 第二作者：胡子

Australia’s Policies and Practices in Combating

Cybercrime

Submitted by

Jiang Lin and Hu Zi

English Department
East China Normal University
Shanghai, China

May, 2013

I
 ACKNOWLEDGEMENTS

Before concluding this thesis, I would like to express my deepest and heartfelt gratitude to
all who have been so generous in offering advice and suggestions as well as encouragement to
me, which plays a crucial and essential role throughout the writing of this thesis.
To begin with, I would like to attribute my greatest indebtedness to my conscientious and
assiduous tutor Prof. Chen Hong whose systematic and in-depth study in Australian culture
stimulated and inspired me to take up cybercrimes issues in Australia. In addition, without his
frequent encouragement and devoted supervision, I would have not accomplished this thesis.
I am also deeply grateful to Prof. Yan Jinglan of English Department in East China
University of Science and Technology, whose thought-provoking lectures and assiduous efforts
in cultural research and English studies have inspired me. It was her who encouraged me to
pursue postgraduate studies. Without her encouragement and recommendation, I would not
have had the opportunity to study at East China Normal University and to complete this thesis.
I am thankful to many prestigious and edifying teachers of English Department in East
China Normal University, Prof. Hou Minyue, Prof. Jin Hengshan, Prof. Zhu Quanhong and
Prof. Wang Shijing, whose insightful lectures and zeal for scientific research have impressed
me deeply. Special thanks and love should also go to my parents and my sister. Without their
constant support and love, the completion of this thesis would not be possible.
Last but not least, I am deeply obliged to the scholars who devoted most of their time, even
their entire life to this field, especially Dr. Raymond Choo at University of South Australia and
Professor Eugene Clark at Griffith University, whose valuable works paved the way for my
research.

II
 摘要
随着互联网的广泛应用，网络空间开始出现多种犯罪现象。网络犯罪作用迅速且手段
多变，使得网络犯罪在世界范围内日渐猖獗，其危害也逐渐扩大。因此，打击网络犯罪、
维护网络安全亟须世界各国之间的合作和协调，在打击通过网络传播的恐怖主义活动方
面尤其如此。
在预防、打击网络犯罪和维护网络安全方面，澳大利亚已经建立了一个有效而相对完
善的机制。联邦政府及各地区政府均已制定一系列法律，以妥善处理有关网络犯罪的各
种情况。同时，在打击网络犯罪和降低网络犯罪发生率方面，澳大利亚的政府机构及非
政府组织也发挥了重要的作用。澳大利亚为打击网络犯罪、维护网络安全所采取的一系
列政策和措施，已被实践证实是合理而有效的。在诺顿公司公布的《2011 年网络犯罪调
查报告》中，69%受访的澳大利亚成年人曾是网络犯罪的受害者，而在中国却有 85%受
访成年人因网络犯罪而受到伤害或遭受损失。因此，中国政府机构及非政府组织可以学
习澳大利亚在打击及预防网络犯罪方面所采取的各种有效措施及办法，以此来打击中国
国内的网络犯罪，同时与其他国家在打击跨国网络犯罪方面进行合作。
本文将首先概括介绍网络犯罪的有关基本内容，包括网络犯罪的定义、特征、分类及
原因。其次，本文将详细介绍澳大利亚各级政府、政府机关及非政府组织为打击网络犯
罪、维护网络安全而采取的各种政策及措施，包括澳大利亚在网络安全教育方面所做出
的努力。再次，本文将介绍澳大利亚在打击网络犯罪、维护网络安全方面与其他国家之
间的合作。最后，本文将就中澳两国如何在打击网络犯罪方面开展合作提出一些建议。

关键词：网络犯罪，网络安全，政策，措施

III
 ABSTRACT
The widespread use of the Internet has brought with it a raft of traditional and new crimes
that can now be committed in cyberspace. Characteristic of immediate effects and variable
means, cybercrime has become increasingly rampant around the world with great impact.
Therefore, the struggle against it is in great need of coordination, cooperation and collaboration
among all nations, particularly in the area of anti-terrorism.
Australia has established a relatively sound and effective system in preventing and
combating cybercrimes as well as to protect cyber security. Both federal and state governments
have enacted a varied collection of provisions within Commonwealth, State and Territory laws
that address situations related to cybercrimes. Furthermore, public agencies, governmental and
non-governmental organisations also play a significant role in fighting cybercrimes and in
minimizing opportunities for cybercrimes. The various practices and policies adopted to
combat cybercrimes in Australia have proved to be reasonably effective. The Cybercrime
Report 2011 conducted by Norton shows that nearly 69% of the adults surveyed in Australia
have experienced cybercrimes while the number in China is 85%. The measures taken by
Australia could serve as a useful example for governmental agencies and NGOs in China to
counter cybercrimes domestically as well as internationally.
Firstly this thesis will begin with providing general background information of cybercrime
and cyberspace. Secondly, it will provide a brief literature review in cybercrime studies. Thirdly,
an introduction of cybercrime will be provided, discussing its definitions, characteristics,
categorisation and causes. Then this thesis will try to conduct an in-depth analysis of policies
and practices in fighting cybercrime made by Australian governments at all levels, public
agencies and non-governmental organisations, including a close examination of Australia’s
education endeavours in protecting online security while preventing cybercrime. Moreover, a
brief discussion on Australia’s cooperation with other countries will be included. In the
conclusion part, this thesis will offer some recommendations as to how Australia and China
could work together in preventing and combating cybercrime, especially trans-national
cybercrime.
Key words: Cybercrime, cyber security, policy, practice

IV
 TABLE OF CONTENTS

ACKNOWLEDGEMENTS ...................................................................................................... II
摘要 ........................................................................................................................................................................ III
ABSTRACT ....................................................................................................................................................... IV
1. Introduction ..................................................................................................................................................... 1
2. Literature Review.......................................................................................................................................... 3
3. Cybercrime ...................................................................................................................................................... 5
3.1 Definitions of Cybercrime ........................................................................................................................... 5
3.2 Categorisation of Cybercrime .................................................................................................................... 6
3.2.1 Categorisation of Cybercrimes in the UN Report ...............................................7
3.2.2 Categorisation of Cybercrimes in Convention on Cybercrime by Council of
Europe ...........................................................................................................................7
3.3 Characteristics of Cybercrimes .................................................................................................................. 8
3.3.1 Characteristics of the Nature of Cybercrimes .....................................................8
3.3.2 Common Characteristics of Cybercrimes ..........................................................10
3.4 Causes of Cybercrimes ............................................................................................................................... 12
3.4.1 Technological Causes ........................................................................................12
3.4.2 Social causes ......................................................................................................13
3.4.3 Causes of Crime Subject ....................................................................................14
4. Australia’s Policies and Strategies in Maintaining Cyber Security and Combating
Cybercrimes ......................................................................................................................................... 15
4.1 Australian Government's Cyber Security Strategy ............................................................................. 15
4.2 National Identity Security Strategy ................................................................................................ 16
5. Australian Laws Regarding Cybercrime and Cyber Security ..........................................17
5.1 Commonwealth legislation .............................................................................................................. 17
5.1.1 Cybercrime Act 2001 (Cth) ................................................................................................... 17
5.1.2 Cybercrime Legislation Amendment Act 2012 (Cth) ............................................................ 18
5.1.3 Broadcasting Services Amendment (Online Services) Act 1999 (Cth) ................................. 18
5.2 State and Territory Legislations ..................................................................................................... 19
6. Australia’s Practices to Combat Cybercrimes ......................................................................... 21
6.1 Australian Government’s Practices in Maintaining Cyber Security ........................................... 21
6.1.1 Financial Support ................................................................................................................. 21
6.1.2 Team Building in Protecting Cyber Security and Fighting Cybercrimes ............................. 21
6.1.3 Cyber Security Education ..................................................................................................... 22
6.2 Measures Taken by Government Agencies .................................................................................... 23
6.2.1 Australian Government Attorney-General's Department ..................................................... 23
6.2.2 Australian Federal Police (AFP) ......................................................................................... 23
6.2.3 Defence Signals Directorate (DSD) ..................................................................................... 24
6.2.4 Australian Communications and Media Authority (ACMA)................................................. 25
6.2.5 Department of Broadband, Communications and the Digital Economy (DBCDE) ............. 26
6.2.6 Australian Cyber Security centre (ACSC) ............................................................................ 26

V
 6.3 Efforts Made by Non-Governmental Organisations..................................................................... 27
6.3.1 Baker and MacKenzie Cyberspace Law and Policy Centre in Faculty of Law at University
of New South Wales (UNSW).......................................................................................................... 27
6.3.2 Electronic Frontiers Australia Inc. (EFA) ............................................................................ 27
6.3.3 Business Software Association of Australia (BSAA) ............................................................. 28
6.3.4 NSW Society for Computers and the Law ............................................................................. 28
6.3.5 National Australia Bank (NAB) ............................................................................................ 28
7. International Cooperation on Cybercrime ................................................................................45
7.1 Cross-border cooperation in dealing with cybercrimes ............................................................... 30
7.2 Council of Europe’s Convention on Cybercrime .......................................................................... 30
7.3 Cyber Storm Exercises .................................................................................................................... 31
7.4 Organisation for Economic Co-operation and Development (OECD)........................................ 31
7.5 Cooperation with Indonesia ............................................................................................................ 31
8. Conclusion ..............................................................................................................................33
BIBLIOGRAPHY .....................................................................................................................35

VI
 1. Introduction
Crime is a social phenomenon. “Some crimes, such as murder, intentional injury and
other behaviours infringing upon someone’s personal rights, exist in almost every social
pattern. Some other crimes are closely related with a particular development stage of the
society and are the product of a specific lifestyle” (Pi, 2005: 1). We consider certain behaviour
as “crime” because it involves in violating a law or rule formulated by our society, posing a
threat to social orders. It is also true of cybercrimes as “such behaviour engages in conduct
that is outlawed” (Brenner, 2010: 10). And computer or network related crimes arise with the
development of computers, the Internet and their application, which are the characteristics of
the information age.
As one important element of the world, information plays a critical role in the existence
and development of the human society. Information could eliminate the uncertainty of
people’s cognition and strengthen their ability to recognise and change the world. At the same
time, during this process information has been constantly generated and exchanged. In fact the
development of human civilisation could be reflected through examining the amount, quality
of information generated and the speed of information exchange to some extent. Science and
technology serve as a great dynamo behind this process of information generation and
exchange. “The information age provides an unprecedentedly convenient environment for
information exchange, making the world of such a large size a global village. It is also a time
that carriers of information are in various forms like the written language, images, sounds,
videos etc.” (Pi, 2005: 2). And all of these can be based on computers, the Internet and other
technologies.
On the one hand, in the 1940s, microelectronics and relevant industries boomed, laying
the foundation for the appearance of the electronic computer. “In 1945, the very first
electronic computer ENIAC was developed in the United States, marking the appearance of a
specific tool to process digital information” (Pi, 2005: 3). In 1977, IBM declared that it was
going to expand into the industry of consumer electronics and would undertake to develop the
personal computer, which was a major breakthrough for computer application (Negroponte,
1997: 136). On the other hand, in 1963, Larry Roberts designed a network and set up the
ARPA net for the military use of the United States. The network was designed then as a means
to make military activities possible to communicate and coordinate in a secure way (Yar, 2006:
7). It is in this interconnected world community that only with a click of mouse, distances
used to be too difficult to get can be conquered in even less than one second. Therefore, like
Pandora, we begin to realize that such convenience and easiness of advanced network
technologies developed by us has virtually put ourselves at risk (Gragido, Pirc and Rogers,
2011: 7).
Decades ago, computers were so large and complicated that only government and
institutions could use them. Only people with access and expertise were able to commit
cybercrimes. At present, with the popularity and easy access of computer and network, it
makes ordinary people much easier to commit such crimes (Clough, 2010: 5). And in the
information society, crimes committed in the cyberspace have begun to impact people’s life
and work in the national as well as the international framework. As more and more countries
are realising the importance of protecting online users and fighting against cyber offences,

1
they are also making great efforts to figure out effective and efficient ways in this regard. In
the meanwhile, many countries have been working jointly and engaging vigorously in
assisting other countries in combating cybercrimes of transnational nature. The Australian
government launched its Cyber Security Strategy in 2009. Moreover, a varied series of laws
and rules in identifying, regulating, investigating and prosecuting offences and criminal
behaviours in the cyberspace have been proposed and then put forward by the federal, state
and territory governments in Australia. In addition, Australia’s public institutions,
governmental and non-governmental organisations have been playing a prominent role in
safeguarding cyber security while reducing the occurrence of cybercrimes as well.
Furthermore, the Australian government has provided financial support to programs
concerning cybercrimes, established a series of agencies specially designed to address cyber
issues and offered various resources to educate young people in protecting themselves online.
Besides these efforts, the Australian government has been seeking cooperation with other
countries in fighting transnational cybercrimes. All these policies and practices comprise a
relatively sound and active system to protect Internet users while combating cyber offences in
Australia.

2
 2. Literature Review
Many scholars and researchers at universities in Australia have carried out cybercrimes
studies, which have had an enormous influence on cybercrimes research, prevention,
investigation and prosecution, etc. For example, as an expert in cybercrimes, Dr.
Raymond Choo, Senior Lecturer at University of South Australia, has co-authored a number
of publications in the areas of information security, cybercrimes and anti-money laundering
including a book published in Springer's Advances in Information Security book series, four
Australian Institute of Criminology (AIC) refereed monographs, and several book chapters
with many articles and research findings published. He is “the author of Online Child
Grooming: a Literature Review on the Misuse of Social Networking Sites for Grooming
Children for Sexual Offences published as a study of Australian Institute of Criminology
(AIC)” (University of South Australia, 2013).
Professor Eugene Clark of Business Law at Griffith University contributed to a thorough
study of legislations concerning cyber issues in the book Cyber Law in Australia with George
Cho, Arthur Hoyle and Paul Hynes. The book introduces some basic information about
Australia’s legislative framework and expounds about various government initiatives in
facilitating e-commerce and protecting its Information Communications and
Telecommunications (ICT) market. In addition, “Professor Eugene Clark wrote, edited or
co-authored around 20 books, 22 book chapters and more than 100 articles published in
journals” (Clark, 2010:10). Quite a few of other scholars and researchers in Australia, such as
Professor Graham Greenleaf at University of New South Wales, Professor Ben Soh at La
Trobe University, etc. have helped advance the academic and practical studies on cybercrimes
as well. Furthermore, public agencies, governmental and non-governmental organisations in
Australia play significant roles in cybercrimes studies. For instance, the Australian Institute of
Criminology (AIC) has an expert team of 52 including 29 academic researchers and 23
support staff in cybercrimes studies (Smith, 2012). Moreover, AIC surveys computer users
online each year, which offers sufficient evidences on the studies of the nature and extent of
consumer scams. AIC has also carried out Fraud against the Commonwealth Annual Survey
since 2008, which offers a clear picture of fraud-related crimes experienced by the
government. Many publications by AIC staff including: Computer security threats faced by
small businesses in Australia in 2012, Cyber threat landscape faced by financial and
insurance industry in 2011, Covert and cyber bullying in 2010 and The Australian Business
Assessment of Computer User Security: a national survey in 2009 (Australian Institution of
Criminology, 2009) have contributed greatly to cybercrimes studies in Australia. With the
help of these researches and studies conducted by AIC, policy makers can keep updated with
the changing situation concerning cybercrimes, more effective programs and projects can be
launched in preventing cyber offences, and the awareness of the public can be raised greatly
to consciously protect themselves and their young children online.
However, research and studies on Australia’s policies and practices to combat
cybercrimes carried out by countries but Australia are found to be insufficient. Since 2009,
with the rise of the cyber attacks in Australia, there appeared more discussions and efforts of
possible legislation and national and international cooperation in the country. In some reports
by the European Convention on Cybercrimes, some of the attacks in Australia and the

3
Australian efforts to combat were briefly mentioned in some short paragraphs. Meanwhile,
only few short papers and web articles can be found on fighting cybercrimes in Australia.
What’s more, though there are also some previous works discussing the cooperation of China
and other countries in areas of fighting cybercrimes, they are mostly focused on the Sino-US
cooperation rather than Australia. Few, almost none efforts in China have been made to
provide a general picture of the Australian system of cybercrimes fighting and prevention.
Therefore, as the first of its kind in Australian Studies in China, this thesis is to fill the blank
by providing a holistic view and deep insights into the topic. This thesis aims to gain a keen
perception of the endeavours and efforts made by Australian governments at all levels,
non-governmental organisations and some major technology companies, and, in the light of
existing reports and surveys, to measure their effectiveness. In addition, it will try to provide
recommendations as to how these two major countries can work together in preventing and
combating cybercrimes, especially trans-national cybercrimes, which will contribute greatly
to international cooperation as well.

4
 3. Cybercrime

3.1 Definitions of Cybercrime

Cybercrimes fall into the category of digital crimes. In a narrow sense, cybercrimes is
known as computer crime, which includes any illegal behaviour directed by means of
electronic operations that targets the security of computer systems and the date processed by
them. In a broader sense, cybercrimes can be recognized as computer-related crime, which is
an illegal behaviour committed by means of, or in relation to, a computer system or network,
including such crimes as illegal possession [and] offering or distributing information by
means of a computer system or network (Shinder and Cross, 2008: 17). When discussing the
definition of cybercrimes, we can take the following three aspects into consideration:
a) The role that the Internet plays in cybercrimes. “Computers are no longer related to
computing only. They are critical to our living” (Quarantiello, 1999: 1). Cybercrimes are
crimes committed when using the Internet. Accordingly, the Internet provides a new platform
－the cyberspace for such crimes. In the virtual world, anyone might become the victim of
cybercrimes, having no idea who the real offender is. Sometimes, when people begin to notice
that, they have already suffered from certain damage or danger. However, traditional laws and
rules are found to be incapable of dealing with the crimes committed in the cyber world,
making the offenders more reckless.
In terms of cybercrimes, the Internet may become the target, for instance, unlawful
intrusion on or damaging of information system. It may also become the “tool of fraud, theft,
corruption, embezzlement, espionage, breach of confidence, infringement of copyright and
other traditional crimes” (Sun and An, 2006: 10). Therefore, based on our understanding,
cybercrimes are the crimes committed in the cyberspace. And damaging the network systems
through methods other than the Internet (like causing physical damage to the computers) will
not be considered as cybercrime in this paper.
As a matter of fact, the Internet has played a role in cybercrimes more than a target or a
tool. It is a platform for the offenders. Thereby, it is understandable and reasonable for us to
define cybercrimes as the crimes committed in the cyberspace or in the environment of
networks.
b) Cybercrime offenders have the ability to take advantage of such technological means
as the computer and telecommunication or their special positions (for example, Internet
Service Provider/ISP). As cybercrimes are committed in the network environment, it means
that the offenders are familiar with the technologies of the computer, telecommunication, etc.
However, it does not mean they are professional technicians. Nowadays, everyone could get
easy access to the Internet so none of us could claim that cybercrime is exclusive to technical
professionals. “Hacker websites can be found in large number on the Internet while anyone
who wants to become a hacker could acquire the knowledge and the software to attack other
people’s computer systems” (Pi, 1998: 83). This has lowered the standards for hackers’
creativity and knowledge, making it much easier for more people to hack.
As for ISPs or individuals who work for ISP, attention should be paid to the crimes that
they commit by taking advantage of their special position. If we try to connect a particular
computer with the network to communicate with others, we must “rely on an ISP who could

5
be categorised as Internet Access Provider (IAP), Internet Platform Service Provider (IPP) and
Internet Content Provider (ICP)” (Sun and An, 2006: 12). IAP provides service only in
network connection and thus has no right to interfere with the contents transmitted by its users.
IPP has unlimited access to its users’ communication as all the emails and the homepages
received by the users must be processed by its host computer, which means that IPP has all
access to its users’ information. ICP himself is the provider of online information and contents,
which might violate the laws, such as telling state secrets, infringing upon copyright, invasion
of privacy and other crimes. What’s more, when ISP or the people who work for ISP
discontinue the network or communication service without authorisation against the state laws,
their behaviours mentioned above are considered as crime if they lead to the irregular
operations of the network or the communication system. Most ISPs also work as IAP or IPP
concurrently or even ICP. Therefore, if an ISP or the people working for the ISP take
advantage of their special positions to commit such crime, their behaviour should be seen as
cybercrime.
c) Cybercrime must be the behaviours which have encroached on or posed a threat to the
interests protected by laws.
If certain behaviour is considered as a crime, it must have encroached on or have posed a
threat to the interests protected by laws. Thereby, our judgment of a particular crime must be
based on this principle, namely, based on the actual extent to which the behaviour has
damaged the interests protected by laws or to which the behaviour has posed a threat to the
protected interests in the real situation.
From the above three points, we can see that for cybercrimes, the offender must have
made use of the computer, telecommunication and other technological methods or have taken
advantage of his or her special position (for instance as the ISP) in the network environment
and have infringed on or threatened the interests protected by laws.
In the preface of Convention on Cybercrime (ETS No. 185) passed by Council of Europe
in Nov. 2001, cybercrime is clearly defined as the “action directed against the confidentiality,
integrity and availability of computer systems, networks and computer data as well as the
misuse of such systems, networks and data” (Council of Europe, 2011) and cybercrimes are
the “crimes committed via the Internet and other computer networks, dealing particularly with
infringements of copyright, computer-related fraud, child pornography and violations of
network security” (Council of Europe, 2011). As for “the confidentiality, integrity and
availability of computer systems, networks and computer data”, it means that computer
systems, application programs and computer data are not edited or deleted illegally and are in
good state. Briefly, it means the security of computer systems, networks and computer data.

3.2 Categorisation of Cybercrime

Cybercrimes could be categorised into different types in accordance with different criteria.
This categorisation is for the purpose of analysing the characteristics of cybercrimes from
distinct perspectives. Therefore, the legislative body could formulate variable criminal laws
applicable to different types of cybercrimes. Meanwhile, the body could extend different
treatment to cybercrimes with different features.

6
 3.2.1 Categorisation of Cybercrimes in the UN Report

In May 2001, the Commission on Crime Prevention and Criminal Justice of the United
Nations Economic and Social Council held the 10th conference and in the report of the
Secretary-General On the Conclusions of the Study on Effective Measures to Prevent and
Control High-Technology and Computer-Related Crime, it is stated that “Criminal
exploitation of the new technologies has resulted in entirely new forms of crime. In other
cases, more traditional forms of crime are committed in new ways that increase benefits or
reduce risks to offenders. A third basic category of criminal activity consists in the more
general use of the technologies by offenders to organize, to communicate, and to shield their
activities from surveillance. Other basic fields of classification proposed include classification
according to whether the crimes are committed for economic or material gain for offenders or
other motives, and whether the offences involve crimes committed against computer or
communications systems or the use of those technologies to victimize others” (United Nations
Office on Drugs and Crime, 2013: 9).
The report has offered a basic categorisation of high-technology and computer-related
crime as follows: a) “Crimes committed against the technologies and their users”, including
“gaining unauthorised access to computers or computer systems; unauthorised use of
computer systems; reading, copying or taking data without authorisation; creating or
propagating hostile programs; and computer vandalism or sabotage”; b) “Conventional crimes
committed using computer or communications technologies”, including “offences involving
offensive content; Internet-related abduction; fraud; commercial or industrial espionage;
intellectual property crimes; gambling and money-laundering”; c) “Use of the technologies to
support other criminal activities” (United Nations Office on Drugs and Crime, 2013: 8-28).
The categorisation in the UN report conforms to the standard that whether cybercrimes
are targeted at technologies and their users or making use of technologies to support other
criminal activities. In addition, as for cybercrimes of the above-mentioned third type,
motivations of the offender have also been taken as a categorisation principle, including
economic, material or other motivations (Pi, 2005:17).

3.2.2 Categorisation of Cybercrimes in Convention on Cybercrime by Council of

Europe

In Convention on Cybercrime, cybercrimes are classified into four categories in Section 1

– Substantive criminal law under Chapter II – Measures to be taken at the national level: a)
Offences against the confidentiality, integrity
and availability of computer data and systems,
including illegal access, illegal interception, data interference, system interference and misuse
of devices; b) Computer-related offences, including Computer-related forgery and
Computer-related fraud; c) Content-related offences, including Offences related to child
pornography; and d) Offences related to infringements of copyright
and related rights
(Council of Europe, 2011). On Jan. 28th, 2003, the Council of Europe passed Additional
Protocol to the Convention on Cybercrime, concerning the criminalisation of acts of a racist
and xenophobic nature committed through computer systems. In this additional protocol, four
types of crime were added to the category of content-related offences: a) Dissemination of
racist and xenophobic material through computer systems; b) Racist and xenophobic

7
motivated threat; c) Racist and xenophobic motivated insult; d) Denial, gross minimisation,
approval or justification of genocide or crimes against humanity (Council of Europe, 2003).
As a matter of fact, we can see that the Council of Europe shares similar criteria with the
United Nations in categorising cybercrimes. Firstly, it also classifies cybercrimes infringing
on computer data and system security as one type. Secondly, as for the misuse of computer or
network technologies, such crimes are categorised into computer-related offences,
content-related offences and offences related to infringements of copyright and related rights.
Compared with the categorisation by the United Nations, that by Council of Europe has
highlighted the main characteristics of cybercrime and has avoided the too many and too
complicated description of cybercrime. However, this categorization is not logical and
reasonable enough. For different categories, it uses different criteria. The first three categories
focus on the object of legal protection with the fourth one on the method of legal protection
(Gercke, 2009: 19). Moreover, as for the category of offences related to computer by the
Council, the title might be too general, which needs further improvement in this regard. The
author of this thesis also agrees with the categorisation by Council of Europe, though it does
need further perfection. It has described the main features of cybercrime by and large and is
the best categorisation so far.
What is more, we could categorise cybercrime based on the rule that if it is transnational
or cross-region, which may help arrange corresponding judicial procedures and forensic
measures for evidence collection and appropriate control of judicial costs. Furthermore,
cybercrimes could also be classified as offences targeted at an indefinite large group of people
and offences at a particular group. The former will cause extremely extensive damage to
computer information or network systems as it makes use of the transmission nature of
computer viruses (Pi, 2005: 20). And the consequences brought by the latter can be calculated
in a relatively correct way so as to investigate and affix the responsibility accordingly. It helps
the establishment of criminal legislation for cybercrimes.

3.3 Characteristics of Cybercrimes

3.3.1 Characteristics of the Nature of Cybercrimes

a) Infringement of Information
The Internet is a space of information in which physical equipment is connected in a
particular way. If we want to describe the nature of the Internet in a simple way, we can say
the key word is “information”. In this regard, cybercrimes are closely related with information.
And abuse of information and misuse of information are considered as the most basic forms
of cybercrimes (Xu, 2003: 175). Therefore, the nature of information becomes the most
fundamental characteristic of cybercrimes. On the one hand, cybercrimes are committed with
close relevance to information. If the offender attempts to commit cybercrime, he/she has to
log in and surf on the Internet through particular physical equipment like computer, modem,
etc. Many people think the physical equipment is the tool employed by the offender when
he/she is committing cybercrimes, which is lopsided. Physical equipment is undoubtedly the
physical foundation for cybercrimes, but what actually has a decisive effect is not the
equipment but the information of every kind they send or receive. The physical equipment is
no more than the carrier of various kinds of information. No matter how advanced and

8
developed the physical equipment is, the offender would find it impossible to commit crimes
in the cyberspace if there is no information resource.
Cyber criminals have advantages in skill, knowledge, resource, authority of office and
motivation. Among them, the first four aspects are related with information, especially
authority of office (Xu, 2003: 176). Almost every offender must have had the authority before
or when taking actions against laws in the cyberspace. For cybercrimes, authority does not
have the meaning of our common sense. Instead, it represents the control and domination of
the information systems of networks. In this sense, people who are most likely to commit
cybercrimes are mostly those who have had a good command of the network information
resources. This can be proved by the fact that many teenager “hackers” have become experts
in information security in some commercial and non-commercial organisations. And people
tend to call computer network crimes and cybercrimes “high intelligent crime”. On the other
hand, the target of cybercrimes is also information. Cybercrimes take various forms and the
offenders have their different motives with some for certain valuable information and some
others for defraudation. But the direct target is always information. In the cyberspace,
information is more than information itself but everything. Information is the only thing that
the cyberspace contains. Everything on the Internet is information. What the offender can
obtain or damage in the cyber world is nothing but information (Xu, 2003: 176). For such
crimes as Internet fraud, theft and manipulation of bills, the offenders are only attempting to
obtain properties in the reality but their direct target is still the information on the Internet, not
to mention those crimes aiming to damage information online like hacking, virus spreading,
pornography promulgation, piracy, etc. In terms of online banking, online store and online
bookstore, the fund, commodities and books have changed to digitalized signals－information.
In this sense, information though is not the fund, commodity or book in the physical world; it
is the symbol of them in the cyber world. One who has obtained necessary information has
had the corresponding fund, commodities and books. Hence, if the offender wants to obtain
properties in the cyberspace, he/she has to acquire and control some necessary information.
b) Serious Damage to the Society
We determine some action as a crime on the basis of its damage to what is protected by
criminal laws rather than of its violation against such laws or rules (Xu, 2003: 177).
Considering the essential feature of cybercrimes, they are harmful to the legal interests
protected by criminal laws and has posed a threat to the society. Although cybercrimes have
been seen as a new type of crimes, a fact cannot be ignored that the cyber world is inseparable
with the real society. Crimes committed on the Internet are mostly theft, pornography,
defamation, gambling, drug trafficking and terrorism, etc. Cybercrime can be regarded as “an
extension (and a logical one) of traditional criminal behaviours” (Gragido, Pirc and Rogers,
2011: 10). Moreover, illegal intrusion into a computer system could also be seen as the online
version of trespassing. We could notice that cybercrimes also possess the substantive nature of
crimes, which is damaging to the society. In the long term, we could say that cybercrimes are
no more than a type of common crimes (Xu, 2003: 177). However, at the present time,
cybercrimes are still at the primary stage. As the increasing popularisation of computer
networks and their growing influence on people’s daily life, cybercrimes will also become a
new but universal form of crimes.
c) Dependency on Technologies

9
 As a kind of technology crimes, cybercrimes cannot be committed without the support of
computer network technologies. In terms of the technological feature, cybercrimes are
dependent on network technologies. With the continuing emergence of new technologies, the
methods and even the environment carriers of cybercrimes are also changing (Zhang and Ma,
2001: 128). Those influential technological breakthroughs may have provided the offenders
not only new tools but also new environment and carriers for them to commit crimes. The
emergence and development of the modern network technologies have been exerting a
tremendous influence on various aspects of people’s life with which old inventions and
creations are beyond comparison.
In terms of criminal means, cybercrimes are highly intelligent for its technological and
professional means. When committing cybercrimes, the offender must have a good command
of computer technologies, professional knowledge as well as the operation techniques so that
they can successfully evade the monitoring of the security protection systems to cover up their
offences (Xu, 2003: 178). Therefore, we can see that many of the offenders of cybercrimes are
professionals who are acquainted with computer and network technologies. They are familiar
with the imperfections and vulnerabilities of the network. They are capable of using various
computer and network technologies via the Internet to launch attacks on network systems,
electronic data or documents and other information. Supported by those high technologies,
cybercrime actions take less time and the means are always complex and hidden. Many
actions for cybercrimes could be completed immediately with almost no trace, which poses
great challenges for such criminal cases to be detected and tried. In addition, with the constant
development of computer and network information security technologies, the offender is
using more and more new means. Even some experts in this field turn to be the offenders,
which makes the means more professional.

3.3.2 Common Characteristics of Cybercrimes

a) The Complexity of Crime Target

With the rapid development of the computer technology since the 1960s, computers have
exerted an enormous influence in many aspects of human’s political, economic, military,
cultural, education, social and family life. For cybercrimes, computers are a kind of special
crime target, which are different from the crime target of any traditional crimes of other kinds.
In terms of the computer, it includes not only the tangible hardware but also the intangible
software, information and data. Crimes taking advantage of or aiming at the computer will
cause unimaginable damage to the targeted computer. No matter he/she is using the computer
as a tool or targeting at the computer, the offender will have an extensive damage to the social
connections in nature and range. Through a networked computer, a single individual could get
in touch with and exert an influence on millions of other individuals simultaneously (Yar,
2006: 11), no matter where they live. Corruption or theft using computer will infringe upon
the rights of public and private properties. Exposing others’ privacy or defaming others by
computer will encroach on their personal and civil rights. Mongering political rumours or
spreading pornographic information via the computer will disrupt the social orders and
damage the national security. Actions against the laws, like creating computer viruses or
destructing computer systems, may pose various threats.
Cybercrimes are complex and complicated in the following aspects. Firstly, the subject of

10
crimes. Any offender could connect his/her computer terminal with the whole network only
through one networking computer. The offender then may retrieve, download or upload
information of various kinds illegally. In addition, as the network is transnationally accessible,
the offenders might probably come from different countries or regions, which makes it much
easier for the criminal group or their accomplices. Secondly, the object of crimes. For
cybercrimes, its object has become increasingly complicated in various ways (Xu, 2003: 179).
Some offenders try to usurp or forge other user’s online pay account. Some cheat in
E-commerce business. Some violate other people’s intellectual property rights. Some launch
malicious attack to computer information systems online. Some try to make profits through
cyber pornography, online gambling, money laundering, stock manipulation, etc.
b) Younger Trends and Expertise of Crime Subjects
Cybercrimes are a kind of intelligent hi-tech crime while the offenders are acquainted
with computer-related technology and are familiar with the existent prevention and control
measures against cybercrimes. What is more, they must have gained a perception of some
basic professional knowledge in finance and accounting. Only people who have a good
command of the relevant knowledge could get illegal access to the computer security system
step by step to attain their goals (Zhang, 2003: 93). In terms of cybercrimes, there is a trend of
an increase of younger offenders, which denotes that more and more offenders are from the
younger generation. The offenders of cybercrimes are mostly educated with a wide range of
knowledge. They are also very familiar with the local computer systems and are experienced
in computer or network related work.
c) Anonymity and Invisibility of Cybercrimes
As the open network is uncertain and beyond time and space, cybercrimes could be
highly invisible, which also creates many difficulties in the detection. As a result, a large
proportion of cybercrimes may not be recorded or cracked by the police. The offenders do not
have to register when receiving texts or images, making them completely anonymous. They
could log in anonymously again and again until they reach the targets (Zhang, 2003: 93).
However, police who get into investigation have to follow their traces all the way for evidence.
Usually when the police could get close to the offenders, they might have already
disappeared.
Most of cybercrimes are well prepared and planned beforehand, taking no obvious or
specific crime forms. The accounts of users are easy to be known in the highly developed
virtual community but the specific characteristics of the real users are difficult to recognise.
This makes cyber offenders “invisible” in space and time. The offenders could log in via legal
account anywhere around the world but their actual locations are hard to track. They could
even implant certain timing programs into the computer system, providing them enough time
to run away from the crime scene even before the cyber attacks are launched (Pi, 1998: 84). In
such cases, the police are always late in discovering the criminal behaviours. In addition, the
computer itself also is protected by security systems, making users hard to notice the attack
launched by the offender (Xu, 2003: 181). Therefore, the dark figures of cybercrimes are
relatively high compared to theft, gambling, etc. (Sun and An, 2006: 56). (“Dark figure” of
crime is “about occurrences that by some criteria are called crime yet that are not registered in
the statistics of whatever agency”) (Biderman and Reiss, 1967: 1).
d) Transnational Nature of Cybercrimes

11
 As the network has transcended the geographic restrictions, cybercrimes are becoming
international. When information of various kinds circulates through the Internet, the concept
of national borders or geographic distances has temporarily disappeared. This makes it
possible for the offenders to take actions across regions or borders. As long as they have a
networking terminal, they could carry out the crimes on any website online through the
Internet. The high invisibility of such transnational or cross-region crimes makes them
difficult to detect and thus bringing more harm (Liu and Sun, 2001: 121).
e) The Harmfulness of Cybercrimes
It has been pointed out that cybercrimes are more dreadful and frightening than nuclear
war. In recent years, terms like “electronic war” or “information war” have developed into the
new concepts of modern warfare (Xu, 2003: 182). If a particular country, a political or
military group attempts to interfere or attack on a large scale another country’s computer
systems critical to its politics, economy, military and public security, it can bring its politic
order out of control, break down its economic system and disrupt its social orders.
Cybercrimes may bring great economic losses or may be used by terrorists to jeopardise the
public or state security. It can also be used in military wars, bringing horrible disasters.

3.4 Causes of Cybercrimes

Cybercrimes are not only the object of criminal jurisprudence, but also the object of
criminology study. In terms of criminology, studies of the causes of crime have always been
of critical importance. By exploring the causes of cybercrimes, we are able to find out how to
prevent such crimes in a targeted and effective way. However, causes of cybercrimes are quite
complicated as many factors are interacting and influencing each other.

3.4.1 Technological Causes

a) The conditional cause with the appearance of the Internet

The emergence of the Internet creates conditions for cybercrimes. Similar to other new
high technologies, computer and network technologies are like a double-edged sword, which
on the one hand contribute to the development of the society, science and technology as well
as culture. But on the other hand, they also tempt some people to misuse or abuse the Internet
and even commit crimes. If there were no computer or network, there would be no possibility
for cybercrimes to exist and develop (Jiang, 2006: 155).
b) The openness of the cyberspace
The cyberspace is an open and virtual world, which is beyond the comparison of our
physical world. As the cyberspace is “for common use”, people can share their personal
resources on it as much as possible, which has no clearly drawn “boundaries” or reliable
protections, making it difficult to protect as well (Luo, 2004: 12). Therefore, it is this kind of
openness and interactivity of the cyber world that provides the offenders with a convenient
and effective tool, creating the conditions for offences while intensifying those traditional
criminal behaviours.
c) The vulnerability of network information systems
In the early 2000, such noted websites as Microsoft, Amazon and Yahoo suffered severe
attacks of hacking, which clearly shows the vulnerability of the network system security. As

12
most of the offenders for cybercrimes are familiar with and greatly interested in computer and
network technologies, they can easily locate the vulnerabilities of the networks and then break
through their protections (Sun and An, 2006: 74). Therefore, the weak protections of network
technologies have already become external cause of cybercrime.
d) The complex network information system management
As the network information system management is complicated and many technology
and staff managing network information is under-qualified, protection of network security is
often deficient. On the one hand, when computer information systems are expanding their
functions, their software is also becoming increasingly complicated. It has proved to be
impossible to make the software systems perfect. On the other hand, owing to the complex
structure of the enormous computer systems, a universal standard or protocol is found
difficult to apply to each country or region. It is also true of the management and supervision
systems (Xu, 2003: 242). Therefore, when different countries or regions interact with each
other, they have to make a compromise based on their respective interests and needs, which
makes the systems more complicated and vulnerable. In addition, many people working in the
network industry or in charge of managing various network systems are not perfectly
qualified, which is a hidden trouble for protecting and strengthening the network security.

3.4.2 Social causes

Social causes of cybercrime are considered as the social phenomenon independent of the
crime subjects, which gives rise to their offences. Such causes include political, economic,
cultural, educational, ethic, etc., which correlate and interact with each other and thus form a
subsystem for the criminal causes of cyber offences.
a) Economic causes
The society is increasingly dependent on the concentration of intangible data and their
corresponding enormous economic values. Thus, once such data information is lost or
damaged, the losses entailed are tremendous, which makes it target of the offenders. With
little devotion, they could benefit greatly in turn.
b) Cultural causes
In the cyber world, culture of every kind could influence each other in a growing way,
which makes the cultural conflicts more manifest, as it is not limited by space and time (Sun
and An, 2006: 79). Take pornography and sex culture for instance. There are differences
between the West and the East in dealing with pornography on the Internet. When the
different sex cultures come into conflict, people will definitely be influenced in their
respective ideologies. If people indulge themselves too much, they might take some actions
against the laws specified by the state.
c) Moral and ethic causes
The network is usually considered as no more than a tool at work or in daily life. So in
the virtual world, some people tend to neglect the moral and ethic forces of constraint and
thus unscrupulously damage their previous orderly moral and ethic principles (Jiang, 2006:
156). On the Internet, the restraints of morality have lost their original forces and their
foundation to build moral identity (Bu, 2001: 107).
d) Legislative causes
A healthy and orderly society is based on laws and rules. It is also true of the cyber

13
community. Though some countries have made a series of laws and rules concerning
computer system security, regulating network behaviours and punishing cybercrimes, they are
far from satisfying the need to keep cybercrimes under control and some are even found futile
when dealing with cyber offences (Xu, 2003: 238). As a result, victims of cybercrimes may
not be aware that their rights have been infringed on (Yar, 2006: 13). However, the laws and
rules for the virtual world are not simply and completely the same with those for the real
world. Furthermore, despite the fact that the damages of cybercrimes are becoming
international in many cases, the international community has not attached great emphasis to
the cooperation in preventing and combating cybercrime yet.

3.4.3 Causes of Crime Subject

Causes of the crime subject include the subject’s physiological and psychological
influence on his or her criminal behaviours.
a) Physiological causes
There are mainly two factors in this regard: age and intelligence. Youngsters are
undergoing a stage from being naïve to becoming mature when they are eager to learn but
have relatively little self-control ability (The Alannah and Madeline Foundation, 2013). For
them, the Internet has great appeal and they think it is very fashionable and interesting to
become a network or computer expert. For some, online hacking or intrusion is even a way of
proving their abilities or showing off to others (Xu, 2003: 234). All these factors provide a
hotbed for cybercrimes by youngsters. Moreover, as cybercrimes are a typical type of
intelligent crimes, only people who are capable of using the Internet or even good at computer
or network technologies could take actions against the laws through the network or computer.
b) Psychological causes
Firstly, motivations for cybercrimes are various but most offenders are after money or
profits (Kshetri, 2010: 21). Secondly, some cyber offenders regard such criminal behaviours
no more than a kind of intelligent game or a technological challenge for themselves (Jiang,
2006: 155). Therefore, even after taking such criminal actions, they won’t feel guilty but feel
satisfied instead, which encourages more and more offences. Lastly, some offenders aim to
achieve their political goals through cybercrimes. Some of the most serious threats to
organizations now come from the Internet and the objective of such criminal behaviours are
not just hacking for profit or for fun. Such criminals are mostly politically motivated (Hinde,
2003: 92). Some may intrude on certain computer information systems illegally in order to
protest against the government, obstruct the implementation of laws or spy the state secrets.

14
 4. Australia’s Policies and Strategies in Maintaining Cyber Security

and Combating Cybercrimes

Australia has managed to establish an all-round and relatively efficient system to prevent
and combat cybercrimes as well as to protect cyber security. A varied series of laws and rules
in identifying, regulating, investigating and prosecuting offences and criminal behaviours in
the cyberspace have been proposed and then enacted by the Australian governments at all
levels. In addition, public institutions, governmental and non-governmental organisations
have been playing a critical role in safeguarding cyber security while minimising the
occurrence of cybercrimes. Policies and strategies put forward by Australia government in this
regard have proved to be effective. The Cybercrime Report 2011 conducted by Norton shows
that nearly 62% of the adults surveyed in Australia had experienced cybercrimes in 2011
while the average number globally was 65%. And adults surveyed in Australia who do not
have up-to-date security software accounted for 25% while the average number of 24
countries surveyed is 41%. And according to the report, in 2011 the total net cost of
cybercrimes in Australia amounted to $4.7 billion while the number in China was $81.7
billion. And victims who had experienced cybercrimes in Australia accounted for 62% while
the number in China was 86% (Norton, 2013).

4.1 Australian Government's Cyber Security Strategy

On November 23rd 2009, the Australian government launched its Cyber Security Strategy,
with an aim “to promote a secure, resilient and trusted electronic operating environment that
supports Australia's national security and maximizes the benefits of the digital economy”
(Attorney-General’s Department, 2013a). The Strategy is the Australian government’s main
cyber security policy in maintaining a safe and secure cyber world.
The Australian government’s cyber security policy is based on some main principles,
which are illustrated in the inaugural National Security Statement delivered by the then Prime
Minister, Kevin Rudd to the Parliament on December 4th, 2008. In the Statement, it is
indicated that national leadership needs to be strengthened when facing the challenges in
fighting cyber offences. Meanwhile, cooperation and collaboration should be conducted by
governments at all levels in Australia with organisations, public agencies and corporations in
protecting their online safety while respecting the privacy of other online users. Furthermore,
the Statement also lays stress on the international cooperation in cracking down and
controlling transnational cybercrimes with Australia’s vigorous participation.
In accordance with the guiding principles in the Statement, the Australian government’s
Cyber Security Strategy set out three goals: a) “for all Australians to know about the security
threats to our computers, to know how to secure our computers, and to know how to help
protect our identities, privacy and finances online”; b) “for Australian businesses to operate
secure and resilient computer systems to protect their operations and the identity and privacy
of their customers”; and c) “for the Australian government to make sure its computer systems
are secure and resilient” (Attorney-General’s Department, 2013a).
The Strategy demonstrates the measures taken by the Australian government that brings a
range of resources into full play to help protect the online security of the government,

15
enterprises and individuals in Australia. The Strategy provides a guide for Australian
governments at all levels to recognise the importance of cyber security and carry out effective
actions in this regard. Moreover, it describes how the new policies formulated by the federal
government could help protect Australians and their businesses in a more productive way.
Furthermore, it is noted that the Strategy calls people’s attention to recognising the threats
posed by the Internet and computer. In the meanwhile, greater emphasis is attached to each
user’s actions and the all national joint efforts in this regard.

4.2 National Identity Security Strategy

For each individual user on the Internet, cyber security means more than protecting his or
her computer system from virus attacks. At present, as the computer systems are mostly being
protected by security software in a relatively effective way, online users are paying more
attention to how to protect their personal information like their identities or privacy. In the
cyber world, identity crimes are becoming increasingly common. Therefore, the Council of
Australian Government gave assent to the National Identity Security Strategy in 2007. With
an aiming to bring the efforts of governments at all levels into full play, the Strategy
endeavoured to a) “improve registration and enrolment procedures, including a new system
for the electronic verification of documents used as evidence of identity; b) enhance security
features on identity documents issued by government agencies, reducing the risk of forgery; c)
ensure accuracy in the identity information held by government agencies; d) strengthen
authentication standards and biometric interoperability so as to confirm the identity of
individuals” (Attorney-General’s Department, 2013c).
Since its implementation in Australia, the National Identity Security Strategy has
contributed to the protection of Australians’ identity security greatly. To be noted, many has
been achieved by the Strategy, including providing the Document Verification Service and
putting forward certain national standards in relation to identity management
(Attorney-General’s Department, 2013c).

16
 5. Australian Laws Regarding Cybercrime and Cyber Security
In order to deter cybercrimes while protecting the online security of individuals, agencies
and corporations in conjunction with the Australian governments have established a sound
and effective legislative framework. As a matter of fact, the Commonwealth, State and
Territory criminal laws can serve as a general guiding principle when dealing with those
offences in the cyberspace. Moreover, a number of new acts and provisions in particular have
been added to Commonwealth legal system to specifically tackle cyber offences relating to
computer technology and especially telecommunications system. These laws work together
with other legislations which dealing with offences concerning intellectual property rights,
terrorism and national security, etc. And state and territory legislative bodies have also
formulated their respective laws and codes in this regard.

5.1 Commonwealth legislation

As early as 1986, the Commonwealth legislative body made its own law in dealing with
computer offences in Part VIA (ss76A-76F) of the Crimes Act 1914 (Cth) (Australian
Government ComLaw, 2009). And as cybercrimes are becoming increasingly serious and
even rampant, the Australian government has introduced a series of acts and provisions in
fighting cyber offences and punishing cyber criminals during past decades.

5.1.1 Cybercrime Act 2001 (Cth)

The Model Criminal Code Officers Committee of the Standing Committee of

Attorneys-General established a project in 1990 (Model Criminal Code Officers Committee,
1998). Senior law officers from jurisdictions at all levels in Australia were the members. A
decade after, a document titled Report on Damage and Computer Offences was released to the
public by the Committee in 2001 (Urbas and Choo, 2008). And later in June 2001, the
Cybercrime Bill 2001 was proposed to the Commonwealth Parliament for some amendments
and then was made into a law, effective since October 1st 2001. On the one hand, the concept
and content of computer offences used to be covered in the Crimes Act 1914 was thus
enriched and revised in the Cybercrime Act 2001 (Cth). On the other hand, a legislative model
was also set for the states and territories in enacting computer and network related offences.
The Cybercrime Act 2001 (Cth) made amendments to the Australian Security Intelligence
Organisation Act 1979, the Criminal Code Act 1995 (Cth), the Crimes Act 1914 (Cth), the
Customs Act 1901 (Cth), the Criminal Code Act 1995 Education Services for Overseas
Students Act 2000 and the Telecommunications (Interception) Act 1997 (Australian
Government ComLaw, 2013a). Firstly, the Act offered the most comprehensive regulation of
computer and Internet related offences. A series of detailed and specific definitions relating to
computer offences were provided, including “unauthorised modification of data to cause
impairment, unauthorised impairment of electronic communication, unauthorised access to, or
modification of restricted data, unauthorised impairment of data held a computer disk etc.,
possession or control of data with intent to commit a computer offence, producing, supplying
or obtaining data with intent to commit a computer offence” (Australian Government
ComLaw, 2013b). Moreover, the Act added new provisions in dealing with serious computer

17
offences and less serious offences respectively. Serious computer offences carry a maximum
penalty of 10 years imprisonment or even life imprisonment while less serious ones two or
three years imprisonment (Urbas and Choo, 2008: 19). Furthermore, the Act specified the
penalty for each offence mentioned above, with the minimum penalty of 2 years
imprisonment and the maximum of 10 years.
However, the Cybercrime Act 2001 (Cth) became controversial for lack of consultation. .
Some critics argued that it was too broad in jurisdiction or it had extended police powers too
far or it might put many IT professionals at the risk of being prosecuted for doing legitimate
work (Chan, Coronel and Ong, 2003: 25). For example, in ss478.3 and 478.4 in the Act,
“these sections apply further constraints to legitimate but necessary activities of IT
professionals;” and “legislators fail to realize that IT professionals and researchers routinely
use programs that can be used to commit or facilitate the commission of the offences under
Division 477, simply because such programs also have legitimate purposes” (Chan, Coronel
and Ong, 2003: 28). The Act needs to be revised not to criminalise those “innocent behaviours
performed for work purposes” but to “safeguard the interests of IT professionals” (Chan,
Coronel and Ong, 2003: 31).

5.1.2 Cybercrime Legislation Amendment Act 2012 (Cth)

On September 12th 2012, the Cybercrime Legislation Amendment Act 2012 (Cth), which
originated from the Cybercrime Legislation Amendment Bill 2011, received Royal Assent. In
this Act, a series of amendments were made to acts such as the Telecommunications Act 1997,
the Telecommunications (Interception and Access) Act 1979 and the Mutual Assistance in
Criminal Matters Act 1987.
However, it should be noted that the Cybercrime Legislation Amendment Act 2012 was
enacted primarily for the purpose of implementing the Council of Europe Convention on
Cybercrime. As stipulated in the Act, when foreign agencies are requesting the cooperation
from the Australian Federal Police in accordance with the sections, “the Australian Federal
Police must give the carrier concerned a written notice (a foreign preservation notice) which
requires the carrier to preserve all stored communications related” (Australian Government
ComLaw, 2013c). Furthermore, greater authority has been given to federal or state authorities
in their access to stored communications. Some particular authorities or the Australian Federal
Police are permitted to represent some foreign countries in accessing the information required.
And the access could be granted even before a lawful warrant is approved. As it usually takes
a rather long time to obtain the approved warrant, the information and data critical to the
investigation and prosecution might have been destroyed (Urbas and Choo, 2008: 53). These
new provisions in the Cybercrime Legislation Amendment Act 2012 help preserve the
necessary and important evidence before the warrant is granted to the agencies concerned.

5.1.3 Broadcasting Services Amendment (Online Services) Act 1999 (Cth)

The Broadcasting Services Amendment (Online Services) Act 1999 (Cth) was formulated
with an emphasis to the content regulation on the Internet. This Act was enacted by the
Australian federal government as an endeavour to deal with online “’content that is illegal or
highly offensive, or maybe harmful to children’ at the access provider” (Goode, 2007: 58-77).

18
Under this legislation, the public members of the Australian Broadcasting Authority (ABA)
were given the right to complain to the ABA when they found certain offensive contents on
the Internet. And the ABA would classify and rate the contents concerned. Materials received
an “R” rating were seen as contents “unsuitable for general access and must be restricted by
way of an age verification system” (Goode, 2007: 58-77). In this way, the Act made content
hosts and service providers take the responsibility for the content they provided on the
Internet (Australian Legal Information Institute, 2013).
The above-mentioned acts and provisions are mostly specific to cyber offences or content
regulation. Apart from them, some other provisions were also introduced in dealing with the
difficulties and challenges in investigating the criminal behaviours in the cyber space. Take
the Crimes Act 1914 (Cth) as an example. If necessary, the Australian Federal Police had the
right to “access some encrypted data” with the help of someone (Australian Government
ComLaw, 2009). In addition, under the Crimes Act 1914 (Cth), the police can be granted the
authorisation to commit certain small offences if they need to in investigating particular
crimes (Australian Government ComLaw, 2009). Under this Act, the public servants or
contractors who used their access to the Commonwealth computers or data for money would
be prosecuted and punished as well (Urbas and Choo, 2008: 18).

5.2 State and Territory Legislations

In terms of computer-related offences, each state or territory enacted its own legislation
respectively. State and territory legislators used to merely see intrusion without
authorisation into other’s computer databases as computer offences, which were called
computer trespass in a (now repealed) Victorian provision (Urbas and Choo, 2008: 18). In this
sense, we can see that the early computer-related offences had little difference with such
conventional offences as theft or damage of personal properties. In the case of early
computer-related offences, the personal properties were specifically the computer or the data
stored in the computer. And the offenders would mostly try to get access to or make use of the
computer or modify the data on the computer without authorisation.
With the development of computer and network technologies, state and territory
governments in Australia recognized the increasing importance of protecting online users
while combating various cybercrimes. Therefore, a series of new provisions were added to
address these issues. The Australian Capital Territory offered a detailed definition of
computer-related offences in the Criminal Code 2002 (ss415 – 421 and ss423) and the
maximum penalty for cyber criminals is 25 years imprisonment (Australian Legal Information
Institute, 2002). New South Wales added Crimes Amendment (Computer Offences) Act 2001
to the Crimes Act 1900 (NSW), which included provisions in dealing with unlawful access to
data in computer and damaging data in computer. The Act (ss308C and 308D) carried a
maximum penalty of 10 years imprisonment or a fine of AUD$ 100,000 at most for punishing
offenders in this regard (New South Wales Government NSW Legislation, 2013). Northern
Territory made new provisions to the Criminal Code Act (ss276B – 276E) by enacting
Criminal Code Amendment Act 2001 in dealing with computer data related offences
(Australasian Legal Information Institute, 2013). Queensland added Criminal Law
Amendment Act 1997 to Criminal Code Act 1899 (s408E) in dealing with computer hacking
and misuse issues (Queensland Government Queensland Legislation, 2013). South Australia

19
added Summary Offences Act Amendment Act 1989 to Summary Offences Act 1953 (s44A)
and made amendments to it under the Summary Offences (Offensive and Other Weapons)
Amendment Act 1998, providing provisions relating to unlawful operation of computer system
and unauthorized impairment of data held in credit card or on computer disk or other device
(Government of South Australia Attorney-General’s Department South Australian Legislation,
2013). Victoria has developed Crimes (Property Damage and Computer Offences) Act 2003 to
compliment the Crimes Act 1958 (ss247B–247H), legislating in terms of “unauthorized access,
modification or impairment with intent to commit serious offence, unauthorized modification
of data to cause impairment, unauthorized impairment of electronic communication,
possession of data with intent to commit serious computer offence, producing, supplying or
obtaining data with intent to commit serious computer offence, unauthorized access to or
modification of restricted data and unauthorized impairment of data held in computer disk,
credit card or other device” (Victorian Legislation and Parliamentary Documents, 2013).
Western Australia has enacted Criminal Code (ss440A(3)(a) – 440A(3)(c)) with the addition
of Criminal Law Amendment (Simple Offences) Act 2004, focusing on unauthorized use of
computer systems (Government of Western Australia Department of the Premier and Cabinet
State Law Publisher, 2013). For the above mentioned state and territory provisions regarding
computer related offences, the maximum penalty of imprisonment is 25 years (Urbas and
Choo, 2008: 18).

20
 6. Australia’s Practices to Combat Cybercrimes

6.1 Australian Government’s Practices in Maintaining Cyber Security

6.1.1 Financial Support

AUD $125.8 million was allocated over four years by the Australian government in May
2008, with an aim to carry out a series of effective measures known as the Cybersafety Plan
in maintaining cyber security in Australia. In the Plan, the following initiatives were proposed:
a) “expanding the Australian Federal Police (AFP) Child Protection Operations Team in order
to conduct the detection and investigation process for online child sex exploitation; b)
providing more fund to the Commonwealth Director of Public Prosecutions, which will help
the AFP in making sure the increased concerning prosecutions are addressed in an efficient
way; c) monitoring the content filtering of Refused Classification material introduced by the
Internet Service Provider (ISP); d) offering financial support to the Australian
Communications and Media authority (ACMA), which organizes a series of education
activities; e) enlarging the scale of Consultative Working Group, whose major function is to
propose practical advice to the Australian government in policy-making concerning cyber
security; f) establishing Youth Advisory Group and online forum, from which young Internet
users could seek sound advice; g) conducting more thorough and effective research in regard
to proposing effective policies against cyber offences” (Australian Government Department of
Broadband, Communications and the Digital Economy, 2013).
AUD $43 billion has been contributed over eight years by the Australian government to
improving and perfecting the National Broadband Network (NBN). As one of the largest
investments in Australia’s broadband infrastructure construction, the NBN was expected to
provide families and corporations in Australia with the access to high-speed broadband (Roth,
2010: 8).

6.1.2 Team Building in Protecting Cyber Security and Fighting Cybercrimes

In raising Australians’ awareness of cyber threats, the Australian government has set up
some organisations designed to protect users’ online security or fight cyber offences. The
Australian government set up the Cyber Security Operations Centre (CSOC) under the
supervision of the Defence Signals Directorate (DSD). The CSOC was an initiative proposed
in the Defence White Paper by the Australian government. Titled Defending Australia in the
Asia Pacific Century: Force 2030, the White Paper was released in 2009. The CSOC was
established for the main purpose of “providing the Australian government with all-source
cyber situational awareness and an enhanced ability to facilitate operational responses to
cyber security events of national importance” (Australian Government Department of
Defence, 2009). The CSOC is playing an active role in two ways: a) discovering the hazards
which might undermine the interests of the country in the cyber space while helping the
government gain a keen perception of these threats; b) and working as a coordinator and an
auxiliary force in dealing with cyber issues critical to governments at all levels and the state
infrastructure (Australian Government Department of Defence Intelligence and Security,

21
2013). A top-notch team having received professional training in computer information
technology and analysis were built in the CSOC and they are capable of identifying computer
or network attacks launched by hackers outside Australia who can bring their analytic
capabilities and techniques into full play. Many government agencies have their
representatives in the CSOC and they have vigorously participated in work like evaluating the
potential risks or protecting the public and individual interests in the cyber world. The
agencies in cooperation with the CSOC include Australian Defence Force, Defence
Intelligence Organisation, Defence Science and Technology Organisation, Australian Security
Intelligence Organisation, Attorney-General’s Department and Australian Federal Police. As a
result, the CSOC can also provide practical suggestions to the government in formulating
effective measures in response to cyber offences.
What’s more, computer emergency response has received great attention. An official and
new national computer emergency response team was organised in 2010, which is known as
CERT Australia. It was established aiming to “provide an initial point of contact for cyber
security information for Australia and to coordinate Australia’s cyber event response
arrangements, nationally and internationally” (CERT Australia, 2013). CERT Australia helped
facilitated the communication of the government with organisations and businesses within and
outside Australia in information sharing. In this way, their coordination and cooperation in
minimising cyber threats can be conducted in a more effective and strengthened way. In
addition, a crisis management plan was expected to be formulated by CERT Australia to
protect the state security in the cyber world. By providing a brief description of some concrete
measures, CERT Australia is responding to cyber threats in a practical way. At the same time,
a series of cyber security exercises will be carried out, with an aim to evaluate and improve
Australia’s arrangements in the event response against cyber attacks. Such exercises include
Cyber Storm series in coordination with the organisation of the United States. As an assisting
and supplementary force for the CSOC, CERT Australia is playing an important role in
helping the Australian government minimise cyber threats (Australian Government
Department of Defence, 2009).

6.1.3 Cyber Security Education

Supported by industry and organisations, the Australian government has been organising
the National Cyber Security Awareness Week series annually in collaboration with state and
territory governments across the continent. This initiative offers Internet surfers practical
advice in protecting their personal information online without taking too many efforts. On
June 12th 2012, the 2012 Awareness Week activity was organised by the government with the
participation of more than 900 organisations and government agencies around the country,
and lasted 4 days.
In addition, websites providing cyber security education has been launched by the
government. The website Stay Smart Online (http://www.staysmartonline.gov.au/),
established by the government and hosted by the Department of Broadband, Communications
and the Digital Economy, offers advice on how to help online users keep their computer
systems away from attacks and to protect their personal information online (Stay Smart
Online, 2013). The website also provides some useful links to other resources for parents and
teachers to learn how to protect their children online. All the services provided on the website

22
are free of charge and users can subscribe to the free service provided or unsubscribe
whenever they want to; they are also free to select some particular information they give
priority to. Notably, the website offers a Stay Smart Online Alert Service for free. This service
enables users to keep updated with the most recent threats and challenges against cyber
security. In the meanwhile, they can easily find some suggested solutions to avoid and
minimise the cyber hazards. Alerts can be sent to users via email, online service or Really
Simple Syndication (RSS) feed. Moreover, the website also provides a Budd:e Cyber Security
and Safety Education Package specially designed for teachers and children. The Package
comprises a series of “media-rich and interactive learning activities” (Stay Smart Online,
2013), which can greatly raise the awareness of children in recognising cyber threats. And in
this way children can learn to protect themselves online consciously. Various topics
concerning cyber security have been included in this package, including: “malicious software,
securing personal information online and social networking” (Stay Smart Online, 2013). With
its contribution to cyber security education in Australia, Budd:e won a 2010 Australian
Interactive Media Industry Association (AIMIA) award for functioning as the “best interactive
media and digital content designed for children” (Australian Government Department of
Broadband, Communications and the Digital Economy, 2013). Besides, Stay Smart Online
designed a Small Business Self-Assessment Tool for protecting small businesses. With the
Tool, small business owners can be provided some practical and effective measures in
keeping their computer systems safe.

6.2 Measures Taken by Government Agencies

6.2.1 Australian Government Attorney-General's Department

Aiming to provide “essential expert support to the government in the maintenance and
improvement of Australia's system of law and justice and its national security and emergency
management systems” (Australian Government Attorney-General’s Department, 2013) for the
interests of all Australians, the Australian Government Attorney-General's Department was
established. The Attorney-General’s Department has been functioning as a leading force in
safeguarding cyber security. A series of measures were taken in this regard, including
formulating the national cyber security policy, adapting law and law enforcement in the
digital environment for the Australian economy. Meanwhile, it also chairs the Cyber Security
Policy and Coordination (CSPC) Committee and has acted as a coordinator in the
policy-making process in terms of cyber security. Furthermore, the Department coordinated
the development of Protecting Yourself Online—What everyone needs to know, a
whole-of-government publication. In addition, the Department has been cooperating with
national security and law enforcement agencies such as the Department of Broadband,
Communications and the Digital Economy (DBCDE) and NBN Co., Ltd in protecting
Australian governments and individual users online. With the joint efforts of these agencies,
some issues critical to the national broadband network can be properly solved.

6.2.2 Australian Federal Police (AFP)

By combining three Commonwealth law enforcement agencies, the Australian Federal

23
Police (AFP) was founded and became operational in 1979.As an Australian leader in
combating crimes, the AFP has been engaging itself in fighting cybercrimes and protecting
Australian users online. On the one hand, “by employing the core principles of prevention,
deterrence, partnership and innovation, the AFP strives to build a more secure future for
Australia and its global partners” (Australian Federal Police, 2012). On the other hand, it has
been sparing no efforts to crack down transnational crimes in many fields including
combating organised cyber offences within an international framework.
Working with Microsoft Australia, Ninemsn and Datacom, the Australian Federal Police
launched an Internet safety initiative known as ThinkUKnow Australia. The program was
aimed to call the attention of parents and teachers in protecting young Internet users. The
website of ThinkUKnow (http://www.thinkuknow.org.au/) was developed to provide
necessary information of every kind for parents and teachers to have a glimpse into the
software, technological tools or applications which enjoy great popularity among young
students and children. In addition, it can help teachers and parents examine the potential
hazards or risks these technologies can pose to young Internet surfers. By following the
guides or advice offered on the website, parents and teachers can find ways appropriate and
effective to protect young people online. Furthermore, when a cyber attack or danger occurred,
parents or teachers can report directly on the official website of ThinkUKnow. Various
resources concerning cyber security are available on the website and can be downloaded free
for future reference. The ThinkUKnow program has begun in ACT, NSW and Victoria as a
pilot program since 2009 and received assessment in these areas respectively. With
satisfactory evaluation, the program has been introduced and developed on a national basis
since 2010. Presentations offered by ThinkUKnow have been booked by and delivered to over
200 schools across the continent. “Innovation Award” was granted to the program by the
Secure Computing Magazine in 2010 for its positive contribution to protecting children online
(Australian Federal Police, 2010).
What is more, the AFP established a Crime Prevention team under the High Tech Crime
Operations (HTCO) portfolio. The team has delivering presentations regularly on Cyber
Safety to students in primary and secondary schools and those in “junior sporting and
community groups” ( Australian Federal Police, 2012a). Through audio-visual approaches,
they can play some videos in a vivid way for students to realise the threats posed by “sexting
or online grooming” and learn how to protect themselves online. Practical advice can be
offered to young children on “how to have their own fun on the Internet without putting
themselves at risk” (Australian Federal Police, 2012a). The presentations delivered covered
the topics like “identity protection, cyber-bullying, safe social networking and digital
footprints” (Australian Federal Police, 2012a).

6.2.3 Defence Signals Directorate (DSD)

As an intelligence agency in the Australian Government Department of Defence, the

Defence Signals Directorate (DSD) aims to “support Australian government decision-makers
and provide the Australian Defence Force (ADF) with high-quality foreign signals
intelligence products and services” (Australian Government Department of Defence
Intelligence and Security, 2013a). One of the key roles played by the DSD is to “provide
advice and assistance on information and communications security, known as InfoSec”

24
(Australian Government Department of Defence Intelligence and Security, 2013b). In support
of ADF’s military influence, the DSD made contribution to cyber security by protecting
ADF’s digital information systems against unlawful trespass, disturbance or interruption. The
DSD is responsible for maintaining the security of the Australian information of various kinds.
Moreover, the DSD has been exerting a profound influence on protecting Australia’s cyber
security. As the network technologies are developing fast, Australian governments at all levels
are moving rapidly towards delivering services on the Internet. Therefore, the DSD has been
strengthening its role in preventing the government information stored online from being
attacked or exposed. In 2010, the Cyber Security Operations Centre was set up under DSD,
aiming to help governments raise the awareness of the threats online while offering practical
and effective countermeasures for governments and industry to protect them online. Moreover,
the Australian Government Information Security Manual was prepared by the DSD to offer
government agencies some useful ways to manage online risks. The Manual is “the standard
which governs the security of government ICT systems” (Australian Government Department
of Defence Intelligence and Security, 2013c). Furthermore, the DSD has been working as “the
point of contact for government agencies” (Attorney-General’s Department, 2013) in
reporting cyber security incidents.

6.2.4 Australian Communications and Media Authority (ACMA)

As a statutory authority, the Australian Communications and Media Authority (ACMA)

was established as a division of the Commonwealth’s Broadband, Communications and the
Digital Economy. By incorporating the Australian Broadcasting Authority with the Australian
Communications Authority, the ACMA began to function as an important role in the
regulation of broadcasting, the Internet, radio communications and telecommunications. By
collaborating with industry, the ACMA not only has been developing itself in a vigorous way,
but also has made industry comply with license criteria, rules and laws. Moreover, the ACMA
has been constantly ensuring the effectiveness of these codes and regulations and gearing
them to the public needs (Australian Communications and Media Authority, 2013).
As an effort to maintain Australians’ security online, the ACMA launched the Cybersmart
initiative, a “national cyber safety and cyber security education program” (Cybersmart, 2013a)
organised by the Australian government. The program is targeted at protecting children and
young people by raising the awareness of children while offering advice to parents, teachers
and librarians. Rich education resources have been provided on the Cybersmart website
(http://www.cybersmart.gov.au/) to protect young Internet users. Besides, some other
programs have also been included as a complement to the Cybersmart initiative. The
Cybersmart Outreach Professional Development for Educators program was launched as an
integral part of the initiative. This program was designed to satisfy the needs of the teachers
who are conducting a research in cyber security. Serving trainee teachers, the Pre-Service
Teacher program can keep the to-be teachers with updated information, including the
information which may influence the behaviours of the students online, in schools or at home.
An online learning course: Connect.ed was added on the Cybersmart website to the
face-to-face Professional Development for Educators program. What’s more, a series of
presentations focusing on Internet Safety Awareness can be accessed to in both urban and
regional centres across the continent by teachers, parents and children. These materials can

25
help the audience become aware of the possible risks posed to the children surfing on the
Internet. They can also offer some practical online tools or suggestions for parents and
teachers to guide young Internet surfers in responding to these risks in a positive way. Apart
from these education programs, the initiative offered a Cybersmart Online Helpline service
for “young people who have experienced issues online” (Cybersmart, 2013c). In addition, the
Cybersafety Contact Centre was set up as “a national telephone centre providing online safety
information, advice and access to resources for all Australians” (Cybersmart, 2013b).
Furthermore, the ACMA has been managing the Australian Internet Security Initiative
(AISI) program, which deals with 'zombies', 'bots', or 'drones' computer incidents in Australia.
On the one hand, the program can help users distinguish whether their computers has been
infected or not. On the other hand, it can encourage Internet Service Providers to help their
users maintain the security and safety of their computers and personal information (Australian
Communications and Media Authority, 2013).

6.2.5 Department of Broadband, Communications and the Digital Economy (DBCDE)

The Department of Broadband, Communications and the Digital Economy (DBCDE) has
been making great efforts to advance Australia’s E-business for the benefit of the general
public in Australia. The DBCDE has been developing a healthy and effective system in
broadband, broadcasting and communications. By monitoring cyber security education
programs like the Stay Smart Online website (http://www.staysmartonline.gov.au/), the
DBCDE has been engaging actively in raising individual’s awareness of cyber risks. In
addition, the DBCDE is in charge of the implementation of the National Broadband Network
campaign. . Furthermore, the DBCDE launched an Internet Service Provider Voluntary Cyber
Security Code of Practice, known as icode (Australian Government Department of Broadband,
Communications and the Digital Economy, 2013b) in collaboration with the Internet Industry
Association. Thanks to icode, ISPs in Australia can help their customers learn about online
threats and how to maintain their security online in a reliable way. Since its adoption on
December 1st 2010, the code has been agreeably received by relevant industries. With the
participation of 34 ISPs, the icode has won the support of an overwhelming majority of the
home Internet market in Australia (Australian Government Department of Broadband,
Communications and the Digital Economy, 2013b).

6.2.6 Australian Cyber Security centre (ACSC)

As officially announced by the Australian Prime Minister Julia Gillard in January 2013, a
new Australian Cyber Security centre (ACSC) will be established soon and will begin to
function by late 2013. The ACSC will help double Australia's efforts and strengthen the
government’s capabilities in fighting against the increasingly rampant attacks in the cyber
space. When the ACSC is created, it will take the responsibilities of examining the
characteristics and the extent of online threats. Thus, the ACSC can guide the Australian
government in taking efficient measures against online threats while offering practical
suggestions and necessary assistance. At the same time, the ACSC will also collaborate with
industry and governmental agencies in preventing the attacks launched against the computer
systems or networks in Australia. Backed by top-notch experts in cyber security, the ACSC

26
was expected to make great contributions to building highly secure networks in Australia
(Australian Government Department of Broadband, Communications and the Digital
Economy, 2013b).

6.3 Efforts Made by Non-Governmental Organisations

6.3.1 Baker and MacKenzie Cyberspace Law and Policy Centre in Faculty of Law at
University of New South Wales (UNSW).

The Cyberspace Law and Policy Centre is sponsored by the local and global partners of
an internationally prominent law firm-Baker & McKenzie. As a research centre in Faculty of
Law at the University of New South Wales (UNSW), the Cyberspace Law and Policy centre
attaches great emphasis to the legislative issues and the policies of governments at all levels in
regard to the safety of online businesses and transactions. The centre has been conducting a
series of multi-disciplinary and collaborative research projects which “explore into the
emerging challenges in areas covering regulation of malware and cybercrime, online content
regulation, hacktivism, legal jurisdiction in virtual worlds, privacy and personal information
security, online financial transactions and investment services, etc.” (Cyberspace Law and
Policy Center, 2011) Apart from these research projects, the centre has been engaging
vigorously in promoting the exchanges between researchers, policy-makers, technology
professionals and legal experts. For example, a series of symposia on Public Policy in
Cyberspace has been organised by the centre since 2002, with the participation of government
authorities, technical professionals and legislative officials (Cyberspace Law and Policy
Centre, 2011).

6.3.2 Electronic Frontiers Australia Inc. (EFA)

Set up in January 1994, Electronic Frontiers Australia Inc. (EFA) was a non-profit
national organisation. The EFA was formed to safeguard and protect the freedoms and rights
of online users. The EFA placed the protection and improvement of online user’s civil
liberties as its first priority. Moreover, when certain laws or rules tried to restrict user’s right
of free speech on the Internet, the EFA insisted to amend such unreasonable provisions.
Furthermore, the EFA members have been making great efforts to raise the awareness of the
general public in dealing with risks against the Internet and communication systems while
protecting the user’s civil liberties on the Internet. With almost no direct support from the
government or commercial organisations, the EFA has been mainly funded through
membership subscriptions and donations from individuals and organisations in support of the
civil liberties of Internet users. Its members and advocators are from all walks of life across
the continent. The EFA have helped many people in Australia realize that only through
people’s readiness to stand up and fight for their own freedom and rights, will the government
put forward policies for the benefits of the people and provide reliable and truth-telling media
reports (Electronic Frontiers Australia, 2013).

27
 6.3.3 Business Software Association of Australia (BSAA)

Founded in 1989, the Business Software Association of Australia (BSAA) received the
support from businesses producing software for commercial use in Australia. And in Jan.
2007, Australia joined as a branch of the Software Alliance (BSA) in place of BSAA and
continued to function as a non-profit industry association educating software producers,
corporations and individual users in how to protect copyright and manage software in an
effective way. Many leaders in the software industry were the members of the BSAA,
including Apple Computer, Microsoft, Adobe Systems, etc ( BSA, 2013).

6.3.4 NSW Society for Computers and the Law

The NSW Society for Computers and the Law was therefore formed in 1982 to serve as a
platform for lawyers, experts in computer and communications technologies, and those who
are concerned about the legal issues in computer or communications related areas to
communicate with and learn from each other, . Lawyers and information professionals who
have participated in the activities organised by the Society may come from industries of every
kind, including private practice, corporations, academia and government. In the Society, the
copies of a particular thought-provoking journal recently published can be provided to each of
its member for free. In addition, an extensive seminar has been organised on a monthly
basis. The Society has now many sister societies across the continent and even in such regions
outside Australia as New Zealand and the United Kingdom (NSW Society for Computers and
the Law, 2013).

6.3.5 National Australia Bank (NAB)

Known as one of Australia's largest banks, the National Australia Bank (NAB) is “a
financial services organisation with over 12,000,000 customers and 50,000 people, operating
more than 1,750 stores and Service Centres globally” (National Australia Bank, 2013).
Recently, the NAB has been preparing to join hands with Macquarie University in working
out effective and practical measures in countering and minimising cyber attacks against
banking institutions. With the cooperative support of the Australian Research Council (ARC)
and the NAB, the undergoing research program will receive AUD$225,000 (US$196,700)
over the next three years (National Australia Bank, 2007).
As the NAB had suffered from the denial of service (Dos), one major form of cyber
attacks, it is expecting satisfactory research result from this cooperative effort. Apart from
Dos attacks, studies into such cyber threats as phishing, fraud, unlawful identity trade, etc.
have also been attached great importance to in this program. Fifteen researchers and four
Ph.D. students will join the research. The research group members come from division of
Policing, Intelligence and Counter Terrorism and its division of Information and
Communication Sciences of Macquarie University and will receive the support from the
Australian High Tech Crime centre (AHTCC) as well. Correspondingly, two experts in IT
security will join the program as they have cooperated with the AHTCC before (National
Australia Bank, 2007). With the help of the AHTCC, the group can have a closer look at the
origins of attacks through phishing. They may possibly locate the markets for illegal

28
transactions of online identity information.

29
 7. International Cooperation on Cybercrime

7.1 Cross-border cooperation in dealing with cybercrimes

Australia has been seeking cooperation with other countries in combating cybercrimes
and maintaining cyber security. Cross-border cooperation in investigating and prosecuting
cyber criminals can be achieved in two major forms.
The first form is termed as investigator-to-investigator assistance. Such cooperation is
considered informal as it requires no legal permission and the information requested is usually
available to the public. In such cases, it is convenient for investigators to share information
and offer mutual support. As a member of the International Criminal Police Organisation
(Interpol), law enforcement agencies in Australia can seek police-to-police assistance from
foreign countries in a collaborative way. And this can even be applicable when Australia has
not established diplomatic relationships with a particular country (Urbas and Choo, 2008: 39),
which in particular could greatly facilitate the investigation into organised and cross-border
cybercrimes and the prosecution of criminals concerned.
The second form is on a much more formal basis as it is often resorted to when
compulsory powers are required such as the execution of a search warrant or the extradition of
a suspect. And this form of cooperation is under the regulation of Mutual Assistance in
Criminal Matters Act 1987 (Cth). Moreover, as Australia has signed treaties in terms of
bilateral assistance with 25 countries till May 2007, it usually takes few efforts for Australian
law enforcement agencies to request such formal mutual assistance. However, a central office
must process such requests in this regard in both requesting and requested countries with the
approval at a ministerial or other high official level. Therefore, this form of cooperation
usually takes a fairly long time to achieve (Urbas and Choo, 2008: 39).

7.2 Council of Europe’s Convention on Cybercrime

In March 2013, Australia formally joined 38 other Council of Europe member states in
putting the Council of Europe’s Convention on Cybercrime into force after ratifying it in Nov.
2012. The Convention on Cybercrime is the world's first and the only binding international
treaty in dealing with crimes committed in the cyber space. Over forty countries in Europe
and some non-member countries including Canada, Japan, South Africa and the United States
of America have signed up to the convention. The convention has been urging these signatory
countries to enact national legislations in fighting cybercrimes. In the meanwhile, more joint
efforts should be strengthened between these countries in this regard, especially in combating
cyber offences of cross-border nature (Council of Europe, 2013).
It took more than a decade for Australia to accede to the Convention on Cybercrime since
it was open for signature in Nov. 2001. But the earlier drafts of the convention have exerted a
great influence on some key legislations dealing with computer and network related offences
in Australia. For example, the commonwealth Cybercrime Act 2001 (Cth) and its subsequent
legislations added the spreading of offensive content using the Internet to the scope of cyber
offences (Urbas and Choo, 2008: 15).

30
7.3 Cyber Storm Exercises

A project of national cyber exercises was conducted the Australian government to “test
and refine event response arrangements” (Attorney-General’s Department, 2013:14) in
Australia. The project includes the Cyber Storm series of exercises under the management and
coordination of the United States (Attorney-General’s Department, 2013:15).
Aiming to “improve the ability of governments and critical infrastructure owners and
operators to manage incidents affecting the National Information Infrastructure”, the
Attorney-General’s Department managed the Cyber Storm II program in March 2008. With
the participation of many other countries including the United States, Canada, New Zealand
and the United Kingdom, Australia’s national cyber exercise Cyber Storm II was carried out
within an international context. Moreover, it was also an extensive exercise with the
involvement of government agencies, state and territory governments and private companies
across the continent.
It was acknowledged by many participants that Cyber Storm II had provided an
extremely cost-effective way of conducting an in-house cyber exercise within a global
exercise framework (Trusted Information Sharing Network, 2010).

7.4 Organisation for Economic Co-operation and Development (OECD)

On June 7th 1971, Australia joined the Organisation for Economic Co-operation and
Development (OECD). As early as 1986, the OECD contributed a report entitled
Computer-related crime: analysis of legal policy. In this report, the OECD encouraged its
member states to attach ample emphasis to “the coverage under their national penal laws of
specific knowingly committed acts” (Urbas and Choo, 2008: 10). In 1992, OECD Guidelines
for the Security of Information System (Organisation for Economic Co-operation and
Development, 2002) was prepared and published it was modified and reprinted in 2002 with
the title of OECD Guidelines for the Security of Information Systems and Networks: Towards
a Culture of Security (Organisation for Economic Co-operation and Development, 2002). In
the guidelines, the OECD encouraged international collaboration and coordination in
protecting information systems. Three years later, a report themed as The Promotion of A
Culture of Security for Information Systems and Networks in OECD countries (Organisation
for Economic Co-operation and Development, 2005) attached great emphasis on combating
cybercrime, developing Computer Emergency Response Teams (CERTs), raising awareness
and fostering education. Since then, Australia governments at all levels have been adhering to
the principles and approaches proposed by the OECD, including establishing the Trusted
Information Sharing Network (TISN) and the cooperative operations of the AHTCC (Urbas
and Choo, 2008: 11).

7.5 Cooperation with Indonesia

In 2011, a Cybercrimes Investigation Centre was set up with the joint efforts of the
Australian Federal Police and the Indonesian National Police jointly. Through this endeavour,
the collaboration in fighting cybercrimes of transnational nature between the two countries
has been intensified and strengthened. As a member team of the Asia Pacific Computer

31
Emergency Response Team (APCERT), Australia has been participating actively in
international cooperation and collaboration in ensuring cyber security and fighting
cybercrimes.

32
 8. Conclusion
The Internet has been transforming the lifestyles that people have accustomed to for a
long time. The function of the computer is now more than computing. The computer and
network are “of essential importance to our life and even our existence in general” (Sun and
An, 2006: 204). And cybercrimes are overturning the traditional crime theories, legislations
and people’s modes of thinking when dealing with criminal behaviours.
In the physical world, the Internet is no more than a network system which connects
computers around the world through electric wires and optical fibers. And cybercrimes are the
criminal behaviours conducted by the offenders using or targeting the network system. In this
sense, cybercrimes are similar to traditional crimes except for different forms. In the virtual
world, the cyberspace is considered as a virtual space distinct from the actual world. And
cybercrimes are a new type of crimes that are committed in the cyberspace. Therefore, new
theories, legislations and way of thinking are required to address issues relating to
cybercrimes. It should be noted that in fact either of the two perspectives is “legally
meaningful and significant in their respective senses” (Sun and An, 2006: 205). However, a
fact cannot be ignored that the Internet has been bringing revolutionary changes to our society
and has been impacting deeply our traditional thinking. Therefore, we should study
cybercrimes on the basis of the virtual perspective while integrating with the physical one.
Thus we could gain a keen perception of cybercrimes. In terms of the legislations dealing with
cybercrimes in Australia, most of the provisions and acts defined cybercrimes from the
physical perspective. In this way, the physical perspective of studying cybercrimes helped the
legislative bodies at all levels punish and prevent cybercrimes in a more efficient way while
maintaining the integrity of the legal system in Australia.
Cybercrimes are more than one type of crimes. It is a comprehensive social problem in
the network age. Therefore, we should not expect to prevent cybercrimes only through a
single approach or two to three technological means. If we aspire to contain and eliminate
cybercrimes, we must improve ourselves and the network order as well. In this sense, the
prevention of cybercrimes is truly an enormous program for our society, which requires
necessary social control. Initially, the network systems were built for resource sharing and
freedom of information. Apparently, social control and the freedom contradict each other as
the control may restrict and even sacrifice such freedom while the latter can only be obtained
within the limits of the former. In the cyberspace, it is necessary to make online users to
recognise the restraint effects of the social authority and social norms. But at the same time,
legislative and enforcement agencies should not damage people’s individual rights, block the
channels to express public opinions, deny one’s subject qualification or deprive one of his or
her own private life. The cyberspace is a new domain for human activities dependent on the
computer and network in the physical world. “The prevention of cybercrimes requires the
integration of technical regulations in building networks with the laws and rules dealing with
behaviours in network applications” (Bu, 2001: 111). Though a series of laws and provisions
have been legislated in dealing with cybercrimes in Australia, the legal system is the only
resource left when the other means fail to protect the lawful rights and interests of a nation, a
society or an individual in an effective way. And in such cases, criminal penalty is the only
way in force to protect the lawful rights and interests. This means these criminal laws have

33
limited effectiveness in the whole protection system of social interests. And more
amendments and provisions need to be enacted to enrich and complement the legislations in
existence on a regular basis and in a more productive way.
Moreover, greater efforts must be made in developing and producing highly secure
computers to replace the computers vulnerable to attacks. When assessing and evaluating the
security of computer operation systems, the impact of the structure of open systems on
security needs professional and reliable review. Besides, a mechanism should be established
in examining and reporting the security status of networks on a regular basis. Furthermore,
“apart from raising the awareness of online users in protecting themselves, attention should
also be paid to building individual ethics and moralities in the cyberspace” (Zhang and Ma,
2001: 131). Moral education should be offered regularly to young students in schools as they
tend to think some cyber offences are merely common behaviours for fun. In addition, as
“organised crimes in the cyberspace are becoming increasingly grave” (Kshetri, 2010: 1),
Australia must attach greater emphasis to working jointly with other countries. As both
Australia and China have been engaging actively in international cooperation to maintain
cyber security and fight against cybercrimes, mutual assistance and cooperation between
Australia and China should also be sought. As Australia and China already have
well-developed cooperation in such areas as trade, energy, science and technology, the two
countries will also start to work together to combat cybercrimes in the near future.

34
 BIBLIOGRAPHY

Australasian Legal Information Institute. 2013. “Criminal Code Act”.

http://notes.nt.gov.au/dcm/legislat/legislat.nsf/d989974724db65b1482561cf0017c

bd2/cd0122ee34108ae769257a5f007a1c7f?OpenDocument (accessed March 28,

2013).

Australian Communications and Media Authority. 2012. “The ACMA overview”.

http://www.acma.gov.au/WEB/STANDARD/pc=ACMA_ORG_OVIEW

(accessed March 28, 2013).

Australian Communications and Media Authority. 2013. “Australian Internet Security

Initiative”. http://www.acma.gov.au/WEB/STANDARD/pc=PC_310317#aisi

(accessed March 28, 2013).

Australian Federal Police. 2010. “AFP wins cyber-safety award”.

http://www.afp.gov.au/media-centre/news/afp/2010/may/afp-wins-cyber-safety-a

ward (accessed May 27, 2010).

Australian Federal Police. 2012a. “Cyber safety and ThinkUKnow presentations”.

http://www.afp.gov.au/media-centre/facts-stats/cyber-safety-and-thinkuknow-pr

esentations (accessed March 28, 2013).

Australian Federal Police. 2012b. “Policing”. http://www.afp.gov.au/policing.aspx

(accessed March 28, 2013).

Australian Government Attorney-General’s Department. 2013a. “About Us”.

http://www.ag.gov.au/About/Pages/default.aspx (accessed March 28, 2013).

Australian Government Attorney-General’s Department. 2013b. “Australian Government

Cyber Security Strategy”.

http://www.ag.gov.au/RightsAndProtections/CyberSecurity/Documents/AG%2C

yber%20Security%20Strategy%20-%20for%20website.pdf (accessed March 28,

2013).

Australian Government Attorney-General’s Department. 2013c. “National Identity Security

35
 Strategy”.

http://www.ag.gov.au/RightsAndProtections/IdentitySecurity/Documents/Nation

al%20Identity%20Security%20Strategy%202012.PDF (accessed March 7, 2013).

Australian Government ComLaw. 2009. “Crimes Act 1914 (Cth)”.

http://www.comlaw.gov.au/Details/C2004C03157 (accessed November 24, 2009).

Australian Government ComLaw. 2013a. “Cybercrime Act 2001(Cth)”.

http://www.comlaw.gov.au/Details/C2004A00937/Amends (accessed March 28,

2013).

Australian Government ComLaw. 2013b. “Cybercrime Act 2001-C2004A00937”.

http://www.comlaw.gov.au/Details/C2004A00937/Html/Text#param4 (accessed

March 28, 2013).

Australian Government ComLaw. 2013c. “Cybercrime Legislation Amendment Act 2012”.

http://www.comlaw.gov.au/Details/C2012A00120 (accessed March 28, 2013).

Australian Government Department of Broadband, Communications and the Digital

Economy. 2013a. “Cybersafety plan”.

http://www.dbcde.gov.au/funding_and_programs/cybersafety_plan (accessed

March 28, 2013).

Australian Government Department of Broadband, Communications and the Digital

Economy. 2013b. “Cyber Security”.

http://www.dbcde.gov.au/online_safety_and_security/cyber_security (accessed

March 28, 2013).

Australian Government Department of Defence Intelligence and Security. 2013a.

“CSOC-Cyber Security Operations Centre”.

http://www.dsd.gov.au/infosec/csoc.htm (accessed March 28, 2013).

Australian Government Department of Defence Intelligence and Security. 2013b. “Signals

intelligence (Sigint) role”. http://www.dsd.gov.au/aboutdsd/rolesigint.htm

(accessed March 28, 2013).

36
Australian Government Department of Defence Intelligence and Security. 2013c.

“Information security”. http://www.dsd.gov.au/infosec/index.htm (accessed March

28, 2013).

Australian Government Department of Defence Intelligence and Security. 2013d.

“ISM-Information Security Manual”. http://www.dsd.gov.au/infosec/ism/index.htm

(accessed March 12, 2013).

Australian Government Department of Defence. 2009. “Defending Australia in the Asia

Pacific century: force 2030”.

http://apo.org.au/research/defending-australia-asia-pacific-century-force-2030

(accessed May 4, 2013).

Australian Institution of Criminology. 2009. “Externally published papers by AIC staff”.

http://www.aic.gov.au/crime_types/cybercrime/other-aic.html (accessed July 1,

2009).

Australian Legal Information Institute. 2002. “Australian Capital Territory Consolidated

Act Criminal Code 2002”.

http://www.austlii.edu.au/au/legis/act/consol_act/cc200294/s323.html (accessed

March 24, 2013).

Australian Legal Information Institute. 2013. “Broadcasting Services Amendment (Online

Services) Bill 1999 Explanatory Memorandum”.

http://www.austlii.edu.au/cgi-bin/download.cgi/au/legis/cth/bill_em/bsasb199945

9 (accessed March 28, 2013).

Biderman, Albert D. & Reiss, Albert J. 1967. “On Exploring the ‘Dark Figure’ of

Crime”. The Annals of the American Academy of Political and Social Science, 374,

1-15.

Brenner, Susan W. 2010. Cybercrime: Criminal Threats From Cyberspace. New York:

Praeger Publishers.

BSA| The Software Alliance. 2013. “About BSA and Members”.

37
 http://ww2.bsa.org/country/BSA%20and%20Members.aspx (accessed March 28,

2013).

Canberra Times. 2013. “9/11 Decade Over: Defence Focus on Cyber Security”.

http://www.canberratimes.com.au/it-pro/security-it/911-decade-over-defence-foc

us-on-cyber-security-20130123-2d7jc.html (accessed January 24, 2013).

CERT Australia. 2013. “About Us”. https://www.cert.gov.au/about (accessed March 28,

2013).

Chan, Nelson. Coronel, Simon & Ong, Yik Chiat. 2003. “The Threat of the Cybercrime Act

2001 to Australian IT Professionals”. Proceedings of the First Australian

Undergraduate Students’ Computing Conference. 25-33.

Clark, Eugene. 2010. Cyber Law in Australia. London: Kluwer Law International.

Clough, Jonathan. 2010. Principles of cybercrime. Cambridge: Cambridge University

Press.

Council of Europe. 2003. “Additional Protocol to the Convention on Cybercrime,

concerning the criminalization of acts of a racist and xenophobic nature committed

through computer systems”.

http://conventions.coe.int/Treaty/en/Treaties/Html/189.htm (accessed December

5, 2012).

Council of Europe. 2011. “Convention on Cybercrime”.

http://conventions.coe.int/treaty/en/Treaties/Html/185.htm (accessed October 24,

2011).

Council of Europe. 2013. “Convention on Cybercrime CETS No.: 185”.

http://conventions.coe.int/Treaty/Commun/ChercheSig.asp?NT=185&CM=8&D

F=&CL=ENG. 2013-04-01 (accessed April 1, 2013).

Cybersmart. 2013a. “About Cybersmart”.

http://www.cybersmart.gov.au/About%20Cybersmart.aspx (accessed March 28,

2013).

38
Cybersmart. 2013b. “Online help and reporting”.

http://www.cybersmart.gov.au/About%20Cybersmart/Online%20help%20and

%20reporting.aspx (accessed March 28, 2013).

Cybersmart. 2013c. “What is Cybersmart?”

http://www.cybersmart.gov.au/About%20Cybersmart/What%20is%20Cybersm

art.aspx (accessed March 28, 2013).

Cyberspace Law and Policy Centre. 2011. “About the Centre”.

http://www.cyberlawcentre.org/About_the_Centre.htm. (accessed November 2,

2011).

Electronic Frontiers Australia. 2013. “About EFA”. https://www.efa.org.au/about/

(accessed March 28, 2013).

Gercke, Marco. 2009. Understanding cybercrime: a guide for developing

countries. Geneva: International Telecommunication Union.

Goode, Sigi. 2007. “A Longitudinal Study of ISP Reactions to Australian Internet Content

Regulation Laws”. Australasian Journal of Information Systems, Vol. 13, No. 1, 58-77.

Government of South Australia Attorney-General’s Department South Australian

Legislation. 2013. “Summary Offences Act 1953”.

http://www.legislation.sa.gov.au/LZ/C/A/SUMMARY%20OFFENCES%20ACT

%201953/CURRENT/1953.55.UN.PDF (accessed March 14, 2013).

Government of Western Australia Department of the Premier and Cabinet State Law

Publisher. 2013. “Criminal Code Act Compilation Act 1913”.

http://www.slp.wa.gov.au/pco/prod/FileStore.nsf/Documents/MRDocument:2467

3P/$FILE/CrimCdActCompilationAct1913-17-a0-03.pdf?OpenElement

(accessed March 14, 2013).

Gragido, Will, Pirc, John & Rogers, Russ. 2011. Cybercrime and Espionage: An Analysis of

Subversive Multivector Threats. Rockland: Syngress Media.

Hinde, Stephen. 2003. “The law, cybercrime, risk assessment and cyber protection”.

39
 Computers and Security, 2, 90-94.

Kshetri, Nir. 2010. The Global Cybercrime Industry: Eeconomic, Institutional and Strategic

Perspectives. New York: Springer.

McQuade, Samuel C. 2009. Encyclopaedia of cybercrime. San Francisco: Greenwood

Press.

Model Criminal Code Officers Committee. 1998. Model Criminal Code Chapter 5 Non

Fatal Offences against the Person. Barton: Attorney-General's Department.

National Australia Bank. 2007. “NAB Funds Research to Fight Cybercrimes”.

http://www.nab.com.au/wps/wcm/connect/nab/nab/home/about_us/8/5/35/32?W

T.seg_1=SEBBB&WT.ac=SEBBB (accessed December 4, 2007).

National Australia Bank. 2013. “About Us”.

http://www.nab.com.au/wps/wcm/connect/nab/nab/home/About_Us/ (accessed

March 28, 2013).

New South Wales Government NSW Legislation. 2013. “Crimes Act 1900 No. 40”.

http://www.legislation.nsw.gov.au/inforcepdf/1900-40.pdf?id=12883ee5-2adc-4d1

4-da2d-b8c6272c8ab8 (accessed March 28, 2013).

Norton. 2013. “Cybercrime Report 2011”.

http://au.norton.com/cybercrimereport/promo (accessed March 28, 2013).

NSW Society for Computers and the Law. 2013. “About the Society”.

https://www.nswscl.org.au/ (accessed March 28, 2013).

Organisation for Economic Co-operation and Development. 1992. “OECD Guidelines for

the Security of Information System”.

http://www.oecd.org/internet/ieconomy/oecdguidelinesforthesecurityofinformati

onsystems1992.htm (accessed March 23, 2013).

Organisation for Economic Co-operation and Development. 2002. “Guidelines for the

security of information systems and networks: towards a culture of security”.

http://www.oecd.org/sti/ieconomy/15582260.pdf (accessed September 2, 2002).

40
Organisation for Economic Co-operation and Development. 2005. “The Promotion of a

Culture of Security for Information Systems and Networks in OECD Countries”.

http://www.oecd.org/internet/ieconomy/35884541.pdf (accessed December 16,

2005).

Queensland Government Queensland Legislation. 2013. “Criminal Code Act 1899”.

http://www.legislation.qld.gov.au/LEGISLTN/CURRENT/C/CriminCode.pdf

(accessed March 28, 2013).

Roth, Kate. 2010. “Implications for Virtual Worlds: A Comparative Study of United

Kingdom, United States and Australia on Network Readiness, Government

Investment and Cyber-security”. Journal of Virtual Worlds Research. Vol. 2, No. 5,

1-13.

Shinder, Debra Littlejohn & Cross, Michael. 2008. Scene of the Cybercrime. Rockland:

Syngress Media.

Smith, Russell. 2012. “Cybercrimes Research-Presentation by the Australian Institute of

Criminology”.

http://www.aic.gov.au/media_library/conferences/other/smith_russell/2011-09-fa

p.pdf (accessed June 20, 2012).

Stay Smart Online. 2013. “About”. http://www.staysmartonline.gov.au/about (accessed

March 28, 2013).

The Alannah and Madeline Foundation. 2013. “Young People and Technology-A Review of

the Current Literature”.

http://www.amf.org.au/Assets/Files/2ndEdition_Youngpeopleandtechnology_Lit

Review_June202009.pdf (accessed March 25, 2013).

Trusted Information Sharing Network. 2010. “Cyber Storm II Final Reports”.

www.tisn.gov.au/Documents/Cyber+Storm+II+Final+Reports.pdf (accessed June

23, 2010).

United Nations Office on Drugs and Crime. 2013. “Conclusions of the Study on effective

41
 measures to prevent and control high-technology and computer-related

crime——Report of the Secretary-General of United Nations”.

http://www.unodc.org/pdf/crime/10_commission/4e.pdf (accessed March 28,

2013).

University of South Australia. 2013. “Raymond Choo Homepage”.

http://www.unisanet.unisa.edu.au/staff/homepage.asp?name=Raymond.Choo#R

esearchPublications (accessed March 28, 2013).

Urbas, Gregor & Choo, Kim-Kwang Raymond. 2008. Resource materials on

technology-enabled crime. Canberra: Australian Institute of Criminology.

Victorian Legislation and Parliamentary Documents. 2013. “Crimes Act 1958”.

http://www.legislation.vic.gov.au/Domino/Web_Notes/LDMS/LTObject_Store/LT

ObjSt7.nsf/DDE300B846EED9C7CA257616000A3571/F0DAEBAA20DFCD11C

A257B0B00146ED4/$FILE/58-6231aa235%20authorised.pdf (accessed February

7, 2013).

Yar, Majid. 2006. Cybercrime and Society. London: SAGE Publications Limited.

卜安淳(Bu, Anchun)，2001，论网络犯罪及其防控，
《安徽大学学报》，第 1 期，第 105-112

页。

蒋小燕(Jiang, Xiaoyan)，2006，浅议网络犯罪的原因，
《湖北社会科学》，第 1 期，第 155-156

页。

劳拉·昆兰蒂罗 (Quarantiello, Laura)，王涌译，1999， 赛博犯罪——如何防范计算机

犯罪，南昌：江西教育出版社。

刘守芬(Liu, Shoufen)、孙晓芳(Sun, Xiaofang)，2001，论网络犯罪，

《北京大学学报(哲学

社会科学版)》，第 3 期，第 114-122 页。

罗冰眉(Luo, Bingmei)，2004，论网络犯罪与法律对策，《法律文献信息与研究》，第 1

期，第 12-18 页。

尼古拉斯·尼葛洛庞帝(Negroponte, Nicholas)，胡泳译，1997，数字化生存，海南：海

南出版社。

42
皮勇(Pi, Yong )，1998，略论网络上计算机犯罪与对策，
《法学评论》，第 1 期，第 83-85

页。

皮勇(Pi, Yong )，2005，网络犯罪比较研究，北京：中国人民公安大学出版社。

孙景仙(Sun, Jingxian)、安永勇(An, Yongyong)，2004，网络犯罪研究，上海：上海交通

大学出版社。

许秀中(Xu, Xiuzhong)，2003，网络与网络犯罪，北京：中信出版社。

张彦(Zhang, Yan)、 马立(Ma, Li)，2001，论网络犯罪及其社会控制，《江苏社会科学》，

第 5 期，第 127-132 页。

张宗亮(Zhang, Zongliang)，2003，全球化背景下的网络犯罪及其控制对策，《中国人民

公安大学学报》，第 4 期，第 91-97 页。

43