Cybercrime Conference Jakarta 19/20 March 2003 Joe McNamee European Perspective.

Slides:

Advertisements

Similar presentations

Every European Digital N. Kroes Why? from ICT as interesting to ICT as hugely important.

Advertisements

Thematic Discussion on Human Rights & Resolution 1373 Counter-Terrorism Committee Executive Directorate (CTED) United Nations New York, 7 October 2010.

Its a new digital world with new digital dangers….

Ministry of Labor and Social Policy SOCIAL POLICY COUNCILS Dragica Vlaović-VasiljevićSophia, 2-6th July 2007 Dragica Vlaović-VasiljevićSophia, 2-6th July.

A strategy for a Secure Information Society –

European Commission Jacques McMillan Enterprise Directorate-General Legal aspects linked to internal market EUROPEAN CONFERENCE ON MARKET SURVEILLANCE.

UNODC & the Global Response to Cybercrime

Communications Regulatory Agency Media Literacy and Protection of Children Experiences of the Communications Regulatory Agency of BH Kemal Huseinović,

1 Trade facilitation: Benefits and Capacity Building for Customs UNECE International Forum on Trade Facilitation, May 2003 Kunio Mikuriya Deputy.

Final Report Presentation By Mohammad Saber Sakhizada March,26 – 2009.

IDRC Forum in KyotoApril 13, Challenges in Enforcing Chinese Antimonopoly Law Prof. Dr. Wang Xiaoye Chinese Academy of Social Sciences

Electronic commerce EDI (8 decade) – base of EC – “Netscape” – propose SSL (Secure Sockets Layer) 1995 – “Amazon.com” “eBay.com” 1998 – DSL (Digital.

What about a future European Safety Act ? June 8, 2012 Noëlle Lenoir.

Financial Services and Consumer redress Unit DG SANCO The Commission‘s initiative on Collective Redress.

Eneken Tikk // EST. Importance of Legal Framework  Law takes the principle of territoriality as point of departure;  Cyber security tools and targets.

AN INTERNATIONAL SOLUTION TO A GLOBAL PROBLEM. A Global Problem What is cybercrime? How does it affect us ? The solution.

Legal Context Saskia Mermans  Ispa and the legislation  Legal Framework for the Internet: general observation  Highlights of the legislation.

MEDIA LAW Copenhagen University SESSION 10 Dirk VOORHOOF Ghent University (->contact)

Data Protection and Cybercrime The dilemma of Internet Service Providers CEENET Workshop 22 September 2002 Joe McNamee Regulatory Affairs Manager, EuroISPA.

Urban-Nexus – Integrated Urban Management David Ludlow and Michael Buser UWE Sofia November 2011.

1 Axel Plathe UNESCO ETD 2003 Next Steps - Electronic Theses and Dissertations Worldwide Berlin, Germany, 21 May 2003 Scientific information for equitable.

Making the Services Directive Work Dublin 6 March 2014 Services Directive and why it matters.

WIPO Copyright Sector 1.  Fundamental or constitutional rights or public interest: freedom of speech, access to information, right for education, enjoyment.

A Common Immigration Policy for Europe Principles, actions and tools June 2008.

IT Security Policy in Japan 23 September 2002 Office of IT Security Policy Ministry of Economy, Trade and Industry JAPAN.

Baker & McKenzie Presented by Gabriela Vendlova 3 December 2002 Intellectual Property Rights: Importance of Trademark Protection in the Digital World.

The emergence of an Enforcement Agenda Intellectual Property Rights and Access to Essential Medicines: Challenges and Opportunities in Free Trade Agreement.

Computer Law University of Palestine University of Palestine Eng. Wisam Zaqoot Eng. Wisam Zaqoot Feb 2010 Feb 2010 ITSS 4201 Internet Insurance and Information.

21 st April th CEPIS Spring Council - Prague Presentation Title Here 30pt Arial Data retention Draft statement for CEPIS By CEPIS LSI.

Tackling IT crime in a global context: the Convention on Cybercrime 3 years after Julio Pérez Gil University of Burgos, Spain.

Regional Conference Intellectual Property Crime Bahrain April 2008.

NRCCL (University of Oslo, Faculty of Law) Hyperlinks and search engines(I) Jon Bing Norwegian Research Center for Computers and Law Master Lecture 16.

Standards and innovation What is a standard? How do standards promote innovation? What is the role of governments and the UN?

EReg Topic Group IV Harmonisation of commercial and temporary plates Progress Report 06/04/20111 LAMESCH Jean.

1 Re–use of PSI – Challenges and Opportunities ePSIplus National Meeting Greece 21 May 2008 Athens.

Cybersecurity Governance in Ethiopia

The European influence on privacy law and practice Nigel Waters, Pacific Privacy Consulting International Dimension of E-commerce and Cyberspace Regulation.

Prevention and Remediation in Selected Industrial Sectors, June 2005, Ottawa NATO’s Scientific Programme Thomas Strassburger Ottawa, Canada NATO’s.

Moving Forward With the African Dialogue Cross-Border Principles By Mary Gurure Manager, Legal Services and Compliance COMESA Competition Commission Lilongwe,

The New EU Directives Oftel Forum 25/04/02 Heather Clayton.

Confidence Building Measures Anatoly A.Streltsov D.Tech., D.J., prof. deputy director of the IPII MSU named by M.V.Lomonosov.

EU Funding opportunities : Rights, Equality and Citizenship Programme Justice Programme Jose Ortega European Commission DG Justice.

Environmental Management System Definitions

Software Industry Issues Mark Lange Microsoft EMEA March 1, 2005.

2009/10/06 STUDY ON RECOGNITION OF PROFESSIONAL QUALIFICATIONS Alternative title slide.

1 GSC: Standardization Advancing Global Communications ISACC Opening Plenary Presentation GSC-11 SOURCE:ISACC TITLE:ISACC Opening Plenary Presentation.

Eurostat ESTP course on International Trade in Goods Statistics April 2013 Point 2 of the agenda Legal framework for EU trade statistics.

2002 Symantec Corporation, All Rights Reserved The EU Regulations and IT security An industry perspective Ilias Chantzos, Government Relations EMEA Terena.

PROTECTION OF PERSONAL DATA. OECD GUIDELINES: BASIC PRINCIPLES OF NATIONAL APPLICATION Collection Limitation Principle There should be limits to the collection.

IP RIGHTS and USER NEEDS in a DIGITAL ENVIRONMENT A Publishing view by Hugh Jones Copyright Counsel to The Publishers Association and International STM.

FLEGT and REDD+ reflections from VPA negotiations 4 October 2011 Julia Falconer, European Commission, DEVCO C2.

EU activities against cyber crime Radomír Janský Unit - Fight against Organised Crime Directorate-General Justice, Freedom and Security (DG JLS) European.

Information Security Legislation Moving ahead Information Security 2001 Professional Information Security Association Sin Chung Kai Legislative Councillor.

Models for Cyber-legislation in ESCWA member countries Presented by Jean Akl & Roula Zayat Amman, December 11, 2007.

Intellectual Property. Confidential Information Duty not to disclose confidential information about a business that would cause harm to the business or.

CRIMINAL LAW OF THE EUROPEAN UNION 1 April 2015 THE LISBON TREATY AND CRIMINAL LAW Dr. sc. Zoran Burić Department of Criminal Procedural Law University.

European Commission Taxation and Customs Union Directorate-General UN ECE / WCO Conference 13 November 2003 an E C approach to securityby John Pulford.

ICT Legislation  Copyright, Designs and Patents Act (1988);  Computer Misuse Act (1990);  Health and Safety at Work Act (1974);  EU Health and Safety.

The Commonwealth Cybercrime Initiative David Tait, Cybercrime Policy Analyst.

Information and Network security: Lithuania Tomas Lamanauskas Deputy Director Communications Regulatory Authority (RRT) Republic of Lithuania; ENISA Liaison.

Week 12. Lecture 2. Health Law & the EU Cross-border healthcare: patients’ rights.

M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 10 – Information society and media.

EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.

M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 31 – Common Foreign and Security Policy.

European (Sector) Social Dialogue overview & update

Office of Legal Affairs

Internet Watch Foundation (IWF)

Overview of the Budapest Convention on Cybercrime (2001)

Audiovisual Sector Social Dialogue Committee

UNODC and CYBERCRIME October 2009.

Presentation transcript:

Cybercrime Conference Jakarta 19/20 March 2003 Joe McNamee European Perspective

Developments to date (EU) Directives on protection of personal data 1995/2002 Directive on certain legal aspects of electronic commerce Directive on copyright in the information society Creation of the EU Cybercrime Forum Establishment of the Information Security Agency Framework Decision on attacks against computer systems Electronic Singatures Directive

Data Protection Abuse of personal data is the most frequent abuse on Internet Damages trust in online activity and therefore whole industry Two Directives in the EU, one general, one telecoms-specific Establish rules regarding appropriate use of personal data Establish rules regarding export of data

Electronic Commerce Directive Limits liability of ISPs: Establishes the principle of mere conduit Prohibits requirements for general monitoring of online activity Removes liability for temporary technical copies of illegal material Removes liability from hosting providers who do not have actual knowledge of illegal activity

Directive Copyright in the Information Society Establishes the copyright status of temporary technical copies Establishes rules regarding copyright exemptions for private copying Gives rightsholders injunction rights Reinforces the WIPO 3 step test for exemptions (special cases, no conflict with normal exploitation, not unreasonably prejudice legitimate interests of rightsholder New Directive published on enforcement of intellectual property rights

Cybercrime Forum Established 2001 to involve all stakeholders in cybercrime discussions Two plenary meetings and one expert meeting since then Crucial to involve industry, data protection authorities, civil liberties groups, etc Conflict between need for openness and need for substantive discussions

Network Security Agency Proposals published Feb Currently going through EU legislative process Aims to collect and analyse information regarding emerging risks Aims to identify, assess and support emerging security standards Aims to promote best practice

Decision on attacks against information systems Aims to harmonise EU approach to malicious attacks Unauthorised access (hacking) Disruption of information systems (Denial of Service attacks) Execution of malicious software (viruses) Interception of communications Malicious misrepresentation No safeguards for free speech (was the virtual march on Washington illegal interference?)

Electronic Signatures Directive Electronic signatures must be treated as equivalent of physical signature if it meets certain technical requirements Establishes rules concerning certification service providers E-signatures important for e-government Irish e-tax system allows filing and paying of tax online Calculated (with 60 employees) to have replaced 40,000 phone calls Target to have 75% of tax returns online by 2005

Data Retention/Preservation Data Preservation is targeted and implemented on case-by-case basis Mandated by the Council of Europe Cybercrime Convention Data Retention is general retention of data on all citizens No international agreement or legal basis

Problems of data retention No agreement on what data should be retained Costs proportionately higher for smaller service providers Huge stores of data create a security risk Differing legislation in different countries makes cross-border service provision difficult No compelling case for data retention has been made

Points to consider for data retention Can weak competition in telecoms support a further disadvantage for small service providers? If small providers shouldn't be asked to pay, are public funds available? No data retention in, for example, USA. What's different in Indonesia? Will mandatory retention provide a further disincentive for foreign investment in the telecoms market? What problems exist that cannot be solved with cooperation with service providers?

European inconsistency Some countries don't want it at all The countries that do want it have varying definitions Case study Ireland: Will introduce data retention rules this year Minster admits he does not know what data he wants to have retained Minister admits he does not know how long he wants the data to be retained Ministry says that the lack of data retention does not cause problems

Need for data retention Five out of fifteen EU Member States have indicated that they have no current problems due to lack of data retention The UK has had to re-write their surveillance laws Denmark has data retention, but has not signed the Cybercrime Convention An attempt to agree a simple text calling for introduction of EU data retention failed last year

Current data retention in EU No unified approach to data retention in the near future Those countries with data retention have different definitions, different timescales, different objectives, different funding and different data sets Countries with data retention created laws without clear objectives or plans for funding and implementation

Other EU initiatives Convention on mutual legal assistance Multiannual action plan on promoting safer use of the Internet Council Recommendation on contact points for high-tech crime Directive on a Community framework for electronic signatures Council decision to combat child pornography on the Internet

G8 Excellent document produced in Tokyo, May potential consequence for data retention Lists key aspects of data retention Creates basic guidelines Lists traffic data types Did not have the deserved impact or follow up, either within our outside the G8

Council of Europe Convention Huge potential, due to global aspect, but an opportunity lost Unclear definitions an invitation to uneven implementation – article on content data with no definition! Too much influence from vested interests (spam described in one draft as a normal business practice) A more focussed approach could have achieved much more – WIPO and the UN could have dealt with copyright and paedophilia separately)

Lessons learnt Dialogue is essential with all stakeholders, including consumers Clear objectives needed before legislation in drafted (not as obvious at it seems!) Legislation must have a clear focus (surveillance, copyright, attacks on computer systems, etc.) The solutions must be proportionate to the problems

Thank you for your attention Joe McNamee