التداعيات القانونية للعصر الرقمي :التحديات القانونية للخطر السيبراني على المعاملات  التجارية: التداعيات القانونية للعصر الرقمي :التحديات القانونية للخطر السيبراني على المعاملات  التجارية

Alaa Hussein Ali; Wurood Khalid Mohameed; Mahmood Shaker Alaloosh

doi:10.33102/mjsl.vol13no2.1036

Authors

Alaa Hussein Ali Faculty of Law, University of Anbar, Ramadi 31001, Anbar Governorate, Iraq https://orcid.org/0000-0002-0237-3009
Wurood Khalid Mohameed Faculty of Law, University of Anbar, Ramadi 31001, Anbar Governorate, Iraq https://orcid.org/0000-0003-1194-0893
Mahmood Shaker Alaloosh Faculty of Management and Economics, University of Kirkuk, Kirkuk 36001, Kirkuk Governorate, Iraq https://orcid.org/0009-0002-7153-2496

DOI:

https://doi.org/10.33102/mjsl.vol13no2.1036

Keywords:

Cyber risk, cybersecurity, electronic commercial transactions, cyber risk insurance, al-khaṭar as-sībirānī, al-amn as-sībirānī, al-muʿāmalāt at-tijārīyah al-iliktrūnīyah, at-taʾmīn ʿalā al-makhāṭir as-sībirānīyah

Abstract

Cyber risk has become one of the most prominent threats facing modern societies, as attackers rely on cyberspace to carry out illegal cyber-attacks targeting sensitive data and information. These attacks, which are increasing with the digital transformation and the spread of electronic commercial transactions, pose significant challenges in both cybersecurity and legal domains. While cyber risk differs from traditional risks by being intangible and invisible, its impact can be widespread on individuals, companies, and institutions. This research aims to shed light on the legal challenges associated with cyber risk and its impact on electronic commercial transactions. The study addresses how to confront these challenges by analyzing the available legal mechanisms and exploring solutions that may mitigate the effects of cyber-attacks. It also focuses on the importance of enhancing cybersecurity, which is a fundamental means to protect information and commercial transactions in the digital age, emphasizing the need to provide both technical and human resources to achieve it. The research employed a descriptive and analytical approach to study the phenomenon of "cyber risk", define its dimensions, and explore ways to address it. Additionally, the concept of "cybersecurity" was analyzed from multiple perspectives, including the technical and legal challenges that hinder its effective realization. The study arrived at several important findings, including that cyber risk constitutes an invisible threat that is often discovered after a certain period, making it more difficult to counteract. Achieving cybersecurity requires significant human and technical resources to minimize these attacks. Moreover, the study pointed out the difficulties faced by insurance companies in dealing with cyber risk insurance, as they have cautiously begun insuring it due to its complexities. The study recommended several proposals to combat cyber risk, including the development of national cybersecurity strategies, strengthening the infrastructure of information and communication systems, and raising awareness among individuals and companies about the importance of cybersecurity and the necessity of using technology safely and effectively.

ملخص البحث

أصبح الخطر السيبراني من أبرز التهديدات التي تواجه المجتمعات الحديثة، حيث يعتمد المهاجمون على الفضاء السيبراني لتنفيذ هجمات إلكترونية غير قانونية تستهدف البيانات والمعلومات الحساسة. هذه الهجمات، التي تتزايد مع التحول الرقمي وانتشار المعاملات التجارية الإلكترونية، تشكل تحديًا كبيرًا في مجالات الأمن السيبراني والقانوني على حد سواء. ومع أن الخطر السيبراني يختلف عن المخاطر التقليدية بكونه غير ملموس وغير مرئي، فإن تأثيره يمكن أن يكون واسع النطاق على الأفراد والشركات والمؤسسات. يهدف هذا البحث إلى تسليط الضوء على التحديات القانونية المرتبطة بالخطر السيبراني وتأثيره على المعاملات التجارية الإلكترونية. يتناول البحث كيفية مواجهة هذه التحديات من خلال تحليل الآليات القانونية المتاحة والبحث عن حلول يمكن أن تقلل من تأثير الهجمات السيبرانية. كما يركز على أهمية تعزيز الأمن السيبراني، الذي يشكل وسيلة أساسية لحماية المعلومات والمعاملات التجارية في العصر الرقمي، مع التأكيد على ضرورة توفير الموارد التقنية والبشرية لتحقيقه. اعتمد البحث على المنهج الوصفي والتحليلي في دراسة ظاهرة "الخطر السيبراني" وتحديد أبعاده وسبل التصدي له. كما تم تحليل مفهوم "الأمن السيبراني" من جوانب متعددة، بما في ذلك التحديات التقنية والقانونية التي تعيق تحقيقه بفعالية. توصلت الدراسة إلى عدة نتائج مهمة، منها أن الخطر السيبراني يشكل تهديدًا غير مرئي يكتشف بعد مرور وقت معين على حدوثه، مما يزيد من صعوبة التصدي له. كما أن تحقيق الأمن السيبراني يحتاج إلى موارد بشرية وتقنية كبيرة للحد من تلك الهجمات. بالإضافة إلى ذلك، أشارت الدراسة إلى الصعوبات التي تواجه شركات التأمين في التعامل مع التأمين على المخاطر السيبرانية، حيث بدأت هذه الشركات تدريجيًا في التأمين عليه بحذر، نظرًا لتعقيداته. أوصت الدراسة بعدة مقترحات للتصدي للخطر السيبراني، منها وضع استراتيجيات وطنية للأمن السيبراني، وتعزيز البنى التحتية لنظم المعلومات والاتصالات، ونشر الوعي بين الأفراد والشركات حول أهمية الأمن السيبراني وضرورة استخدام التكنولوجيا بشكل آمن وفعال.

Downloads

Download data is not yet available.

References

Abdul Hamid, E. E. D. M. K. (2023). Cyber-attacks on smart city: Infrastructure, legal challenges and confrontation strategy. Dirasat: Shari'a and Law Sciences, 50(3), 54–70. https://doi.org/10.35516/law.v50i3.2864

Abdullah, M. B. G. (2023). Tatbiqat qaidat "al-darar yuzal" fi majal al-amn al-siberani: Applications of the principle "harm must be removed" in cybersecurity. Mujallat al-Ibrahimi lil-Adab wa al-Ulum al-Insaniyah, 5(2), 130-154.

Addan, N. (2012). Al-aliyat al-qanuniyah li-muwajahat tahadiyat al-fada’ al-siberani – Al-Jaza’ir namuthajan: Legal mechanisms to combat cyber space challenges: Algeria as a model. Mujallat al-Jazā’iriyah lil-ʿUlūm al-Siyāsiyyah wa al-ʿIlāqāt al-Duwaliyah, 5(1), 8-24.

Adriano, L. (2022, November 8). “Zurich, Mondelez settle longstanding lawsuit over $100 million claim: Suit alleged that the insurer had failed to honor its promises”. Cyber. https://www.csoonline.com/article/3661898/zurich-mondelez-settle-longstanding-lawsuit-over-100-million-claim.html

Akoush, S. (2022). Al-aliyat al-qanuniyah wa al-taqniyah li-muwajahat al-makhatir al-tiknolojiyah: Bitaqat al-aitiman namuthajan: Legal and technical mechanisms to combat technological risks: Credit cards as a model. Majallat al-Ulum al-Qanuniyah wa al-Ijtima’iyah, 7(1), 400-411.

Alexis, K. (2020, December 22). “Tesla whistleblower ordered to pay $400,000 and destroy leaked information”. Yahoo Finance. https://finance.yahoo.com/news/martin-tripp-settlement-with-tesla-160512420.html

Al-Fatlawi, A. O. (2016). Al-hajamat al-siberaniya: Mafhumha wa al-mas’uliyah al-duwaliyah al-nashia anha fi dhaw’ al-tanzim al-duwali al-muasir: Cyberattacks: Their concept and emerging international responsibility under contemporary international regulations. Majallat al-Muhakkik al-Hilli lil-Ulum al-Qanuniyah wa al-Siyasiyah, 4, 211-224.

Amazon Web Services. (n.d.). “Amazon web services”. Amazon. https://aws.amazon.com/

Amoroso, E. G. (2007). Cybersecurity. S. Press.

Aschi, M., Bonura, S., Masi, N., Messina, D., & Profeta, D. (2023, March 4). Cybersecurity and fraud detection in financial transactions. In Big data and artificial intelligence in digital finance (pp. 269–280). Springer.

Attia, I. (2019). Makanat al-amn al-siberani fi manzumet al-amn al-watani al-jaza’iri: The role of cybersecurity in Algeria's national security system. Majallat Misdaqiyah, 1(1), 65-84.

Baghdadi, C. (2023). Tamin al-khatar al-siberani: Cyber risk insurance. Majallat Herodot lil-Ulum al-Insaniyah wa al-Ijtima’iyah, 7(25), 237-257.

Ben Ali, S. (2023). Musahamat al-dhaka’ al-istina’i fi al-kashf an al-ihtial fi al-qita’ al-masrifi bi-istikhdam tatbiq al-amn al-siberani Bank Danske al-dinmarki namuthajan: AI's role in detecting fraud in the banking sector: The Danish Bank Danske as a model. Majallat Ab’ad Iqtisadiyah, 13(2), 39-63.

Ben Brughouth, L. (2023). Al-amn al-siberani wa himayat khususiya al-bayanat al-raqamiyah fi al-jaza’ir fi ‘asr al-tahawul al-raqami wa al-dhaka’ al-istina’i: Cybersecurity and data privacy protection in Algeria in the age of digital transformation and AI. Al-Majalla al-Duwaliyah lil-Itisalat al-Ijtima’i, 10(1), 443-457.

Ben Khadra, H., & Bouzidaf, S. (2024). Dawr al-dhaka’ al-istina’i fi al-kashf wa al-hadd min al-ihtial ala al-bataqat al-aitiman al-bankiyah ‘ala al-mustawa al-dawli (The role of AI in detecting and preventing credit card fraud internationally. Mujallat al-Ibda’, 14(2), 274-292.

Ben Zrarah, A., & A’rab, F. (2023). Al-hulul al-raqamiyah al-ibtikariah fi majal himayat al-hawiya wa al-khususiya wa al-amn al-siberani khilal jaihah COVID-19: Innovative digital solutions in protecting identity, privacy, and cybersecurity during COVID-19. Mujallat al-Dirasat al-I’lamiyah wa al-Ittisaliyah, 3(1), 58-66.

Berghouth, L. (2023). Al-amn al-siberani wa himayat khususiya al-bayanat al-raqamiyah: Cybersecurity and protection of digital data privacy in Algeria. International Journal of Social Communication, 10(1), 56-69.

Council of Europe. (2001). “Convention on cybercrime”. Council of Europe. https://www.coe.int/en/web/conventions/full-list/-/conventions/rms/0900001680081561

Cummins, E. (2023). “The 10 best banking chatbots (and how your financial institution can use them, too)”. Netomi. https://www.netomi.com/banking-chatbots

Cybersecurity and Infrastructure Security Agency. (2021). “Cybersecurity infrastructure security agency act”. CISA. https://www.cisa.gov

Cybersecurity Information Sharing Act (CISA). (2015). “S.754 — 114th Congress: Cybersecurity Information Sharing Act of 2015”. U.S. Congress. https://www.congress.gov/bill/114th-congress/senate-bill/754

Franco, H. (2023). “Chatbots in banking: The new must-have in customer care”. Inbenta. https://www.inbenta.com/

General Data Protection Regulation (GDPR). (2018). “EU Regulation 2016/679 on data protection and privacy”. https://gdpr-info.eu

Gerke, M. (2012). “Fahm al-jarimah al-siberaniyah: al-zahair wa al-tahadiyat wa al-istijabah al-qanuniyah: Understanding cybercrime: Phenomena, challenges, and legal response”. International Telecommunications Union. https://www.itu.int/en/Pages/default.aspx

Ghaql, J., & Zakrir, A. (2023). Al-amn al-siberani wa al-shumul al-mali fi dhil al-tahawul al-raqami lil-qita’ al-mali: Cybersecurity and financial inclusion in the digital financial sector. Mujallat al-Tanmiya al-Iqtisadiya, 8(1), 37-56.

InterviewBit. (2023, February 26). “Top 10 characteristics of artificial intelligence”. https://www.interviewbit.com/blog/characteristics-of-artificial-intelligence/

Jboor al-Ashqar, M. (2017). Al-siberaniyah hajis al-‘asr. Al-Markaz al-Arabi lil-Buhuth al-Qanuniyah wa al-Qada’iyah: Beirut.

Kanade, V. (2022). “What is artificial intelligence (AI)? Definition, types, goals, challenges, and trends in 2022”. Spiceworks. https://www.spiceworks.com

Kemmerer, R. A. (2003). Cyber security. University of California, Santa Barbara.

Kotaf, S. (2022). Al-amn al-siberani wa al-madhamin al-mafhumiyah al-murtabita bihi: Cybersecurity and its conceptual implications. Majallat Tibna lil-Dirasat al-‘Ilmiyah al-Akademiyah, 5(2), 273-295.

Lkhweider, N., & Mashtoub, R. (2018). Dawr al-amn al-siberani fi ‘ilaj al-irhab al-tijari: The role of cybersecurity in addressing commercial terrorism. Majallat Ru’a lil-Dirasat al-Ma’rifiyah wa al-Hadariyah, 4(1), 88–105.

National Audit Office. (2017). “Investigation: WannaCry cyber attack and the NHS”. https://www.nao.org.uk/report/investigation-wannacry-cyber-attack-and-the-nhs/

New York State Department of Financial Services (NYDFS). (2017). “Cybersecurity regulations (23 NYCRR 500)”. https://www.dfs.ny.gov/industry_guidance/cybersecurity

NIS2 Directive. (2022). “Directive (EU) 2022/2555 on a high common level of cybersecurity across the Union”. https://digital-strategy.ec.europa.eu/en/policies/nis2-directive

Rosley, N. A., Hashim, H., & Chow Jen-T’Chiang , N. Z. (2023). Combating the macau scam in Malaysia: Strategies for mitigation and resolution from civil law and Sharī’ah Perspectives. Law, Policy, and Social Science, 2(2), 30–44.

Sadia, S. (2021). Tabani al-dhaka’ al-istina’i fi sharikat al-tamin ka-al-iya li-ta’aziz al-shumul al-mali: Dirasat halat sharikat AXA (Adoption of AI in insurance companies as a mechanism to enhance financial inclusion: A case study of AXA). Majallat al-Jaza’iriyah li-Iqtisad al-Idarah, 15(1), 45–62.

Shammari, S. (2020). Al-amn al-siberani ka-murtakaz jadid fi al-istratigiyah al-‘iraqiyah: Cybersecurity as a new pillar in Iraq's strategy. Qadhaya Siyasiyah, 12(62), 273-295.

Siwan, H., & Al-Fatlawi, A. (2015). Al-amn al-siberani wa al-hurub al-siberaniyah: Cybersecurity and cyber wars. Khiyamat al-Iraq Newspaper, Issue 4.

Tibah, S. (2018). “Présentation cyber risques”. Compagnie centrale de reassurance (CCR). https://www.ccr.dz/images/pdf/cyber-risks-ccr.pdf

U.S. Department of Justice. (2021, June 7). “Department of Justice seizes $2.3 million in cryptocurrency paid to ransomware extortionists Darkside”. https://www.justice.gov/archives/opa/pr/department-justice-seizes-23-million-cryptocurrency-paid-ransomware-extortionists-darkside

UAE Government. (2019). “UAE national cybersecurity strategy”. https://u.ae/en/about-the-uae/strategies-initiatives-and-awards/strategies-plans-and-visions/national-cybersecurity-strategy

UAE Government. (2021). “Federal Decree-Law No. 34 of 2021 on combatting rumours and cybercrimes”. Official Gazette of the United Arab Emirates. https://uaelegislation.gov.ae/en/legislations/1526

Walia, I. K. (2023). Cyber surveillance and privacy issues vis-à-vis international law. Brawijaya Law Journal, 10(2), 219–241. https://doi.org/10.21776/ub.blj.2023.010.02.05

Wan Ismail, W. A. F., Abdul Mutalib, L., Mamat, Z., Hashim, H., Baharuddin, A. S., Mohammed Hassan, B. M., & Alias, M. A. A. (2024). Analysis of the concept of acceptance and verification of e-kitabah as a method of proof according to Islamic legislation in Malaysia. (2024). LexForensica: Journal of Forensic Justice and Socio-Legal Research, 1(1), 1-12.