Prepared by the Cybercrime Programme Office of the Council of Europe

Slides:



Advertisements
Similar presentations
Philippine Cybercrime Efforts
Advertisements

UN Comprehensive Study on Cybercrime
Ministry of Interior of Montenegro,,The Fight against corruption and organized crime in Montenegro Ministry of Interior of Montenegro,,The Fight against.
State of play and activities in 2014 March 2014
Data-Sharing and Governance Consultation ANALYSIS OF RESPONSES.
Eneken Tikk // EST. Importance of Legal Framework  Law takes the principle of territoriality as point of departure;  Cyber security tools and targets.
AN INTERNATIONAL SOLUTION TO A GLOBAL PROBLEM. A Global Problem What is cybercrime? How does it affect us ? The solution.
DHS, National Cyber Security Division Overview
Global Cyber Security Capacity Maturity Model - CMM WSIS Forum 2015 – Geneva Dr Maria Bada 25/05/2015.
Europol’s tailor-made data protection framework
MINISTRY OF FINANCE Counsellor, docent, Dr Tuomas Pöysti1 The Constitutionalisation and Evolution of Penal Law and Control Policy in the European.
EU responses to hate crimes and support to the victims Linda Maria Ravo DG Justice – European Commission Unit C1.
FIGHT AGAINST CORRUPTION November 2008.
6 August 2015 Rule of law: implementing a comprehensive and integrated approach in prevention and fight against corruption in the Danube region,
Workshop 24 Input by ILGA-Europe (policy and coalition opportunities) Joël Le Déroff – Senior Policy & Programmes Officer – 19 October.
Rule of Law: Implementing a comprehensive and integrated approach in prevention and fight against corruption in the Danube region”, November 2013.
ICTS and VIOLENCE AGAINST CHILDREN: MINIMISING RISKS AND RELEASING POTENTIAL EXPERT CONSULTATION Costa Rica, 9-10 June 2014 Renato Leite Monteiro Council.
IT Security Policy in Japan 23 September 2002 Office of IT Security Policy Ministry of Economy, Trade and Industry JAPAN.
Key Elements of Legislation For Disaster Risk Reduction Second Meeting of Asian Advisory Group of Parliamentarians for DRR 5-7 February, 2014, Vientiane,
Tackling IT crime in a global context: the Convention on Cybercrime 3 years after Julio Pérez Gil University of Burgos, Spain.
IAEA International Atomic Energy Agency IAEA Nuclear Security Programme Enhancing cybersecurity in nuclear infrastructure TWG-NPPIC – IAEA May 09 – A.
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
Cybersecurity Governance in Ethiopia
WORKSHOP, Nicosia 2-3rd July 2008 “Extension of SAFETY & QUALITY Common Requirements to the EMAC States” Item 3 : Regulatory Context Peter Stastny EUROCONTROL.
2011 East African Internet Governance Forum (EA – IGF) Rwanda Cyber briefing: Positive steps and challenges Didier Nkurikiyimfura IT Security Division.
Problems and challenges in the implementation of anti-corruption activities Drago KOS President of the Commission for the Prevention of Corruption, Slovenia.
1 The Challenges of Globalization of Criminal Investigations Countries need to: Enact sufficient laws to criminalize computer abuses; Commit adequate personnel.
Staffing and training. Objectives To understand approaches to the development of strategies and policies for staffing of a Regulatory Authority including.
A project implemented by the HTSPE consortium This project is funded by the European Union SECURITY AND CITIZENSHIP RIGHT AND CITIZENSHIP
EU activities against cyber crime Radomír Janský Unit - Fight against Organised Crime Directorate-General Justice, Freedom and Security (DG JLS) European.
A project implemented by the HTSPE consortium This project is funded by the European Union SMART AND INCLUSIVE GROWTH CUSTOMS
The Commonwealth Cybercrime Initiative David Tait, Cybercrime Policy Analyst.
GUIDE TO HUMAN RIGHTS FOR INTERNET USERS Implementation Strategy Concept.
M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 10 – Information society and media.
E-evidence and access to data in the cloud Issues and options under consideration by the Cloud Evidence Group of the Cybercrime.
EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.
INSPIRE and the role of Spatial Data Interest Communities (SDIC)
Making the Connection ISO Master Class An Overview.
Johannesburg, South Africa
Cybersecurity in the ECOWAS region
WHAT IS BEHIND GEORGIA’S RAPID CYBERSECURITY DEVELOPMENT
Illicit Financial Flows
Public-private cooperation
Hard Data: Data Collection Mechanisms on Human Trafficking in the Baltic Sea Region Expert Conference on Forced Labour Exploitation and Counter.
Role of Service Providers in Cybercrime Investigations
MDTFJSS RESULTS IN 2016 Ministry of Justice.
Nuclear and Treaty Law Section Office of Legal Affairs
Cybersecurity in Belarus a general overview of support areas
8 Building Blocks of National Cyber Strategies
U.S. Department of Justice
Internal control - the IA perspective
Overview of the Budapest Convention on Cybercrime (2001)
Cybercrime in the election process:
The role of the ECCP (1) The involvement of all relevant stakeholders – public authorities, economic and social partners and civil society bodies – at.
OECD – Better Policies for Better Lives in Ukraine
Cyber Security Ecosystem of Georgia. Experience and Challenges
Securing free and fair European elections
The European Union response to cyber threats
Management of Allegations Against Adults who work with Children Linda Evans (Head of Quality Assurance for Safeguarding) and Majella O’Hagan (Local Authority.
Brian O’Neill Dublin Institute of Technology 9/10 May Florence
NATIONAL AND INTERNATIONAL MEASURES OF CYBERSECURITY
Institution and Capacity- Building
Presentation of the Nordplus Higher education project
Cybercrime legislation and policies in Africa: Issues for discussion
Role of the Council of Europe - International Partner Organisation Justice Programme Prague, 20 March 2019 Criminal Law Cooperation Unit Action against.
Role of the Council of Europe - International Partner Organisation Justice Programme Prague, 20 March 2019 Criminal Law Cooperation Unit Action against.
National action plans to combat forced labour and trafficking:
UNODC and CYBERCRIME October 2009.
Introduction to Digital Forensics
SECURITY AND RISK MANAGEMENT CONSULTANT
Presentation transcript:

Prepared by the Cybercrime Programme Office of the Council of Europe Արևելյան Գործընկերություն Східне партнерство Eastern Partnership აღმოსავლეთ პარტნიორობა Parteneriatul Estic Şərq tərəfdaşlığı Partenariat Oriental Усходняе Партнёрства Project Cybercrime@EAP III Public-private cooperation in the protection of critical infrastructure Draft Memorandum of Cooperation between Law Enforcement and Internet service providers of Ukraine Prepared by the Cybercrime Programme Office of the Council of Europe www.coe.int/cybercrime

Cybersecurity Cybercrime vs. Cybersecurity Non-intentional incidents Typically defined as: the protection of the confidentiality, integrity and availability of computer data and systems in order to enhance security, resilience, reliability and trust in ICT Motivated by: Reliance on ICT -> national interest Economic potential of ICT CIIP -> National security Protection against: Non-intentional incidents Intentional attacks by state and non- state actors against ICT (c-i-a attacks) Measures: Protection, mitigation, recovery through technical, procedural, institutional measures (vulnerability analyses, early warning/response, CERT/CSIRTs, etc) Cybercrime legislation, investigation, international cooperation www.coe.int/cybercrime www.coe.int/cybercrime 2

Cybercrime Cybercrime vs. Cybersecurity Defined as: Offences against computer data and systems (c-i-a offences) (Articles 2-6 Budapest Convention) Offences by means of computers (such as Articles 7-10 Budapest Convention) Motivated by: Crime prevention and criminal justice Protection against: Intentional attacks against and by means of computers Any crime involving electronic evidence on a computer system Measures: Investigation, prosecution, adjudication Conditions and safeguards Prevention Technical and other measures www.coe.int/cybercrime www.coe.int/cybercrime 3

Cybercrime vs. Cybersecurity Cyber-/information security strategies Cybercrime strategies Security/trust/resilience/reliability of ICT Rule of law/ criminal justice and human rights Non-intentional ICT security incidents Intentional attacks against ICT by Offences by means of ICT Offences involving ICT Disasters State actors Non-state actors Terror-ists Crimin-als Technical failure Human failure Fraud Child expl. Terrorist use of ICT IPR-offences Extortion, etc Any offence involving electronic evidence Critical infrastructure attacks Other attacks on confiden-tiality, integrity and availability of ICT www.coe.int/cybercrime www.coe.int/cybercrime 4

Cybercrime vs. Cybersecurity Human rights and rule of law Human development and democratic governance Security, confidence and trust in ICT Rule of law in cyberspace Cybercrime strategy Cybersecurity Offences against confidentiality, integrity and availability of computer data and systems Offences by means of computers Electronic evidence www.coe.int/cybercrime www.coe.int/cybercrime 5

Measures against Cybercrime Council of Europe and cybercrime: rationale www.coe.int democracy rule of law human rights in order to promote Measures against Cybercrime Established in 1949 Currently 47 member States www.coe.int/cybercrime

Need for public-private cooperation Need to respond to challenges of cyberspace in terms of criminal justice action, including protection of infrastructure; Electronic evidence is volatile and hard to get and preserve, and is prone to travel beyond the reach of criminal justice officials; More often than not, data/evidence is held by private sector entities in the form of subscriber, traffic or content data; Therefore, a central issue to the discussion of the public / private cooperation against cybercrime and on electronic evidence is: Access by the criminal justice officials to data held by private sector www.coe.int/cybercrime www.coe.int/cybercrime 7

Cooperation indicators Some of the common benchmarks used for verifying whether a working public- private cooperation process exists in relation to cybercrime/e-evidence: Law Criminal laws/procedure in place (e-evidence, definitions, powers, cooperation, etc.) ISP liability regime present (mere conduit, etc) Stakeholder readiness/information exchange Defined and active communities (LEA, CSIRT, DPA, etc.) Knowledge, expertise and specialization Regular operational meetings Compliance Issues of trust / general compliance / voluntary co-operation level Cooperation agreements International cooperation Level of co-operation with multinational companies (Microsoft Google FB Twitter etc) www.coe.int/cybercrime 8

Law: applicable standards Laws must be: precise, balanced and predictable; The following have been devised as applicable sets of legal regulation: Necessary definitions and categories of data and evidence; Conditions on storage of and access to data as electronic evidence; Implementation of procedural powers under the Cybercrime Convention; and Safeguards and guarantees applicable to exercise of such procedural powers. The Budapest Convention on Cybercrime provides for concepts and definitions of electronic evidence, types of data, sanctions, etc. Procedural powers under the Convention: Data preservation/limited disclosure Production orders Search and seizure Monitoring and interception of data subject to safeguards and guarantees that relate to exercise of all of these powers. www.coe.int/cybercrime

Criminal justice authorities Stakeholders: Criminal justice authorities Law enforcement: cybercrime/high-tech/computer crime units + operatives at the national police forces cybercrime investigation powers within security services financial investigators internal or external expert capacity in both securing and processing electronic evidence. Prosecutors / specialized units: guidance and focus on evidence; Judiciary authorities: oversight and rules of evidence; Examples of issues: Use of special and less transparent powers in operative/security environment; Information exchange seen as more of a one-way street; Different/inadequate competences; Cooperation in exceptional/exigent mode becomes the norm; Excessive use of more intrusive options. www.coe.int/cybercrime

Internet service providers Stakeholders: Internet service providers Hold most often sought electronic evidence: Subscriber information Traffic data Content data (very rarely) Key principles: liability for data stored/accessed to Cooperation with law enforcement increasing: more resources needed; Examples of issues: Lack of clarity and coherence in terms of data retention; Issues of cost of access to data / data retention vs. preservation; Limited and disjointed systems of oversight (both internal and external); General mistrust toward the law enforcement; Ownership issues/ size and business model; Delays in responses; Etc. www.coe.int/cybercrime

Stakeholders: Other communities Financial investigations/intelligence Regulation toward private vendors/banking/critical infrastructure Focus on crime proceeds Virtual currencies/electronic money State security agencies Blocking of websites/resources in expedited manner Terrorism prevention Hate speech Information/cybersecurity/CSIRT Private ownership of critical infrastructure – applicable regulations Crime reporting and chain of custody for potential evidence/data in incident handling www.coe.int/cybercrime

Stakeholders: Other communities Communications regulators Licensing / regulations; Adjudication of disputes between industry players, Focus on the protection of subscriber to the service of the Internet service providers Data protection Mass processing of personal data through data retention regulations / oversight; Oversight of law enforcement access to such data / data protection principles. Non-governmental sector Monitoring of the child sexual abuse material online Facilitating voluntary compliance … Sky is the limit? www.coe.int/cybercrime

Developments in Ukraine Series of Council of Europe workshops and meetings since September 2016 Reports in November 2016 and May 2017 Overview of the situation Recommendations to government authorities Draft amendments to legislation www.coe.int/cybercrime www.coe.int/cybercrime 14

The need for a MoU Memorandum of Understanding One of the recommendations to restore trust between public and private sector and to facilitate cooperation To involve major stakeholders in Ukraine and agree on detailed cooperation principles www.coe.int/cybercrime www.coe.int/cybercrime 15

The main elements of the draft MoU Promote the use of the ICT Recognise the need to cooperate and exchange of information Ensure protection of fundamental rights and freedoms To fight crime, in particular cybercrime www.coe.int/cybercrime www.coe.int/cybercrime 16

Draft MoU – areas covered Cooperation based on the rule of law and human rights Rule of law Cooperation based on law Conditions and safeguards Procedural powers – principle of proportionality www.coe.int/cybercrime www.coe.int/cybercrime 17

Draft MoU – areas covered Procedures and practices of communications Cooperation – exchange of information, access to electronic evidence Procedures for sending and receiving requests Contact points between parties, rights and responsibilities www.coe.int/cybercrime www.coe.int/cybercrime 18

Draft MoU – areas covered Adequate level of knowledge and capacity building Personnel having professional level of knowledge and expertise Develop a system for capacity building and training in the areas of handling cybercrime, cyber-related incidents and electronic evidence Joint trainings including practical exercises for cybercrime and cybersecurity incidents www.coe.int/cybercrime www.coe.int/cybercrime 19

Draft MoU – areas covered Cooperation for prevention of Internet-related crime Identification of resources available Awareness raising measures to prevent crime, including guidelines on safe behaviour on the Internet Support to the Internet resources and Critical Information Infrastructure to ensure safer cyberspace in Ukraine www.coe.int/cybercrime www.coe.int/cybercrime 20

Draft MoU – expected outcome Joint working group to organise and participate in meetings to exchange practical experience and identify issues for improving the cooperation and exchange of information Additional guidelines if necessary Good practice guidance for lawful removal of electronic data, computer systems inspection and seizure of computer systems To facilitate better understanding To increase trust www.coe.int/cybercrime www.coe.int/cybercrime 21

Thank you for your attention Giorgi Jokhadze Project Manager Cybercrime Programme Office Council of Europe - Conseil de l'Europe Bucharest, Romania Giorgi.Jokhadze@coe.int www.coe.int/cybercrime www.coe.int/cybercrime 22