Future Crime: A Theoretical Foundation for Designing Effective Cybercrime Laws in the Age of AI and Ransomware
The increasing frequency of artificial intelligence (“AI”) facilitated cybercrime and ransomware attacks is challenging the effectiveness of current cybercrime laws. In this vexed legal and technological context, the objective of this Article is to develop a new theoretical model for evaluating and guiding the design of cybercrime legislation to address these new and emerging threats. While grounded in the four major criminal law theories: deterrence, retributive justice, restorative justice, and utilitarianism, this Article considers the unique characteristics of cybercrime and develops four normative criteria to assess the effectiveness of legal responses to cybercrime.
Those criteria are (a) clarity of legal definitions and scope of cybercrime and cybersecurity obligations; (b) proportional and consistent penalties; (c) restorative measures that support commercial resilience; and (d) mechanisms for balancing legal certainty with adaptability to technological change. Each criterion responds to a distinct feature of emerging cyber threats, including AI-generated offenses and global anonymity, and ransomware attacks. As the model is theoretically grounded, it offers a practical framework for comparative analysis to guide law and policy makers around the world who are engaged in a critical challenge of our time-designing cybercrime laws that can remain effective and relevant in the face of constant technological change and cybercrime evolution.
PDF: https://journals.law.unc.edu/ncjolt/wp-content/uploads/sites/4/2025/10/Do_Selvadurai_Publish_GO.pdf
Authors: Thi Ha Do & Niloufer Selvadurai
Volume 27, Issue 1