Cybersecurity Law - Legal "shield" of many countries in the world

Faced with the urgent challenge of ensuring freedom of information while fighting cyber attacks, countries around the world pay special attention to building a "shield" to deal with risks, including a strict legal system.

A wave of legislation and the establishment of cybersecurity regulatory or oversight bodies has been underway across many continents, aimed at protecting valuable databases.

Cyber ​​attacks are becoming common around the world. Illustration photo: Internet

America: The oldest and most secure security system in the world

On October 27, 2015, with 74 votes in favor and 21 votes against, the US Senate passed the Cybersecurity Information Sharing Act (CISA) bill to create a strong cyber defense system, despite opposition from technology giants and security activists.

In fact, in the US, acts considered illegal are clearly stated in the US Code of Laws such as identity theft, hacking into computer systems, violating intellectual property...

Recently, the federal government has also enacted laws with a number of new regulations on cybersecurity, and amended old regulations to ensure that cybersecurity is safer and more stringent, such as: Cybersecurity Enhancement Act; Federal Data Breach Notification Act; National Cybersecurity Enhancement Act amendments.

The United States is considered to have the oldest and safest security system in the world, but this country is also subject to cyber attacks. A typical example is the shocking incident when hackers broke into the system of Equifax, one of the three largest credit agencies in the United States in July 2017, stealing personal data of 145 million people, including important information such as social security numbers...

Activities inside a US network center. Photo: Internet

Germany: Certification of security standards

In July 2015, the German Parliament passed the Cybersecurity Law to better protect citizens and businesses in the digital age.

Germany's Cybersecurity Law requires companies and federal agencies to have minimum cybersecurity standards and to be certified by the Federal Office for Information Security (BSI). Companies must also notify the Office of suspected cyberattacks on their systems.

The law covers sectors considered to be national “critical infrastructure,” such as transportation, health care, water, telecommunications providers, as well as financial and insurance companies.

The new law contains specific provisions for Internet users, such as prohibiting plots to use violence to overthrow national security and prohibiting inciting criminal acts.

In addition, the new law requires telecommunications providers to warn customers when they are attacked by hackers, and providers must store data on access history for up to 6 months to serve investigations.

European Union (EU): Heavy fines when citizens' data is leaked

With huge data "stores", on May 9, the European Union (EU) began implementing its first Cybersecurity Law. Accordingly, businesses providing "essential" services such as water supply, energy, transportation, healthcare and banking must notify national authorities if they are seriously attacked by cyberattacks.

Cloud computing service providers, search engines and online e-commerce companies must also report cyber incidents or face heavy fines.

The provisions apply not only to organisations operating within the EU, but also to organisations processing the data of any EU resident. Regardless of physical location, if an EU citizen’s data is being processed, organisations must now comply with the regulation. Fines are also becoming more severe, and can total up to €20 million or 4% of annual turnover.

In the Asia-Pacific region, recent years have also witnessed a new wave of lawmaking as well as the establishment of agencies to regulate or monitor cyber security... Photo: Internet

Singapore: Expanding the scope of power for cybersecurity agency

Cybersecurity Bill submitted to Singapore Parliament on April 1, 2018,allows the country's Cyber ​​Security Agency to monitor and manage the country's cyber security.

The Cyber ​​Security Agency is empowered to take proactive measures to protect critical information infrastructure and respond quickly to threats and incidents. The Singapore government has listed 11 sectors as critical information infrastructure, including water, health, maritime, communications, information, energy and aviation.

Under the proposed Cybersecurity Bill, when a cyberattack occurs, the Cybersecurity Agency of Singapore will be allowed to conduct an investigation and the affected company or entity will have to share information with the agency within hours, failing which they will be fined up to S$100,000 ($72,220) or jailed for up to 10 years.

In addition, Singapore also signed a joint statement with Germany to strengthen cybersecurity cooperation between the two countries.

Thailand:Build strict internet censorship laws

On December 16, 2016, with 167 votes in favor and 5 abstentions, the Thai National Assembly unanimously passed the Computer Crime Law.

The Computer Crime Law provides for a penalty of up to five years in prison for those who post false information on computer systems with the aim of undermining national security, public safety, national economic stability or public infrastructure or causing panic.

And one of the special additions to the law is the creation of a five-member commission that can seek court approval to remove online content deemed to violate "public morality."

Thailand’s military government has banned protests, blocked dozens of websites and used its already strict internet censorship and defamation laws to prosecute critics for everything from Facebook comments to investigative reports of human rights abuses.

The Thai government also plans to spend more than 128 million baht (equivalent to 3 million USD) to equip social media monitoring technology. Accordingly, the social media data analysis system will track and store all data on social networks to analyze and monitor millions of people.

Thailand's Computer Crime Law provides for up to five years in prison for those who post false information on computer systems. Photo: Internet

Japan: Promoting intellectual property protection for businesses

Since November 2014, Japan has enacted the Basic Law on Cybersecurity. Accordingly, the government has developed a security strategy, as well as the Cybersecurity Strategy Command has been established under the Japanese Cabinet, with the aim of comprehensively and effectively promoting cybersecurity policies.

In the Land of the Rising Sun, intellectual property owned by small and medium-sized private enterprises, research and educational institutions is an important factor in improving Japan's international competitiveness. In order to promote cybersecurity volunteer activities of these enterprises and organizations, the government has introduced measures including: enhancing awareness and understanding of the important value of cybersecurity, consulting on cybersecurity, providing necessary information and advice.

Australia: Completing the legal basis on cyber security

Australia is a country with a relatively complete legal framework on cyber security, including: Law on Cybercrime; Law on Spam Email; Law on Telecommunications and Law on Privacy.

The Cybercrime Act provides comprehensive provisions for Internet and computer related offences such as unauthorized access, computer intrusion, data damage and obstruction of computer access, data theft, computer fraud, cyberstalking, harassment and possession of child pornography.

In February, Australia's Data Disclosure Act came into effect, imposing fines of up to AUD 360,000 for individuals and AUD 1.8 million for agencies and corporations involved in cybercrime.

The legislation also helps raise awareness of the need for cyber risk insurance, which has become the fastest growing commercial segment of Australia's insurance market.