CJ 341A:  Cyberlaw & Cybercrime

Course Description

M. E. Kabay, PhD, CISSP-ISSMP,
Program Director, MSIA | School of Graduate Studies
FALL 2008

1      Course Description

The computer has become a common tool in crime. This course examines the nature and scope of cybercrime and the legal response to high-tech crime, including the challenges presented to legal frameworks. The lectures and readings identify and discuss core cybercrime issues and the prevailing legal authorities (statutes, regulations, policies) that address these issues. The course also examines developing trends in cybercrime and cyberlaw. Students learn about the global nature of computer crime and examine national and international laws, regulations and agreements that govern computer crime, including computer investigations, prosecution and defense. The course encourages analytical thinking and reasoning about computer crime topics and relevant legal issues so that students can identify, analyze, and solve problems in the continually emerging cybercrime and cyberlaw issues and trends. The course explores legal responses to cybercrime, including regulatory and law enforcement initiatives aimed at combating computer crime. Prerequisites include basic courses in computing and in criminal law.

Prerequisites: IS120 or IS130 and CJ201 or permission of instructors. (3 Credits)

2      Course Objectives

By the end of this course, students will be able to

• Identify and discuss the key laws and issues that relate to cybercrime and cyberspace, including laws governing attacks and motivation of attackers;
• Label and describe different types of high-tech crime such as unauthorized access, denial of service, child pornography, auction fraud, on-line gambling, securities fraud, identity theft, cyberstalking, spam, and defamation;
• Classify and discuss at a management level crimes of intellectual property involving patents, trade secrets, copyright, fair use, digital rights management, trademarks and domain names;
• Define the international crimes and laws relevant for computer crimes;
• Determine the evidentiary value of computer-related devices and media;
• Describe how to seize, preserve, protect and transport computer-related evidence in accordance with legal statutes and official guidelines;
• Intelligently discuss legal and policy issues relating to government surveillance and warrantless searches.

3      Course Schedule & Location

·         CJ 341A: Mondays, Wednesdays, and Fridays from 14:00:05 to 14:49:55 in Web 113.

·         CJ341B:  (Dr Stephenson) Tuesdays and Thursdays from 09:05:05 to 10:19:55 in Web 004

CJ341B STUDENTS ARE WELCOME TO PARTICIPATE IN CJ341A CLASSES AT ANY TIME AND CJ341A STUDENTS MAY ATTEND ANY CJ341B CLASS

4      Texts

• Burgunder, L. (2008). Legal Aspects of Managing Technology, Fourth Edition. Thomson West Legal Studies in Business (ISBN 0-324-39973-1). xv + 683. Index.
• Moore, R. (2005). Cybercrime:  Investigating High-Technology Computer Crime. Matthew Bender & Co. (ISBN 1-59345-303-5). xii + 258. Index.
• Clifford, R. D. (2006). Cybercrime:  The Investigation, Prosecution and Defense of a Computer-Related Crime, Second Edition. Carolina Academic Press (ISBN 1-59460-150-X). xii + 282. Index.

Additional readings will be assigned during class and made available on the course Web site at
< http://www.mekabay.com/courses/academic/norwich/cj341/index.htm >.

5      Method of Assessment

·         Closed-Book Review Quizzes:                        20%

o   Four announced closed-book quizzes testing fundamental concepts from about two weeks of material are scheduled throughout the semester as shown on the syllabus.

o   The quizzes will consist of five short-answer questions or ten multiple-choice questions to be completed in ten minutes.

o   Quizzes are intended to encourage review and to help prepare students for the mid-term exam and the final exam. They are not designed as onerous burdens on the students. There are no trick questions and short answers may be in point form rather than full sentences.

o   The schedule of the planned quizzes is in the class syllabus. Students from CJ341B may not take quizzes in CJ341A nor vice versa.

• Open-Book Midterm Exam:                15%     WEDNESDAY 8 OCT 2008
• 45-minute, open-book in-class exam covering the material to date.
• Materials permitted during open-book exams include only the assigned texts and student notes.
• Research Report:                                 25%
• Students will prepare a research report (4,000±500 words / 8 single-spaced pages) focusing on legal aspects of the subject matter of the course.
• Topics must be approved by the instructor by the indicated deadline (see Syllabus); duplicate topics are not authorized.
• See the Term Paper Guidelines for detailed instructions.
• Open-Book Final Exam:                     30%     SUNDAY 14 DEC 2008 15:30 WEBB 113
• Cumulative 2.5 hour, open-book final exam (see note in mid-term exam about materials permitted) administered during the official exam period.
• Presentation:                                       10%
• Students must prepare a ten-minute presentation on their report topic.
• The presentation schedule will be published in September after the topics are assigned through individual discussion with the instructor.

6      Extra-Credit Essays and Lectures

Students with a particular interest in the subject matter or those who wish to compensate for a poor grade in a quiz or in an exam may submit extra work for extra points added to their final grade throughout the semester. Extra-credit essays can earn up to one additional percentage point on the final grade for 500 words of completed expository writing on a suitable topic approved by the instructor and including at least three external reference sources to the current literature on cybercrime and cyberlaw. The maximum extra credit that will be registered in all for the entire course is 50% regardless of actual credit accumulation. Extra-credit essays must include references to extra readings (i.e., not the assigned readings and textbooks) and will be graded by the same standards as the term paper. Students should consult the instructor before embarking on large-scale extra-credit papers.

Students may also volunteer to deliver one of the instructor’s prepared lectures for a maximum of 5 extra points added to their final grade. Grading will be based on the thoroughness of the student lecturer’s preparation and ability to respond to questions from the class and from the instructor. Reading slides verbatim will result in immediate termination of the exercise.

7      Notes

• There will be no grading on a curve. There are no predetermined numbers of final letter grades.
• Review questions will be distributed to students throughout the term. These example questions will not limit the scope of actual exam questions, and are merely intended for exam preparation.
• Students are encouraged to study together but may not collaborate during exams. Students are individually responsible for all assigned readings, lecture, and discussion material, unless otherwise noted.
• In accordance with University regulations, students who miss more than three lectures without authorization or approval will be dropped from the course with an F grade. Students taking the Thursday class should note that each hour of the class counts as one lecture.

8      Cheating and Plagiarism

Students are graded on an individual basis and must therefore complete their own work. Students are reminded of the University’s Policy against cheating and plagiarism which is available in the Academic Rules & Regulations < http://www.norwich.edu/about/policy/academic/universityCatalog-academicRulesAndRegulations.pdf > in “Appendix I – Academic Dishonesty.” Paragraph 3 of that section reads as follows:

Plagiarism is the use of words, ideas, concepts, or work of another, without proper acknowledgment. The direct quotation of the words of another must be set off in quotation marks and acknowledged in a footnote or other acceptable form of citation. The use of paraphrased material, or the ideas, concepts, or work of another must also be acknowledged in a footnote or other acceptable form of citation. Acknowledging sources used in the preparation of an assignment solely in a bibliography does not constitute an acceptable acknowledgment of the words, ideas, concepts, or work of another used in the assignment. In any case where a student is found to have used plagiarized material, an academic penalty will be assessed.

Ignorance of the University’s Rules is not a valid defense against accusations of academic dishonesty. If in doubt as to what constitutes plagiarism, ask before submitting assignments. Instances of cheating and of plagiarism will be reported to the Academic Integrity Committee. Penalties include expulsion from the University.

9      Contact Information

Professor Kabay (mailto:mkabay@norwich.edu) is available at the School of Graduate Studies at 10 Depot Square in Northfield by appointment – which can consist simply of calling to see if he’s in and then coming to visit him.

Students are welcome to call him at (802) 479-7937 at any time (that number follows him from home office to cell phone to University office and can never disturb him); if necessary, leave a voice-mail message with a return number.

Instant messaging and video chats are available anytime you see these IDs online:

·         AIM: msiapd

·         Yahoo: mich_kabay

·         MSN: mekabay@gmail.com

·         ICQ: 460817550

·         Skype: mekabay

10 About your Instructor

M. E. Kabay began programming computers in assembly language in 1965. In 1976, he received his PhD from Dartmouth College in applied statistics and invertebrate zoology and taught biology, statistics and programming courses as a university professor in Canada and overseas. In 1979, he joined a compiler team for a new 4GL and RDBMS in the U.S. and then joined Hewlett-Packard Canada in 1980 as an operating systems and database performance specialist, winning the Systems Engineer of the Year Award in 1982. He earned his CISSP (Certified Information Systems Security Professional) designation in 1997. He served as Director of Education for the National Computer Security Association (NCSA, later ICSA and then TruSecure) from 1990 to 1999 and then worked with AtomicTangerine where he supported the International Institute for Information Integrity® (I-4®). Since 1986, he has published over 950 articles in operations management and security, written a college textbook on enterprise security (McGraw-Hill, 1996), and served as Technical Editor of the 4th Edition of the Computer Security Handbook (Wiley, 2002). He writes two security-management columns a week distributed by Network World and is working on the 5th Edition of the Computer Security Handbook which will be published in January 2009. He has been an invited lecturer at the United States War College, NATO HQ, and at NATO Counterintelligence training in Germany. He was inducted into the ISSA (Information Systems Security Association) Hall of Fame in December 2004 and earned his ISSMP (Information Systems Security Management Professional) designation in November 2005. Dr Kabay is Associate Professor of Information Assurance in the School of Business and Management at Norwich University, Northfield, VT 05663-1035 USA and currently the full-time Director of the Master's Program in Information Assurance in the School of Graduate Studies (SGS) where he is also the CTO (Chief Technical Officer) of the SGS.

Visit his Web site at < http://www2.norwich.edu/mkabay >

Course Web page
< http://www.mekabay.com/courses/academic/norwich/cj341/index.htm >

Network World article archive < http://www.networkworld.com/newsletters/sec/ >

—–