|Part of a series on|
|Legal aspects of computing|
Information technology law (also called "cyberlaw") concerns the law of information technology, including computing and the internet. It is related to legal informatics, and governs the digital dissemination of both (digitalized) information and software, information security and electronic commerce. aspects and it has been described as "paper laws" for a "paperless environment". It raises specific issues of intellectual property in computing and online, contract law, privacy, freedom of expression, and jurisdiction.
- 1 History
- 2 Areas of law
- 3 Jurisdiction
- 4 Internet law
- 5 The creation of privacy in U.S. Internet law
- 5.1 Warren and Brandeis
- 5.2 Reasonable Expectation of Privacy Test and emerging technology
- 5.3 Privacy Act of 1974
- 5.4 Foreign Intelligence Surveillance Act of 1978
- 5.5 (1986) Electronic Communication Privacy Act
- 5.6 (1994) Driver's Privacy Protection Act
- 5.7 (1999) Gramm-Leach-Bliley Act
- 5.8 (2002) Homeland Security Act
- 5.9 (2004) Intelligence Reform and Terrorism Prevention Act
- 6 Legal enactments – examples
- 7 Enforcement agencies
- 8 Quotations
- 9 See also
- 10 Notes
- 11 References
- 12 External links
The regulation of information technology, through computing and the internet evolved out of the development of the first publicly funded networks, such as ARPANET and NSFNET in the United States or JANET in the United Kingdom.
This section needs expansion. You can help by adding to it. (February 2018)
Areas of law
IT law does not constitute a separate area of law rather it encompasses aspects of contract, intellectual property, privacy and data protection laws. Intellectual property is an important component of IT law, including copyright, rules on fair use, and special rules on copy protection for digital media, and circumvention of such schemes. The area of software patents is controversial, and still evolving in Europe and elsewhere.
The related topics of software licenses, end user license agreements, free software licenses and open-source licenses can involve discussion of product liability, professional liability of individual developers, warranties, contract law, trade secrets and intellectual property.
In various countries, areas of the computing and communication industries are regulated – often strictly – by governmental bodies.
There are rules on the uses to which computers and computer networks may be put, in particular there are rules on unauthorized access, data privacy and spamming. There are also limits on the use of encryption and of equipment which may be used to defeat copy protection schemes. The export of hardware and software between certain states within the United States is also controlled.
There are laws governing trade on the Internet, taxation, consumer protection, and advertising.
There are laws on censorship versus freedom of expression, rules on public access to government information, and individual access to information held on them by private bodies. There are laws on what data must be retained for law enforcement, and what may not be gathered or retained, for privacy reasons.
In certain circumstances and jurisdictions, computer communications may be used in evidence, and to establish contracts. New methods of tapping and surveillance made possible by computers have wildly differing rules on how they may be used by law enforcement bodies and as evidence in court.
Computerized voting technology, from polling machines to internet and mobile-phone voting, raise a host of legal issues.
Some states limit access to the Internet, by law as well as by technical means.
Jurisdiction is an aspect of state sovereignty and it refers to judicial, legislative and administrative competence. Although jurisdiction is an aspect of sovereignty, it is not coextensive with it. The laws of a nation may have extraterritorial impact extending the jurisdiction beyond the sovereign and territorial limits of that nation. This is particularly problematic as the medium of the Internet does not explicitly recognize sovereignty and territorial limitations. There is no uniform, international jurisdictional law of universal application, and such questions are generally a matter of conflict of laws, particularly private international law. An example would be where the contents of a web site are legal in one country and illegal in another. In the absence of a uniform jurisdictional code, legal practitioners are generally left with a conflict of law issue.
Another major problem of cyberlaw lies in whether to treat the Internet as if it were physical space (and thus subject to a given jurisdiction's laws) or to act as if the Internet is a world unto itself (and therefore free of such restraints). Those who favor the latter view often feel that government should leave the Internet community to self-regulate. John Perry Barlow, for example, has addressed the governments of the world and stated, "Where there are real conflicts, where there are wrongs, we will identify them and address them by our means. We are forming our own Social Contract. This governance will arise according to the conditions of our world, not yours. Our world is different". A more balanced alternative is the Declaration of Cybersecession: "Human beings possess a mind, which they are absolutely free to inhabit with no legal constraints. Human civilization is developing its own (collective) mind. All we want is to be free to inhabit it with no legal constraints. Since you make sure we cannot harm you, you have no ethical right to intrude our lives. So stop intruding!" Other scholars argue for more of a compromise between the two notions, such as Lawrence Lessig's argument that "The problem for law is to work out how the norms of the two communities are to apply given that the subject to whom they apply may be in both places at once" (Lessig, Code 190).
With the internationalism of the Internet, jurisdiction is a much more tricky area than before, and courts in different countries have taken various views on whether they have jurisdiction over items published on the Internet, or business agreements entered into over the Internet. This can cover areas from contract law, trading standards and tax, through rules on unauthorized access, data privacy and spamming to more political areas such as freedom of speech, censorship, libel or sedition.
Certainly, the frontier idea that the law does not apply in "Cyberspace" is not true. In fact, conflicting laws from different jurisdictions may apply, simultaneously, to the same event. The Internet does not tend to make geographical and jurisdictional boundaries clear, but Internet users remain in physical jurisdictions and are subject to laws independent of their presence on the Internet. As such, a single transaction may involve the laws of at least three jurisdictions:
- the laws of the state/nation in which the user resides,
- the laws of the state/nation that apply where the server hosting the transaction is located, and
- the laws of the state/nation which apply to the person or business with whom the transaction takes place.
So a user in one of the United States conducting a transaction with another user in Britain through a server in Canada could theoretically be subject to the laws of all three countries as they relate to the transaction at hand.
In practical terms, a user of the Internet is subject to the laws of the state or nation within which he or she goes online. Thus, in the U.S., Jake Baker faced criminal charges for his e-conduct, and numerous users of peer-to-peer file-sharing software were subject to civil lawsuits for copyright infringement. This system runs into conflicts, however, when these suits are international in nature. Simply put, legal conduct in one nation may be decidedly illegal in another. In fact, even different standards concerning the burden of proof in a civil case can cause jurisdictional problems. For example, an American celebrity, claiming to be insulted by an online American magazine, faces a difficult task of winning a lawsuit against that magazine for libel. But if the celebrity has ties, economic or otherwise, to England, he or she can sue for libel in the British court system, where the standard of "libelous speech" is far lower.
Internet governance is a live issue in international fora such as the International Telecommunication Union (ITU), and the role of the current US-based co-ordinating body, the Internet Corporation for Assigned Names and Numbers (ICANN) was discussed in the UN-sponsored World Summit on the Information Society (WSIS) in December 2003
The law that regulates the Internet must be considered in the context of the geographic scope of the Internet and political borders that are crossed in the process of sending data around the globe. The unique global structure of the Internet raises not only jurisdictional issues, that is, the authority to make and enforce laws affecting the Internet, but also questions concerning the nature of the laws themselves.
In their essay "Law and Borders – The Rise of Law in Cyberspace", David R. Johnson and David G. Post argue that it became necessary for the Internet to govern itself and instead of obeying the laws of a particular country, "Internet citizens" will obey the laws of electronic entities like service providers. Instead of identifying as a physical person, Internet citizens will be known by their usernames or email addresses (or, more recently, by their Facebook accounts). Over time, suggestions that the Internet can be self-regulated as being its own trans-national "nation" are being supplanted by a multitude of external and internal regulators and forces, both governmental and private, at many different levels. The nature of Internet law remains a legal paradigm shift, very much in the process of development.
Leaving aside the most obvious examples of governmental content monitoring and internet censorship in nations like China, Saudi Arabia, Iran, there are four primary forces or modes of regulation of the Internet derived from a socioeconomic theory referred to as Pathetic dot theory by Lawrence Lessig in his book, Code and Other Laws of Cyberspace:
- Law: What Lessig calls "Standard East Coast Code", from laws enacted by government in Washington D.C. This is the most self-evident of the four modes of regulation. As the numerous United States statutes, codes, regulations, and evolving case law make clear, many actions on the Internet are already subject to conventional laws, both with regard to transactions conducted on the Internet and content posted. Areas like gambling, child pornography, and fraud are regulated in very similar ways online as off-line. While one of the most controversial and unclear areas of evolving laws is the determination of what forum has subject matter jurisdiction over activity (economic and other) conducted on the internet, particularly as cross border transactions affect local jurisdictions, it is certainly clear that substantial portions of internet activity are subject to traditional regulation, and that conduct that is unlawful off-line is presumptively unlawful online, and subject to traditional enforcement of similar laws and regulations.
- Architecture: What Lessig calls "West Coast Code", from the programming code of the Silicon Valley. These mechanisms concern the parameters of how information can and cannot be transmitted across the Internet. Everything from internet filtering software (which searches for keywords or specific URLs and blocks them before they can even appear on the computer requesting them), to encryption programs, to the very basic architecture of TCP/IP protocols and user interfaces falls within this category of mainly private regulation. It is arguable that all other modes of internet regulation either rely on, or are significantly affected by, West Coast Code.
- Norms: As in all other modes of social interaction, conduct is regulated by social norms and conventions in significant ways. While certain activities or kinds of conduct online may not be specifically prohibited by the code architecture of the Internet, or expressly prohibited by traditional governmental law, nevertheless these activities or conduct are regulated by the standards of the community in which the activity takes place, in this case internet "users". Just as certain patterns of conduct will cause an individual to be ostracized from our real world society, so too certain actions will be censored or self-regulated by the norms of whatever community one chooses to associate with on the internet.
- Markets: Closely allied with regulation by social norms, markets also regulate certain patterns of conduct on the Internet. While economic markets will have limited influence over non-commercial portions of the Internet, the Internet also creates a virtual marketplace for information, and such information affects everything from the comparative valuation of services to the traditional valuation of stocks. In addition, the increase in popularity of the Internet as a means for transacting all forms of commercial activity, and as a forum for advertisement, has brought the laws of supply and demand to cyberspace. Market forces of supply and demand also affect connectivity to the Internet, the cost of bandwidth, and the availability of software to facilitate the creation, posting, and use of internet content.
These forces or regulators of the Internet do not act independently of each other. For example, governmental laws may be influenced by greater societal norms, and markets affected by the nature and quality of the code that operates a particular system.
Another major area of interest is net neutrality, which affects the regulation of the infrastructure of the Internet. Though not obvious to most Internet users, every packet of data sent and received by every user on the Internet passes through routers and transmission infrastructure owned by a collection of private and public entities, including telecommunications companies, universities, and governments. This is turning into one of the most critical aspects of cyber Law and has immediate jurisdictional implications, as laws in force in one jurisdiction have the potential to have dramatic effects in other jurisdictions when host servers or telecommunications companies are affected. Very recently, Netherlands became the first country in Europe and the second in the world, after Chile to pass law relating to it. In U.S, on 12 March 2015, the FCC released the specific details of its new net neutrality rule.And on 13 April 2015, the FCC published the final rule on its new regulations
Free speech on the Internet
In comparison to traditional print-based media, the accessibility and relative anonymity of cyber space has torn down traditional barriers between an individual and his or her ability to publish. Any person with an internet connection has the potential to reach an audience of millions. These complexities have taken many forms, three notable examples being the Jake Baker incident, in which the limits of obscene Internet postings were at issue, the controversial distribution of the DeCSS code, and Gutnick v Dow Jones, in which libel laws were considered in the context of online publishing. The last example was particularly significant because it epitomized the complexities inherent to applying one country's laws (nation-specific by definition) to the internet (international by nature). In 2003, Jonathan Zittrain considered this issue in his paper, "Be Careful What You Ask For: Reconciling a Global Internet and Local Law".
In many countries, speech through cyberspace has proven to be another means of communication which has been regulated by the government. The "Open Net Initiative", whose mission statement is "to investigate and challenge state filtration and surveillance practices" to "...generate a credible picture of these practices," has released numerous reports documenting the filtration of internet-speech in various countries. While China has thus far proven to be the most rigorous in its attempts to filter unwanted parts of the internet from its citizens, many other countries – including Singapore, Iran, Saudi Arabia, and Tunisia – have engaged in similar practices of Internet censorship. In one of the most vivid examples of information control, the Chinese government for a short time transparently forwarded requests to the Google search engine to its own, state-controlled search engines.
These examples of filtration bring to light many underlying questions concerning the freedom of speech. For example, does the government have a legitimate role in limiting access to information? And if so, what forms of regulation are acceptable? For example, some argue that the blocking of "blogspot" and other websites in India failed to reconcile the conflicting interests of speech and expression on the one hand and legitimate government concerns on the other hand.
The creation of privacy in U.S. Internet law
The examples and perspective in this section deal primarily with USA and do not represent a worldwide view of the subject. (June 2017) (Learn how and when to remove this template message)
Warren and Brandeis
At the close of the 19th century, concerns about privacy captivated the general public, and led to the 1890 publication of Samuel Warren and Louis Brandeis: "The Right to Privacy". The vitality of this article can be seen today, when examining the USSC decision of Kyllo v. United States, 533 U.S. 27 (2001) where it is cited by the majority, those in concurrence, and even those in dissent.
The motivation of both authors to write such an article is heavily debated amongst scholars, however, two developments during this time give some insight to the reasons behind it. First, the sensationalistic press and the concurrent rise and use of "yellow journalism" to promote the sale of newspapers in the time following the Civil War brought privacy to the forefront of the public eye. The other reason that brought privacy to the forefront of public concern was the technological development of "instant photography". This article set the stage for all privacy legislation to follow during the 20 and 21st centuries.
Reasonable Expectation of Privacy Test and emerging technology
In 1967, the United States Supreme Court decision in Katz v United States, 389 U.S. 347 (1967) established what is known as the Reasonable Expectation of Privacy Test to determine the applicability of the Fourth Amendment in a given situation. It should be noted that the test was not noted by the majority, but instead it was articulated by the concurring opinion of Justice Harlan. Under this test, 1) a person must exhibit an "actual (subjective) expectation of privacy" and 2) "the expectation [must] be one that society is prepared to recognize as 'reasonable'".
Privacy Act of 1974
Inspired by the Watergate scandal, the United States Congress enacted the Privacy Act of 1974 just four months after the resignation of then President Richard Nixon. In passing this Act, Congress found that "the privacy of an individual is directly affected by the collection, maintenance, use, and dissemination of personal information by Federal agencies" and that "the increasing use of computers and sophisticated information technology, while essential to the efficient operations of the Government, has greatly magnified the harm to individual privacy that can occur from any collection, maintenance, use, or dissemination of personal information".
Foreign Intelligence Surveillance Act of 1978
Codified at 50 U.S.C. §§ 1801-1811, this act establishes standards and procedures for use of electronic surveillance to collect "foreign intelligence" within the United States. §1804(a)(7)(B). FISA overrides the Electronic Communications Privacy Act during investigations when foreign intelligence is "a significant purpose" of said investigation. 50 U.S.C. § 1804(a)(7)(B) and §1823(a)(7)(B). Another interesting result of FISA, is the creation of the Foreign Intelligence Surveillance Court (FISC). All FISA orders are reviewed by this special court of federal district judges. The FISC meets in secret, with all proceedings usually also held from both the public eye and those targets of the desired surveillance.
For more information see: Foreign Intelligence Act
(1986) Electronic Communication Privacy Act
The ECPA represents an effort by the United States Congress to modernize federal wiretap law. The ECPA amended Title III (see: Omnibus Crime Control and Safe Streets Act of 1968) and included two new acts in response to developing computer technology and communication networks. Thus the ECPA in the domestic venue into three parts: 1) Wiretap Act, 2) Stored Communications Act, and 3) The Pen Register Act.
- Types of Communication
- Wire Communication: Any communication containing the human voice that travels at some point across a wired medium such as radio, satellite or cable.
- Oral Communication:
- Electronic Communication
- Types of Communication
(1994) Driver's Privacy Protection Act
The DPPA was passed in response to states selling motor vehicle records to private industry. These records contained personal information such as name, address, phone number, SSN, medical information, height, weight, gender, eye color, photograph and date of birth. In 1994, Congress passed the Driver's Privacy Protection (DPPA), 18 U.S.C. §§ 2721-2725, to cease this activity.
For more information see: Driver's Privacy Protection Act
(1999) Gramm-Leach-Bliley Act
-This act authorizes widespread sharing of personal information by financial institutions such as banks, insurers, and investment companies. The GLBA permits sharing of personal information between companies joined together or affiliated as well as those companies unaffiliated. To protect privacy, the act requires a variety of agencies such as the SEC, FTC, etc. to establish "appropriate standards for the financial institutions subject to their jurisdiction" to "insure security and confidentiality of customer records and information" and "protect against unauthorized access" to this information. 15 U.S.C. § 6801
For more information see: Gramm-Leach-Bliley Act
(2002) Homeland Security Act
For more information see: Homeland Security Act
(2004) Intelligence Reform and Terrorism Prevention Act
-This Act mandates that intelligence be "provided in its most shareable form" that the heads of intelligence agencies and federal departments "promote a culture of information sharing." The IRTPA also sought to establish protection of privacy and civil liberties by setting up a five-member Privacy and Civil Liberties Oversight Board. This Board offers advice to both the President of the United States and the entire executive branch of the Federal Government concerning its actions to ensure that the branch's information sharing policies are adequately protecting privacy and civil liberties.
For more information see: Intelligence Reform and Terrorism Prevention Act
Legal enactments – examples
The Computer Misuse Act 1990 enacted by Great Britain on 29 June 1990, and which came into force on 29 August 1990, is an example of one of the earliest of such legal enactments. This Act was enacted with an express purpose of making "provision for securing computer material against unauthorized access or modification." Certain major provisions of the Computer Misuse Act 1990 relate to:
- "unauthorized access to computer materials",
- "unauthorized access with intent to commit or facilitate the commission of further offences", and
- "unauthorized modification of computer material."
The impact of the Computer Misuse Act 1990 has been limited and with the adoption of the Council of Europe adopts its Convention on Cyber-Crime, it has been indicated that amending legislation would be introduced in parliamentary session 2004–05 in order to rectify possible gaps in its coverage, which are many.
The CMA 1990 has many weaknesses; the most notable is its inability to cater for, or provide suitable protection against, a host of high tech attacks/crimes which have become more prevalent in the last decade. Certain attacks such as DDOS and BOTNET attacks can not be effectively brought to justice under the CMA. This act has been under review for a number of years. Computer crimes such as electronic theft are usually prosecuted in the UK under the legislation that caters for traditional theft (Theft Act 1968), because the CMA is so ineffective.
An example of information technology law is India's Information Technology Act, 2000, which was substantially amended in 2008. The IT Act, 2000 came into force on 17 October 2000. This Act applies to whole of India, and its provisions also apply to any offense or contravention, committed even outside the territorial jurisdiction of Republic of India, by any person irrespective of his nationality. In order to attract provisions of this Act, such an offence or contravention should involve a computer, computer system, or computer network located in India. The IT Act 2000 provides an extraterritorial applicability to its provisions by virtue of section 1(2) read with section 75. This Act has 90 sections.
India's The Information Technology Act 2000 has tried to assimilate legal principles available in several such laws (relating to information technology) enacted earlier in several other countries, as also various guidelines pertaining to information technology law. The Act gives legal validity to electronic contracts, recognition of electronic signatures. This is a modern legislation which makes acts like hacking, data theft, spreading of virus, identity theft, defamation (sending offensive messages) pornography, child pornography, cyber terrorism, a criminal offence. The Act is supplemented by a number of rules which includes rules for, cyber cafes, electronic service delivery, data security, blocking of websites. It also has rules for observance of due diligence by internet intermediaries (ISP's, network service providers,cyber cafes, etc.). Any person affected by data theft, hacking, spreading of viruses can apply for compensation from Adjudicator appointed under Section 46 as well as file a criminal complaint. Appeal from adjudicator lies to Cyber Appellate Tribunal.
- In February 2001, in one of the first cases, the Delhi police arrested two men running a web-hosting company. The company had shut down a website over non-payment of dues. The owner of the site had claimed that he had already paid and complained to the police. The Delhi police had charged the men for hacking under Section 66 of the IT Act and breach of trust under Section 408 of the Indian Penal Code. The two men had to spend 6 days in Tihar jail waiting for bail. Bhavin Turakhia, chief executive officer of directi.com, a webhosting firm said that this interpretation of the law would be problematic for web-hosting companies.
- In September 2010, a freelance cartoonist Aseem Trivedi was arrested under Section 66A of the IT Act, Section 2 of Prevention of Insults to National Honour Act, 1971 and for sedition under the Section 124 of the Indian Penal Code. His cartoons depicting widespread corruption in India were considered offensive.
- On 12 April 2012, a Chemistry professor from Jadavpur University, Ambikesh Mahapatra, was arrested for sharing a cartoon of West Bengal Chief Minister Mamata Banerjee and then Railway Minister Mukul Roy. The email was sent from the email address of a housing society. Subrata Sengupta, the secretary of the housing society, was also arrested. They were charged under Section 66A and B of the IT Act, for defamation under Sections 500, for obscene gesture to a woman under Section 509, and abetting a crime under Section 114 of the Indian Penal Code.
- On 30 October 2012, a Puducherry businessman Ravi Srinivasan was arrested under Section 66A. He had sent tweet accusing Karti Chidambaram, son of then Finance Minister P. Chidambaram, of corruption. Karti Chidambaram had complained to the police.
- On 19 November 2012, a 21-year-old girl was arrested from Palghar for posting a message on Facebook criticising the shutdown in Mumbai for the funeral of Bal Thackeray. Another 20-year-old girl was arrested for "liking" the post. They were initially charged under Section 295A of the Indian Penal Code (hurting religious sentiments) and Section 66A of the IT Act. Later, Section 295A was replaced by Section 505(2) (promoting enmity between classes). A group of Shiv Sena workers vandalised a hospital run by the uncle of one of girls. On 31 January 2013, a local court dropped all charges against the girls.
- On 18 March 2015, a teenaged boy was arrested from Bareilly, Uttar Pradesh, for making a post on Facebook insulting politician Azam Khan. The post allegedly contained hate speech against a community and was falsely attributed to Azam Khan by the boy. He was charged under Section 66A of the IT Act, and Sections 153A (promoting enmity between different religions), 504 (intentional insult with intent to provoke breach of peace) and 505 (public mischief) of Indian Penal Code. After the Section 66A was repealed on 24 March, the state government said that they would continue the prosecution under the remaining charges.
Digital evidence collection and cyber forensics remain at a very nascent stage in India with few experts and less than adequate infrastructure. In recent cases, Indian Judiciary has recognized that tampering with digital evidence is very easy.
Many Asian and Middle Eastern nations use any number of combinations of code-based regulation (one of Lessig's four methods of net regulation) to block material that their governments have deemed inappropriate for their citizens to view. PRC, Saudi Arabia and Iran are three examples of nations that have achieved high degrees of success in regulating their citizens' access to the Internet.
Electronic signature laws
- Australia – Electronic Transactions Act 1999 (Cth) (also note that there is State and Territory mirror legislation)
- Costa Rica – Digital Signature Law 8454 (2005)
- European Union – Electronic Signature Directive (1999/93/EC)
- Mexico – E-Commerce Act 
- U.S. – Digital Signature And Electronic Authentication Law
- U.S. – Electronic Signatures in Global and National Commerce Act (ESIGN)
- U.S. – Government Paperwork Elimination Act (GPEA)
- U.S. – Uniform Commercial Code (UCC)
- U.S. – Uniform Electronic Transactions Act – adopted by 46 states
- UK – s.7 Electronic Communications Act 2000
Information technology law
- Florida Electronic Security Act
- Illinois Electronic Commerce Security Act
- Texas Penal Code – Computer Crimes Statute
- Maine Criminal Code – Computer Crimes
- Singapore Electronic Transactions Act
- Malaysia Computer Crimes Act
- Malaysia Digital Signature Act
- UNCITRAL Model Law on Electronic Commerce
- Information Technology Act 2000 of India
- Thailand Computer Crimes Act B.E.2550
Information Technology Guidelines
- ABA Digital Signature Guidelines
- United States Office of Management and Budget
The Information Technology Laws of various countries, and / or their criminal laws generally stipulate enforcement agencies, entrusted with the task of enforcing the legal provisions and requirements.
United States Federal Agencies
Over 25 U.S. federal agencies have regulations concerning the use of digital and electronic signatures.
A live example of such an enforcement agency is Cyber Crime Police Station, Bangalore, India's first exclusive Cyber Crime enforcement agency.
- Other examples of such enforcement agencies include:
- Cydf Crime Investigation Cell of India's Mumbai Police.
- Cyber Crime Police Station of the state Government of Andhra Pradesh, India. This Police station has jurisdiction over the entire state of Andhra Pradesh, and functions from the Hyderabad city.
- In South India, the Crime Branch of Criminal Investigation Department, in Tamil Nadu, India, has a Cyber Crime Cell at Chennai.
- In East India, Cyber Crime Cells have been set up by the Kolkata Police as well as the Criminal Investigation Department, West Bengal.
- "In Cyberspace, the First Amendment is a local ordinance."
— John Perry Barlow, quoted by Mitchell Kapor in the foreword to The Big Dummy's Guide to the Internet
- "National borders aren't even speed bumps on the information superhighway."
— Tim May, signature, from 1996
- Berkman Center for Internet & Society
- Bernstein v. United States and Junger v. Daley – on free speech protection of software
- Computer forensics
- Computer crime
- Cultural lag
- Data localization
- Digital Millennium Copyright Act (DMCA)
- Electronic Communications Privacy Act
- Export of cryptography
- Glossary of legal terms in technology
- Software patent debate
- Universal v. Reimerdes – test of DMCA
- Ouellette v. Viacom International Inc. (DMCA and ADA)
- Wassenaar Arrangement
- Doe v. 2themart.com Inc. – First Amendment right to speak anonymously
- United States v. Ivanov – Applying United States cyber-law to a foreign national operating outside the US
Centers and groups for the study of cyberlaw and related areas
- Berkman Center for Internet and Society at Harvard Law School
- Centre for Internet and Society, in Bangalore, India.
- Institute for Information, Telecommunication and Media Law in Münster, Germany
- Institute of Space and Telecommunications Law (IDEST) at University of Paris-Sud, Master's degree in Space Activities and Telecommunications Law
- Norwegian Research Center for Computers and Law
- Stanford Center for Internet and Society, at Stanford Law School
Topics related to cyberlaw
- Copyright, especially the Digital Millennium Copyright Act in the United States, and similar laws in other countries
- Cyber defamation law
- Digital Rights Management
- Intellectual property
- Internet censorship
- Stop Online Piracy Act
- The Law of Cyber-Space (book)
Conferences related to cyberlaw
- State of Play, a conference series put on by the Institute for Information Law & Policy at New York Law School, concerning the intersection of virtual worlds, games and the law.
- A Murray, Information Technology Law: The Law and Society (3rd edn 2016)
- Computer Law: Drafting and Negotiating Forms and Agreements, by Richard Raysman and Peter Brown. Law Journal Press, 1999–2008. ISBN 978-1-58852-024-1
- Barlow, John P. "A Declaration of the Independence of Cyberspace".
- "An Introduction to Cybersecession".
- Trout, B. (2007). "Cyber Law: A Legal Arsenal For Online Business", New York: World Audience, Inc.
- Emerging Technologies and the Law: Forms and Analysis, by Richard Raysman, Peter Brown, Jeffrey D. Neuburger and William E. Bandon, III. Law Journal Press, 2002-2008. ISBN 1-58852-107-9
- "Law and Borders - The Rise of Law in Cyberspace". Cli.org. Archived from the original on 2008-05-07. Retrieved 2013-11-05.
- Zittrain, Jonathan (2003). "Be Careful What You Ask For: Reconciling a Global Internet and Local Law". SSRN .
- Gibson, Owen (March 23, 2006). "Warning to chatroom users after libel award for man labelled a Nazi". The Guardian.
- Myers KS (Fall 2006). "Wikimmunity: Fitting the Communications Decency Act to Wikipedia". Harvard Journal of Law & Technology. 20: 163. SSRN .
- "opennetinitiative.net". opennetinitiative.net. Retrieved 2012-01-17.
- "All Content related to China". OpenNet Initiative.
- Free Speech Implications Of Blocking Blog Posts In India, taken from Aaron Kelly Internet Law Firm, Retrieved December 05, 2011.
- Warren & Louis Brandeis, The Right to Privacy , 4 Harv. L. Rev. 193 (1890)
- Solove, D.,Schwartz, P.. (2009). Privacy, Information, and Technology. (2nd Ed.). New York, NY: Aspen Publishers. ISBN 978-0-7355-7910-1.
- "[ARCHIVED CONTENT] Internet Crime - The Computer Misuse Act 1990". Homeoffice.gov.uk. Archived from the original on 2005-03-01. Retrieved 2012-01-17.
- "Cyber crime that wasn't?". Rediff. 19 February 2001. Retrieved 14 April 2015.
- Section 66A: Punishment for sending offensive messages through communication service, etc.
- "'If Speaking The Truth Is Sedition, Then I Am Guilty'". Outlook India. 10 September 2010. Retrieved 14 April 2015.
- "Indian cartoonist Aseem Trivedi jailed after arrest on sedition charges". The Guardian. 10 September 2010. Retrieved 14 April 2015.
- "Professor arrested for poking fun at Mamata". Hindustan Times. 14 April 2012. Retrieved 14 April 2015.
- "Cartoon a conspiracy, prof an offender: Mamata". Hindustan Times. 13 April 2012. Retrieved 14 April 2015.
- "Arrest over tweet against Chidambaram's son propels 'mango man' Ravi Srinivasan into limelight". India Today. 2 November 2012. Retrieved 14 April 2015.
- "Mumbai shuts down due to fear, not respect". The Hindu. 19 November 2012. Retrieved 23 April 2015.
- "FB post: 10 Sainiks arrested for hospital attack". The Hindu. 20 November 2012. Retrieved 23 April 2015.
- "Facebook row: Court scraps charges against Palghar girls". The Hindu. 31 January 2013. Retrieved 23 April 2015.
- "Teen arrested for Facebook post attributed to Azam Khan gets bail". The Times of India. 19 March 2015. Retrieved 6 May 2015.
- "UP tells SC that prosecution on boy for post against Azam Khan will continue". The Indian Express. 24 April 2015. Retrieved 6 May 2015.
- Sahu, Saswati Soumya. "Cyber Forensics: law and practice in India". ipleaders.in. iPleaders. Retrieved 6 December 2014.
- Bera, Poonam. "Presentation of electronic evidence in court in light of the Supreme Court judgment in Anvar P. K. vs. P.K Basheer & ors. Read more: Presentation of electronic evidence in court in light of the Supreme Court judgment in Anvar P. K. vs. P.K Basheer & ors." ipleaders.in. iPleaders. Retrieved 6 December 2014.
- "All Content related to Saudi Arabia". OpenNet Initiative.
- "Federal Agency Digital and Electronic Signature Regulations". Isaacbowman.com. 2009-03-16. Retrieved 2012-01-17.
- "cyberpolicebangalore.nic.in". cyberpolicebangalore.nic.in. Retrieved 2012-01-17.
-  Archived December 6, 2004, at the Wayback Machine.
- A Murray, Information Technology Law: The Law and Society (3rd edn 2016)
- Code and Other Laws of Cyberspace, The Future of Ideas, and Free Culture by Lawrence Lessig
- Cyber Rights by Mike Godwin
- E-Commerce and Internet Law: Treatise with Forms 2d edition, by Ian C. Ballon
- Information Technology Law India - Bare Act
- University of Geneva (Switzerland), Law School - Internet Law
- Berkman Center for Internet & Society at Harvard Law School
- Greplaw is a news and discussion site for legal and computing issues.
- The Electronic Frontier Foundation works for individuals' rights.
- Text of the United States' Security And Freedom through Encryption (SAFE) Act.
- US Department of Justice - Cyber crimes
- Indian Portal on Cyber Law
- Computer Crime Research Center
- Computer Forensics World
- "Model Information Technology Contract Terms and Systems Implementation Contracts in Europe" . European Newsletter, June 2006 Lestrade, K.OSt.J., SJDr, Dr. Edward
- India Articles on Cyber Crime & Cyber Law
- HC admits cyberporn complaint as PIL (Times of India, July 13, 2001)
- Cyberporn panel set up, HC wants minors protected, Sunil Thacker invited as a special invitee (Times of India, September 30, 2001)
- Cyber Law Complete Information
- Articles on Romanian Cyberlaw
- Stanford Law School Cyberlaw Clinic
- Santa Clara University School of Law Tech LawForum
- Cybertelecom: Federal Internet Policy
- Internet Library of Law and Court Decisions
- Global Cyber Law Database
- Cyber Law World
- Computer Crime Research Center
- Borders on, or border around – the future of the Internet
- Thailand Computer Crimes Act B.E.2550 (2007)
- Internet Law Resources