CHAPTER 1

This act addresses offenses related to computer systems and data, such as hacking,
• Define cyber law
unauthorized access, and computer-related fraud.
Cyber law is a set of rules and regulations that govern online activities and interactions. It
includes laws related to the internet, computers, and information technology. c. Telemedicine Act 1997
An act to provide for the regulation and control of the practice of telemedicine; and
• Explain the need for cyber law
for matters connected therewith.
The need for cyber law arises from the increasing use of technology and the internet, The Telemedicine Act 1997 is intended to provide a framework to enable licensed
which brings new types of crimes and legal issues. Cyber law helps protect people's rights medical practitioners to practice medicine using audio, visual and data
and privacy online, and it also sets guidelines for online behavior and transactions. communications.

• Differentiate between conventional and conversional in cyber law This act regulates the practice of telemedicine and sets standards for the delivery of
medical services using information and communication technologies.
Conventional law refers to traditional laws that apply to offline activities, while cyber law
specifically deals with legal issues related to the internet and digital technology. d. Communications and Multimedia Act 1998

Conventional laws are those laws which are come out of agreement among different This act regulates the communications and multimedia industry in Malaysia, covering
nations on specific issue which can be environment, terrorism or even cyber crime. areas such as broadcasting, telecommunications, and online content.

Conventional laws example:

Stating that spreading false news by electronic means should be punished. To prevent this CHAPTER 2
problem all country agreed to use the same act/law.
• Define cyber crimes
Conversional laws example:
Cyber crimes are illegal activities carried out using computers or the internet.
Claim ownership of a photograph you found on the internet, keeping the property for a
While most cybercrimes are carried out in order to generate profit for the cybercriminals,
long time and interfering with the legal owner's use and possession of it.
some cybercrimes are carried out against computers or devices directly to damage or
A special law and has its source in the agreement of those who are subject to it. disable them, while others use computers or networks to spread malware, illegal
information, images or other materials.
• Explain the category of cyber crimes
• Explain the regulatory instruments provided in Malaysia
a. cybercrimes against persons
a. Digital Signature Act 1997
Cybercrimes committed against persons include various crimes like transmission of
child pornography, harassment using e-mails and cyber-stalking.
Digital signature is an electronic signature used to verify the identity of the sender/
Posting and distributing obscene material is one of the most important
signer of a message and also to ensure the correctness and validity of information
Cybercrimes known today.
in electronic transactions.
The use of recognized digital signature can fulfil requirements of confidentiality,
identity authentication, non-repudiation, and integrity of an information • Explain cybercrimes against persons:
a. trafficking
b. Computer Crimes Act 1997
An Act to provide for offences relating to the misuse of computers. b. distribution
Among others, it deals with unauthorised access to computer material,
c. posting
unauthorised access with intent to commit other offences and unauthorised
modification of computer contents. d. dissemination of obscene material including
 Eliminates manual tasks and increases convenience
b. cybercrimes against property
Get remote work done faster and easier
Cybercrimes against all forms of property include unauthorized computer
trespassing through cyberspace, computer vandalism, transmission of harmful Send and sign from practically anywhere, at any time
programs, and unauthorized possession of computerized information.
• Explain the cybercrimes against property:
• Compare Electronic Signatures and Digital Signatures
a. computer vandalism (destruction of others' property)
Electronic signatures are a broader term that includes various methods of signing
b. transmission of harmful programmed electronically, while digital signatures are a specific type of electronic signature that uses
encryption for security.
c. siphoning of funds from financial institutions stealing secret information
and data
a. cybercrimes against government
• Explain cybercrimes against government:
a. threaten the international governments
b. growth of global terrorism cracking on defense and government sites
c. intra-bank transfer of funds for terrorist activities

• Identify the preventative measures to avoid cybercrimes

• increased awareness and capacity regarding information security
• Explain the three major legal requirements in Digital Signature:
• adopted legal and regulatory frameworks to promote information security and
address cyber crime a. Signer authentication
Verifying the identity of the person signing the document.
• regional arrangements to address cybercrime and promote information security
b. Message authentication
• increased trust regarding internet-based transactions Using a digital signature means that the identity of the signer has been validated by a
third-party Certificate Authority (CA). This level of validation and authentication
• increased levels of network security
supports the signature's attribution.
CHAPTER 3 Ensuring that the message or document has not been altered after it was signed.
c. Message integrity
• Explain the Electronic Signatures and Digital Signatures
Confirming that the content of the message or document has not been tampered
Electronic signatures are electronic symbols or processes attached to a contract or with.
document to show consent or approval.
Digital signatures are a specific type of electronic signature that uses encryption to verify
the authenticity of the signer and the integrity of the signed document.
• Describe the need for Electronic Signatures and Digital Signatures
They make online transactions and contracts legally valid and secure.
They save time and money by eliminating the need for physical signatures and paperwork.
Describe the implementation of Digital Signatures Both electronic and digital signatures can have legal validity, but digital signatures
are often considered more secure and reliable due to the use of encryption and
authentication methods.
Many countries have enacted laws to recognize the legal effect of electronic and
digital signatures, making them legally binding for most types of transactions and
contracts.

CHAPTER 4

Define Intellectual Properties:

There are typically three algorithms involved with the digital signature process:
Key generation — This algorithm provides a private key along with its corresponding
public key.
Signing — This algorithm produces a signature upon receiving a private key and the
message that is being signed.
Verification — This algorithm checks for the authenticity of the message by verifying
it along with the signature and the public key.
Intellectual property (IP) refers to creations of the mind, such as inventions; literary
and artistic works; designs; and symbols, names and images used in commerce.
• Identify the three main forms of intellectual right:
a. Copyright
Copyright is a legal term used to describe the rights that creators have over
their literary and artistic works.
Works covered by copyright range from books, music, paintings, sculpture and
films, to computer programs, databases, advertisements, maps and technical
drawings.

The process of digital signing requires that the signature generated by both the fixed b. Patent
message and the private key can then be authenticated by its accompanied public Grants exclusive rights to inventors for their inventions, preventing others from
key. Using these cryptographic algorithms, the user’s signature cannot be replicated making, using, or selling the invention without permission.
without having access to their private key.
c. Trade marks
By applying asymmetric cryptography methods, the digital signature process works to Protects symbols, names, and slogans used to identify and distinguish goods or
prevent several common attacks where the attacker attempts to gain access through services in the marketplace.
the following attack methods:
Roles of Digital Intellectual property protection in Malaysia.
Key-only — Attacker has access to the public key a. Copyright Act
Known message — Attacker has access to valid signatures for known messages, but Protects the rights of creators of original works in the digital environment,
not those that they have chosen such as online content and digital media.
Adaptive chosen message — Attacker gains access to signatures on various messages
that they have chosen. literary works;
musical works;
• Examine the safety in a digital signature and handwritten artistic works;
Digital signatures are generally considered more secure than handwritten films;
signatures because they are difficult to forge and can provide evidence of b. Patents Act
tampering. Regulates the granting and protection of patents for digital inventions and
Handwritten signatures can be easily copied or imitated, while digital signatures technological innovations.
use complex encryption to ensure authenticity.
c. Trademark Act
• Explain legal effect in Electronic and Digital Signatures
 Governs the registration and protection of trademarks in the digital sphere, • Discuss the use of the following laws for data protection and control:
safeguarding brands and their digital presence.
a. Personal Data Protection Act 2000
Regulates the processing of personal data in commercial transactions, providing
Identify the areas of Digital Intellectual Properties related:
individuals with rights over their personal information and imposing obligations on
a. Copyright law: relating to computer software, source code, websites,
data users.
cell phone content
b. Communication and Multimedia Act 1998
b. Trademark law with relation to domain names, meta tags, mirroring,
Addresses various aspects of communication and multimedia activities, including
framing, linking etc.
provisions related to the protection of personal data in the context of
c. Patent law in relation to computer hardware and software
telecommunications and digital media.
• Explain the technologies for Digital Intellectual Property Protection
• Identify the methods to ensure privacy and data security
a. Encryption
Encryption: Protects data by converting it into a code that can only be accessed by
Involves encoding digital information to make it secure and only accessible to
authorized parties.
authorized users, preventing unauthorized access or theft of intellectual
property
Access Control: Limits who can access certain data or systems, often through the use of
b. Watermarking
passwords, biometrics, or other authentication methods.
Embeds digital markers or identifiers into content, such as images or videos, to
indicate ownership and deter unauthorized use or distribution
Regular Audits and Monitoring: Involves routinely checking and analyzing systems and
c. Web monitoring
data to identify and address potential security issues.
Involves the use of software tools to monitor online platforms and websites for
unauthorized use or distribution of digital intellectual property, allowing for timely
Employee Training: Educates staff on best practices for handling sensitive data and
enforcement of rights and protection of content.
recognizing potential security threats.

CHAPTER 5 : PROTECTION, PRIVACY AND CRIMES • Identify Cyber Security Controlling Bodies in Malaysia
a. Communications and Multimedia Act 1998:
Describe privacy and data protection
Regulates the communications and multimedia industry in Malaysia.
Privacy refers to the right of individuals to control their personal information and how it is Covers areas such as broadcasting, telecommunications, and online content.
used. Aims to ensure fair competition and protect the interests of consumers and
industry players in the communications and multimedia sector.
Data protection involves safeguarding personal data from unauthorized access, use, or
b. National Cyber Security Agency (NACSA):
disclosure.
Responsible for coordinating and overseeing national cyber security efforts.
• Explain the purpose of data protection and privacy in: Develops strategies and policies to enhance the country's cyber security posture.
Collaborates with various stakeholders to address cyber threats and incidents.
a. Collection Data
c. CyberSecurity Malaysia:
Ensures that personal data is obtained lawfully and fairly, with the consent of the
Serves as the national cyber security specialist agency.
individuals involved.
Provides cyber security emergency response, digital forensics, and cyber security
b. Storing Data
capacity building.
Aims to secure personal data from unauthorized access or loss, maintaining its
Offers guidance and support to government and industry in enhancing cyber security
confidentiality and integrity.
resilience.
c. Transmitting
d. Personal Data Protection Act 2009:
Seeks to protect personal data during its transmission, preventing interception or
Regulates the processing of personal data in commercial transactions.
unauthorized access.
Provides individuals with rights over their personal information and imposes
obligations on data users.
 Aims to safeguard the privacy of individuals and ensure the proper handling of
personal data.
e. Computer Crimes Act 1997:
Addresses offenses related to computer systems and data, such as hacking,
unauthorized access, and computer-related fraud.
Provides legal measures to combat cyber crimes and protect the integrity of
computer systems and data.
Aims to deter and penalize cyber criminal activities.

• Discuss the roles of cyber security controlling bodies

Setting Standards: Establishing guidelines and standards for cyber security practices
and infrastructure.

Incident Response: Coordinating responses to cyber security incidents and

providing support to affected parties.

Awareness and Education: Educating the public and organizations about cyber
security risks and best practices.

Regulation and Compliance: Enforcing laws and regulations related to cyber

security and data protection.