Cybercrime and criminal justice in cyberspaceEuropean Union and Council of Europe seminar with the Asia-Pacific region
Jayantha Fernando, Sri Lanka
Cyber Security & Cybercrime Threats and challenges
Biggest Global Policy Issue Affecting Nation States
“Digital Crime”???
Computer Crime? IT Crime?
Cyber Crime?Internet Crime?
High-Tech Crime?
Technology Crime?
CRIMETheft
Deception
Harassment
Identity Theft
Murder
IncitementTerrorism
Drug Trafficking
Child Abuse
Fraud
Robbery
Robbery
2
Cybercrime and criminal justice in cyberspace
European Union and Council of Europe seminar with the Asia-Pacific region
• Crimes against persons:
• Hacking; Phishing; Harassment via E-Mails, Facebook, Twitter etc.; Carding; E-Mail Spoofing: e-mail misrepresents its origin
• Crime against property:
• Cyber Trespass, Cyber Squatting, Malware Transmission; Intellectual Property violations
• Crimes against government:
• Cyber terrorism – Sri Lanka Embassy Network attack - 1997
• Crimes against society at large:
• Child Pornography; Online Gambling fraud; Financial Crimes
Categories of Cybercrime ?
Cybercrime and criminal justice in cyberspace
European Union and Council of Europe seminar with the Asia-Pacific region
• Cybercrime is not only about attacks against Information Systems
It’s a threat to Core Values of Democratic Societies – data theft, attacks against media, civil society organisations, parliaments, individuals and governments etc (even racism, radicalisation, terrorist misuse of information systems)
“Traditional Notion of Cybercrime”
Offences where Electronic Evidence is stored on Computers or servers in the Cloud. Such Evidence is very volatile and legally complex involving multiple nations and different legal systems
“Non Traditional”
But recognized under Article 14 (2) and Article 35 of BC
Evolving NatureChallenge of defining Cybercrime?
Cybercrime and criminal justice in cyberspace
European Union and Council of Europe seminar with the Asia-Pacific region
“Cybercrime Challenges for Sri Lanka”“Multi-National Nature, Tracing e-Evidence – Options”
Cybercrime and criminal justice in cyberspace
European Union and Council of Europe seminar with the Asia-Pacific region
• Multi jurisdictional Nature– Actions of criminals affects victims in many other
countries
– Where was the offence committed?
– Which Country has jurisdiction?
– Evidence in multiple countries (“Evidence in the Cloud”) – Speed of MLA Requests?
– Jurisdiction does not exist for Cyber criminals
– Speed of International Cooperation essential factor!!
• Global Standard to address these challenges??
Cybercrime : Challenges
Cybercrime and criminal justice in cyberspace
European Union and Council of Europe seminar with the Asia-Pacific region
Budapest Cybercrime ConventionPrivacy Safeguards – Investigation & gathering Electronic Evidence
Criminalising
conduct Illegal access
Illegal interception
Data interference
System interference
Misuse of devices
Fraud and forgery
Child pornography
IPR-offences
Procedural tools Expedited
preservation
Search and
seizure
Interception of
computer data
International
cooperation Extradition
MLA
Spontaneous
information
Expedited
preservation
MLA for accessing
computer data
MLA for
interception
24/7 points of
contact (CID)
+ +
Harmonisation
Cybercrime and criminal justice in cyberspace
European Union and Council of Europe seminar with the Asia-Pacific region
Sri Lanka ----
Road to Budapest Convention
• Sri Lanka Invited to accede to Budapest Cybercrime Convention - 23rd February 2015 (process started in October 2008)
• Acceded to the Cybercrime Convention (29th May 2015)– Applicable on Sri Lanka – w.e.f - 1st September 2015
• 1st Country in South Asia & 2nd in Asia after Japan– Fastest Accession by any Party to date
• Await a UN Treaty or adopt what’s available – “Consensus”?
• Journey towards accession over several years under “e-Sri Lanka Initiative” – Sri Lanka’s Digital Strategy:-– Regulatory and Law reform based on “International Standards”– Capacity building measures – Law Enforcement & Judicial Training
Cybercrime and criminal justice in cyberspace
European Union and Council of Europe seminar with the Asia-Pacific region
• Primary Legislation – Computer Crimes Act No. 24 of 2007– Substantive Cybercrime offences
– Procedural measures to obtain BSI and Traffic Data with Safeguards
– Mutual Legal Assistance Act – incorporated by Reference
• Other Legislative and Inter-connected measures– PAYMENT DEVICES FRAUDS ACT, No. 30 OF 2006
– Intellectual Property Act, No. 36 Of 2003
– Recommendations of Financial Action Task Force (FATF)
– Penal Code Amendments (1995) and (2006) –Online Child Pornography
– ICCPR Act (2007) – Offences against Hate Speech etc
– Mutual Legal Assistance in Criminal Matters Act No. 25 /2002 (Amended Act 24 of 2018)
• Addressing Challenges through BC – Enforcement capacity? International cooperation - Delays?
– Gathering and presenting Electronic evidence
– Challenges addressed through Capacity Building programs and Institutional Reform
– Easter Sunday Attacks and aftermath
Sri Lankan Legislative Response &
Addressing Challenges
Cybercrime and criminal justice in cyberspace
European Union and Council of Europe seminar with the Asia-Pacific region
Cybercrime and criminal justice in cyberspaceEuropean Union and Council of Europe seminar with the Asia-Pacific region
The global state of cybercrime legislation
Alexander Seger, Council of Europe
Criminalising
conduct Illegal access
Illegal interception
Data interference
System interference
Misuse of devices
Fraud and forgery
Child pornography
IPR-offences
Procedural tools Expedited
preservation
Production orders
Search and seizure
Interception of
computer data
Limited by safeguards
International
cooperation Extradition
MLA
Spontaneous
information
Expedited
preservation
MLA for accessing
computer data
MLA for interception
24/7 points of
contact
+ +
Harmonisation
Procedural powers and international cooperation for any criminal
offence involving evidence on a computer system!
COVID-19 related crime in cyberspace
► Phishing campaigns and malware distribution
through seemingly genuine information or advice
on COVID-19 .
► Ransomware shutting down medical, scientific or
other health-related facilities testing for COVID-19 or
developing vaccines
► Ransomware targeting individuals through apps
claiming to provide genuine information on COVID-
19
► Attacks against critical infrastructures or
international organizations
► Offenders targeting employees who are teleworking
► Fraud schemes offering personal protective
equipment or fake medicines claiming to prevent or
► cure SARS-CoV-2
► Misinformation or fake news to create panic, social
instability, xenophobia, racism or distrust in
measures taken health authorities
Budapest Convention
Substantive criminal law (articles
2 to 10)
Procedural powers to secure e-
evidence
International cooperation
Protocol on Xenophobia and
Racism
Guidance Notes on
Botnets
DDOS attacks
Critical information
infrastructure attacks
Malware
Spam
ID theft
The Council of Europe (through C-PROC) follows
developments on legislation worldwide since 2013.
The latest update covers the Global State of
Legislation as at February 2020
► Here is a summary of results!
Reforms of legislation on cybercrime and electronic evidence
Underway or undertaken in recent years
States By January 2013 By January 2018 By February 2020
All Africa 54 25 46% 45 83% 46 85%
All Americas 35 25 71% 31 89% 32 91%
All Asia 42 34 81% 37 88% 38 90%All Europe 48 47 98% 48 100% 48 100%
All Oceania 14 12 86% 12 86% 13 93%All 193 143 74% 173 90% 177 92%
By February 2020, 177 UN Member States (or 92%) were in the process of
undertaking reforms of legislation on cybercrime and electronic evidence
or had undertaken such reforms in recent years.
States Largely in place
by January 2013
Largely in place
by February 2020
All Africa 54 6 11% 22 41%
All Americas 35 10 29% 17 49%
All Asia 42 13 31% 18 43%All Europe 48 38 79% 44 92%
All Oceania 14 3 21% 5 36%
All 193 70 36% 106 55%
Substantive criminal (offences against and by means of computer
systems corresponding to Articles 2 to 10 Budapest Convention)
By February 2020, 106 UN Member States (or 55%) had legislation in
place with provisions criminalising offences against and by means of
computers similar to those of the Budapest Convention.
Links to the Budapest Convention
Use of Budapest Convention as guideline or source
States By January 2013 By January 2018 By February 2020
All Africa 54 21 39% 33 61% 38 70%
All Americas 35 22 63% 24 69% 26 74%
All Asia 42 25 60% 27 64% 28 67%All Europe 48 46 96% 47 98% 47 98%
All Oceania 14 10 71% 11 79% 14 100%
All 193 124 64% 142 74% 153 79%
Global impact of the Budapest Convention in terms of legislation
► a guideline or source of inspiration for domestic legislation in
153 States (or 79%)
► Almost all countries worldwide have undertaken or are undertaking
reforms of their domestic legislation on cybercrime and e-evidence.
► Budapest Convention on Cybercrime as a guideline or source by the
majority of countries.
► Capacity building needed to enable criminal justice authorities to apply
legislation in practice.
► Protocol to the Budapest Convention will address additional needs of
countries for more efficient international cooperation, cooperation in
emergency situations and cooperation with service providers.
► Any future international agreement needs to take into account reforms
already undertaken and be consistent with the Budapest Convention.
MAKING INTERNATIONAL
COOPERATION WORK
ATTY. MARKK L. PERETE
Undersecretary
Department of Justice
Philippines
Cybercrime and criminal justice in cyberspaceEuropean Union and Council of Europe seminar with the Asia-Pacific region
Outline
Legal Framework Case Study Challenges Recommendations Conclusion
Cybercrime and criminal justice in cyberspace:
Making international cooperation work
Acceded to by 65 parties globally.
First and only international treaty that deals with cybercrime and electronic evidence.
Provided legal framework on cybercrime to nearly half of the UN Member-States.
Philippines became the first country in the ASEAN region to accede to the convention in 2018.
Budapest Convention on Cybercrime
Cybercrime and criminal justice in cyberspace:
Making international cooperation work
In the Philippines, the Budapest Convention paved the way for:
The enactment of its domestic law on cybercrime –Republic Act No. 10175 or the Cybercrime Prevention Act of 2012.
The designation of its Justice Department (DOJ) as the Central Authority and of the Office of Cybercrime, within the DOJ, as the 24/7 Point-of-Contact pursuant to the Convention.
Cybercrime and criminal justice in cyberspace:
Making international cooperation work
In the Philippines, the Budapest Convention paved the way for:
Greater cooperation with 64 other members of the convention on matters of legal and other forms of assistance.
Participation in the further negotiations of the convention to ensure that it will be consistent with its laws, rules, and regulations.
Cybercrime and criminal justice in cyberspace:
Making international cooperation work
Criminalising conduct Illegal access Illegal
interception Data interference System
interference Misuse of devices Fraud and
forgery Child
pornography IPR-offences
International cooperation Extradition MLA Spontaneous
information Expedited
preservation MLA for
accessing computer data
MLA for interception
24/7 points of contact
+ +
Harmonisation
Procedural tools Expedited
preservation Search and
seizure Production
order Interception of
computer data
Scope of the Budapest Convention
Cybercrime and criminal justice in cyberspace:
Making international cooperation work
Proposed Provisions of2nd Protocol to the Convention
• Language of requests• Emergency MLA• Video Conferencing• Direct disclosure of subscriber information• Giving effect to orders from another Party
for expedited production of data
Cybercrime and criminal justice in cyberspace:
Making international cooperation work
3 General Principles of International Cooperation
1. Provided to the widest extent possible;2. Applicable to all cybercrimes and crimes entailing
the collection of electronic evidence; and3. In accordance with the: (a) tenor of the
Convention; (b) relevant international agreements on international cooperation in criminal matters; (c) reciprocal arrangements; and (4) domestic laws.
Cybercrime and criminal justice in cyberspace:
Making international cooperation work
LEGAL REQUEST LANDSCAPE IN THE PHILIPPINES
2018 2019 2020
• Total of eight (8)
requests.• Total of three (3)
Requests
• Total of three (4) Requests
In all these requests, PH
is the Requesting State.
Nature of cases: hazing,
sextortion, libel, inciting
to sedition and copyright
infringement.
Basis of the request:
MLAT on Criminal Matters
with the US.
Two (2) MLARs were
pursued with India and
UAE on the basis of
reciprocity.
In all these requests, PH
is the Requesting State.
Nature of cases: cyber
libel; computer-related
identity theft; and
murder.
Basis of the request:
MLAT on Criminal
Matters with the US.
In all these requests, PH is the Requested State. (Requesting State is Switzerland).
Nature of the crime: Illegal Access and Computer-related Fraud.
Request for assistance in the preservation of data under Articles 29 and 30 of the Budapest Convention.
Cybercrime and criminal justice in cyberspace:
Making international cooperation work
Case Study
Basis: Data Preservation under Articles 29 and 30 of the Budapest Convention
Crimes: Illegal Access and Computer-related Fraud
Facts: In May 2020, the PH received a request from theSwitzerland for preservation of all computer datarelating to IP addresses used by an unknown subject tomanipulate a Swiss airline booking system byintercepting messages between the airline’s bookingsystem and its payment processor. Four (4) ISPs wereidentified to be located in the Philippines, where onlyone (1) was able to preserve the data.
Cybercrime and criminal justice in cyberspace:
Making international cooperation work
Case Study
Challenges: ISPs in the PH are constrained to use Carrier GradeNetwork Address Translation (CGNAT) technologies.Thus, technical limitations exist as to their capacityto preserve and disclose computer data that arecrucial in cybercrime investigations.
Another challenge noted is the inability ofrequesting states to coordinate directly with theforeign ISPs when it comes to preservation ofcomputer data. Thus, added level and procedureare undertaken that result in delay in theprocessing of the request.
Cybercrime and criminal justice in cyberspace:
Making international cooperation work
The Main Problem
Electronic evidence gathering is difficult and time-consuming. It can be anywhere. Thus, the need for
efficient and swift mechanisms in collecting electronic evidence.
versus
The need to respect other States’ sovereignty and for complying with international conventions.
Cybercrime and criminal justice in cyberspace:
Making international cooperation work
Challenges
1. Gaps in domestic legislation that result in apparent conflict of law.
2. Inefficiency of mutual legal assistance request procedures.
3. Willingness/capacity of the service providers to cooperate.
Cybercrime and criminal justice in cyberspace:
Making international cooperation work
Recommendations
1. Harmonize national legislations (i.e., utilize theBudapest Convention on Cybercrime as your legalframework)
2. Adopt mechanisms that provide lenient requirementsfor facilitating international cooperation (e.g., 2ndProtocol to the Convention on Direct Cooperation andGiving Effect to Orders from another Party for ExpeditedProduction of Data, among others)
3. Implement clear regulations for service providers toensure their cooperation in cybercrime and cyber-relatedinvestigations.
Cybercrime and criminal justice in cyberspace:
Making international cooperation work
Conclusion
Increased, rapid and well-functioning international cooperation between parties of the Convention and between States and private
industry, which the Budapest Convention provides, is crucial in combatting cybercrimes.
www.coe.int/cybercrime - 15 -
Cybercrime and criminal justice in cyberspace:
Making international cooperation work
www.coe.int/cybercrime - 16 -
[email protected] of Justice
Padre Faura StreetManila, Philippines
Cybercrime and criminal justice in cyberspace:
Making international cooperation work
Cybercrime and criminal justice in cyberspaceEuropean Union and Council of Europe webinar on the Asia/Pacific region
The experience of capacity building
Leotrina Macomber, Tonga
Cybercrime and criminal justice in cyberspaceEuropean Union and Council of Europe webinar on the Asia/Pacific region
Capacity building – Tonga‘s experience
• Law enforcement training• Judicial and prosecutorial training• IT personnel training• Building valuable network• One of best outcome: Establishment
of Tonga CERT
Cybercrime and criminal justice in cyberspaceEuropean Union and Council of Europe webinar on the Asia/Pacific region
Capacity building – Tonga‘s experience
sharing
• Tonga: 1st Pacific nation Party to Budapest Convention• Promoting the Budapest Convention: cybercrime & electronic
evidence• Pacific Island countries have acknowledged the importance of
Budapest Convention• working toward becoming a Party to Budapest Convention
Cybercrime and criminal justice in cyberspaceEuropean Union and Council of Europe webinar on the Asia/Pacific region
Capacity building – Tonga‘s experience
sharing
• Pacific Island Law Officers Network (PILON)• 3 annual workshops since 2016• 70 to 80 people per workshop• developed a Pacific network of cyber experts
Cybercrime and criminal justice in cyberspaceEuropean Union and Council of Europe webinar on the Asia/Pacific region
Capacity building – Tonga‘s experience
sharing
• PILON priorities:
continue to assist States to understand the importance of
acceding to the Budapest Convention;
empower all relevant stakeholders, including but not limited to,
law enforcement officers and officers of the judicial sector to
continue to fight cybercrime with the available resources and to
seek assistance where and when needed;
Cybercrime and criminal justice in cyberspaceEuropean Union and Council of Europe webinar on the Asia/Pacific region
Capacity building – Tonga‘s experience
sharing
• PILON priorities:
develop a harmonized international cooperation process for
States to be able to effectively work with developed countries;
support further training initiatives in the area of cyber
investigations and cyber safety to ensure that our people
become good digital citizens: and
to welcome you to 4th annual workshop – Fiji Islands.