SlideShare a Scribd company logo

Investigating cybercrime at the United Nations

Download as PPTX, PDF
blogzilla
blogzilla

Presentation given at GigaNet conference, Geneva, 18 May 2013. Longer version given at Oxford University 5 June 2013.

Technology
1 of 22
INVESTIGATING CYBERCRIME AT THE UNITED NATIONS DR IAN BROWN, OXFORD UNIVERSITY @IANBROWNOII / OII.OX.AC.UK
UNODC COMPREHENSIVE STUDY ON CYBERCRIME General Assembly resolution 65/230 requested the Commission on Crime Prevention and Criminal Justice to establish an open-ended intergovernmental expert group, to conduct a comprehensive study of the problem of cybercrime and responses to it by Member States, the international community and the private sector, including the exchange of information on national legislation, best practices, technical assistance and international cooperation.
STUDY TEAM Steven Malby, Robyn Mace, Anika Holterhof, Cameron Brown, Stefan Kascherus, Eva Ignatuschtschenko (UNODC) Ulrich Sieber, Tatiana Tropina, Nicolas von zur Mühlen (Max Planck Institute for Foreign and International Criminal Law) Ian Brown, Joss Wright (Oxford Internet Institute) Roderic Broadhurst (Australian National University) Kristin Krüger (Brandenburg Institute for Society and Security)
COSTS OF CYBERCRIME
SCOPE “As the world moves into a hyper- connected society with universal internet access, it is hard to imagine a „computer crime‟, and perhaps any crime, that will not involve electronic evidence linked with internet connectivity. Such developments may well require fundamental changes in law enforcement approach, evidence gathering, and mechanisms of international cooperation in criminal matters.” (p.x)
PROCESS Salvador Declaration on Comprehensive Strategies for Global Challenges: Crime Prevention and Criminal Justice Systems and Their Development in a Changing World (2010) UN GA resolution 65/230 (2010) 1st session of intergovernmental expert group (Vienna 17-21 Jan 2011) approved topics and methodology (UNODC/CCPCJ/EG.4/2011/3) Information gathering H1 2012 2nd session (Vienna 25-28 Feb 2013)
PROCESS Topics selected: (1) Phenomenon of cybercrime; (2) Statistical information; (3) Challenges of cybercrime; (4) Common approaches to legislation; (5) Criminalization; (6) Procedural powers; (7) International cooperation; (8) Electronic evidence; (9) Roles and responsibilities of service providers and the private sector; (10) Crime prevention and criminal justice capabilities and other responses to cybercrime; (11) International organizations; and (12) Technical assistance. UNODC developed questionnaires for Member States (69 responded), IGOs (11), private sector (40) and academic institutions (16). Also undertook extensive interviews and comparative legal analysis
INTERNATIONAL INSTRUMENTS “82 countries have signed and/or ratified a binding cybercrime instrument…multilateral cybercrime instruments have influenced national laws indirectly, through use as a model by non-States parties, or via the influence of legislation of States parties on other countries.” (p.xix)
NATIONAL APPROACHES Investigative measures (cyber-specific, general, both, none) p.xxii Offences (cyber-specific, general, both, none) p.xx
JURISDICTION In many countries, provisions reflect the idea that the „whole‟ offence need not take place within the country in order to assert territorial jurisdiction. Territorial linkages can be made with reference to elements or effects of the act, or the location of computer systems or data utilized for the offence Where they arise, jurisdictional conflicts are typically resolved through formal and informal consultations between countries Country responses do not reveal, at present, any need for additional forms of jurisdiction over a putative „cyberspace‟ dimension. Rather, forms of territoriality-based and nationality-based jurisdiction are almost always able to ensure a sufficient connection between cybercrime acts and at least one State
EXTRA-TERRITORIAL EVIDENCE Key issue for further international cooperation (p.xxv)
ACCESSING CLOUD DATA CoE CC §32: “A Party may, without the authorisation of another Party…access or receive, through a computer system in its territory, stored computer data located in another Party, if the Party obtains the lawful and voluntary consent of the person who has the lawful authority to disclose the data to the Party through that computer system.”
KEY FINDINGS (a) …divergences in the extent of procedural powers and international cooperation provisions may lead to the emergence of country cooperation „clusters‟ that are not always well suited to the global nature of cybercrime (b) Reliance on traditional means of formal international cooperation in cybercrime matters is not currently able to offer the timely response needed for obtaining volatile electronic evidence. (c) …the role of evidence „location‟ needs to be reconceptualized, including with a view to obtaining consensus on issues concerning direct access to extraterritorial data by law enforcement authorities (d) Analysis of available national legal frameworks indicates insufficient harmonization of „core‟ cybercrime offences, investigative powers, and admissibility of electronic evidence. International human rights law represents an important external reference point for criminalization and procedural provisions; (e) Law enforcement authorities, prosecutors, and judiciary in developing countries, require long-term, sustainable, comprehensive technical support and assistance for the investigation and combating of cybercrime; (e) Cybercrime prevention activities in all countries require strengthening, through a holistic approach involving further awareness raising, public-private partnerships, and the integration of cybercrime strategies with a broader cybersecurity perspective.
OPTIONS Model provisions (on core cybercrime acts; investigative powers; jurisdiction; international cooperation) Limited or comprehensive multilateral agreements Technical assistance
CORE CYBERCRIME ACTS (i) The provisions could maintain the approach of existing instruments regarding offences against the confidentiality, integrity and accessibility of computer systems and data; (ii) The provisions could also cover „conventional‟ offences perpetrated or facilitated by use of computer systems, only where existing criminalization approaches are perceived not to be sufficient; (iii) The provisions could address areas not covered by existing instruments, such as criminalization of SPAM; (iv) The provisions could be developed in line with the latest international human rights standards on criminalization, including in particular, treaty-based protections of the right to freedom of expression; (v) Use of the provisions by States would minimize dual criminality challenges in international cooperation;
INVESTIGATIVE POWERS (i) The provisions could draw on the approach of existing instruments, including orders for expedited preservation of data, and orders for obtaining stored and real-time data; (ii) The provisions could offer guidance on the extension of traditional powers such as search and seizure to electronic evidence; (iii) The provisions could offer guidance on the application of appropriate safeguards for intrusive investigative techniques based on international human rights law, including treaty-based protections of the right to privacy;
JURISDICTION (i) The provisions could include bases such as those derived from the objective territoriality principle and the substantial effects doctrine. (ii) The provisions could include guidance for addressing issues of concurrent jurisdiction.
INTERNATIONAL COOPERATION (i) The provisions would focus on practical cooperation mechanisms that could be inserted in existing instruments for the timely preservation and supply of electronic evidence in criminal matters; (ii) The provisions could include obligations to establish electronic evidence fast response focal points and agreed timescales for responses;
MULTILATERAL AGREEMENT ON EVIDENCE i) By way of complementarity to existing international cooperation treaties, such an instrument could focus primarily on a mechanism for requesting expedited preservation of data for a specified time period; (ii) The instrument may also include specific cooperation provisions for further investigative measures, including supply of stored data, and real-time collection of data; (iii) The scope of application would need to be defined, but should not be limited to „cybercrime‟ or „computer-related‟ crime; (iv) The instrument could require response within a specified time period and establish clear focal point to focal point communication channels, building upon rather than duplicating existing 24/7 initiatives; (v) The instrument could include traditional international cooperation safeguards, as well as appropriate human rights exclusions;
COMPREHENSIVE MULTILATERAL AGREEMENT (i) The instrument could include elements from all of the options above in a binding, multilateral form; (ii) The instrument could draw on existing core commonalities across the current range of binding and non- binding international and regional instruments;
TECHNICAL ASSISTANCE (i) Technical assistance could be delivered based on standards developed through model provisions as set out in the options above; (ii) Technical assistance could be delivered through a focus on multi-stakeholder delivery, including representatives from the private sector and academia.
NEXT STEPS 22nd Session of the Commission on Crime Prevention and Criminal Justice took note of study, requested Secretariat to translate and disseminate, and expert group to continue efforts Council of Europe Cybercrime Convention Committee is developing optional protocol on transborder access to data Ongoing battles at ITU and elsewhere in UN system over Internet governance

Recommended

Cybercrime convention
Cybercrime conventionCybercrime convention
Cybercrime conventionmoldovaictsummit2016
 
Keeping our secrets? Shaping Internet technologies for the public good
Keeping our secrets? Shaping Internet technologies for the public goodKeeping our secrets? Shaping Internet technologies for the public good
Keeping our secrets? Shaping Internet technologies for the public goodblogzilla
 
Application of principles of international law to computer networks operation...
Application of principles of international law to computer networks operation...Application of principles of international law to computer networks operation...
Application of principles of international law to computer networks operation...Adriana Dvorsak
 
CTO Cybersecurity Forum 2013 Alexander Seger Budapest Convention on Cybercrime
CTO Cybersecurity Forum 2013 Alexander Seger Budapest Convention on CybercrimeCTO Cybersecurity Forum 2013 Alexander Seger Budapest Convention on Cybercrime
CTO Cybersecurity Forum 2013 Alexander Seger Budapest Convention on CybercrimeCommonwealth Telecommunications Organisation
 
Taiwan Internet Intermediaries and Cyber Norms
Taiwan Internet Intermediaries and Cyber NormsTaiwan Internet Intermediaries and Cyber Norms
Taiwan Internet Intermediaries and Cyber NormsKenny Huang Ph.D.
 
Computer Forensic: A Reactive Strategy for Fighting Computer Crime
Computer Forensic: A Reactive Strategy for Fighting Computer CrimeComputer Forensic: A Reactive Strategy for Fighting Computer Crime
Computer Forensic: A Reactive Strategy for Fighting Computer CrimeCSCJournals
 
Privacy and Data Protection in Research
Privacy and Data Protection in ResearchPrivacy and Data Protection in Research
Privacy and Data Protection in ResearchMarlon Domingus
 
The Data Retention Directive: recent developments
The Data Retention Directive: recent developmentsThe Data Retention Directive: recent developments
The Data Retention Directive: recent developmentsblogzilla
 

Recommended

Cybercrime convention
Cybercrime conventionCybercrime convention
Cybercrime conventionmoldovaictsummit2016
 
Keeping our secrets? Shaping Internet technologies for the public good
Keeping our secrets? Shaping Internet technologies for the public goodKeeping our secrets? Shaping Internet technologies for the public good
Keeping our secrets? Shaping Internet technologies for the public goodblogzilla
 
Application of principles of international law to computer networks operation...
Application of principles of international law to computer networks operation...Application of principles of international law to computer networks operation...
Application of principles of international law to computer networks operation...Adriana Dvorsak
 
CTO Cybersecurity Forum 2013 Alexander Seger Budapest Convention on Cybercrime
CTO Cybersecurity Forum 2013 Alexander Seger Budapest Convention on CybercrimeCTO Cybersecurity Forum 2013 Alexander Seger Budapest Convention on Cybercrime
CTO Cybersecurity Forum 2013 Alexander Seger Budapest Convention on CybercrimeCommonwealth Telecommunications Organisation
 
Taiwan Internet Intermediaries and Cyber Norms
Taiwan Internet Intermediaries and Cyber NormsTaiwan Internet Intermediaries and Cyber Norms
Taiwan Internet Intermediaries and Cyber NormsKenny Huang Ph.D.
 
Computer Forensic: A Reactive Strategy for Fighting Computer Crime
Computer Forensic: A Reactive Strategy for Fighting Computer CrimeComputer Forensic: A Reactive Strategy for Fighting Computer Crime
Computer Forensic: A Reactive Strategy for Fighting Computer CrimeCSCJournals
 
Privacy and Data Protection in Research
Privacy and Data Protection in ResearchPrivacy and Data Protection in Research
Privacy and Data Protection in ResearchMarlon Domingus
 
The Data Retention Directive: recent developments
The Data Retention Directive: recent developmentsThe Data Retention Directive: recent developments
The Data Retention Directive: recent developmentsblogzilla
 
Cyberspace and Digital Diplomacy
Cyberspace and Digital DiplomacyCyberspace and Digital Diplomacy
Cyberspace and Digital DiplomacyKenny Huang Ph.D.
 
Cybercrime Deterrence and International Legislation: Evidence from Distribute...
Cybercrime Deterrence and International Legislation: Evidence from Distribute...Cybercrime Deterrence and International Legislation: Evidence from Distribute...
Cybercrime Deterrence and International Legislation: Evidence from Distribute...MIS Quarterly
 
Floundering towards EU information law
Floundering towards EU information lawFloundering towards EU information law
Floundering towards EU information lawblogzilla
 
Internet Governance Model in Taiwan
Internet Governance Model in TaiwanInternet Governance Model in Taiwan
Internet Governance Model in TaiwanKenny Huang Ph.D.
 
Copyright and privacy by design - what lessons have we learned?
Copyright and privacy by design - what lessons have we learned?Copyright and privacy by design - what lessons have we learned?
Copyright and privacy by design - what lessons have we learned?blogzilla
 
Trusted government access to private sector data
Trusted government access to private sector dataTrusted government access to private sector data
Trusted government access to private sector datablogzilla
 
CTO Cybersecurity Forum 2013 Alexander Seger
CTO Cybersecurity Forum 2013 Alexander SegerCTO Cybersecurity Forum 2013 Alexander Seger
CTO Cybersecurity Forum 2013 Alexander SegerCommonwealth Telecommunications Organisation
 
Cyber crime (prohibition,prevention,etc)_act,_2015
Cyber crime (prohibition,prevention,etc)_act,_2015Cyber crime (prohibition,prevention,etc)_act,_2015
Cyber crime (prohibition,prevention,etc)_act,_2015Chinatu Uzuegbu
 
Freedom of expression on the internet
Freedom of expression on the internetFreedom of expression on the internet
Freedom of expression on the internetmoldovaictsummit2016
 
Presentation on hadopi laws
Presentation on hadopi lawsPresentation on hadopi laws
Presentation on hadopi lawsbsookman
 
Cyber crime legislation part 1
Cyber crime legislation part 1Cyber crime legislation part 1
Cyber crime legislation part 1MohsinMughal28
 
Ubicomp challenges for privacy law
Ubicomp challenges for privacy lawUbicomp challenges for privacy law
Ubicomp challenges for privacy lawblogzilla
 
Fine-Grained Censorship Mapping
Fine-Grained Censorship MappingFine-Grained Censorship Mapping
Fine-Grained Censorship MappingJoss Wright
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeJason Quinlan
 
Draft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataDraft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataRenato Monteiro
 
Privacy impact assessment
Privacy impact assessmentPrivacy impact assessment
Privacy impact assessmentSpringer
 
Human rights and the future of surveillance - Lord Anderson QC
Human rights and the future of surveillance - Lord Anderson QCHuman rights and the future of surveillance - Lord Anderson QC
Human rights and the future of surveillance - Lord Anderson QCblogzilla
 
Ostrom’s crypto-principles? Towards a commons-based approach for the use of B...
Ostrom’s crypto-principles? Towards a commons-based approach for the use of B...Ostrom’s crypto-principles? Towards a commons-based approach for the use of B...
Ostrom’s crypto-principles? Towards a commons-based approach for the use of B...David Rozas
 
Pal gov.tutorial6.session9.cybercrime
Pal gov.tutorial6.session9.cybercrimePal gov.tutorial6.session9.cybercrime
Pal gov.tutorial6.session9.cybercrimeMustafa Jarrar
 
Wikileaks freedom of speech on the internet
Wikileaks freedom of speech on the internetWikileaks freedom of speech on the internet
Wikileaks freedom of speech on the internetVincy
 
33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...
33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...
33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...APNIC
 
International convention on cyber crime
International convention on cyber crimeInternational convention on cyber crime
International convention on cyber crimeIshitaSrivastava21
 

More Related Content

What's hot

Cyberspace and Digital Diplomacy
Cyberspace and Digital DiplomacyCyberspace and Digital Diplomacy
Cyberspace and Digital DiplomacyKenny Huang Ph.D.
 
Cybercrime Deterrence and International Legislation: Evidence from Distribute...
Cybercrime Deterrence and International Legislation: Evidence from Distribute...Cybercrime Deterrence and International Legislation: Evidence from Distribute...
Cybercrime Deterrence and International Legislation: Evidence from Distribute...MIS Quarterly
 
Floundering towards EU information law
Floundering towards EU information lawFloundering towards EU information law
Floundering towards EU information lawblogzilla
 
Internet Governance Model in Taiwan
Internet Governance Model in TaiwanInternet Governance Model in Taiwan
Internet Governance Model in TaiwanKenny Huang Ph.D.
 
Copyright and privacy by design - what lessons have we learned?
Copyright and privacy by design - what lessons have we learned?Copyright and privacy by design - what lessons have we learned?
Copyright and privacy by design - what lessons have we learned?blogzilla
 
Trusted government access to private sector data
Trusted government access to private sector dataTrusted government access to private sector data
Trusted government access to private sector datablogzilla
 
Cyber crime (prohibition,prevention,etc)_act,_2015
Cyber crime (prohibition,prevention,etc)_act,_2015Cyber crime (prohibition,prevention,etc)_act,_2015
Cyber crime (prohibition,prevention,etc)_act,_2015Chinatu Uzuegbu
 
Freedom of expression on the internet
Freedom of expression on the internetFreedom of expression on the internet
Freedom of expression on the internetmoldovaictsummit2016
 
Presentation on hadopi laws
Presentation on hadopi lawsPresentation on hadopi laws
Presentation on hadopi lawsbsookman
 
Cyber crime legislation part 1
Cyber crime legislation part 1Cyber crime legislation part 1
Cyber crime legislation part 1MohsinMughal28
 
Ubicomp challenges for privacy law
Ubicomp challenges for privacy lawUbicomp challenges for privacy law
Ubicomp challenges for privacy lawblogzilla
 
Fine-Grained Censorship Mapping
Fine-Grained Censorship MappingFine-Grained Censorship Mapping
Fine-Grained Censorship MappingJoss Wright
 
Draft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataDraft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataRenato Monteiro
 
Privacy impact assessment
Privacy impact assessmentPrivacy impact assessment
Privacy impact assessmentSpringer
 
Human rights and the future of surveillance - Lord Anderson QC
Human rights and the future of surveillance - Lord Anderson QCHuman rights and the future of surveillance - Lord Anderson QC
Human rights and the future of surveillance - Lord Anderson QCblogzilla
 
Ostrom’s crypto-principles? Towards a commons-based approach for the use of B...
Ostrom’s crypto-principles? Towards a commons-based approach for the use of B...Ostrom’s crypto-principles? Towards a commons-based approach for the use of B...
Ostrom’s crypto-principles? Towards a commons-based approach for the use of B...David Rozas
 
Pal gov.tutorial6.session9.cybercrime
Pal gov.tutorial6.session9.cybercrimePal gov.tutorial6.session9.cybercrime
Pal gov.tutorial6.session9.cybercrimeMustafa Jarrar
 
Wikileaks freedom of speech on the internet
Wikileaks freedom of speech on the internetWikileaks freedom of speech on the internet
Wikileaks freedom of speech on the internetVincy
 

What's hot (20)

Cyberspace and Digital Diplomacy
Cyberspace and Digital DiplomacyCyberspace and Digital Diplomacy
Cyberspace and Digital Diplomacy
 
Cybercrime Deterrence and International Legislation: Evidence from Distribute...
Cybercrime Deterrence and International Legislation: Evidence from Distribute...Cybercrime Deterrence and International Legislation: Evidence from Distribute...
Cybercrime Deterrence and International Legislation: Evidence from Distribute...
 
Floundering towards EU information law
Floundering towards EU information lawFloundering towards EU information law
Floundering towards EU information law
 
Internet Governance Model in Taiwan
Internet Governance Model in TaiwanInternet Governance Model in Taiwan
Internet Governance Model in Taiwan
 
Copyright and privacy by design - what lessons have we learned?
Copyright and privacy by design - what lessons have we learned?Copyright and privacy by design - what lessons have we learned?
Copyright and privacy by design - what lessons have we learned?
 
Trusted government access to private sector data
Trusted government access to private sector dataTrusted government access to private sector data
Trusted government access to private sector data
 
CTO Cybersecurity Forum 2013 Alexander Seger
CTO Cybersecurity Forum 2013 Alexander SegerCTO Cybersecurity Forum 2013 Alexander Seger
CTO Cybersecurity Forum 2013 Alexander Seger
 
Cyber crime (prohibition,prevention,etc)_act,_2015
Cyber crime (prohibition,prevention,etc)_act,_2015Cyber crime (prohibition,prevention,etc)_act,_2015
Cyber crime (prohibition,prevention,etc)_act,_2015
 
Freedom of expression on the internet
Freedom of expression on the internetFreedom of expression on the internet
Freedom of expression on the internet
 
Presentation on hadopi laws
Presentation on hadopi lawsPresentation on hadopi laws
Presentation on hadopi laws
 
Cyber crime legislation part 1
Cyber crime legislation part 1Cyber crime legislation part 1
Cyber crime legislation part 1
 
Ubicomp challenges for privacy law
Ubicomp challenges for privacy lawUbicomp challenges for privacy law
Ubicomp challenges for privacy law
 
Fine-Grained Censorship Mapping
Fine-Grained Censorship MappingFine-Grained Censorship Mapping
Fine-Grained Censorship Mapping
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Draft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataDraft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal Data
 
Privacy impact assessment
Privacy impact assessmentPrivacy impact assessment
Privacy impact assessment
 
Human rights and the future of surveillance - Lord Anderson QC
Human rights and the future of surveillance - Lord Anderson QCHuman rights and the future of surveillance - Lord Anderson QC
Human rights and the future of surveillance - Lord Anderson QC
 
Ostrom’s crypto-principles? Towards a commons-based approach for the use of B...
Ostrom’s crypto-principles? Towards a commons-based approach for the use of B...Ostrom’s crypto-principles? Towards a commons-based approach for the use of B...
Ostrom’s crypto-principles? Towards a commons-based approach for the use of B...
 
Pal gov.tutorial6.session9.cybercrime
Pal gov.tutorial6.session9.cybercrimePal gov.tutorial6.session9.cybercrime
Pal gov.tutorial6.session9.cybercrime
 
Wikileaks freedom of speech on the internet
Wikileaks freedom of speech on the internetWikileaks freedom of speech on the internet
Wikileaks freedom of speech on the internet
 

Similar to Investigating cybercrime at the United Nations

33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...
33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...
33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...APNIC
 
International convention on cyber crime
International convention on cyber crimeInternational convention on cyber crime
International convention on cyber crimeIshitaSrivastava21
 
Cyber Crime & Cyber Security Workshop, ZIE
Cyber Crime & Cyber Security Workshop, ZIE Cyber Crime & Cyber Security Workshop, ZIE
Cyber Crime & Cyber Security Workshop, ZIE Kangai Maukazuva, CGEIT
 
Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...
Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...
Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...Cameron Brown
 
Computer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaComputer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaMohammed Mahfouz Alhassan
 
Electronic Surveillance Of Communications 100225
Electronic Surveillance Of Communications 100225Electronic Surveillance Of Communications 100225
Electronic Surveillance Of Communications 100225Klamberg
 
Electronic Surveillance of Communications 100225
Electronic Surveillance of Communications 100225Electronic Surveillance of Communications 100225
Electronic Surveillance of Communications 100225Klamberg
 
Cloud Services and the "Marco Civil"
Cloud Services and the "Marco Civil"Cloud Services and the "Marco Civil"
Cloud Services and the "Marco Civil"ATMOSPHERE .
 
Policies and Law in IT
Policies and Law in ITPolicies and Law in IT
Policies and Law in ITAnushka Perera
 
A Literature Review On Cyber Forensic And Its Analysis Tools
A Literature Review On Cyber Forensic And Its Analysis ToolsA Literature Review On Cyber Forensic And Its Analysis Tools
A Literature Review On Cyber Forensic And Its Analysis ToolsSamantha Vargas
 
IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1
IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1
IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1MalikPinckney86
 
CYBOK: Law and Regulation webinar slides.pdf
CYBOK: Law and Regulation webinar slides.pdfCYBOK: Law and Regulation webinar slides.pdf
CYBOK: Law and Regulation webinar slides.pdfHari319621
 
cyber law and forensics,biometrics systems
cyber law and forensics,biometrics systemscyber law and forensics,biometrics systems
cyber law and forensics,biometrics systemsMayank Diwakar
 
An insight view of digital forensics
An insight view of digital forensicsAn insight view of digital forensics
An insight view of digital forensicsijcsa
 

Similar to Investigating cybercrime at the United Nations (20)

33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...
33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...
33rd TWNIC IP OPM: Legal cooperation to overcome jurisdictional and territori...
 
International convention on cyber crime
International convention on cyber crimeInternational convention on cyber crime
International convention on cyber crime
 
Cyber Crime & Cyber Security Workshop, ZIE
Cyber Crime & Cyber Security Workshop, ZIE Cyber Crime & Cyber Security Workshop, ZIE
Cyber Crime & Cyber Security Workshop, ZIE
 
Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...
Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...
Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...
 
Computer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaComputer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of Ghana
 
2627 8105-1-pb
2627 8105-1-pb2627 8105-1-pb
2627 8105-1-pb
 
File000114
File000114File000114
File000114
 
Electronic Surveillance Of Communications 100225
Electronic Surveillance Of Communications 100225Electronic Surveillance Of Communications 100225
Electronic Surveillance Of Communications 100225
 
Electronic Surveillance of Communications 100225
Electronic Surveillance of Communications 100225Electronic Surveillance of Communications 100225
Electronic Surveillance of Communications 100225
 
Cloud Services and the "Marco Civil"
Cloud Services and the "Marco Civil"Cloud Services and the "Marco Civil"
Cloud Services and the "Marco Civil"
 
Policies and Law in IT
Policies and Law in ITPolicies and Law in IT
Policies and Law in IT
 
A Literature Review On Cyber Forensic And Its Analysis Tools
A Literature Review On Cyber Forensic And Its Analysis ToolsA Literature Review On Cyber Forensic And Its Analysis Tools
A Literature Review On Cyber Forensic And Its Analysis Tools
 
IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1
IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1
IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1
 
Cyber-Law and Cyber-Crime
Cyber-Law and Cyber-CrimeCyber-Law and Cyber-Crime
Cyber-Law and Cyber-Crime
 
Cyber law and cyber-crime
Cyber law and cyber-crimeCyber law and cyber-crime
Cyber law and cyber-crime
 
CYBOK: Law and Regulation webinar slides.pdf
CYBOK: Law and Regulation webinar slides.pdfCYBOK: Law and Regulation webinar slides.pdf
CYBOK: Law and Regulation webinar slides.pdf
 
cyber law and forensics,biometrics systems
cyber law and forensics,biometrics systemscyber law and forensics,biometrics systems
cyber law and forensics,biometrics systems
 
Cyber Crimes.pdf
Cyber Crimes.pdfCyber Crimes.pdf
Cyber Crimes.pdf
 
CTO Cybersecurity Forum 2013 Auguste Yankey
CTO Cybersecurity Forum 2013 Auguste YankeyCTO Cybersecurity Forum 2013 Auguste Yankey
CTO Cybersecurity Forum 2013 Auguste Yankey
 
An insight view of digital forensics
An insight view of digital forensicsAn insight view of digital forensics
An insight view of digital forensics
 

More from blogzilla

Interoperability for SNS competition
Interoperability for SNS competitionInteroperability for SNS competition
Interoperability for SNS competitionblogzilla
 
Transatlantic data flows following the Schrems II judgment
Transatlantic data flows following the Schrems II judgmentTransatlantic data flows following the Schrems II judgment
Transatlantic data flows following the Schrems II judgmentblogzilla
 
Lessons for interoperability remedies from UK Open Banking
Lessons for interoperability remedies from UK Open BankingLessons for interoperability remedies from UK Open Banking
Lessons for interoperability remedies from UK Open Bankingblogzilla
 
Covid exposure apps in England and Wales
Covid exposure apps in England and WalesCovid exposure apps in England and Wales
Covid exposure apps in England and Walesblogzilla
 
Key issues in data protection policy
Key issues in data protection policyKey issues in data protection policy
Key issues in data protection policyblogzilla
 
Interoperability in the Digital Services Act
Interoperability in the Digital Services ActInteroperability in the Digital Services Act
Interoperability in the Digital Services Actblogzilla
 
Making effective policy use of academic expertise
Making effective policy use of academic expertiseMaking effective policy use of academic expertise
Making effective policy use of academic expertiseblogzilla
 
Introduction to Cybersecurity for Elections
Introduction to Cybersecurity for ElectionsIntroduction to Cybersecurity for Elections
Introduction to Cybersecurity for Electionsblogzilla
 
Cyber Essentials for Managers
Cyber Essentials for ManagersCyber Essentials for Managers
Cyber Essentials for Managersblogzilla
 
Privacy and Data Protection in South Africa
Privacy and Data Protection in South AfricaPrivacy and Data Protection in South Africa
Privacy and Data Protection in South Africablogzilla
 
Data science and privacy regulation
Data science and privacy regulationData science and privacy regulation
Data science and privacy regulationblogzilla
 
Where next for encryption regulation?
Where next for encryption regulation?Where next for encryption regulation?
Where next for encryption regulation?blogzilla
 
Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?blogzilla
 
Regulation and the Internet of Things
Regulation and the Internet of ThingsRegulation and the Internet of Things
Regulation and the Internet of Thingsblogzilla
 
Global Cyber Security Capacity Centre
Global Cyber Security Capacity CentreGlobal Cyber Security Capacity Centre
Global Cyber Security Capacity Centreblogzilla
 
Privacy post-Snowden
Privacy post-SnowdenPrivacy post-Snowden
Privacy post-Snowdenblogzilla
 
Trust in the Cloud
Trust in the CloudTrust in the Cloud
Trust in the Cloudblogzilla
 
Can the law control Digital Leviathan?
Can the law control Digital Leviathan?Can the law control Digital Leviathan?
Can the law control Digital Leviathan?blogzilla
 
Regulating code
Regulating codeRegulating code
Regulating codeblogzilla
 
Data protection redress in the UK
Data protection redress in the UKData protection redress in the UK
Data protection redress in the UKblogzilla
 

More from blogzilla (20)

Interoperability for SNS competition
Interoperability for SNS competitionInteroperability for SNS competition
Interoperability for SNS competition
 
Transatlantic data flows following the Schrems II judgment
Transatlantic data flows following the Schrems II judgmentTransatlantic data flows following the Schrems II judgment
Transatlantic data flows following the Schrems II judgment
 
Lessons for interoperability remedies from UK Open Banking
Lessons for interoperability remedies from UK Open BankingLessons for interoperability remedies from UK Open Banking
Lessons for interoperability remedies from UK Open Banking
 
Covid exposure apps in England and Wales
Covid exposure apps in England and WalesCovid exposure apps in England and Wales
Covid exposure apps in England and Wales
 
Key issues in data protection policy
Key issues in data protection policyKey issues in data protection policy
Key issues in data protection policy
 
Interoperability in the Digital Services Act
Interoperability in the Digital Services ActInteroperability in the Digital Services Act
Interoperability in the Digital Services Act
 
Making effective policy use of academic expertise
Making effective policy use of academic expertiseMaking effective policy use of academic expertise
Making effective policy use of academic expertise
 
Introduction to Cybersecurity for Elections
Introduction to Cybersecurity for ElectionsIntroduction to Cybersecurity for Elections
Introduction to Cybersecurity for Elections
 
Cyber Essentials for Managers
Cyber Essentials for ManagersCyber Essentials for Managers
Cyber Essentials for Managers
 
Privacy and Data Protection in South Africa
Privacy and Data Protection in South AfricaPrivacy and Data Protection in South Africa
Privacy and Data Protection in South Africa
 
Data science and privacy regulation
Data science and privacy regulationData science and privacy regulation
Data science and privacy regulation
 
Where next for encryption regulation?
Where next for encryption regulation?Where next for encryption regulation?
Where next for encryption regulation?
 
Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?
 
Regulation and the Internet of Things
Regulation and the Internet of ThingsRegulation and the Internet of Things
Regulation and the Internet of Things
 
Global Cyber Security Capacity Centre
Global Cyber Security Capacity CentreGlobal Cyber Security Capacity Centre
Global Cyber Security Capacity Centre
 
Privacy post-Snowden
Privacy post-SnowdenPrivacy post-Snowden
Privacy post-Snowden
 
Trust in the Cloud
Trust in the CloudTrust in the Cloud
Trust in the Cloud
 
Can the law control Digital Leviathan?
Can the law control Digital Leviathan?Can the law control Digital Leviathan?
Can the law control Digital Leviathan?
 
Regulating code
Regulating codeRegulating code
Regulating code
 
Data protection redress in the UK
Data protection redress in the UKData protection redress in the UK
Data protection redress in the UK
 

Recently uploaded

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 

Investigating cybercrime at the United Nations

  • 1. INVESTIGATING CYBERCRIME AT THE UNITED NATIONS DR IAN BROWN, OXFORD UNIVERSITY @IANBROWNOII / OII.OX.AC.UK
  • 2. UNODC COMPREHENSIVE STUDY ON CYBERCRIME General Assembly resolution 65/230 requested the Commission on Crime Prevention and Criminal Justice to establish an open-ended intergovernmental expert group, to conduct a comprehensive study of the problem of cybercrime and responses to it by Member States, the international community and the private sector, including the exchange of information on national legislation, best practices, technical assistance and international cooperation.
  • 3. STUDY TEAM Steven Malby, Robyn Mace, Anika Holterhof, Cameron Brown, Stefan Kascherus, Eva Ignatuschtschenko (UNODC) Ulrich Sieber, Tatiana Tropina, Nicolas von zur Mühlen (Max Planck Institute for Foreign and International Criminal Law) Ian Brown, Joss Wright (Oxford Internet Institute) Roderic Broadhurst (Australian National University) Kristin Krüger (Brandenburg Institute for Society and Security)
  • 5. SCOPE “As the world moves into a hyper- connected society with universal internet access, it is hard to imagine a „computer crime‟, and perhaps any crime, that will not involve electronic evidence linked with internet connectivity. Such developments may well require fundamental changes in law enforcement approach, evidence gathering, and mechanisms of international cooperation in criminal matters.” (p.x)
  • 6. PROCESS Salvador Declaration on Comprehensive Strategies for Global Challenges: Crime Prevention and Criminal Justice Systems and Their Development in a Changing World (2010) UN GA resolution 65/230 (2010) 1st session of intergovernmental expert group (Vienna 17-21 Jan 2011) approved topics and methodology (UNODC/CCPCJ/EG.4/2011/3) Information gathering H1 2012 2nd session (Vienna 25-28 Feb 2013)
  • 7. PROCESS Topics selected: (1) Phenomenon of cybercrime; (2) Statistical information; (3) Challenges of cybercrime; (4) Common approaches to legislation; (5) Criminalization; (6) Procedural powers; (7) International cooperation; (8) Electronic evidence; (9) Roles and responsibilities of service providers and the private sector; (10) Crime prevention and criminal justice capabilities and other responses to cybercrime; (11) International organizations; and (12) Technical assistance. UNODC developed questionnaires for Member States (69 responded), IGOs (11), private sector (40) and academic institutions (16). Also undertook extensive interviews and comparative legal analysis
  • 8. INTERNATIONAL INSTRUMENTS “82 countries have signed and/or ratified a binding cybercrime instrument…multilateral cybercrime instruments have influenced national laws indirectly, through use as a model by non-States parties, or via the influence of legislation of States parties on other countries.” (p.xix)
  • 9. NATIONAL APPROACHES Investigative measures (cyber-specific, general, both, none) p.xxii Offences (cyber-specific, general, both, none) p.xx
  • 10. JURISDICTION In many countries, provisions reflect the idea that the „whole‟ offence need not take place within the country in order to assert territorial jurisdiction. Territorial linkages can be made with reference to elements or effects of the act, or the location of computer systems or data utilized for the offence Where they arise, jurisdictional conflicts are typically resolved through formal and informal consultations between countries Country responses do not reveal, at present, any need for additional forms of jurisdiction over a putative „cyberspace‟ dimension. Rather, forms of territoriality-based and nationality-based jurisdiction are almost always able to ensure a sufficient connection between cybercrime acts and at least one State
  • 11. EXTRA-TERRITORIAL EVIDENCE Key issue for further international cooperation (p.xxv)
  • 12. ACCESSING CLOUD DATA CoE CC §32: “A Party may, without the authorisation of another Party…access or receive, through a computer system in its territory, stored computer data located in another Party, if the Party obtains the lawful and voluntary consent of the person who has the lawful authority to disclose the data to the Party through that computer system.”
  • 13. KEY FINDINGS (a) …divergences in the extent of procedural powers and international cooperation provisions may lead to the emergence of country cooperation „clusters‟ that are not always well suited to the global nature of cybercrime (b) Reliance on traditional means of formal international cooperation in cybercrime matters is not currently able to offer the timely response needed for obtaining volatile electronic evidence. (c) …the role of evidence „location‟ needs to be reconceptualized, including with a view to obtaining consensus on issues concerning direct access to extraterritorial data by law enforcement authorities (d) Analysis of available national legal frameworks indicates insufficient harmonization of „core‟ cybercrime offences, investigative powers, and admissibility of electronic evidence. International human rights law represents an important external reference point for criminalization and procedural provisions; (e) Law enforcement authorities, prosecutors, and judiciary in developing countries, require long-term, sustainable, comprehensive technical support and assistance for the investigation and combating of cybercrime; (e) Cybercrime prevention activities in all countries require strengthening, through a holistic approach involving further awareness raising, public-private partnerships, and the integration of cybercrime strategies with a broader cybersecurity perspective.
  • 14. OPTIONS Model provisions (on core cybercrime acts; investigative powers; jurisdiction; international cooperation) Limited or comprehensive multilateral agreements Technical assistance
  • 15. CORE CYBERCRIME ACTS (i) The provisions could maintain the approach of existing instruments regarding offences against the confidentiality, integrity and accessibility of computer systems and data; (ii) The provisions could also cover „conventional‟ offences perpetrated or facilitated by use of computer systems, only where existing criminalization approaches are perceived not to be sufficient; (iii) The provisions could address areas not covered by existing instruments, such as criminalization of SPAM; (iv) The provisions could be developed in line with the latest international human rights standards on criminalization, including in particular, treaty-based protections of the right to freedom of expression; (v) Use of the provisions by States would minimize dual criminality challenges in international cooperation;
  • 16. INVESTIGATIVE POWERS (i) The provisions could draw on the approach of existing instruments, including orders for expedited preservation of data, and orders for obtaining stored and real-time data; (ii) The provisions could offer guidance on the extension of traditional powers such as search and seizure to electronic evidence; (iii) The provisions could offer guidance on the application of appropriate safeguards for intrusive investigative techniques based on international human rights law, including treaty-based protections of the right to privacy;
  • 17. JURISDICTION (i) The provisions could include bases such as those derived from the objective territoriality principle and the substantial effects doctrine. (ii) The provisions could include guidance for addressing issues of concurrent jurisdiction.
  • 18. INTERNATIONAL COOPERATION (i) The provisions would focus on practical cooperation mechanisms that could be inserted in existing instruments for the timely preservation and supply of electronic evidence in criminal matters; (ii) The provisions could include obligations to establish electronic evidence fast response focal points and agreed timescales for responses;
  • 19. MULTILATERAL AGREEMENT ON EVIDENCE i) By way of complementarity to existing international cooperation treaties, such an instrument could focus primarily on a mechanism for requesting expedited preservation of data for a specified time period; (ii) The instrument may also include specific cooperation provisions for further investigative measures, including supply of stored data, and real-time collection of data; (iii) The scope of application would need to be defined, but should not be limited to „cybercrime‟ or „computer-related‟ crime; (iv) The instrument could require response within a specified time period and establish clear focal point to focal point communication channels, building upon rather than duplicating existing 24/7 initiatives; (v) The instrument could include traditional international cooperation safeguards, as well as appropriate human rights exclusions;
  • 20. COMPREHENSIVE MULTILATERAL AGREEMENT (i) The instrument could include elements from all of the options above in a binding, multilateral form; (ii) The instrument could draw on existing core commonalities across the current range of binding and non- binding international and regional instruments;
  • 21. TECHNICAL ASSISTANCE (i) Technical assistance could be delivered based on standards developed through model provisions as set out in the options above; (ii) Technical assistance could be delivered through a focus on multi-stakeholder delivery, including representatives from the private sector and academia.
  • 22. NEXT STEPS 22nd Session of the Commission on Crime Prevention and Criminal Justice took note of study, requested Secretariat to translate and disseminate, and expert group to continue efforts Council of Europe Cybercrime Convention Committee is developing optional protocol on transborder access to data Ongoing battles at ITU and elsewhere in UN system over Internet governance

Editor's Notes

  1. http://www.unodc.org/documents/treaties/organized_crime/EGM_cybercrime_2011/UNODC_CCPCJ_EG4_2011_3/UNODC_CCPCJ_EG4_2011_3_E.pdf
  2. (1)  An individual located in country A with control over cloud data. Access may be obtained either because (i) the individual consents; or (ii) authorities make use of an existing live connection from the individual’s device. (2)  An individual located in country B with control over cloud data. Access may be obtained due to the consent of the individual. (3)  The cloud service provider in country B. Access may be obtained either because (i) the cloud service provider consents; or (ii) data access credentials have been obtained by law enforcement. (4)  The cloud service provider’s offices in country A. Access may be obtained through local informal arrangements between law enforcement and the cloud service provider.