Cyberspace Identity Theft Legal Perspective

Cyberspace identity theft, the stealing of personal information for fraud, theft, or other criminal purposes, is becoming increasingly widespread. Victims not only suffer financial losses but may also face legal consequences for crimes committed by the identity thief. Enabled by the Internet, such crimes can occur faster than traditional offenses and from anywhere in the world. Despite its prevalence, there is no comprehensive definition of cyberspace identity theft, making it difficult to identify, investigate, and prosecute. Issues such as jurisdiction, extradition, and evidence collection further complicate the legal response, particularly since cyberspace identity theft is not recognised as a crime in all jurisdictions.

Existing laws in the United Kingdom, Malaysia, and Iran were not originally designed for cyberspace identity theft but provide some framework to address it. The UK has enacted the Computer Misuse Act 1990, Identity Documents Act 2010, Theft Acts 1968 and 1978, and Fraud Act 2006. Malaysia relies on the Computer Crimes Act 1997 alongside the Penal Code, while Iran enacted the Computer Crimes Act 2009 and amended the Islamic Penal Code 1970 to cover cybercrime.

This book analyses cyberspace identity theft from legal perspectives, reviewing legislation and case law in these three countries. It highlights that while existing measures are reasonable, they remain insufficient to fully combat this evolving threat. The book argues that a multilateral approach is essential, with international agreements and harmonised domestic laws to ensure cooperation in investigation, evidence sharing, extradition, prosecution, and recognition of foreign judgments.