Alice-Mary Higgins (Independent) | Oireachtas source

My concern relates to the nature of the jurisdiction under section 10(3). It is limited to an Irish citizen or a person ordinarily resident in the State. What I liked about the original section 9 – I realise it is gone now – was that, as well as a body corporate, an individual could also held accountable. I wonder about the rationale for limiting or curtailing it. Surely, if an individual is operating in another state - that is likely to be the case - that person should nonetheless be considered liable. We may not be in a position to prosecute a person operating out of another jurisdiction, but we should be able to recognise it as being an issue of concern. We may or may not have an extradition agreement with another country where a person has been involved in large-scale hacking or damage of our information systems. Let us suppose someone is operating out of the Netherlands and engages in some of the activity prohibited in this legislation. It seems strange that we are precluding ourselves from trying such a person in respect of a crime. We may or may not be able to do so practicably, but we should at the least be able to seek to do so.