Presentation is loading. Please wait.

Presentation is loading. Please wait.

Prepared by the Cybercrime Programme Office of the Council of Europe

Similar presentations


Presentation on theme: "Prepared by the Cybercrime Programme Office of the Council of Europe"— Presentation transcript:

1 Prepared by the Cybercrime Programme Office of the Council of Europe
Արևելյան Գործընկերություն Східне партнерство Eastern Partnership აღმოსავლეთ პარტნიორობა Parteneriatul Estic Şərq tərəfdaşlığı Partenariat Oriental Усходняе Партнёрства Project III Public-private cooperation in the protection of critical infrastructure Draft Memorandum of Cooperation between Law Enforcement and Internet service providers of Ukraine Prepared by the Cybercrime Programme Office of the Council of Europe

2 Cybersecurity Cybercrime vs. Cybersecurity Non-intentional incidents
Typically defined as: the protection of the confidentiality, integrity and availability of computer data and systems in order to enhance security, resilience, reliability and trust in ICT Motivated by: Reliance on ICT -> national interest Economic potential of ICT CIIP -> National security Protection against: Non-intentional incidents Intentional attacks by state and non- state actors against ICT (c-i-a attacks) Measures: Protection, mitigation, recovery through technical, procedural, institutional measures (vulnerability analyses, early warning/response, CERT/CSIRTs, etc) Cybercrime legislation, investigation, international cooperation 2

3 Cybercrime Cybercrime vs. Cybersecurity
Defined as: Offences against computer data and systems (c-i-a offences) (Articles 2-6 Budapest Convention) Offences by means of computers (such as Articles 7-10 Budapest Convention) Motivated by: Crime prevention and criminal justice Protection against: Intentional attacks against and by means of computers Any crime involving electronic evidence on a computer system Measures: Investigation, prosecution, adjudication Conditions and safeguards Prevention Technical and other measures 3

4 Cybercrime vs. Cybersecurity
Cyber-/information security strategies Cybercrime strategies Security/trust/resilience/reliability of ICT Rule of law/ criminal justice and human rights Non-intentional ICT security incidents Intentional attacks against ICT by Offences by means of ICT Offences involving ICT Disasters State actors Non-state actors Terror-ists Crimin-als Technical failure Human failure Fraud Child expl. Terrorist use of ICT IPR-offences Extortion, etc Any offence involving electronic evidence Critical infrastructure attacks Other attacks on confiden-tiality, integrity and availability of ICT 4

5 Cybercrime vs. Cybersecurity
Human rights and rule of law Human development and democratic governance Security, confidence and trust in ICT Rule of law in cyberspace Cybercrime strategy Cybersecurity Offences against confidentiality, integrity and availability of computer data and systems Offences by means of computers Electronic evidence 5

6 Measures against Cybercrime
Council of Europe and cybercrime: rationale democracy rule of law human rights in order to promote Measures against Cybercrime Established in 1949 Currently 47 member States

7 Need for public-private cooperation
Need to respond to challenges of cyberspace in terms of criminal justice action, including protection of infrastructure; Electronic evidence is volatile and hard to get and preserve, and is prone to travel beyond the reach of criminal justice officials; More often than not, data/evidence is held by private sector entities in the form of subscriber, traffic or content data; Therefore, a central issue to the discussion of the public / private cooperation against cybercrime and on electronic evidence is: Access by the criminal justice officials to data held by private sector 7

8 Cooperation indicators
Some of the common benchmarks used for verifying whether a working public- private cooperation process exists in relation to cybercrime/e-evidence: Law Criminal laws/procedure in place (e-evidence, definitions, powers, cooperation, etc.) ISP liability regime present (mere conduit, etc) Stakeholder readiness/information exchange Defined and active communities (LEA, CSIRT, DPA, etc.) Knowledge, expertise and specialization Regular operational meetings Compliance Issues of trust / general compliance / voluntary co-operation level Cooperation agreements International cooperation Level of co-operation with multinational companies (Microsoft Google FB Twitter etc) 8

9 Law: applicable standards
Laws must be: precise, balanced and predictable; The following have been devised as applicable sets of legal regulation: Necessary definitions and categories of data and evidence; Conditions on storage of and access to data as electronic evidence; Implementation of procedural powers under the Cybercrime Convention; and Safeguards and guarantees applicable to exercise of such procedural powers. The Budapest Convention on Cybercrime provides for concepts and definitions of electronic evidence, types of data, sanctions, etc. Procedural powers under the Convention: Data preservation/limited disclosure Production orders Search and seizure Monitoring and interception of data subject to safeguards and guarantees that relate to exercise of all of these powers.

10 Criminal justice authorities
Stakeholders: Criminal justice authorities Law enforcement: cybercrime/high-tech/computer crime units + operatives at the national police forces cybercrime investigation powers within security services financial investigators internal or external expert capacity in both securing and processing electronic evidence. Prosecutors / specialized units: guidance and focus on evidence; Judiciary authorities: oversight and rules of evidence; Examples of issues: Use of special and less transparent powers in operative/security environment; Information exchange seen as more of a one-way street; Different/inadequate competences; Cooperation in exceptional/exigent mode becomes the norm; Excessive use of more intrusive options.

11 Internet service providers
Stakeholders: Internet service providers Hold most often sought electronic evidence: Subscriber information Traffic data Content data (very rarely) Key principles: liability for data stored/accessed to Cooperation with law enforcement increasing: more resources needed; Examples of issues: Lack of clarity and coherence in terms of data retention; Issues of cost of access to data / data retention vs. preservation; Limited and disjointed systems of oversight (both internal and external); General mistrust toward the law enforcement; Ownership issues/ size and business model; Delays in responses; Etc.

12 Stakeholders: Other communities Financial investigations/intelligence
Regulation toward private vendors/banking/critical infrastructure Focus on crime proceeds Virtual currencies/electronic money State security agencies Blocking of websites/resources in expedited manner Terrorism prevention Hate speech Information/cybersecurity/CSIRT Private ownership of critical infrastructure – applicable regulations Crime reporting and chain of custody for potential evidence/data in incident handling

13 Stakeholders: Other communities Communications regulators
Licensing / regulations; Adjudication of disputes between industry players, Focus on the protection of subscriber to the service of the Internet service providers Data protection Mass processing of personal data through data retention regulations / oversight; Oversight of law enforcement access to such data / data protection principles. Non-governmental sector Monitoring of the child sexual abuse material online Facilitating voluntary compliance … Sky is the limit?

14 Developments in Ukraine
Series of Council of Europe workshops and meetings since September 2016 Reports in November 2016 and May 2017 Overview of the situation Recommendations to government authorities Draft amendments to legislation 14

15 The need for a MoU Memorandum of Understanding
One of the recommendations to restore trust between public and private sector and to facilitate cooperation To involve major stakeholders in Ukraine and agree on detailed cooperation principles 15

16 The main elements of the draft MoU
Promote the use of the ICT Recognise the need to cooperate and exchange of information Ensure protection of fundamental rights and freedoms To fight crime, in particular cybercrime 16

17 Draft MoU – areas covered
Cooperation based on the rule of law and human rights Rule of law Cooperation based on law Conditions and safeguards Procedural powers – principle of proportionality 17

18 Draft MoU – areas covered
Procedures and practices of communications Cooperation – exchange of information, access to electronic evidence Procedures for sending and receiving requests Contact points between parties, rights and responsibilities 18

19 Draft MoU – areas covered
Adequate level of knowledge and capacity building Personnel having professional level of knowledge and expertise Develop a system for capacity building and training in the areas of handling cybercrime, cyber-related incidents and electronic evidence Joint trainings including practical exercises for cybercrime and cybersecurity incidents 19

20 Draft MoU – areas covered
Cooperation for prevention of Internet-related crime Identification of resources available Awareness raising measures to prevent crime, including guidelines on safe behaviour on the Internet Support to the Internet resources and Critical Information Infrastructure to ensure safer cyberspace in Ukraine 20

21 Draft MoU – expected outcome
Joint working group to organise and participate in meetings to exchange practical experience and identify issues for improving the cooperation and exchange of information Additional guidelines if necessary Good practice guidance for lawful removal of electronic data, computer systems inspection and seizure of computer systems To facilitate better understanding To increase trust 21

22 Thank you for your attention
Giorgi Jokhadze Project Manager Cybercrime Programme Office Council of Europe - Conseil de l'Europe Bucharest, Romania 22


Download ppt "Prepared by the Cybercrime Programme Office of the Council of Europe"

Similar presentations


Ads by Google