Megrendelés

Dawei Song[1]: Internet Real-name System and Cybercrime Prevention in China: A Critical Perspective (JURA, 2019/2., 470-481. o.)

I. Introduction

In California in the United States, for instance, according to the report of the Breach Data Level Index of 2018, the cost of damage just caused by the cybercrime is over 214 million US dollars.[1] Some damages caused by the cybercrime are hard to describe in figures, not like the economic loss, though controversial the methods to calculate it is, such as a social loss, fear of crimes, and so forth.[2] For disposing of the cybercrime, most of the countries in the world applied different measures as to dealing with the cybercrime, including legislation and agreements of both the national level[3] and international level[4]. Amongst the practice of all countries, there is one policy, which focuses on the anonymity of the Internet, called Internet Real-name System or Network Real-name Registration System.

Internet Real-name System was first applied in the official level in South Korea in 2002 and abolished by the Korean Constitution Court.[5] It could be said that failure is the first Internet Real-name System at the national level. However, in China, by the promulgation of the Cyber Security Law, the Internet Real-name System is fully applied now. At the same time, on September 21, 2018, Legaldaily (fa zhì wang) published an article that some scholars and official staffs in China keep revisiting this system to make it of more efficacy. Their womb view is to insist on using this system but need some improvements.[6] Some criminal law scholars also hold the view that beneficial is the Internet Real-name System to the prevention of cybercrime, especially in the Situation Crime Prevention paradigm.[7] Here comes this paper.

The main question in this paper is whether the Internet Real-name System facilitates the Cybercrime Prevention in practice (or not). According to this question, this paper will, first, introduce the Internet Real-name System, including what the Internet Real-name System is and the typologies thereof. Second, this paper will restrict the scope in China, not the world level, and enumerate the legal documents which are effective in China now and give some comments on them. Third, this paper will give a brief look at the crime prevention in criminology perspective, then redefine the cybercrime prevention and find the correspondence to the crime prevention theories. Fourth, this paper will give a rational analysis of the relationship between cybercrime prevention and Internet Real-name system. At last, this paper will give the final answer to the main question above.

II. Internet Real-name System in China: Definition, Classifications and Comments

1. Definition: Refine the concept of Internet Real-name System

When refers to the Internet Real-name System, we should discuss the concept thereof first. There are many different names of the Internet Real-name System, such as the Network Registration System[8], Real-name Verification System[9], Internet Censorship System[10], Real-name Policy[11], and so on. All these names can be seen as a kind of descriptions or generalizations of the Internet Real-name System. So, when we do the information retrieval in the database, we should consider the different expression of the Internet Real-name System.

However, if we analyze these names crucially, we can, then, find what essential is behind these names. It is the requirement of real identity of clients as to using the ICT. In other words, the core requirement of the Internet Real-name System is ordering the Internet participants to link their real identity with the one they use on the Internet or Cyberspace.

- 470/471 -

The real identity of the people consists of real personal information or data which contains the real name, gender, telephone number, ID number, working place, living address, and so forth. By these data or information, the government or the Internet companies can unveil a person's anonymity online[12], and the user can be precisely recognized and located when some subjects need to find out an individual account's owner online. Therefore, establishing the one-to-one correspondence between real identity and virtual identity is the core requirement of the Internet Real-name System.

To sum up, the Internet Real-name System should be such a system, which requires network participants to link real personal information with virtual identities in the registration or online services acceptance stage of cyber-activity in the Cyberspace, through a mandatory or voluntary way, so as to achieve the effect of the so-called Real-name system. As the research scope of this paper is China, it should be known that it is mandatory in China now.

2. Classifications: Types of Internet Realname System in practice

We can have a full-scale understanding of the Internet Real-name System when we discuss the different types thereof in practice. The various classification criteria represent the various foci of the Internet Real-name System. It is a suitable approach to build an overall perspective on the system.

Refer to the different stages of the participating of the Internet, we can classify the Internet Real-name System into three types. The first is the Real-name in Accessing the Internet. It means the user should do the real-name verification or check-in when they try to access the Internet, for example, buy the SIM card, check-out the broadband network, and so on. In many countries, this is mandatory. For example, in Japan, the mobile phone and the SIM card are bound to sale. The user should use the ID card or driver license to register in the SIM card.[13] The second is the Real-name in Providing the Internet Service. It overlaps the Real-name in Accessing the Internet somehow. But it has its own specialty. It refers to the Internet service provider, mainly when providing online services after they are accessing the Internet. In practice, its subject is mainly the Internet corporates but also some e-commerce partners. For example, the retailers online, when someone wants to sell something online on the Amazon or Taobao website, they have to register with a real identity.[14] The third type is Real-name in Accepting the Internet Service. This requires the users to supply real identity when they are accepting the online service. For example, if a person wants to register an email address, then he is required to offer real identity for completing the process of registration. Furthermore, depending on the different types of online service, there are some mainstream online services which required the users to offer real identities in China, such as real-name in online games[15], real-name in online trading, real-name in online social media or social communications, and so forth.

3. Comments: China's Practices and Strategies

The Internet Real-name System starts relatively early in China. Though some scholars recognize that it starts from 2002, in fact, it starts from 2000.[16] Till 2018, the Internet Real-name System has already been applied in practice for eighteen years. The continuous application of the Internet Real-name System is a process of continuous improvement and comprehensiveness in China. The foci of the Internet Real-name System changes from a single subject, the Internet Service Provider, to dual subjects, the Internet Service Provider and the User. Real-name in Accessing the Internet is not the only emphasis, but also the Real-name in Providing the online service and Real-name in Accepting the online service.

Because of China has already constructed a relatively entire legal system on the real-name system which including the laws, regulations, departmental rules, and departmental regulatory documents, the Internet Real-name System is the Governmental Internet Real-name System which means this requirement or policy is dominant by the government. In other words, it is compulsory and direct in the whole state cyberspace in China. It is very different

- 471/472 -

from the Vocational Real-name System which is based on the vocational standards. Actually, most of the countries with the Internet real-name system applied this kind of requirement: users are mandatory to provide personal information such as name, address, Email, and so forth personal data to the network operators when buying mobile phone or applying for accessing Internet, and then, by the clerk, the customer's name, address, ID number, and other personal information would enter the database of the operators, indirectly in the form of real-name registration to implement network real-name system. This indirect real-name registration mainly concentrates on European and American countries that pay much attention to protecting freedom of speech. In addition to adopting indirect real-name methods, these countries also impose strict restrictions on the scope of real-name networks. For example, in the United States, only a few fields or websites such as 'Facebook' and 'Google+' require a real name.[17] However, in recent years, the scope of the network real-name system in the United States has expanded.[18]

Though directness of the Internet Real-name requirement is the prominent feature in China's strategies, it is improper to look upon the Internet Real-name System in China as the direct type rather than indirect one. Indeed, China offers an elective plan that 'real names in the background and either real names or screen names in the foreground under free wills.'[19] (thereinafter 'Mandatory in Background, Voluntary in Foreground') It means the user should provide real identity when they register Internet service, the operator should back up this information. However, the users can use the online service with a pseudonym on the screen.

III. Crime Prevention and Cybercrime Prevention

1. Crime Prevention: Implications, Framework, and Typologies

Crime prevention is a criminological notion. It locates in the responding to the crime in the criminology and occupies a distinct position to the other responding to the crime. The crime prevention takes preventive approaches, which are proactive and based on the assumption that crime can be predicted to some extent and therefore avoided by taking precautionary steps in advance, to minimize the incidence of committing crimes or eradicate the occurrence of crimes.[20] Its premise is that with the accurate methods effectively applied, with relevant expertise and with sufficient resources, we can understand the motivation of human behaviors and the causes of crimes, then the crime can be precisely anticipated, in turn, appropriate interventions can be taken to eradicate the crime or substantially reduce the frequency of crime.[21]

Crime prevention, on the face of it, should aim to prevent crime, but in practice, its aim is relatively complex. The crime prevention should at least focus on three areas: "1) criminogenic ('risky situations'); 2) potential offenders ('risky 'people); and, 3) vulnerable groups or communities ('at risk' people)."[22] Notably, people feel anxious about some crimes that do not happen to them. Therefore, crime prevention should not only reduce the incidence of crime but also take some measures to reduce people's fear of crime. For so, the objectives of crime prevention should extend to "1) divert potential offenders from crime; 2) avoid 'bad lives'; 3) safeguard potential victims; 4) provide reassurance to the general public; 5) promote community safety; 6) protect commercial interests; 7) build social capital; and 8) defend the moral order."[23]

There are three main types of crime prevention models or measures: 'community', 'developmental', and 'situational' crime prevention.[24] The community crime prevention is looked upon as a 'combination of developmental and situational prevention' to some extent.[25] Furthermore, community crime prevention initiatives are difficult to conclude precisely as to their efficacy or "the methods by which beneficial outcomes are achieved."[26] So, we mainly discuss developmental crime prevention and situational crime prevention in this paper.

Developmental crime prevention is founded on the presupposition that: 'Traits or propensities conducive to antisocial conduct and crime develop in the womb and early in childhood.

- 472/473 -

The roots of crime thus extend over the life course.'[27] In accordance with this presupposition, if we want to pre-empt the commission of crimes, we need continuous and developmental interventions to reduce crime inducement factors and provide alternative social opportunities both in the early years and at later stages in one's life.[28]

The situational crime prevention is based on 'opportunity theories'[29]which is composed of the Rational Choice Perspective, the Routine Activity Approach, and the Crime Pattern Theory.[30] This model and these three theories will be fully discussed in the next section with the cybercrime prevention.

2. Cybercrime Prevention: Redefinition and Correspondence

Cybercrime is a series of harmful deviant behaviors what is taken for procuring improper interests which are forbidden by law or common social values, by the feature of the data and online transportation thereof, which abuse the advanced technologies and the information asymmetries that get from positional advantages.

In the light of the definition of crime prevention above, we could redefine the cybercrime prevention in the form of through a range of preventive initiatives to reduce the incidence of the cybercrime gradually thereby eradicating the cybercrime, meanwhile, by the preventive measures, to promote cybersecurity and improve the protection of the personal information. The ultimate objective of cybercrime prevention is to make the cyberspace a better and safer environment for the improvement and development of technology, lifestyle, and well-being of the whole human society. In line with the features of cybercrime, the cybercrime prevention exhibits some of the characteristics corresponding thereto.

From the perspective of appearance, the overall impression of cybercrime prevention reflects a strong dependence on technology. People use firewalls to prevent Trojans from intruding and use new encryption algorithms to protect personal information. Almost every week, anti-virus software on our computers updates the computer virus database to deal with new risks. Mobile payment procedures have also begun to use a combination of biometric information and traditional passwords to secure transactions. The applications of these technique initiatives reflect the method of crime prevention which introduced by the Crawford that 'increasing the required effort to commit the crime.'[31]

From the characteristics of Internet development, the globalization of the Internet makes cybercrime prevention require global cooperation. This is different from traditional crime prevention in the past, which may focus on only one type of crime or a particular area. And the Internet connects the world, and no country can completely isolate the Internet. Criminals may have committed cybercrime against country B in country A. So, as the Tilley told that "Crime, in general, is complex, with many features, causes, motivations, and conditions... it will not be possible for any agency on its own success to address all aspects of all crime prevention problems."[32] Transnational cooperation in cybercrime prevention requires a relatively uniform system of crime prevention that is acceptable to all parties. However, it is challenging to establish a unified, replicable, and transferable cybercrime prevention system. Although many attempts there have been, such as the international treaties mentioned above,[33] the effect is not very obvious. This is also the inherent shortcoming of cybercrime prevention.

In addition, cybercrime prevention is an evolving and continuously updated system of crime prevention. Though inherent is this feature is in the system of crime prevention, cybercrime prevention presents more prominent instability. First, from the usual Internet behavior to justify the criminalization of change, such as hacking was not originally cybercrime and as the behavior of heroism, but the subsequent abuse led to its criminalization;[34] Second, the behavior in the physical space is projected into the cyberspace to produce corresponding more severe crimes. For example, the bullying behavior evolves into cyberbullying in the cyberspace, and due to the immediacy and extensiveness of Internet transmission, the impact of cyberbullying far exceeds the damage in physical space; Third, cyberspace itself derived a

- 473/474 -

new type of crime, the frequency of such updated criminal offenses far beyond the physical space. The types of crime in the traditional physical space are relatively stable and fixed, but the development of cybercrime makes the cybercrime group more active. Based on the above-mentioned inexhaustible enumeration characteristics, the cybercrime prevention system needs to adjust policies continually and change strategies regularly to cope with new risks of offending. A logical connotation here is that traditional crime prevention measures endorsed by the previous theories are not well adapted to the new requirements, it presents the instability of cybercrime prevention systems.

IV. Dialectical Relationship: Internet Real-name System and Cybercrime Prevention

1. Logical Starting Point: Eradicate Anonymity

Anonymity can provide a "shield from the tyranny of the majority"[35] or "a mask used to protect the perpetrator of a crime"[36]. There are four types of anonymity: 1) traceable anonymity, 2) untraceable anonymity, 3) traceable pseudonymity, and 4) untraceable pseudonymity.[37]

The untraceable anonymity means the user does not identify himself and is not identifiable ultimately. It is rather difficult to realize in the physical world, because of the development of forensic technologies. However, it is easy to achieve in the cyberspace, and herein why many governments approve and justify the regulation thereof.[38] Governments are afraid of perfect crimes caused by the complete untraceable anonymity.[39] In fact, most users in the cyberspace are of traceable anonymity "through intermediaries or other identifiers."[40] It is the kind of the Internet Real-name System which most countries applied. The users should submit their personal real identity information to the intermediary or registry of some sort, and these institutions will keep the information in their database. As long as not using the anonymizing software, even most anonymous users are traceable by the upcoming switch to IPv6.[41]

Pseudonymity is different from the anonymity. It adopts a developing and ongoing identity which can develop an image and reputation by itself.[42] "By contrast, anonymity is sometimes attained through passivity, rather than through active speech."[43] Pseudonymity allows for a shared voice or identity when adopted by many users at one time. For example, the online account name can be the same as many people. Like the anonymity, the pseudonymity can be categorized into two types as mentioned above. Untraceable pseudonymity is that the user identifies himself by a pseudonym, and cannot be identified ultimately. Traceable pseudonymity allows others to trace the identity of the user behind the pseudonym.[44] From a policy perspective, the traceable and untraceable pseudonymity and anonymity cannot be distinguished measurably. So, in this paper, the term of anonymity is including the pseudonymity.

It is generally believed that the anonymity of the Internet leads to the occurrence of cybercrimes. Although there is no precise research data to support the correlation, people still maintain stereotypes. As with the discussion of cybercrime prevention, people prefer to consider anonymity as a critical factor therein. Through eradicating the anonymity in the cyberspace, re-designing the environment of cyberspace, the cybercrime could be prevented to some extent. This aspect is inherent in the pursuit of the Internet Real-name System; on the other hand, consistent with the theoretical model of situational crime prevention.

According to the rational choice perspective, decisions as to whether to offend are based on a deliberate calculation on the potential offender's part of the 'risks, rewards and efforts of alternative courses of action.'[45] The offenders or the potential ones will consider the time, ability, and knowledge about the circumstance; and if the calculation suggests that the reality is to their advantage, then they will commit crimes. The Internet Real-name System requires all the participants to provide real identity, in other words, reduce anonymity. It improves the risk of being caught when the offenders finish committing a crime. For this, the offenders need

- 474/475 -

more efforts or knowledge to conceal their identity online. So, the cost of committing a cybercrime will weigh the rewards thereof. Then, cybercrime prevention can attain.

According to the routine activity approach, it considers the coincidence of three factors: "a motivated offender, a suitable target for the offenses, and the absence of a capable guardian to prevent the crime from occurring."[46] If these three factors in routine activities of various parties to the crime converge at a particular time and place, then the coincidence will be more likely to occur. Turn to the Internet Real-name System, eradicating anonymity is equivalent to build arguably useful preventive guardian. That is to say, if a potential offender wants to commit cybercrime, he must first take a range of measures to overcome the obstacles of transparent identity brought by the eradicating anonymity. To a certain extent, this can prevent potential offenders who cannot break through the guardian from committing cybercrimes, and thus achieve the goal of cybercrime prevention.

To sum up, by reducing anonymity in the cyberspace, the Internet Real-name System enables a methodical approach to reducing opportunity, creating inhibitors, and creating uncertainty on the outcomes of cybercrime. In China, the Internet Real-name System is of taking measures of eliminating anonymity to implement situational crime prevention of cybercrime. So, we can conclude that the starting point of the Internet Real-name System is eradicating the anonymity.

2. External Experiences and Internal Contradictions

China is not the only country which applied Internet Real-name System around the world. Indeed, many countries, as we mentioned above, have applied the Internet Real-name System to some extent.[47] However, there is another country which had applied the Internet Real-name System at the official and national level, South Korea. Before 2016, when China overall established the Internet Real-name System. South Korea is the only country around the world which established the Internet Real-name System by legislation. It was the mandatory requirement for all Internet participants.

In 2000, the Korean society showed the highest Internet subscription rate in the world.[48] A large number of Internet subscribers and the easy access to the Internet in the Korean society leads to the speedy exchange of information and equally rapid formation of public opinions. [49] Such advantages with the Internet amplify the injuries of the defamation and intervention of the privacy.

In 2004, the real name requirement first appeared in the Election of Public Officers Act.[50] It was introduced for preventing the "illegal election campaigning activities on the Internet such as the circulation of false rumors and libels about candidates."[51] Therefore, at first, the real name requirement existed in the area of political kinds of stuff. However, because of the case "Dog feces woman" or "Dog poop woman"[52], the Korean society began to show great concern for the regulations on the Internet for personal use in the daily life. Then, the Korean government en route to making a far more comprehensive act to regulate all the online actions. In 2007, Korea promulgated the amendment of Act to Promote the Use of Information and Communication Network and to Protect Information (thereinafter ICNA). [53] The article 44-5(1)[54] of this act demand all the private websites with a certain number of users every day, and all the public entities websites to apply measures of some sort to verify the users' real identity, regardless of the content of the user's postings.[55] At this point, it can be said that South Korea has fully established the Internet Real-name system. However, the bill has not been implemented for a few years, or since its birth, the bill has been controversial. Its original intention is to resist cyber libel. But, there was an empirical study of the Internet Real-name system in Korea showed that there was a decrease in the rate of malign online posts from 15.8% to 13.9%.[56] "This is not necessarily inconsistent with other research[57], which showed a small decrease in defamatory replies."[58] With this evidence which manifests the uselessness of the Internet Real-name system on the prevention of the cyber libel, the intense critique thereof, and a large number of cases which referred to the leakage of

- 475/476 -

the personal information, on August 23, 2012, the Constitutional Court of Korea made a decision to invalid the Internet Real-name system which under the articles of ICNA. The Korean experience told us that the Internet Real-name system is not very practical to prevent the cyber libel arguably, or you can say cybercrimes. However, the real name requirement can hinder the expression of the political opinions and some other sensitive stuff. Korea's measures on real name verification could, by and large, be failed.

Now turn to China's practices after nearly three years of the full implementation of the Internet Real-name system, many problems appeared which beyond the original design of the system, and to some extent, restrict the function thereof.

Although there has not been an empirical study on the Internet Real-name system in China, the official staff of Ministry of Public Security gave some comments on the circumstance of the implementation of the Internet Real-name system from the overall establishment in 2016 to now.[59] Li Jingjing, director of the Legal Affairs Office of the Cyber Security Bureau of the Ministry of Public Security, held the view that the real name verification which is based on the Cyber Security Law just require the Internet Service Provider to verify the real identity of the users, and these measures inevitably lead to the providers keep the user's information in their database. The recent effective law does not stipulate more articles to detail the protection of the information they kept. Then, this will cause the increase of the risk of information breaching, and in fact, it is a severe problem in Chinese society, nowadays. By the national strategies of 'Internet +'[60], more and more traditional industries start to build a connection to the Internet. The personal information, which is a form of big data, has become an area with business chance and commercial profits. A large amount of personal information that exists in the ISP database through real-name authentication has become an unprotected fat sheep. A variety of interest groups, including criminal groups, are eyeing this fat. This will lead to more people committing new cybercrime targeting personal information.

In addition, China's Internet Real-name system itself has certain logical loopholes. It only focuses on whether the user can provide a real personal identity and associate it with an account in the cyberspace. In other words, if a person registers an account with the real identity information of others, it can also successfully pass the real name review. This case is not alone, but there is a lot of reality. For example, minors use the identity information of other adults to pass the registration review of online games and adult websites. It is not a difficult thing to get a piece of real identity information online in China. You can open Baidu.com, a Google-like search engine in China, and then retrieve the ID number. Baidu.com will display a bunch of real ID numbers with real names,[61] and you can use this real information to register a variety of online services. Though the webpage which offered the ID numbers would notice that do not misuse these ID numbers for an illegal purpose, nobody arguably will check the use of the information on earth. Searching the ID numbers online, this is not exclusively the case, but the escalation, displacement, adaption, deflection, and injuries amplification of the cybercrime which would be discussed in the next section.

3. Evaluation: Merits Prioritization and Functions Realization

In the last two sections of this chapter, we have briefly discussed the anonymity as the logical starting point of the Internet Real-name System, and the practice and experience from South Korea and China. This section is to mainly discuss the merits considerations and tradeoffs in the implementation of the Internet Real-name system of which one of its purposes is to prevent the cybercrime in the view of regime designers and scholars of China; and whether the function thereof is really realized underlying the practice of China. Furthermore, on the basis of discussions of these questions, this section will introduce a more in-depth consideration or relatively open question, i.e., how to evaluate the success of one measure which is for the crime prevention? The different answer to this question will arguably determine the attitude to the Internet Real-name system in China as a method of cybercrime prevention.

- 476/477 -

Merits Prioritization, in this paper, is the process which considers, in the implementation of one crime prevention measure, the comparison and weighs of the different interests with contradictions, then make a choice to prioritize one or one group of interests with the situational circumstance. A fundamental premise therein is of which the different interests on both sides of the balance should be with the complication. In the preventive measures, one is directly focused on the potential offenders; the other is of which concentrates on the potential victims. In other words, we can prevent particular crimes targeting particular victims by enhancing the capacity of the victims. Then the responsibility is placed on the victims themselves. For instance, with the purpose of resisting the rape or sexual harassment to the female, the women should wear a long dress which exposes less part of their body, or the women should not go outside in the evening, as some staffs in the law enforcement and scholars of criminal justice recommended. These measures are controversial that the victims should forego some natural rights, such as freedom of clothing and freedom of movement which they have been entitled by the constitution or some other regulations or culture, to ensure the government to guarantee the protection.[62] There was a campaign called the "Reclaim the Night march" which some women protest for the equal protection in the night in the UK can verify the foregoing discussion well.[63] In turn, the Internet Real-name system is as preventing the cybercrime as challenging the freedom of speech and privacy, as some scholars argued in their researches.[64] The infringement to the privacy is easy to understand. A large number of cases of data breaching in China lead to personal privacy enduring a significant risk of leakage and misuse.[65] The Internet Real-name system attempts to eliminate the anonymity online in China entirely. However, no matter the anonymity is a kind of expression or just a kind of conduct in the speech[66], it is the core factor under the freedom of expression, there is no doubt for this. Many cases in the United States[67] have already manifested that, though restriction is placed on the right of anonymity, it is still essential in exercising the First Amendment right, Freedom of Expression.[68]

With the experience of Korea which the effect of cybercrime prevention is inconspicuous but the decrease in the number of posts on the main webpages is apparent, the Internet Real-name system in China which hinged on the real identity verification and exacting scrutiny would arguably be tantamount to suppression on, or infringement of, the freedom of expression. Prohibiting the anonymity online would chill the unpopular or controversial speech online ineluctably. Forbidding anonymity would reduce the "sum total of information and opinion contributed to the public debate."[69] The full implementation, without any exceptions, of the comprehensive Internet Real-name system under the Cyber Security Law in China incurred fierce criticism which treated China's methods as a means to "block noncompliance and maintain the political power of the government"[70] thus fail to "build an ideal online environment with public order and trust"[71], from the international academics. In this paper, I will not deliberate the motivation of the current government of China of stipulating the Internet Real-name system, but from a crime prevention perspective to give consideration that when both the constitutional rights, exemption from being a victim in crime and freedom of expression, contradict with each other in the choice of either convenience of the law enforcement for locating an offender or the exclusive protection of the democratic rights, which one should be the prioritized merit? It is the best to find the balance between this confliction. If not, in this paper, my viewpoint is that China should figure out which kind of interest is the real demand of the people, and sacrifice the human rights to protect the human rights is not an advisable measure, because of the human rights themselves do not, or cannot, have an evident, and undisputed of the most importance, hierarchy sorting.

Internet Real-name system as a preventive approach for which preventing the cybercrime would have some connatural limitations in itself thereby restricting the realization of the function of the prevention, even if we had found the balance of the merits prioritization. These limitations or consequences, as I have introduced at the end of section two of this chapter, are an escalation, displacement, adaption,

- 477/478 -

deflection, and injuries amplification of the cybercrime.[72]

First are the escalation and displacement of the cybercrime under the implementation of Internet Real-name system. As the Grabosky suggested that the "suppressed criminal intent would find its expression in more intensified and potentially harmful activities, such as expressive violence."[73] The Internet Real-name system deters the potential offenders from committing a cybercrime by the risk of detecting and investigating efficiently. Then the offenders would turn the traditional cybercrime, such as cyber-fraud, cyber-libel, and so on, to the crime targeting the data or information backed-up in the ISP's database which is easy to get through for without efficient techniques to improve the index of safety in some small ISPs. As the appendage of real identity authentication, personal data is of stimulus for the potential offenders. On the other hand, for the difficulty of committing the relative traditional cybercrime and appearance of a new criminogenic objective would result in the intensive occurrence of the identity theft and misuse. Thus the Internet Real-name system is provocative rather than preventive.

Second are the cyber-criminals adaptation and cybercrime deflection. The Internet in China is different from the one in other countries, except North Korea. Rather than the Internet, it is better to say China is using the largest local area network in the world by the state-enforced firewall be of blocking the external information, especially the information from the Google's related products. Moreover, under the circumstance of the full implementation of the Internet Real-name System, the offenders have to conceal their identities and locations when they intend to commit a cybercrime. In general, they will both use a fake identity and the VPN services of some sort to achieve the goal. Furthermore, the deflection of cybercrime will happen. The cybercrime will transmit from the surface web to the deep web or dark web for the use of particular software. Then the cyber-police should take the measure of which locating and tracing the IP address that is more effective in investigating a cybercrime. Here is the paradox that though without the Internet Real-name system, the most useful method to investigate cybercrime is locating the IP address, even with the real name verification, for the reason of deflection of cybercrime, it is still the only most effective method, then the Internet Real-name system would exist the name only and increase the cost of the ISP to manage the data they got from the users. In addition, the penal code of China criminalizes the conduct of a large amount of data breaching of the ISP for the negligence of management. This would also add the risk of violating the criminal law for ISPs. To sum, the Internet Real-name system as a preventive measure for cybercrime prevention neither very effectively realize cybercrime prevention, while increasing the burden on ISPs.

The last is the amplification of injuries of the cybercrime. According to the rational choice theory, the offender would consider the cost and the profits, and find the best balance before committing a crime. For those have determined to commit cybercrime, the Internet Real-name system increases their cost without a doubt for committing whereby the exploiting of particular software to conceal some crucial information. Then the offenders would try to get more profits from the crime, which at the same time causes more loss of victims. Or, from another angle, the cybercrime become more severe than before. This is not exclusively the case, but needs to pay attention to the circumstances through which the implementation of the Internet Real-name system in China, all the social media accounts seem to link with a real identity in the most users' eyes, though fake might be with one account, most people would not know the real situation, as the people prong to trust some words from a "real" person, the cyber libel would be with more harm under the Internet Real-name system. People would like to trust some malign comments which indeed are defamations. Then the victim would suffer more misery from the cyber libel.

Whether the confusion and hesitation within the prioritizations of merits or the inherent shortage of the preventive approach in function realizations of crime prevention and also though failure is the Korean experience, China still appreciates the Internet Real-name system as a valid means to prevent cybercrime and will insist on implementing it in the future, i.e.,

- 478/479 -

in the years, China will not declare unconstitutional to the Internet Real-name system, in turn, supplement more legislation or ordinances to strengthen it. Then the correct and objective evaluation is of importance. The intrinsic limitations cannot be evaded, so the merit prioritizations will be of significance. As discussed have been above, it is not wise to sacrifice the one natural human rights backed-up by the constitution and also recognized by the international customs to ensure the function realization of cybercrime prevention whereby the overall implementation of Internet Real-name system without any exceptions in China. China's people and the government should take more consideration into the nexus between anonymity which has been abandoned by the Internet Real-name system and the freedom of expression and privacy which are protected in the Constitution of P.R. China and balance them well in practice in the future.

V. Conclusions

Establishment of the Internet Real-name system in China experienced progress from 2000 to 2018. As a mandatory Governmental Internet Real-name system, it has been expected to functioning cybercrime prevention. Though failure is Korea's experience, China will insist on implementing this system. However, chaotic phenomena have already evidenced implementation of the real-name requirement in China of accompanied by deviations, and restrictions in exercising the freedom of expression and personal privacy. Without the consideration of inherent limitations of the preventive measures of the crime prevention, though, it is hard to say China has found the best balance between the interests of democratic political rights and the requirements of cybercrime prevention. Therefore, the motivation and purpose of full implementation of Internet Real-name system without any exceptions in China are doubtful and questionable. ■

NOTES

[1] Jasmine. '21 gè chù mù jing xin wang luò fàn zuì tong jì shù jù' / 21 Shocking Cybercrime Statistics (2018.10.20). Aqniu.com: https://www.aqniu.com/industry/39791.html (2018.12.10).

[2] This issue is also a problem for the crimes against property. Sándor Madai: A csalás büntetőjogi értékelése (Interpretation of fraud in criminal law). HVG-ORAC, Budapest 2011. 133-136.

[3] See. Repository Cybercrime. Database of Legislation. UNODC: https://sherloc.unodc.org/cld/v3/cybrepo/legdb/index.html?lng=en (2018.12.11)

[4] See. The Budapest Convention on Cybercrime of 23 November 2001, the E-Commerce Directive 2000/31/CE, and the EU Directive 2013/40 of 12 August 2013, the Arab Convention on Combating Information Technology Offences of 2010, the Shanghai Cooperation Organization Agreement on Cooperation in the Field of International Information Security of 2010, and the draft African Union Convention on the Establishment of a Legal Framework Conducive to Cybersecurity in Africa of 2012.

[5] See. Kim Keechang: Korean Internet and 'Real Name' Verification Requirement. Korea University Law Review. 2016. 20: 87-103.

[6] See. Du Xiao and Fu Zixuan: 'fa lü gui zé yu jì shù gui zé xu bi ci jiao róng'/ Legal rules and technical rules need to blend with each other (2018.09.21). Legaldaily: http://www.legaldaily.com.cn/index/content/2018-09/21/content_7651247.htm?node=20908. (2018.12.11).

[7] See. Sun Daocui: 'wang luò shí míng zhì yu xíng shì zhì li de xié tóng huà si kao'/ Coordinated development between criminal governance and Network Register System. 'nán jing yóu diàn dà xué xué bào (shè huì ke xué ban)' / Journal of Nanjing University of Post and Telecommunication (Social Science). 2013/09, 18(3):16-24.

[8] See. e.g. Lee Jyh-an and Liu Ching-yi: Real-Name Registration Rules and the Fading Digital Anonymity in China. Washington International Law Journal. 2016/01, 25(1):1-34.

[9] See. e.g. Leitner John: Identifying the Problem: Korea's Initial Experience with Mandatory Real Name Verification on Internet Portals. Journal of Korean Law. 2009/12, 9(1): 83-108.

[10] See. e.g. Li Jeffrey (Chien-Fei): Internet Control or Internet Censorship - Comparing the Control Models of China, Singapore, and the United States to Guide Taiwan's Choice. Pittsburgh Journal of Technology Law and Policy 2013. 14(1):

[11] See. e.g. Schmitz Sandra: Facebook's Real Name Policy: Bye-Bye, Max Mustermann?. Journal of Intellectual Property, Information Technology and E-Commerce Law 2013. 4(3): 190204; KAMINSKI Margot: Real Masks and Real Name Policies: Applying Anti-Mask Case Law to Anonymous Online Speech. Fordham Intellectual Property, Media & Entertainment Law Journal 2012. 23:815-896.

[12] Solove Daniel J.: Digital Dossiers and the Dissipation of Fourth Amendment Privacy. Southern California Law Review. 2002/07. 75(5): 1084.

[13] See. Wei Yuejiang: 'shì jiè gè guó rú hé tui háng wang luò shí míng zhì' / How do countries around the world implement Internet real-name systems?. 'shàng hai xìn xi huà' / Shanghai Informatization. 2013/03, 3: 82-86.

[14] See. Administrative Measures for Online Trading. Article 7: A natural person engaging in online commodity trading shall conduct business activities through a third-party trading platform, and provide the platform with his or her name, address, valid identity certificate, valid contact information and other true identity information. If the registration conditions are met, the person shall undergo industrial and commercial registration formalities in accordance with the law.

[15] See. Interim Measures for the Administration of Online Games. Article 16: An online game orientated to minors shall not contain anything that may induce minors to mimic any violation of social ethics or law or any criminal act, or contain any horrible, cruel or other thing that may harm the mental and physical health of minors. (What implies in this article is that Online Game Operators should distinguish the majors and minors. In practice in China, the user is always required to offer the ID number which including the real name and the ages, and so forth real personal information.)

- 479/480 -

[16] See. Gao Yifei and Jiang Lian: 'wang luò shí míng zhì de fa zhan jí qí gui zhì' / The Development and Regualtion on the Internet Real-name System. 'guang xi shè huì ke xué' / Social Science in Guangxi 2016. 2:102-108.

[17] See. Wei Yuejiang, 86.

[18] See. Gao Yifei and JIANG Lian 2016, 106.

[19] See. Interim Provisions on the Administration of the Development of Public Information Services Provided through Instant Messaging Tools. 2014. Article 6: "Service providers of instant messaging tools shall, under the principle of "real names in the background and either real names or screen names in the foreground under free wills," require service users of instant messaging tools to register accounts upon authentication of their real identity information."

[20] Case Steve, Johnson Phil, MANLOW David, Smith Roger, and Williams Kate: Criminology. New York, Oxford University Press, 2017, 600.

[21] Id. Case Steve, Johnson Phil, Manlow David, Smith Roger, and Williams Kate 2017, 601.

[22] Id. Case Steve, Johnson Phil, Manlow David, Smith Roger, and WILLIAMS Kate 2017, 602.

[23] Id. Case Steve, Johnson Phil, Manlow David, Smith Roger, and Williams Kate 2017, 608.

[24] See. Welch Brandon C. and Farrington David P. (eds): The Oxford Handbook of Crime Prevention. Oxford, Oxford University Press 2012.

[25] Id. Welch Brandon C. and Farrington David P. 2012, 9.

[26] Case Steve, JOHNSON Phil, Manlow David, Smith Roger, and Williams Kate 2017, 616.

[27] Cullen Fransis T., Benson Michael L., and Makarios Matthew D.: Developmental and Life-course Theories of Offending. In Welch Brandon C. and Farrington David P. (eds): The Oxford Handbook of Crime Prevention. Oxford, Oxford University Press 2012. 23-45.

[28] Id. Cullen Fransis T., BENSON Michael L., and Makarios Matthew D. 2012. 26.

[29] See. Clarke Ronald V.: Seven Misconceptions of Situational Crime Prevention. In TILLEY Nick. (ed): Handbook of Crime Prevention and Community Safety. Willan Publishing, 2011. 24.

[30] See. Simith Martha J. and Clarke Ronald V.: Situational Crime Prevention: Classifying Techniques Using "Good Enough" Theory. In Welch Brandon C. and Farrington David P. (eds): The Oxford Handbook of Crime Prevention. Oxford, Oxford University Press 2012. 291-316.

[31] See. Crawford Adam and Evans Karen: Crime Prevention and Community Safety. In Liebling Alison, Maruna Shadd, and Mcara Lesley (eds). The Oxford Handbook of Criminology (Sixth Edition). Oxford, Oxford University Press 2017. 797-824.

[32] Tilley Nick: Crime Prevention in Britain, 1975-2010: Breaking Out, Breaking In, and Breaking Down. In Hughes Gordon, Mclaughlin Eugene, and Muncie John (eds). Crime Prevention and Community Safety: New Directions. London, Sage 2002. 17.

[33] See. Supra. note 3.

[34] See. Brenner Susan W.: Cybercrime and the Law: Challenges, Issues, and Outcomes. Boston, Northeastern University Press 2012. 15-28.

[35] See. McIntyre v. Ohio, 514 U.S. 334, 357 (1995).

[36] Kaminski Margot: Real Masks and Real Name Policies: Applying Anti-Mask Case Law to Anonymous Online Speech. Fordham Intellectual Property, Media & Entertainment Law Journal 2013. 23: 817.

[37] See. Froomkin A. Michael: Anonymity and its Enmities. Journal of Online Law 1995. 11-40. SSRN: https://ssrn.com/abstract=2715621. (2018.12.18); KAMINSKI Margot 2013. 821.

[38] See. Froomkin A. Michael: Flood Control on the Information Ocean: Living with Anonymity, Digital Cash, and Distributed Database. Journal of Law and Commerce 1996. 15/2: 428, 427.

[39] See. Froomkin A. Michael 1995, 44-45.

[40] See. Kaminski Margot 2013, 821.

[41] See. Kaminski Margot 2013, 822.

[42] See. Kaminski Margot 2013, 822.

[43] See. Kaminski Margot 2013, 823.

[44] See. Froomkin A. Michael 1995, 36.

[45] Simith Martha J. and Clarke Ronald V. 2012, 294.

[46] Simith Martha J. and Clarke Ronald V. 2012, 296; Case Steve, Johnson Phil, Manlow David, Smith Roger, and Williams Kate 2017, 618.

[47] See. Supra note 12. Wei Yuejiang 2013, 82-86.

[48] Park K. S.: Mandatory Identity Verification in the Internet: Did Google Do the Right Thing. Korea University Law Review 2009. 5. 203.

[49] Id. Park K. S. 2009, 203.

[50] Article 82-6(1): Where an Internet Media Company offers the facility for users to post opinions about an election in its bulletin board, chart room etc., the Internet Media Company shall implement technical measures so as to allow the posting only when the name and the resident's registration number supplied by the user intending to post the opinion correspond to the person's real name and the resident registration number.

[51] Park K. S. 2009, 205.

[52] (The "Dog poop woman" was the nickname of the case which a woman did not clean up the feces from her pet dog on the subway in South Korea in 2005. The woman was recorded and photographed by one Internet user, and then these pictures were submitted to the Internet. Many anonymous left a great number of verbal malignant words to abuse the woman. Some Internet users also found her real name, work place, and home address, and shared these pieces of information with other Internet users. The woman and her family had to apologize to the public. Their lives were harassed by the Internet users rigorously. Then, the woman had suffered from serious mental illness in the end. The perpetrator became the victim. This incident prompted the Korean society to reflect the cyber violence.) See. 'hán guó wang luò shí míng zhì xìng fèi shi mò' / The Rise and Fall of the Korean Real-name System. http://play.163.com/special/jianzheng_44/#01 (2018-12-24)

[53] See. Kim Keechang 2016, 92.

[54] Article 44-5 (Verification of Identity of Users of Open Message Boards): (1) A person falling under any of the following subparagraphs shall, if it intends to install and operate an open message board, take necessary measures as prescribed by Presidential Decree (hereinafter referred to as "measures for verifying identity of users"), including preparation of a method and procedure for verifying identity of users of the open message board:

a) A State organ, a local government, a public enterprise, a quasigovernment agency under Article 5 (3) of the Act on the Management of Public Institutions, or a local government-invested public corporation or a local government public corporation under the Locai Public Enterprises Act (hereinafter referred to as 'public institution'); b) A provider of information and communications services who falls under the criteria prescribed by Presidential Decree, where the average number of users of each type of information and communications services rendered by it reaches or exceeds 100,000 person per day. See. http://unpan1.un.org/intradoc/groups/public/documents/un-dpadm/unpan042825.pdf (2018.12.24)

- 480/481 -

[55] Id. See. Kim Keechang 2016, 92.

[56] Leitner John 2009, 97-98.

[58] Leitner John 2009, 97-98.

[59] See. Du Xiao and Fu Zixuan 2018, http://www.legaldaily.com.cn/index/content/2018-09/21/content_7651247.htm?node=20908.

[60] On July 4, 2015, the State Council of China issued the "Guiding Opinions of the State Council on Actively Promoting the 'Internet +' Action." In general, 'Internet +' is 'Internet + various traditional industries', but this is not a simple addition of the two, but the use of information and communication technology and Internet platforms to allow the Internet to deepen integration with traditional industries and create new ones. It represents a new social form, i.e., giving full play to the optimization and integration of the Internet in the allocation of social resources, integrating the innovation results of the Internet into the economic and social domains, and enhancing the innovation and productivity of the whole society to realize a new form of economic development with a broader Internet-based infrastructure and implementation tools. See. https://baike.baidu.com/item/%E4%BA%92%E8%81%94%E7%BD%91+/12277003. (2018.12.25)

[61] See. e.g. http://www.zll.cc/ShenFenZheng/. (2018.12.25) (This website is an example which offers many real ID numbers and real names for everyone, especially for the minors to pass the 'Age Authentication' of online games)

[62] Case Steve, Johnson Phil, Manlow David, Smith Roger, and Williams Kate 2017, 612.

[63] See. Reclaim The Night: http://www.reclaimthenight.co.uk/why.html. (2018.12.25) ("In every sphere of life we negotiate the threat or reality of rape, sexual assault and sexual harassment. We cannot claim equal citizenship while this threat restricts our lives as it does. We demand the right to use public space without fear. We demand this right as a civil liberty, we demand this as a human right.")

[64] See. e.g. Lee Jyh-an and Liu Ching-yi 2016. 17-22; Leitner John 2009. 103-105; PARK K. S 2009. 216-220; KIM Keechang 2016. 103.

[65] See. Schinasi John: Practicing Privacy Online: Examining Data Protection Regulations Through Google's Global Expansion. Columbia Journal of Transnational Law. 2013/52. 605. (indicating that the Internet Real-name system in China "could potentially erode online privacy".); CHINA DAILY: Thousands Busted in Identity Theft Cases (2013.05.30), http://www.chinadaily.com.cn/china/2013-05/30/content_16547114.htm. (2018.12.25) ("Police have busted 4,382 cases of personal information theft, involving 5 billion pieces of stolen information, People's Daily reported Thursday.")

[66] Kaminski Margot 2013. 846-847. ("Some courts treat mask-enabled anonymity as conduct rather than speech; some look to the content of the masks to determine if the mask-wearing is expressive; others observe that anonymity is inherently entwined with expression and freedom of association")

[67] See. e.g. NAACP v. Alabama, 357 U.S. 499 (1958) ("[C]ompel disclosure of one's identity may dissuade persons from exercising their freedom of speech for the fear of reprisals."); Talley v. California, 362 U.S. 60 (1960) ("[T]he anti-mask statute would tend to restrict freedom to distribute information and thereby freedom of expression.); Cohen v. California, 403 U.S. 15 (1971) ("[S]pecific means of communication is protected because the speaker's choice of medium itself is often expressive."); Buckley v. Valeo, 424 U.S. 1 (1976) ("[T]he anti-mask statute would tend to restrict freedom to distribute information and thereby freedom of expression."); McIntyre v. Ohio Elections Comm'n, 514 U.S. 334 (1995) ("[T]he anti-mask statute would tend to restrict freedom to distribute information and thereby freedom of expression."); Virginia v. Black, 538 U.S. 343 (2003) ("[A] state may permissibly regulate 'statements where the speaker means to communicate a serious expression of intent to commit an act of unlawful violence to a particular individual or group of individuals'.") (This case is presumably the one that narrowed the scope of the anonymity, but still protect it.); Kaminski Margot 2013, 851-876.

[68] See. Aryan v. Mackey, 462 F. Supp. 90 (N.D. Tex. 1978); Ghafari v. Municipal Court for San Francisco Judicial District of San Francisco, 87 Cal. App. 3d 255 (Cal. Ct. App. 1978). (These two cases introduced "anonymity not as a First Amendment right in itself, but as essential to the exercise of First Amendment rights under NACCP v. Alabama." Retrieved from Kaminski Margot 2013. 851-876.)

[69] Redish Martin H.: The Adversary First Amendment: Free Expression and the Foundations of American Democracy. Stanford, Stanford University Press 2013. 161.

[70] See. Park K. S 2009. 215. ("In case of China, introduction of Internet Real-name system seems to actually have the form of censorship as a means to block information and maintain the political power of the current government regardless of inducement of healthy Internet culture or prevention of damage.")

[71] See. Lee Jyh-an and Liu Ching-yi 2016, 24. ("[T]he effective enforcement of the [Internet Real-name System] may ironically run counter to China's original policy goal: to build an ideal online environment characterized by public order and trust.")

[72] See. Grabosky. Peter N.: Unintended Consequences of Crime Prevention. In Homel Ross (ed.): The Politics and Practice of Situational Crime Prevention. New York, Criminal Justice Press 1996. 25. (Grabosky identified some possible results of the crime prevention methods which might be counterproductive including what he described as "crime escalation, displacement, overdeterrence and perverse incentives.")

[73] See. Grabosky. Peter N. 1996. 27; Case Steve, Johnson Phil, Manlow David, Smith Roger, and Williams Kate 2017. 622.

Lábjegyzetek:

[1] The Author is Ph.D. Student, Géza Marton Doctoral School of Legal Studies, University of Debrecen.

Tartalomjegyzék

Visszaugrás

Ugrás az oldal tetejére