Download presentation
Presentation is loading. Please wait.
Published byEunice Lucy Gray Modified over 9 years ago
1
Cybercrime and the Council of Europe response Strasbourg, October 2007 Alexander Seger Council of Europe, Strasbourg, France Tel +33-3-9021-4506 alexander.seger@coe.int www.coe.int/cybercrime
2
2 C o u n c i l o f E u r o p e Measures against economic and organised crime democracy rule of law human rights in order to promote Strategy against economic crime THE RATIONALE About the Council of Europe … www.coe.int Established in 1949 Currently 47 member States 1
3
3 3 Corruption Organised crime Money laundering Cybercrime Trafficking in human beings Setting standards Monitoring compliance Technical cooperation APPROACH Convention on Cybercrime (ETS 185) and Protocol on Xenophobia and Racism (ETS 189) Project on cybercrime Cybercrime Convention Committee (T-CY)
4
4 C o u n c i l o f E u r o p e 2 Why take measures against cybercrime? Cybercrime situation analysis and identification of new threats: 1.Dependency of societies on information and communication technologies. This dependency makes societies highly vulnerable to cybercrimes 2.Malware – that is, malicious codes and programmes including viruses, worms, trojan horses, spyware, bots and botnets – is evolving and rapidly spreading. Used for: Denial of service attacks Identity theft (phishing and other social engineering techniques) Fraud, money laundering and other economic crimes 3.Spam nuisance and carriers of malware
5
5 C o u n c i l o f E u r o p e 4.Child pornography and sexual exploitation on the internet increasingly commercial 5.Offenders increasingly organising for crime aimed at generating illicit profits 6.Botnets one of the central tools of criminal entreprises (DDOS, extortion, placing of adware and spyware). Underground service economy developing (botnets for rent) 7.Shift in the threat landscape: from broad, mass, multi- purpose attacks to specific attacks on specific users, groups, organisations or industries, increasingly for economic criminal purposes
6
6 C o u n c i l o f E u r o p e New challenges 8.Growing risk of cyber-attacks against critical infrastructure 9.Remote storage of data (problem for investigators) 10.Next-generation-networks (NGN), including VoIP (problem for investigators) Put cybercrime in context: In 2007, 1 billion+ Internet users worldwide. Probably 99.9% use ICT for legitimate purposes Need to balance concerns for security and fundamental rights and freedoms
7
7 C o u n c i l o f E u r o p e The legislative response to cybercrime Criminalise certain conduct substantive criminal law Give law enforcement/criminal justice the means to investigate, prosecute and adjudicate cybercrimes (immediate actions, electronic evidence) criminal procedure law Allow for efficient international cooperation harmonise legislation, make provisions and establish institutions for police and judicial cooperation, conclude or join agreements 3
8
8 C o u n c i l o f E u r o p e 4 The Convention on Cybercrime Elaborated by the Council of Europe with the participation of Canada, Japan, South Africa and the USA Opened for signature in Budapest in November 2001 In force since July 2004 The Protocol on Xenophobia and Racism Committed through Computer Systems Opened for signature in January 2003 In force since March 2006
9
9 C o u n c i l o f E u r o p e Structure and content of the Convention Chapter I: Definitions Chapter II: Measures at national level Section 1 - Substantive criminal law (offences to be criminalised) Section 2 - Procedural law Section 3 - Jurisdiction Chapter III: International cooperation Section 1 - General principles Section 2 - Specific provisions Chapter IV: Final provisions
10
10 C o u n c i l o f E u r o p e Chapter II – Measures at national level Section 1 – Substantive criminal law Title 1 - Offences against the confidentiality, integrity and availability of computer data and systems (illegal access, illegal interception, data interference, system interference, misuse of devices) Title 2 – Computer-related offences (forgery, fraud) Title 3 – Content-related offences (child pornography) Title 4 – Infringements of copyright and related rights Title 5 – Ancillary liability and sanctions (attempt, aiding, abetting, corporate liability, sanctions and measures)
11
11 C o u n c i l o f E u r o p e Chapter II – Measures at national level Section 2 – Procedural law Title 1 – Common provisions (scope of procedural provisions, conditions and safeguards) Title 2 – Expedited preservation of stored computer data (and traffic data and partial disclosure) Title 3 – Production order Title 4 – Search and seizure of stored computer data Title 5 – Real-time collection of computer data (traffic data, interception of content data)
12
12 C o u n c i l o f E u r o p e Chapter III - International cooperation Section 1 – General principles Art 23 General principles on international cooperation Art 24 Principles related to extradition Art 25 Principles related to mutual legal assistance Art 26 Spontaneous information Art 27 MLA in the absence of applicable international instruments Art 28 Confidentiality and limitation on use
13
13 C o u n c i l o f E u r o p e Chapter III - International cooperation... Section 2 – Specific provisions Art 29 - Expedited preservation of stored computer data Art 30 - Expedited disclosure of preserved computer data Art 31 - Mutual assistance re accessing stored computer data Art 32 - Trans-border access to stored computer data (public/with consent) Art 33 - Mutual assistance in real-time collection of traffic data Art 34 - Mutual assistance re interception of content data Art 35 - 24/7 network
14
14 C o u n c i l o f E u r o p e Chapter IV – Final provisions Art 36 Signature and entry into force (open to member States and non-members which have participated in its elaboration) Art 37 Accession (any State may accede following majority vote in Committee of Ministers and unanimous vote by the parties entitled to sit on the Committee of Ministers) Art 40 – 43 Declarations, reservations Art 46 – Consultations of the parties
15
15 C o u n c i l o f E u r o p e 15 Protocol on racism and xenophobia committed through computer systems (ETS 189) Art 3 Dissemination of racist and xenophobic material through computer systems Art 4 Racist and xenophobic motivated threat Art 5 Racist and xenophobic motivated insult Art 6 Denial, gross minimisation, approval or justification of genocide or crimes against humanity
16
16 C o u n c i l o f E u r o p e Implementation – current status The Convention entered into force in July 2004 21 ratifications + 22 signatures (as of 31 August 2007) Signed by Canada, Japan, South Africa, ratified by USA Costa Rica and Mexico have been invited to accede Legislative amendments and ratification process underway in many other countries S a o P a u l o S e p t e m b e r 2 0 0 7 5
17
17 C o u n c i l o f E u r o p e S a o P a u l o S e p t e m b e r 2 0 0 7 Ratified: Albania Armenia Bosnia and Herzegovina Bulgaria Croatia Cyprus Denmark Estonia France Hungary Iceland Latvia Lithuania Netherlands Norway Romania Slovenia The „former Yugoslav Republic of Macedonia“ Ukraine United States of America Signed: Austria Belgium Canada Czech Rep Finland Germany Greece Ireland Italy Japan Luxembourg Malta Moldova Poland Portugal Serbia Slovakia South Africa Spain Sweden Switzerland United Kingdom Invited to accede: Costa Rica Mexico
18
18 C o u n c i l o f E u r o p e Monitoring of the treaty Art 46Consultation of the Parties (Cybercrime Convention Committee, T-CY) Facilitate effective implementation of the treaty and identify problems Facilitate information exchange Consider possible amendments or supplements to the treaty 6
19
19 C o u n c i l o f E u r o p e 19 Technical cooperation Council of Europe - Project against cybercrime (started in September 2006) Objective: To promote broad implementation of the Convention on Cybercrime (ETS 185) and its Protocol on Xenophobia and Racism (ETS 189) Expected results: 1. Draft laws permitting ratification of/accession to ETS 185 and 189 available in at least 10 European and 5 non-European countries 2.Capacities of criminal justice systems strengthened to investigate, prosecute and adjudicate cybercrime 3.Capacities of criminal justice bodies to cooperate internationally re- enforced Funded by the Council of Europe and Microsoft 7
20
20 C o u n c i l o f E u r o p e Issues (1) Need for a global harmonisation/compatibility of substantive criminal law procedural law Efficient international cooperation The Convention on Cybercrime provides such a framework Open for accession to third countries Currently used as a guideline for legislation around the world Does the Convention provide a global framework? 8 S a o P a u l o S e p t e m b e r 2 0 0 7
21
21 C o u n c i l o f E u r o p e Issues (2) Terrorist may use information and communication technologies for: Attacks via the internet aimed at essential electronic communication systems, IT infrastructue and other systems and infrastructure Dissemination of illegal contents, including threats, inciting, advertising, fundraising, recruitment, dissemination of racists and xenophobic material Logistical purposes, including communication, target analysis, acquisition of information Does the Convention cover cyberterrorism? S a o P a u l o S e p t e m b e r 2 0 0 7
22
22 C o u n c i l o f E u r o p e Issues (2) Does the Convention cover cyberterrorism? Or are new instruments required? (question under discussion at the CoE’s Committee on Terrorism, CODEXTER) Cyberattacks covered by Art 4 (data interference) and Art 5 (system interference) of the Convention on Cybercrime Investigative tools and international cooperation provisions of the Convention can also be applied against cyberterrorism Recruitment, incitement etc covered by the Convention for the Prevention of Terrorism (CoE) Most other issues covered by other existing Conventions. S a o P a u l o S e p t e m b e r 2 0 0 7
23
23 C o u n c i l o f E u r o p e Issues (3) Investigating cybercrime/ data retention/ authentification etc Privacy/ protection of personal data/ freedom of expression What Balance? S a o P a u l o S e p t e m b e r 2 0 0 7
24
24 C o u n c i l o f E u r o p e Issues (4) Law enforcement Service providers What relationship? S a o P a u l o S e p t e m b e r 2 0 0 7
25
25 C o u n c i l o f E u r o p e Issues (5) Efficiency of investigations/ technical possibilities Due process What safeguards? S a o P a u l o S e p t e m b e r 2 0 0 7
26
26 C o u n c i l o f E u r o p e Conclusion Measures against cybercrime require legal basis in substantive and procedural criminal law Balance between security concerns and civil liberties to be discussed in each society Investigative powers, safeguards and limits to be clearly defined Guidelines for relation between law enforcement and service providers to be developed Use Convention on Cybercrime as a guideline for the development of national legislation and a framework for international cooperation 9
27
27 C o u n c i l o f E u r o p e Thank you. Alexander.seger@coe.int
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.