Introduction With the rapid spread of digital communications, social platforms and e-commerce, cybercrimes (hacking, fraud, extortion, disinformation, deepfake abuse, etc.) pose serious threats to personal, economic, and national security. Iraq currently relies largely on general criminal law provisions while several draft laws have been proposed to provide a specific legal framework. Definition and Types of Cybercrime Cybercrime includes illicit acts committed using or through computer systems, networks and the internet, or acts targeting these systems (data theft, online fraud, infrastructure attacks, online blackmail/extortion, unlawful publication, deepfake misuse). Their gravity ranges from misdemeanors to serious felonies depending on harm and intent. Current Legal Framework in Iraq • Penal Code No. 111 of 1969 remains the primary reference for criminalization and punishment; judges have adapted general provisions (threat, extortion, insult, forgery, fraud) to prosecute acts committed by electronic means. • No finalized special cybercrime law in force: despite multiple draft bills and ongoing debates, Iraq has not enacted a comprehensive, up-to-date cybercrime statute; consequently enforcement relies on generic penal provisions and scattered sectoral rules. Analysis of the Draft Cybercrime Law(s) Drafts circulated in recent years proposed definitions, offenses, data-protection measures and powers of security agencies to monitor networks. Critics raised concerns about vague language and excessively broad surveillance powers that could threaten freedom of expression — prompting calls for amendments before adoption. Gaps and Opportunities 1. Legislative gap: Absence of a clear, dedicated statute creates legal uncertainty in qualifying and punishing cyber-offenses. 2. Civil liberties risk: Some draft provisions risk misuse to restrict speech or enable wide surveillance without judicial safeguards. 3. Institutional capacity: Iraq needs modern digital forensics, trained investigators, and incident response capabilities. Practical Recommendations 1. Enact a balanced cybercrime law with clear definitions, procedural safeguards and proportionate sanctions. 2. Establish judicial oversight for any surveillance powers and clear data-retention rules. 3. Amend the Penal Code (or supplement it) with explicit computer-related offences (unauthorized access, data interference, system interference, identity theft, deepfake-related harms). 4. Invest in technical capacity (digital evidence labs, CERTs, international cooperation). 5. Public awareness campaigns on online security and fraud prevention. Conclusion Iraq urgently requires a coherent legal and institutional response to cybercrime that protects security while upholding human rights. Until a comprehensive law is adopted, reliance on the old penal code and fragmentary measures will remain insufficient against evolving digital threats. "AL_mustaqbal University is the first university in Iraq"