The second event in the Cybersecurity Days series ‒ Fighting cybercrime through closer international cooperation ‒ took place on 30 March and was co-organised by the Geneva Internet Platform and the Division for Security Policy, Federal Ministry of Foreign Affairs of Switzerland.
The welcome remarks, delivered by Dr Michele Coduri, Deputy Head of the Division for Security Policy, Federal Ministry of Foreign Affairs of Switzerland, outlined the three challenges related to cybercrime: (i) a multitude of actors and the growing vulnerability of an increased number of devices online; (ii) the time it takes to track electronic evidence, which is usually spread over a number of jurisdictions, with targets and offenders usually located in different countries; and (iii) anonymity online.
All of these point to the need for international cooperation. The mechanism that is currently in place, the Budapest Convention, dates back to 2001 and currently has 45 state parties and another 20 countries invited to accede.
Panel 1: Cybercrime challenges for law enforcement
- Tobias Bolliger, Deputy Head of the Swiss Cybercrime Coordination Unit (CYCO), Swiss Federal Office of Police fedpol
- Michel Quillé, Executive President ‒ Forum International des Technologies de Sécurité and former Deputy Director of Europol
- Despoina Sareidaki, ICT Policy Analyst, ITU
- Volker Birk, CCC Switzerland
The first panel zoomed in on the specificity of criminal activities online and possible means of cooperation. It shed light on the need for national reporting centres that build on the knowledge, experience, and expertise of the technical community and can share and cooperate with other centres transnationally, as pointed out by Tobias Bolliger, Deputy Head of the Swiss Cybercrime Coordination Unit (CYCO), Swiss Federal Office of Police fedpol. Panellists agreed that fighting cybercrime requires a swift reaction and innovative approaches, as well as the involvement of different partners across various sectors. Law enforcement agencies need to find new ways of tackling criminal activity online. The ‘new criminal mindset’ (with numerous possibilities to interact online for criminal purposes) makes cooperation more complicated, explained Michel Quillé.
One of the successful examples of enhanced cooperation and consensus at the international level is online child protection, which is multistakeholder and covers a range of activities, from awareness raising to developing an appropriate legal framework. The work of the ITU in this area was introduced by Despoina Sareidaki, ICT Policy Analyst. Volker Birk, from Chaos Computer Club Switzerland concluded that shedding more visibility of certain illegal activities online can be more effective, as in the case of fighting child pornography. In his view, the primary responsibility of online child protection rests with the parents and surveillance does not provide the answer to all questions when it comes to investigation.
The debate with participants focused primarily on ways to ensure that the collection of evidence can help law enforcement but it is not misused to survey extensively. The responsibility of the users is important in preventing cybercrimes by making sure that their computers are not infected (to serve within botnets, for instance). Currently there is limited cooperation with big corporations (like Google and Facebook) whose business models rely on data collection, in particular after the Snowden revelations. Quillé added that the current developments represent a new paradigm, and while cooperation is needed across sectors, the potential exists for compromising confidential information, when recruiting people from the private sector to work for law enforcement agencies.
Panel 2: International frameworks for fighting cybercrime
- Alexander Seger, Head of Cybercrime Programme Office, Council of Europe
- Prof. Solange Ghernaouti, University of Lausanne
- Jayantha Fernando, Director, ICT Agency of Sri Lanka (ICTA) (remote)
- Claudio Peguero, Brigadier General, National Police, Dominican Republic (remotely)
The second panel brought into focus the need for building confidence in ICT tools for end users, providers, state actors, and law enforcement agencies. The Council of Europe (CoE) convention we have in place at the moment is more than 10 years old. It is a unique instrument to address a transnational problem. Professor Solange Ghernaouti, University of Lausanne, and the CoE’s Head of Cybercrime Programme Office, Alexander Seger, discussed the direct challenges and opportunities for reducing cyber vulnerabilities through international cooperation. Over the last 30 years, many organisations have started to take action on cybercrime, yet the focus is on critical information infrastructure with criminal justice generally sidelined, emphasised Seger.
The Budapest Convention created a framework that is complemented by monitoring mechanisms, guidelines, and capacity building initiatives. The convention, open to countries outside of Europe, currently has 45 member states (including the USA, Australia, Japan, and the Dominican Republic) and 20 state parties who have been invited to accede. According to Seger, the number of countries joining is not as important as the quality of implementation. The experience of two countries recently benefiting from the Budapest Convention was subsequently discussed. For Claudio Peguero, Brigadier General, National Police, Dominican Republic (which has become a signatory), the treaty is ‘currently the best solution [they] have available’, as it allows to them to reach the right people in time to quickly get the necessary information to prevent further damage and investigate and prosecute a cybercrime. In Asia, the affordability of mobiles and connectivity to high-speed broadband through multiple devices poses a new set of legislative and policy challenges. In Sri Lanka’s experience, the Budapest Convention created the possibility to collaborate transnationally on an equal footing with relevant agencies and it offered a model for drafting national law. ‘In our work, we discovered that the Budapest Convention was technology-neutral’, explained Jayantha Fernando, Director, ICT Agency of Sri Lanka (ICTA).
Questions from the open floor touched on the difficulties in developing a global convention against cybercrime, the need for a common definition (which is contained within the Budapest Convention), alternative instruments for cooperation besides a global treaty, and potential limitations for diplomatic and political negotiations. A concern was raised that negotiating a new international treaty would probably take more than a decade. While former discussions in the UN did not lead to an agreement, there is consensus – at least at European level – that capacity building is the way ahead. One of the benefits of the Budapest Convention is that it goes beyond a document – it has regular capacity-building activities around the world and lays down some guideline principles to help countries develop their national framework on cybercrime – even for countries that are not signatories. Many countries do not work on cybercrime legislation in isolation, but rather at the same time they design rules and norms for data protection, e-commerce, etc. Vladimir Radunović, Director of the Cybersecurity Programme at DiploFoundation and the moderator of the panel, concluded that nowadays a quick response is a must and for enabling that, countries need to build their own national environment for fighting cybercrime with more than one document, through guidelines, capacity development, and quality implementation.
The afternoon session featured a demonstration of how cybercrime is committed and fought in practice, with a live simulated DDoS attack and a tour of the DarkNet. Bjoern Christian Wolf of St Gallen University / LSE, and Predrag Tasevski of the University of Donja Gorica, two ‘white hat hackers’, discussed the ‘hidden’ online space increasingly utilised for cybercrime, the challenges and opportunities of anonymity, as well as end-user risks and counter-measures.