Insights into Cybercrime: Challenges and Legal Aspects
The complexities of cybercrime, from the evolution of new forms to legal domains, and the challenges posed by the underground economy. Delve into the confusion surrounding cybersecurity terms and the history of infamous cyber incidents. Understand the international dimensions and lack of control mechanisms affecting cybercrime scenarios.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Webinar 27th of March, 2015 CYBERCRIME Dr. Tatiana Tropina, Max-Planck Institute for Foreign and International Criminal Law
New form? New medium? Migration of traditional crime on-line Cyber-offences: new type of crime (illegal access, illegal interference with data and system, ) 3
Underground economy Moderator of the Silk Road after Utopia s seizure: "is a serious blow to the darkweb marketplace community regroup, and do it again. "Show them that you, we, are a hydra -- cut off one head and ten more spring up 4
Cybercrime: challenges Number of Users International dimension Missing mechanisms of control Automation Innovation Availability of tools and information 5
Low impact High latency & lack of reporting Low impact on the victim hard to justify the violation of public order 6
Confusion and misconceptions Cybersecurity-related terms: cybercrime , cyberwar , cyberattack , cyberterrorism absence of a clear consensus Terms are used interchangeably, sometimes with little regard for what they actually mean Sensationalization and exaggeration Overuse of such terms as cyberwar and cyber-weapons tendency to view the situation in catastrophic terms Legal and regulatory responses: confusion and misunderstanding 7
A bit of history: the Love bug Created and launched in the Philippines, rapidly spread around the world within hours Affected 45 million users in more than 20 countries, inflicted a damage between $2 and 10 billion. Was traced to the Philippines, but Philippine law neither criminalize hacking nor the distribution of viruses Obtaining the warrant took several days, which allowed the suspect ample time to destroy key evidence Onel de Guzman, a former computer science student, was responsible for creating and disseminating the Love Bug. De Guzman was charged with theft and credit card fraud, but the charges were dismissed as inapplicable and unfounded De Guzman could not even be extradited to other country because extradition requires double criminality 10
Cross-border environment Safe havens: countries with no cybercrime legislation (cybercrime vs. bread and butter problem): impact on other countries Harmonisation of criminal law: computer crimes shall be criminalised in the same way (not necessary word- by-word) to allow collaboration On the surface: might seem easy, however: Reaching consensus: what type of crimes? Updating laws or applying existing laws? How specific cyber -crimes should be? 11
Harmonisation? Sovereignty & control vs. borderless Internet International instruments: fragmentation, no single solution The differences between the various legal systems Religious, moral and cultural differences Human rights concerns and different approaches to the protection of privacy Historical coincidences 12
Global solution? Which body is to take responsibility? Different needs? What is the level of standards, protection and safeguards? How to agree to disagree (e.g. content crimes)? A blame game where we are?
Substantive and procedural law Substantive law (what crime is) is to the large degree harmonised Procedural frameworks: how we obtain evidence in digital environment: process of harmonisation started much later Which instruments to use? General or specific frameworks? How compatible are they in a cross-border environment? Encryption and innovation 14
Criminal procedure Computer artefacts and data are vulnerable Old MLAT systems are slow Sovereignty and jurisdiction How to obtain data quickly? Formal cooperation vs. informal information sharing: admissibility issues 15
Way forward? Procedural frameworks: development and harmonisation Mutual legal assistance Transborder access to stored data Privacy issues Admissibility of electronic evidence obtained in different jurisdiction 16
Human rights concerns How does the state achieve its criminal justice goal? Investigative measures: simultaneously seamless and very intrusive Content-related crimes: restriction on freedom of expression can possibly be turned into an instrument of oppression Difference between activism, hacktivism and crime? 17
Privacy and investigations Data protection and privacy regulation in different countries Lowering the standards vs. minimal set of standards Intrusiveness of investigations - who enables application of the procedural instrument? Some countries: little or no judicial oversight for the most intrusive measures Transborder access: privacy conflicts 18
Regulation: blurring borders Specific safeguards Strictly regulated procedures Criminal law Safeguards? Law of war Intelligence law Preventive police law Private investigations 19
Criminal law: limitations Law: one of the most important components However Criminal law can only react to the problem Pro-active measures + reactive approaches Capacity building, awareness raising, prevention, early disruption, detection 21
Ecosystem: challenges Non-hierarchic network: missing mechanisms of control Cybercrime: a fast-changing multi-faceted problem No one fits all solution Complex ecosystem: combination of top-down and bottom-up approaches Collaboration between public and private stakeholders Need for transparency, accountability and human rights protection
Industry role Starting in the 1990s with private hotlines for reporting child abuse and involvement of ISPs in blocking and removing illegal content Growing and developing in many areas, getting more private stakeholders involved in prevention, detection, investigation Different intermediaries (not only ISPs) are now considered as critical points for collaboration
Forms of collaboration Hotlines and reporting platforms (IWF, INHOPE) Codes of conduct Public awareness campaigns Botnet mitigation projects Capacity building programs (2 Centre, International Centre for Missing and Exploited children) Investigations: informal information sharing and ad hoc collaboration towards structured approaches?
Industry: problems Investigating and prosecuting cybercrime: limitations (complement but never substitute proper legal frameworks) Clear frameworks , cost-effective solutions Corruption, mishandling of investigations, transparency Private censorship with no limits? Deficit of control Enforcement in a cross-border environment
Role of civil society Criminal law: the highest degree of governmental intervention Policy-making and law-making processes: still top-down? Bottom up approaches: awareness raising, voluntary initiatives, privacy discussions, human rights protection National and international level
Finding balance Safeguarding the Internet Protecting human rights Protecting interests of all stakeholders Building capacity and trust 27
Thank you! Tatiana Tropina Senior Researcher Max-Planck-Institut f r ausl ndisches und internationales Strafrecht G nterstalstr. 73 79100 Freiburg i.Br. Tel.: +49 (761) 7081-0 Fax: +49 (761) 7081-294 t.tropina@mpicc.de 28
