Capacity building and International Cooperation on Cybercrime: GLACY Global Action on Cybercrime Action globale sur la cybercriminalité Beirut, 29 November 2016 Capacity building and International Cooperation on Cybercrime: From GLACY to GLACY+ Manuel DE ALMEIDA PEREIRA Programme Manager Cybercrime Programme Office of the Council of Europe (C-PROC) Council of Europe www.coe.int/cybercrime

130+ Reach of the Budapest Convention / reach of capacity building Indicative map only Budapest Convention Ratified/acceded: 50 49 Other States with laws/draft laws largely in line with Budapest Convention = 20 6 Signed: 5 Invited to accede: 11 = 66 Further States drawing on Budapest Convention for legislation = 45+ 11

About the Budapest Convention on Cybercrime Opened for signature in Budapest, Hungary, in 2001 By 1 December 2016: 50 Parties (European, Australia, Canada, Dominican Republic, Israel, Japan, Mauritius, Panama, Sri Lanka, USA) 5 Signatories (European, South Africa) 11 States invited to accede (Argentina, Chile, Colombia, Costa Rica, Mexico, Morocco, Paraguay, Peru, Philippines, Senegal, Tonga) = 66 States www.coe.int/cybercrime 3

+ + Budapest Convention: scope International cooperation Criminalising conduct Illegal access Illegal interception Data interference System interference Misuse of devices Fraud and forgery Child pornography IPR-offences Procedural tools Expedited preservation Search and seizure Interception of computer data International cooperation Extradition MLA Spontaneous information Expedited preservation MLA for accessing computer data MLA for interception 24/7 points of contact Harmonisation The only binding international instrument and guiding legislative tool in the fight against Cybercrime www.coe.int/cybercrime 4

Membership (November 2016): Functions: Budapest Convention: The role of the Cybercrime Convention Committee (T-CY) (Committee of Parties to the Budapest Convention) Established under Article 46 Budapest Convention Membership (November 2016): 50 Members (State Parties) 17 Observer States 12 organisations (African Union Commission, Commonwealth Secretariat, ENISA, European Union, Eurojust, Europol, INTERPOL, ITU, OAS, OECD, OSCE, UNODC) Functions: Assessments of the implementation of the Convention by the Parties Guidance Notes Draft legal instruments Two plenaries/year as well as Bureau and working group meetings An effective follow-up mechanism; The T-CY appears to be the main inter-governmental body on cybercrime matters internationally www.coe.int/cybercrime 5

Capacity building: The role of C-PROC 2013: Need to enhance capacities at the Council of Europe for capacity building on cybercrime and electronic evidence Decision by Committee of Ministers (October 2013) to establish a dedicated Programme Office in Bucharest, Romania Operational as from April 2014 Currently 19 staff Task: Support to countries worldwide to strengthen criminal justice capacities on cybercrime and electronic evidence www.coe.int/cybercrime 6

GLACY EU/COE Joint Project Global Action on Cybercrime C-PROC Projects (Status September 2016) GLACY EU/COE Joint Project Global Action on Cybercrime GLACY+ EU/COE Joint Project Global Action on Cybercrime Cybercrime@EAP II EU/COE Eastern Partnership Cybercrime@EAP III EU/COE Eastern Partnership iPROCEEDS EU/COE Joint Project: Targeting crime proceeds on the Internet Cybercrime@Octopus (voluntary contribution funded) www.coe.int/cybercrime 7

GLACY GLACY www.coe.int/cybercrime EU/COE Joint Project on Global Action on Cybercrime Action globale sur la cybercriminalité GLACY EU/COE Joint Project on Global Action on Cybercrime To enable criminal justice authorities to engage in international cooperation on cybercrime and electronic evidence on the basis of the Budapest Convention on Cybercrime Duration 36 months (Nov 2013 – Oct 2016) Budget EUR 3.35 million Funding European Union (Instrument for Stability, IfS) and Council of Europe Geo scope Countries prepared to implement the Budapest Convention – Parties, Signatories or Invitees. GLACY Priority countries Mauritius Senegal Tonga Morocco South Africa Philippines Sri Lanka www.coe.int/cybercrime 8

GLACY Components/ Expected Results Global Action on Cybercrime Action globale sur la cybercriminalité Strategies and engagement of decision-makers Harmonisation of legislation Judicial training Law enforcement capacities International cooperation Information sharing Assessment of progress Components/ Expected Results

GLACY Examples of recent activities in 2016: 62 activities in 2015 Global Action on Cybercrime Action globale sur la cybercriminalité Examples of recent activities in 2016: 62 activities in 2015 74 activities foreseen for 2017 21–23 March MAURITIUS International workshop on adaptation and update of the electronic evidence guide through the development of Standard Operating Procedures, with participation of all GLACY countries 31 March – 1 April SENEGAL Advisory mission on cybercrime reporting systems, combined with workshop on reporting systems and interagency cooperation 31 March – 3 April SRI LANKA Training of trainers/ Introductory Course on Cybercrime and Electronic Evidence for the judiciary 11-13 April SOUTH AFRICA International workshop on judicial training curricula integration, with participation of all GLACY countries 9-11 May Dakar, SENEGAL International Workshop on "International Cooperation on Cybercrime and Electronic Evidence within ECOWAS/West Africa region" 30 June – 1 July TONGA Advisory mission on cybercrime reporting systems, combined with workshop on reporting systems and interagency cooperation 15–22 June PHILIPPINES Digital data forensics and live data forensics for LE and CERT 14–15 July MOROCCO International workshop on effectiveness of legislation on cybercrime and electronic evidence measured through statistics

Launching conference of GLACY+ 26-28 October 2016 – Bucharest, Romania New capacity building programme GLACY+ GLACY+ EU/COE Joint Project on Global Action on Cybercrime Extended GLACY+ is to extend the experience of the GLACY project, which supports seven priority countries in Africa and the Asia-Pacific region. These countries may serve as hubs to share their experience within their respective regions. Moreover, countries of Latin America and the Caribbean as well as others in Africa may now also benefit from project support. INTERPOL as privileged implementing partner on Law Enforcement matters. Duration 48 months (Mar 2016 – Feb 2020) Budget EUR 10 million Funding European Union (Instrument contributing to Stability and Peace) and Council of Europe GLACY+ Hub or priority countries Mauritius Senegal Tonga Dom. Republic Morocco South Africa Ghana Philippines Sri Lanka Launching conference of GLACY+ 26-28 October 2016 – Bucharest, Romania www.coe.int/cybercrime 11

GLACY+ www.coe.int/cybercrime Global Action on Cybercrime Extended Action Globale sur la Cybercriminalité Élargie To strengthen the capacities of States worldwide to apply legislation on cybercrime and electronic evidence and enhance their abilities for effective international cooperation in this area. To promote consistent cybercrime and cyber security policies and strategies. OBJ 1: CYBERCRIME AND CYBERSECURITY POLICIES AND STRATEGIES To strengthen the capacity of police authorities to investigate cybercrime and engage in effective police-to-police cooperation with each other as well as with cybercrime units in Europe and other regions. OBJ 2: POLICE AUTHORITIES AND INVESTIGATIONS To enable criminal justice authorities to apply legislation and prosecute and adjudicate cases of cybercrime and electronic evidence and engage in international cooperation. OBJ 3: CRIMINAL JUSTICE AND INTERNATIONAL COOPERATION www.coe.int/cybercrime 12

GLACY+ : Project Management and Implementation matters 1/2 INTERPOL will be implementing partner for all activities related to law enforcement capacities (Objective 2) All activities will be carried out through the establishment and proactive support of GLACY+ national Coordination Teams Importance of a structured National Coordination Team (Law Enforcement, Judicial Service, Prosecuting Authority, ICT National Agency, MFAs, CERTS) Involvement of Project Partners in activities relevant to expertise and competencies Romania, France, Europol EC3, UK NCA, USA, Estonia

Involvement of the EUDs in each mission GLACY+ : Project Management and Implementation matters 2/2 GLACY+: Gestion du Projet et matières de mise en œuvre Full alignment with the European Commission on goals, workplan and intermediate achievements of the project Involvement of the EUDs in each mission Stronger involvement of regional organizations or other international institutions: ECOWAS, GFCE, AUC, ASEAN, OAS, UNODC, UNAFRI, GPEN... Two co-managers in conjunction of efforts and a support team composed by 2 Project Officers and 2 Project assistants, with possibility for enlargement

How to take part in GLACY + or to receive technical assistance from CoE Pre-conditions Legislation on Cybercrime has to be enacted in the country; If not enacted then a request can be done for technical assistance to support in the drafting/reviewing of the legislation; Commitment to adhere to the Budapest Convention; Once legislation is enacted or for the purpose of doing a request to support the draft of legislation, a Letter signed by the respective national authority, should be sent, requesting Technical support for drafting the legislation; or Access to the GLACY+ Project (if legislation is already enacted) Addressed to: Mr. Alexander SEGER Executive Secretary Cybercrime Convention Committee (T-CY) Head of Cybercrime Division Council of Europe alexander.seger@coe.int Copy to: manuel.pereira@coe.int matteo.lucchetti@coe.int www.coe.int/cybercrime 15

Accession to the Budapest Convention As a minimum the instrument for accession must include the competent authorities for extradition (Article 24), MLA (Article 27) and 24/7 POC (Article 35).   Reservations and declarations can be made according to the domestic legislation. For a reference on what other Parties did: http://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/185/declarations?p_auth=Du8xp12S Once the internal procedures have been completed and all the signatures and approvals have been obtained, the accession instrument could be mailed to the Council of Europe or an authorized person (someone coming from the applying Country or the Ambassador in Paris) could go to Strasbourg and hand it over to the Secretary General. Access the whole or any part without rights Non-public transmission of computer data to, from, within a computer system Damaging Deletion, deterioration, alteration or suppression of computer data Hindering of the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data Production and possession of computer systems that do the above Inauthentic data with the intent that it be considered or acted upon for legal purposes as if it were authentic Input, nterference with dishonest intent of procuring economic gain Producing, Offering, Distributing, Procuring, Possessing IPR Expedited preservation of computer data and traffic data Partial disclosure of traffic data to identify the provider and the path Production order to persons (computer data) and service providers (subscriber information) Search and seizure of computer data (computer and any storage) Real time collection of traffic data and interception of computer data Criminal offences deemed to be included as extraditable offences MLA - one another mutual assistance to the widest extent possible for the purpose of investigations or proceedings concerning criminal offences related to computer systems and data, or for the collection of evidence in electronic form of a criminal offence Voluntary disclosure Expedited preservation of computer data, disclosure of preserved traffic data MLA to ask seizure, no authprization to access computer systems from home (ART 32) 24/7 points of contact (one, for investigation purposes, 24/7, expeditious collaboration and readiness to requests, trained personnel)

Capacity building on cybercrime: lessons learnt Factors of success: Capacity building backed up by common standards (example: Budapest Convention) and follow up mechanism (example: Cybercrime Convention Committee of the Parties- T-CY) Political commitment to implement standards (Example: signature or formal request for accession to Budapest Convention) as a prerequisite for full range of support) Rule of law conditions: strengthening legislation, including safeguards for procedural powers, as starting point Sequencing of activities: Initial situation reports ▶ committing decision makers and counterpart organisations ▶ implementing activities ▶ assessing progress made ▶ feeding results back into policies Country project teams ▶ Example GLACY/GLACY+: cooperation with 7 x 5 institutions Capacities for capacity building ▶ C-PROC www.coe.int/cybercrime 17

Obstacles: Capacity building on cybercrime: lessons learnt Difficulties in obtaining electronic evidence; The issue of Artº 32 of the Budapest Convention; International cooperation difficulties and inabilities; Lack of capacity in States to Cooperate; Gaps in Legislation; Lack of training; Lack of technological means; And many, many others…. A long run to a stabilization and synergy of efforts in the fight against cybercrime. www.coe.int/cybercrime 18

Upcoming Capacity building programme for MENA region - CYBERSOUTH OBJECTIVES: Criminal Law frameworks strengthened in line with the Budapest Convention on Cybercrime including Rules of Law Safeguards;; Specialized police and prosecution services and interagency cooperation strengthened; Judicial training on cybercrime and electronic evidence mainstreamed; More efficient international cooperation; Cybercrime and cybersecurity policies and strategies strengthened; GEO SCOPE: MENA Region (Algeria, Egypt, Israel, Jordan, Lebanon, Libya, Morocco, Palestine, Syria and Tunisia) – May 2017-April 2020 www.coe.int/cybercrime 19

Manuel DE ALMEIDA PEREIRA 2nd Forum on Cybercrime Beirut, 29 November 2016 THANK YOU Q&A Manuel DE ALMEIDA PEREIRA manuel.pereira@coe.int Phone: +40-799 875 216 www.coe.int/cybercrime