1 / 13

Perspectives for an effective European-wide fight against cybercrime

Perspectives for an effective European-wide fight against cybercrime . Anne Flanagan Institute for Computer and Communications Law Centre for Commercial Law Studies, Queen Mary, University of London. Introductory Remarks. Transnational crime Substantive & procedural harmonisation

beyla
Télécharger la présentation

Perspectives for an effective European-wide fight against cybercrime

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Perspectives for an effective European-wide fight against cybercrime Anne Flanagan Institute for Computer and Communications Law Centre for Commercial Law Studies, Queen Mary, University of London

  2. Introductory Remarks • Transnational crime • Substantive & procedural harmonisation • EU: ‘First Pillar’, ‘Third Pillar’ & the Lisbon Treaty • Sanction & remedies • Policing cyberspace • Public & private law enforcement • The role of intermediary service providers • Council of Europe Guidelines for Co-operation (2008) • Controlling content & monitoring communications • Safeguarding rights

  3. Sanction and remedy • Sentencing • statutory minimums, judicial discretion • Cyber Security Enhancement Act of 2002 • ‘aggravating circumstances’ • e.g. EU Framework Decision, art. 7 • Restraint orders • Collard [2004] EWCA Crim 1664 • “..prohibited from owning, using, possessing or having any access to any personal computer, laptop computer or any other equipment capable of downloading any material from the Internet…” • Compensation • Civil enforcement, e.g. 18 U.S.C. § 1030(g)

  4. Policing cyberspace • Public law enforcement • Industrial-scale & organised crime • e.g. US Landslide investigations & the UK 7000 • Local, national & international policing structures • e.g. reporting crimes • International co-operation • e.g. www.virtualglobaltaskforce.com • ‘Operation PIN’ • community policing in cyberspace: ‘simply another public place’

  5. Policing cyberspace • Interaction with private sector • Exchanging information • e.g. Single Points of Contact (SPOCs) • Prosecution expertise • And judicial training • Pro-active intervention? • To ‘attack’ online resources

  6. Policing cyberspace • Private law enforcement • private prosecutions • e.g. Federation Against Software Theft (FAST) • investigative & reporting functions • e.g. Computer Emergency Response Team (CERT) • e.g. Internet Watch Foundation • vigilantes • e.g. US v Jarrett 338 F.3d 339 (Va., 2003) • an ‘unholy alliance’?

  7. Protected data • Biggest challenge for computer forensics in the 21st Century • Access & conversion protections • Obtaining access • Requirement to provide in intelligible form • Requirement to hand over ‘key’ • “any key, code, password, algorithm or other data” • Failure to disclose in ‘a national security case’: 5 years • Self-incrimination? • S and A [2008] EWCA Crim 2177

  8. Criminals and actors • Perpetrator • a criminal type? • motivation, opportunity & skill • From ‘script-kiddies’ to ‘überhackers’ • Inchoate offences • Attempt, conspiracy & incitement • Demanding supply • Misuse of devices, e.g. Convention, art. 6 • Intermediaries • communications service provider • limitations on liability

  9. Intermediary liability • Service providers as gatekeepers • User-generated content • indecent or obscene, encouragement of terrorism…… • Electronic commerce Directive (00/31/EC) • ‘mere conduit’, ‘caching’ & ‘hosting’ • ‘actual knowledge’ • Duties to report? • Monitoring and action • LVMH v Google (2009) • Commission review • Content aggregation, search engines, linking

  10. Controlling illegal content • Notice and take-down (in jurisdiction) • Terrorism Act 2006, s. 3 ‘internet activity’ • Liability for endorsement • Blocking access (out jurisdiction) • e.g. Internet Watch Foundation • database of URLs for child sexual abuse images • Voluntary, but with threat of mandation • International reach, e.g. Google & Yahoo! • Web-based traffic, but not P2P & other services • Problem of collateral interference • e.g. Wikipedia & Scorpions ‘Virgin Killers’

  11. Monitoring communications • Interception of content • For law enforcement purposes • e.g. Airline bombers, Madrid bombers • For commercial purposes • Phorm & behavioural targeted advertising • Accessing communications data • Attributes: Traffic, usage, location & subscriber data • e.g. 21/7 bombers (?) – from London to Italy • Data retention: 6-24 months (Directive 06/24/EC) • Google agreement with EU

  12. Safeguarding Rights • European Convention on Human Rights • Fair trial (art. 6), privacy (art. 8) & freedom of expression (art. 10) • ‘chilling effect’ • Derogations • In accordance with the law • Legal certainty • Applicable interest • i.e. national security • Necessity and proportionality

  13. Concluding remarks

More Related