The document discusses cybercrime in Europe and recent legal and policy developments. It outlines that cybercrime has had a significant impact in Europe, costing governments and societies an estimated €750 billion annually, though the full extent is unknown due to inconsistent definitions and underreporting. It then provides an overview of the European Union's efforts to address cybercrime through strategies adopted by the Council of the EU since 2008, as well as through the EU's 2010-2014 Stockholm Programme which calls on members to ratify international agreements and increase cooperation on cybercrime issues.
This wonderful presentation, appropriate for teens and young adults, was created by Symantec's Rayane Hazimeh for the Dubai Techfest, 2013. We thank her for generously sharing her content with the SlideShare community.
Cybercrimes in Europe - Recent Legal and Policy Developments (Fecomercio-SP, ...Cédric Laurant
This document discusses cybercrime in Europe, including its impact and recent legal and policy developments. It describes how cyber attacks on Estonia in 2007 highlighted the need for a coordinated European response to cybercrime. It then provides an overview of developments in the EU and some member states, including the Council of the EU adopting strategies to address crimes like child pornography, terrorism, and network attacks. Recent studies show cybercrime costs European companies and governments billions annually.
5. Experience from recent national & international cyber exercisesisc2-hellenic
This document discusses cyber exercises and the speaker's experience participating in them. It provides definitions of cyber exercises, categories of exercises (real-time and offline), typical training incidents covered, and objectives. The speaker's organization has participated in the Panoptis national Greek cyber defense exercises from 2010-2014 and the NATO Cyber Coalition 2014 exercise. These exercises train participants in skills like forensic investigation, malware analysis, and incident response through scenarios. The objectives are to evaluate security controls and identify gaps, train blue teams, and provide lessons learned.
Palestine laws do not currently address cybercrimes. No legal protections or punishments exist for crimes committed online. However, a new draft penal law regulates some cybercrime issues. Internationally, there is no unified agreement but regional conventions like the Budapest Convention aim to protect societies from cybercrime through legislation and cooperation. The tutorial calls for Palestine's e-government to be legally protected from these online threats.
4th annual global study of 13,000 online adults, their experiences with cybercrime, their attitudes and adoption of online security best practices, blurred lines between work and home with BYOD and the social stress brought on by our addiction to mobile devices and social networks.
Cybercrime and the Hidden Perils of Patient DataStephen Cobb
This document discusses the risks of cybercrime for healthcare organizations and patient data. It begins by outlining how cybercrime has increased risks to patient data and the liabilities organizations face for data breaches or non-compliance. It then provides examples of real data breaches and the large fines organizations have faced. The document recommends that organizations perform risk assessments, have outside security reviews, implement key security controls like strong authentication and encryption, and educate employees on security policies and controls. Regular re-assessments are also advised to address evolving threats.
Primavera _ Mike Sicilia _ Orace Primavera vision and road ahead.pdfInSync2011
This document provides an overview and roadmap for Oracle Primavera. It discusses Oracle Primavera's transformation into a complete enterprise project portfolio management platform. It highlights the benefits of an enterprise approach to project management, including economies of scale, standardization, transparency, and visibility. It also discusses how Oracle Primavera solutions support an enterprise approach through integration, consistency, and providing a global view of all projects.
1) The document discusses cybercrime, including defining it as criminal activities carried out through computers or the internet.
2) It covers the phenomena of cybercrime through topics like the different types of offenses and how cybercrime has developed over time from the 1960s onward.
3) The challenges of fighting cybercrime are examined, such as the number of internet users, encryption technologies, and the international dimensions and speed of data exchange that cybercrime involves.
This wonderful presentation, appropriate for teens and young adults, was created by Symantec's Rayane Hazimeh for the Dubai Techfest, 2013. We thank her for generously sharing her content with the SlideShare community.
Cybercrimes in Europe - Recent Legal and Policy Developments (Fecomercio-SP, ...Cédric Laurant
This document discusses cybercrime in Europe, including its impact and recent legal and policy developments. It describes how cyber attacks on Estonia in 2007 highlighted the need for a coordinated European response to cybercrime. It then provides an overview of developments in the EU and some member states, including the Council of the EU adopting strategies to address crimes like child pornography, terrorism, and network attacks. Recent studies show cybercrime costs European companies and governments billions annually.
5. Experience from recent national & international cyber exercisesisc2-hellenic
This document discusses cyber exercises and the speaker's experience participating in them. It provides definitions of cyber exercises, categories of exercises (real-time and offline), typical training incidents covered, and objectives. The speaker's organization has participated in the Panoptis national Greek cyber defense exercises from 2010-2014 and the NATO Cyber Coalition 2014 exercise. These exercises train participants in skills like forensic investigation, malware analysis, and incident response through scenarios. The objectives are to evaluate security controls and identify gaps, train blue teams, and provide lessons learned.
Palestine laws do not currently address cybercrimes. No legal protections or punishments exist for crimes committed online. However, a new draft penal law regulates some cybercrime issues. Internationally, there is no unified agreement but regional conventions like the Budapest Convention aim to protect societies from cybercrime through legislation and cooperation. The tutorial calls for Palestine's e-government to be legally protected from these online threats.
4th annual global study of 13,000 online adults, their experiences with cybercrime, their attitudes and adoption of online security best practices, blurred lines between work and home with BYOD and the social stress brought on by our addiction to mobile devices and social networks.
Cybercrime and the Hidden Perils of Patient DataStephen Cobb
This document discusses the risks of cybercrime for healthcare organizations and patient data. It begins by outlining how cybercrime has increased risks to patient data and the liabilities organizations face for data breaches or non-compliance. It then provides examples of real data breaches and the large fines organizations have faced. The document recommends that organizations perform risk assessments, have outside security reviews, implement key security controls like strong authentication and encryption, and educate employees on security policies and controls. Regular re-assessments are also advised to address evolving threats.
Primavera _ Mike Sicilia _ Orace Primavera vision and road ahead.pdfInSync2011
This document provides an overview and roadmap for Oracle Primavera. It discusses Oracle Primavera's transformation into a complete enterprise project portfolio management platform. It highlights the benefits of an enterprise approach to project management, including economies of scale, standardization, transparency, and visibility. It also discusses how Oracle Primavera solutions support an enterprise approach through integration, consistency, and providing a global view of all projects.
1) The document discusses cybercrime, including defining it as criminal activities carried out through computers or the internet.
2) It covers the phenomena of cybercrime through topics like the different types of offenses and how cybercrime has developed over time from the 1960s onward.
3) The challenges of fighting cybercrime are examined, such as the number of internet users, encryption technologies, and the international dimensions and speed of data exchange that cybercrime involves.
The document discusses cybercrime and computer misuse cases in Mauritius and African regions. It profiles several Mauritian cybercriminals who engaged in hacking, sabotage, and unauthorized computer access. Cases of computer misuse in Mauritius include phishing schemes and international call diversion. Common cybercrimes in Nigeria, South Africa, and Ghana are also examined, along with relevant legislation in African countries. The challenges of fighting cybercrime in Mauritius are discussed, along with the roles of the Cyber Crime Unit and CERT-MU.
This document discusses cybercrime, including its definition, types, statistics, consequences, prevention, and reasons not to commit cybercrime. It defines cybercrime as a criminal act carried out through cybertechnology or in cyberspace. Some common types are cyber-stalking, online fraud, identity theft, and phishing. Statistics show cybercrime cases increasing 61x from 2001 to 2014, with over 500 million victims annually losing over $800 billion worldwide. Consequences include financial losses, lost intellectual property and customer trust. The document recommends steps to prevent cybercrime like using strong passwords and updating antivirus software. It concludes that cybercrime is against religion, law, and philosophy.
This document discusses strategies for organizations to get ahead of cybercrime based on EY's Global Information Security Survey 2014. It outlines a three stage process for cybersecurity maturity: Activate to establish foundations; Adapt to dynamically respond to changes; and Anticipate to proactively prepare. Many organizations still need to improve their abilities to activate foundational security, adapt quickly to changes, and anticipate future threats. The document recommends specific actions organizations can take at each stage to improve their cybersecurity posture and get ahead of cyber attackers.
Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...Dinesh O Bareja
Cybersecurity and cybercrime organizations must be created with great planning but that is not happening anywhere. In India we have a plethora of organizations sprouting up in every domain and we all know too many cooks spoil the broth. I make a case for governance at the national and state level and make the case for having a planned structure that will ensure good security, good response and offense too, if needed.
Comprehensive Report on The Cannabis Extract MovementTheHempSolution
A comprehensive review of evidence that cannabis extracts can treat many cancers and other diseases. Features information from patients, caregivers, researchers, doctors, dispensaries, and corporations. Includes medical documentation of terminal cancer patients in full remission.
Cyber crime is a growing problem in India. Some common cyber crimes reported in India include phishing, hacking of government websites, and identity theft. India ranks 11th globally for reported cyber crimes, which are increasing due to factors like rapid growth of internet users. Common cyber crimes involve unauthorized access to systems, data theft and alteration, and using computers to enable other illicit activities. While laws like the IT Act 2000 have been enacted to tackle cyber crimes, enforcement remains a challenge as only a small percentage of crimes are reported. Techniques like antivirus software, firewalls, and educating users can help address the problem.
This document summarizes Mint, a personal finance management tool. It allows users to track spending, savings goals, and net worth. Mint makes money through referral fees when users switch financial products based on Mint's recommendations. The document outlines Mint's market size and opportunity, competitors, value proposition, user and partner acquisition strategies, business model, and projected financials. It expects rapid user and revenue growth as it acquires users through viral and partnership channels and converts them through intelligent suggestions.
Continuing our series of studies into Digital, Social and Mobile use around the world, this report explores the connected landscape in China in August 2015. It shares the latest active user figures for fixed and mobile internet; shares details of the most active social media platforms, and outlines user behaviour across mobile devices and e-commerce. For more info, please visit http://bit.ly/DSMCN15
Cybercrime Court Decisions from Latin America - Legal and Policy Developments...Cédric Laurant
This document summarizes major legal and policy developments related to cybercrime in Latin America. It discusses efforts by organizations like the Organization of American States and Council of Europe to promote international cooperation on cybercrime legislation and enforcement. It notes that Argentina and Colombia recently enacted new cybercrime laws. It also outlines challenges to fighting cybercrime in Latin America, such as lack of harmonization between laws and limited law enforcement capabilities.
UN/ITU - Organisational Structures and Incident Management - CybersecurityDr David Probert
In-Depth Presentation for the Cybersecurity Workshop that was Jointly Organised by the UN/ITU and CITEL in Salta City, Argentina - November 2010. The presentation focuses on the implementation of the recommended UN/ITU (International Telecommunications Union) Global Cybersecurity Agenda and the importance of CERTs (Computer Emergency Response Teams)
This document provides an overview of the Internet Organised Crime Threat Assessment (IOCTA) for 2015. Some key findings include:
- Cybercrime is becoming more aggressive and confrontational, often using extortion techniques that require little technical skill. This suggests changes in offender profiles.
- Malware such as ransomware and banking Trojans remain significant threats for both individuals and businesses.
- Data breaches led to a large amount of stolen data being used for payment fraud and identity theft in 2014. However, better cooperation between law enforcement and the private sector is helping to address cybercrime challenges.
Technology development is a necessity. Information and Communication Technology is a large dome of terminology that includes all technical equipment for processing and conveying information. It has also caused the world's relationships to be unconstrained. It's here and now means it's somewhere else and now. In every line of technological life present that contributes its role to the desired coveted will be better. That dream is in fact two blades facing each other. In the body of one knife exactly each other. On the one hand technology contributes to the improvement of welfare, progress, and human civilization. Furthermore, on the other hand, technology can be an instrument in the act against the law. With human information technology then likes getting a vehicle to burst its criminal lust. Criminal crime by taking technology as a medium, then manifested in various forms. These forms include hacking, cracking, and so on. Do not be surprised if for example your balance arrives – suddenly reduced, or the bank hundreds of millions in
The document discusses various topics related to surveillance, including Jeremy Bentham's Panopticon model of surveillance, increased surveillance of both public and virtual spaces, and examples of creative practitioners using online strategies to critique surveillance and globalization. It also shares several news articles about issues like government censorship of Wikipedia, data breaches at the tax office, and a student cracking the government's internet porn filter.
Application Final Project Introduction Evolution of Cybercrimes.docxalfredai53p
Application: Final Project Introduction: Evolution of Cybercrimes
The Internet has changed lives in fundamental and positive ways. It also has opened the door to new types of cybercrime, which can run the gamut from identity theft to organizing terrorist plots. As each new type of crime comes to light, usually through a case that draws national attention, law enforcement and government respond using increasingly sophisticated surveillance technology. Law enforcement’s use of technology to prevent and combat cybercrime has prompted even greater "advances" in criminal activity with the use of encryption, anonymizers, and proxy servers.
With this assignment, you begin building your Final Project. To begin, select one of the cybercrimes presented in this course: cyber-bullying, cyber-stalking, cyber-hate, cyber-predators, or a type of white-collar crime that utilizes technology. Examine the evolution of that cybercrime and consider how advances in technology have influenced its evolution.
The Assignment (2–3 pages)
Describe the type of cybercrime you selected.
Explain the evolution of the cybercrime, including when it gained national attention and any circumstances or case that might have prompted the national attention.
Explain how advances in technology have influenced the evolution of that cybercrime.
.
This document discusses cyber crime and provides definitions and classifications of both conventional and cyber crimes. It begins by defining conventional crime and noting that crime has always been a part of human society. It then defines cyber crime, noting that a computer can be either a tool or target of criminal activity. Various types of cyber crimes are outlined such as those involving financial crimes, pornography, intellectual property crimes, and hacking. Prevention and security measures to address cyber crime are also discussed such as user access controls, firewalls, intrusion detection systems, and response mechanisms.
This document discusses cyber crime and security. It begins by defining cyber crime as any criminal act dealing with computers and networks, including traditional crimes conducted online. The document then covers the history of cyber crime, categories of cyber crime such as those against persons, property, and government. It discusses various types of cyber crimes like hacking, computer vandalism, DoS attacks, and their impact. The document also covers cyber security, ethics, laws, and tips for staying safe online.
This document discusses the growing threat of cyber crime and terrorism posed by the internet. It provides statistics showing a rapid rise in internet-related criminal complaints and losses. Specifically, the US saw a 22% increase in complaints from 2008-2009, with losses rising from $264.6 million to $559.7 million. Other countries like Belgium, South Korea, and European/East Asian nations also saw large increases in cyber crime. The document examines how critical infrastructure systems are vulnerable, citing examples of attacks on Iran's nuclear power plant and Chinese hacking of Taiwanese government computers, representing the emergence of online warfare. It argues the internet poses a serious and growing threat to national security worldwide.
The Internet and Law Enforcement Challenges The Internet h.docxkailynochseu
The Internet and Law Enforcement Challenges
The Internet has been in widespread use for less than 20 years. Its use, however, is now commonplace in the U.S.—in business, education, and law enforcement. While the widespread use of the Internet has made life much easier in many ways, it has also made committing crimes easier. Criminals have developed a variety of subtle and sophisticated ways to use the Internet to locate and lure victims. Complex issues, such as identify theft and child pornography, have posed significant law enforcement challenges. In this Discussion, you explore a variety of law enforcement challenges that have arisen due to the widespread use of the Internet to commit crimes.
To prepare for this Assignment:
Review Chapter 14 of the course text, Policing America: Challenges and Best Practices. Focus on how technology continues to influence the manner in which the police respond to various threats.
Review the articles, “Virtual Neighborhood Watch: Open Source Software and Community Policing against Cybercrime” and “Defining Child Pornography: Law Enforcement Dilemmas in Investigations of Internet Child Pornography Possession.” Consider the different problems presented by two Internet crimes—child pornography and identity theft.
Review the article "Terror in Cyberspace." Pay attention to specific threats that could arise as Internet access becomes more and more readily available.
Review the article "Policing Cybercrimes: Situating the Public Police in Networks of Security Within Cyberspace." Focus on the challenges that cybercrimes pose for the police.
Review the video, "Tracking Internet Fraud Complaints." Focus on how IC3 is currently addressing Internet crime complaints.
Select two law enforcement challenges related to Internet crimes
.
Think about how each of the challenges you selected can be addressed.
With these thoughts in mind:
Post by Thursday October 06, 2016 a 350 word
description of at least two law enforcement challenges related to Internet crimes. Then explain how each challenge might be best addressed. Be specific.
Support your work with proper APA citations from the Learning Resources and any other sources.
.
This document discusses regulating the internet while protecting rights and unlocking potential. It covers technological trends like broadband adoption and mobile apps, and societal trends like user participation and dependency on internet infrastructure. Regulating the internet poses challenges due to anonymity, its borderless nature, rapid innovation, and involvement of private entities. The goals of regulation are to stimulate trust, protect fundamental rights, and create an open market. Approaches to regulation include self-regulation, state regulation, co-regulation, and using technology itself.
The document discusses cyberterrorism threats to critical infrastructure systems like power grids. It describes how terrorist groups could target these systems through cyber attacks, giving examples of botnets being used to overwhelm networks with denial of service attacks. The document also examines the challenges of attribution and response to such attacks since terrorist networks operate asymmetrically online. It argues strong cybersecurity defenses and ability to trace attacks are needed to counter potential cyberterrorism.
The document discusses cybercrime and computer misuse cases in Mauritius and African regions. It profiles several Mauritian cybercriminals who engaged in hacking, sabotage, and unauthorized computer access. Cases of computer misuse in Mauritius include phishing schemes and international call diversion. Common cybercrimes in Nigeria, South Africa, and Ghana are also examined, along with relevant legislation in African countries. The challenges of fighting cybercrime in Mauritius are discussed, along with the roles of the Cyber Crime Unit and CERT-MU.
This document discusses cybercrime, including its definition, types, statistics, consequences, prevention, and reasons not to commit cybercrime. It defines cybercrime as a criminal act carried out through cybertechnology or in cyberspace. Some common types are cyber-stalking, online fraud, identity theft, and phishing. Statistics show cybercrime cases increasing 61x from 2001 to 2014, with over 500 million victims annually losing over $800 billion worldwide. Consequences include financial losses, lost intellectual property and customer trust. The document recommends steps to prevent cybercrime like using strong passwords and updating antivirus software. It concludes that cybercrime is against religion, law, and philosophy.
This document discusses strategies for organizations to get ahead of cybercrime based on EY's Global Information Security Survey 2014. It outlines a three stage process for cybersecurity maturity: Activate to establish foundations; Adapt to dynamically respond to changes; and Anticipate to proactively prepare. Many organizations still need to improve their abilities to activate foundational security, adapt quickly to changes, and anticipate future threats. The document recommends specific actions organizations can take at each stage to improve their cybersecurity posture and get ahead of cyber attackers.
Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...Dinesh O Bareja
Cybersecurity and cybercrime organizations must be created with great planning but that is not happening anywhere. In India we have a plethora of organizations sprouting up in every domain and we all know too many cooks spoil the broth. I make a case for governance at the national and state level and make the case for having a planned structure that will ensure good security, good response and offense too, if needed.
Comprehensive Report on The Cannabis Extract MovementTheHempSolution
A comprehensive review of evidence that cannabis extracts can treat many cancers and other diseases. Features information from patients, caregivers, researchers, doctors, dispensaries, and corporations. Includes medical documentation of terminal cancer patients in full remission.
Cyber crime is a growing problem in India. Some common cyber crimes reported in India include phishing, hacking of government websites, and identity theft. India ranks 11th globally for reported cyber crimes, which are increasing due to factors like rapid growth of internet users. Common cyber crimes involve unauthorized access to systems, data theft and alteration, and using computers to enable other illicit activities. While laws like the IT Act 2000 have been enacted to tackle cyber crimes, enforcement remains a challenge as only a small percentage of crimes are reported. Techniques like antivirus software, firewalls, and educating users can help address the problem.
This document summarizes Mint, a personal finance management tool. It allows users to track spending, savings goals, and net worth. Mint makes money through referral fees when users switch financial products based on Mint's recommendations. The document outlines Mint's market size and opportunity, competitors, value proposition, user and partner acquisition strategies, business model, and projected financials. It expects rapid user and revenue growth as it acquires users through viral and partnership channels and converts them through intelligent suggestions.
Continuing our series of studies into Digital, Social and Mobile use around the world, this report explores the connected landscape in China in August 2015. It shares the latest active user figures for fixed and mobile internet; shares details of the most active social media platforms, and outlines user behaviour across mobile devices and e-commerce. For more info, please visit http://bit.ly/DSMCN15
Cybercrime Court Decisions from Latin America - Legal and Policy Developments...Cédric Laurant
This document summarizes major legal and policy developments related to cybercrime in Latin America. It discusses efforts by organizations like the Organization of American States and Council of Europe to promote international cooperation on cybercrime legislation and enforcement. It notes that Argentina and Colombia recently enacted new cybercrime laws. It also outlines challenges to fighting cybercrime in Latin America, such as lack of harmonization between laws and limited law enforcement capabilities.
UN/ITU - Organisational Structures and Incident Management - CybersecurityDr David Probert
In-Depth Presentation for the Cybersecurity Workshop that was Jointly Organised by the UN/ITU and CITEL in Salta City, Argentina - November 2010. The presentation focuses on the implementation of the recommended UN/ITU (International Telecommunications Union) Global Cybersecurity Agenda and the importance of CERTs (Computer Emergency Response Teams)
This document provides an overview of the Internet Organised Crime Threat Assessment (IOCTA) for 2015. Some key findings include:
- Cybercrime is becoming more aggressive and confrontational, often using extortion techniques that require little technical skill. This suggests changes in offender profiles.
- Malware such as ransomware and banking Trojans remain significant threats for both individuals and businesses.
- Data breaches led to a large amount of stolen data being used for payment fraud and identity theft in 2014. However, better cooperation between law enforcement and the private sector is helping to address cybercrime challenges.
Technology development is a necessity. Information and Communication Technology is a large dome of terminology that includes all technical equipment for processing and conveying information. It has also caused the world's relationships to be unconstrained. It's here and now means it's somewhere else and now. In every line of technological life present that contributes its role to the desired coveted will be better. That dream is in fact two blades facing each other. In the body of one knife exactly each other. On the one hand technology contributes to the improvement of welfare, progress, and human civilization. Furthermore, on the other hand, technology can be an instrument in the act against the law. With human information technology then likes getting a vehicle to burst its criminal lust. Criminal crime by taking technology as a medium, then manifested in various forms. These forms include hacking, cracking, and so on. Do not be surprised if for example your balance arrives – suddenly reduced, or the bank hundreds of millions in
The document discusses various topics related to surveillance, including Jeremy Bentham's Panopticon model of surveillance, increased surveillance of both public and virtual spaces, and examples of creative practitioners using online strategies to critique surveillance and globalization. It also shares several news articles about issues like government censorship of Wikipedia, data breaches at the tax office, and a student cracking the government's internet porn filter.
Application Final Project Introduction Evolution of Cybercrimes.docxalfredai53p
Application: Final Project Introduction: Evolution of Cybercrimes
The Internet has changed lives in fundamental and positive ways. It also has opened the door to new types of cybercrime, which can run the gamut from identity theft to organizing terrorist plots. As each new type of crime comes to light, usually through a case that draws national attention, law enforcement and government respond using increasingly sophisticated surveillance technology. Law enforcement’s use of technology to prevent and combat cybercrime has prompted even greater "advances" in criminal activity with the use of encryption, anonymizers, and proxy servers.
With this assignment, you begin building your Final Project. To begin, select one of the cybercrimes presented in this course: cyber-bullying, cyber-stalking, cyber-hate, cyber-predators, or a type of white-collar crime that utilizes technology. Examine the evolution of that cybercrime and consider how advances in technology have influenced its evolution.
The Assignment (2–3 pages)
Describe the type of cybercrime you selected.
Explain the evolution of the cybercrime, including when it gained national attention and any circumstances or case that might have prompted the national attention.
Explain how advances in technology have influenced the evolution of that cybercrime.
.
This document discusses cyber crime and provides definitions and classifications of both conventional and cyber crimes. It begins by defining conventional crime and noting that crime has always been a part of human society. It then defines cyber crime, noting that a computer can be either a tool or target of criminal activity. Various types of cyber crimes are outlined such as those involving financial crimes, pornography, intellectual property crimes, and hacking. Prevention and security measures to address cyber crime are also discussed such as user access controls, firewalls, intrusion detection systems, and response mechanisms.
This document discusses cyber crime and security. It begins by defining cyber crime as any criminal act dealing with computers and networks, including traditional crimes conducted online. The document then covers the history of cyber crime, categories of cyber crime such as those against persons, property, and government. It discusses various types of cyber crimes like hacking, computer vandalism, DoS attacks, and their impact. The document also covers cyber security, ethics, laws, and tips for staying safe online.
This document discusses the growing threat of cyber crime and terrorism posed by the internet. It provides statistics showing a rapid rise in internet-related criminal complaints and losses. Specifically, the US saw a 22% increase in complaints from 2008-2009, with losses rising from $264.6 million to $559.7 million. Other countries like Belgium, South Korea, and European/East Asian nations also saw large increases in cyber crime. The document examines how critical infrastructure systems are vulnerable, citing examples of attacks on Iran's nuclear power plant and Chinese hacking of Taiwanese government computers, representing the emergence of online warfare. It argues the internet poses a serious and growing threat to national security worldwide.
The Internet and Law Enforcement Challenges The Internet h.docxkailynochseu
The Internet and Law Enforcement Challenges
The Internet has been in widespread use for less than 20 years. Its use, however, is now commonplace in the U.S.—in business, education, and law enforcement. While the widespread use of the Internet has made life much easier in many ways, it has also made committing crimes easier. Criminals have developed a variety of subtle and sophisticated ways to use the Internet to locate and lure victims. Complex issues, such as identify theft and child pornography, have posed significant law enforcement challenges. In this Discussion, you explore a variety of law enforcement challenges that have arisen due to the widespread use of the Internet to commit crimes.
To prepare for this Assignment:
Review Chapter 14 of the course text, Policing America: Challenges and Best Practices. Focus on how technology continues to influence the manner in which the police respond to various threats.
Review the articles, “Virtual Neighborhood Watch: Open Source Software and Community Policing against Cybercrime” and “Defining Child Pornography: Law Enforcement Dilemmas in Investigations of Internet Child Pornography Possession.” Consider the different problems presented by two Internet crimes—child pornography and identity theft.
Review the article "Terror in Cyberspace." Pay attention to specific threats that could arise as Internet access becomes more and more readily available.
Review the article "Policing Cybercrimes: Situating the Public Police in Networks of Security Within Cyberspace." Focus on the challenges that cybercrimes pose for the police.
Review the video, "Tracking Internet Fraud Complaints." Focus on how IC3 is currently addressing Internet crime complaints.
Select two law enforcement challenges related to Internet crimes
.
Think about how each of the challenges you selected can be addressed.
With these thoughts in mind:
Post by Thursday October 06, 2016 a 350 word
description of at least two law enforcement challenges related to Internet crimes. Then explain how each challenge might be best addressed. Be specific.
Support your work with proper APA citations from the Learning Resources and any other sources.
.
This document discusses regulating the internet while protecting rights and unlocking potential. It covers technological trends like broadband adoption and mobile apps, and societal trends like user participation and dependency on internet infrastructure. Regulating the internet poses challenges due to anonymity, its borderless nature, rapid innovation, and involvement of private entities. The goals of regulation are to stimulate trust, protect fundamental rights, and create an open market. Approaches to regulation include self-regulation, state regulation, co-regulation, and using technology itself.
The document discusses cyberterrorism threats to critical infrastructure systems like power grids. It describes how terrorist groups could target these systems through cyber attacks, giving examples of botnets being used to overwhelm networks with denial of service attacks. The document also examines the challenges of attribution and response to such attacks since terrorist networks operate asymmetrically online. It argues strong cybersecurity defenses and ability to trace attacks are needed to counter potential cyberterrorism.
This document provides the agenda for a cyber security day event organized by PwC. The agenda includes sessions on key cybersecurity trends, cyberattack simulations, new European cybersecurity partnerships, and results from a CISO survey. There will also be presentations from next-generation cybersecurity solution companies, networking opportunities, and a panel discussion on how cybersecurity can drive economic growth. The event aims to update attendees on the latest cybersecurity threats, solutions, and opportunities in both the public and private sectors.
The presentation of a public hearing of the European Parliament in Brussels, Belgium in 2018. Expert witness Lars Hilse was heard on the risks of cyber terrorism against critical infrastructure and public places.
Similar to Ii congresso de crimes eletrônicos e formas de proteção – 27 09-2010 – apresentação de cédric laurant (20)
O documento descreve o objetivo do Índice de Bem-Estar Urbano de São Paulo (IRBEM), que é formar um conjunto de indicadores para que a sociedade civil, governos, empresas e instituições conheçam as condições e modos de vida dos cidadãos, a fim de que as ações públicas e privadas tenham como foco principal o bem-estar das pessoas. Em 2008, foi realizada uma consulta pública que levantou os principais aspectos considerados importantes para a qualidade de vida dos paulistanos. Desde então, pesquisas an
Apresentação Criatividade Digital - Baia EsmeraldaFecomercioSP
O documento discute a criação de um polo de educação superior em criatividade digital no Brasil para formar profissionais com habilidades globais. O programa de dois anos integraria ensino, pesquisa e indústria para desenvolver aplicativos, games, filmes e outros produtos digitais. A iniciativa traria grandes benefícios econômicos à região através dos empregos e receitas fiscais gerados.
O documento discute como a tecnologia impactou as relações de trabalho ao longo da história, reduzindo drasticamente o tempo gasto em tarefas manuais e abrindo novas oportunidades de trabalho. Apresenta exemplos como a máquina de lavar roupa e a água encanada que libertaram grande parte do tempo das mulheres, e discute como a internet, apesar de ser menos disruptiva que a invenção do telégrafo, revolucionou a sociedade por meio dos dados gerados e das redes sociais.
O documento fornece dados e tendências sobre o comércio eletrônico no Brasil em outubro de 2015, incluindo: o crescimento contínuo das vendas online, com 44% dos usuários da internet realizando compras online; as categorias mais vendidas sendo eletrônicos, moda e beleza; e dispositivos móveis respondendo por 35% do acesso aos sites de comércio eletrônico.
Apresentação Pesquisa Conjuntural do Comércio Eletrônico FecomercioSP
O documento apresenta os resultados da Pesquisa Conjuntural do Comércio Eletrônico para o Estado de São Paulo referente ao mês de agosto de 2015, com dados sobre número de pedidos, tíquete médio e participação regional no faturamento do e-commerce paulista. Os principais destaques são a queda de 4,4% nas vendas online na comparação com julho e de 10,1% em relação a agosto do ano anterior.
A dimensão do e-commerce no varejo brasileiroFecomercioSP
O e-commerce no varejo brasileiro cresceu 24% em 2014, movimentando R$35,8 bilhões. Mais de 100 milhões de pedidos foram realizados e espera-se que as vendas alcancem R$41 bilhões em 2015. O crescimento médio anual do e-commerce brasileiro entre 2001-2014 foi de 38,9%.
O documento descreve as principais alterações trazidas pela Emenda Constitucional no 87/2015 sobre o ICMS nas operações interestaduais destinadas a consumidor final não contribuinte. A EC determinou que nestes casos o imposto correspondente à diferença entre a alíquota interna e interestadual será rateado entre os estados de origem e destino. Também trouxe mudanças nas obrigações acessórias como a GIA-ST e NF-e para identificar o tipo de destinatário. Por fim, analisa alguns exemplos mostrando que a carga tributária total pode
Apresentação Pesquisa Internet - Viviânne MartinsFecomercioSP
A pesquisa mapeou os hábitos de consumo na internet de 1.000 usuários em São Paulo, focando em viagens de lazer e negócios. Quase 70% usam a internet para planejar viagens de lazer, contra 36% para viagens de negócios. 57% concluem a compra no site consultado, e preços acessíveis e praticidade são as maiores vantagens da compra online.
O documento apresenta os resultados de uma pesquisa sobre o emprego no setor de viagens e eventos no estado de São Paulo. O estoque de empregos formais no setor cresceu 30% desde 2007, com destaque para o transporte e hospedagem. A maioria dos trabalhadores tem ensino médio incompleto e idade entre 30-39 anos, sendo ligeiramente maior a participação masculina.
O Conselho Executivo de Viagens e Eventos Corporativos (CEVEC) tem como objetivos debater assuntos pertinentes ao setor de viagens e eventos corporativos, realizar projetos e estudos focados em modernização, sustentabilidade e transversalidade no setor. O CEVEC é composto por profissionais experientes das indústrias de viagens e eventos corporativos com o objetivo de gerar inteligência de mercado e servir como referência em inovação no setor.
O documento descreve a Federação do Comércio de Bens, Serviços e Turismo do Estado de São Paulo (FecomercioSP), congregando 156 sindicatos patronais e representando 1,8 milhão de empresas que contribuem com 11% do PIB paulista. A FecomercioSP administra o Sesc-SP e o Senac-SP e atua por meio de conselhos, assessorias, debates, publicações e boletins para defender os interesses do setor.
Reforma Política - 12.09.2014 – Apresentação de Mônica CaggianoFecomercioSP
Este documento discute os sistemas eleitorais majoritários e proporcionais, comparando suas vantagens e desvantagens. Sistemas majoritários buscam maiorias estáveis mas podem subrepresentar partidos menores, enquanto sistemas proporcionais refletem melhor as perspectivas da população mas podem levar a governos frágeis. O sistema brasileiro utiliza um sistema proporcional de representação para o legislativo e majoritário para o executivo.
Reforma Política - 12.09.2014 – Apresentação de José Roberto Faria LimaFecomercioSP
O documento discute vários aspectos do sistema eleitoral e político brasileiro, incluindo os sistemas majoritário e proporcional, pontos positivos e negativos do voto distrital, e considerações sobre como aprimorar a democracia no país, como auditar as urnas eletrônicas e limitar a reeleição.
Reforma Política - 12.09.2014 – Apresentação de Gaudêncio TorquatoFecomercioSP
O documento discute a cultura política brasileira e suas implicações no arcabouço institucional do país. Apresenta quatro hipóteses sobre a dependência do estado, a crise da democracia, a tecnodemocracia e o presidencialismo de coalizão no Brasil. Também analisa os prós e contras do mandato único e da reeleição.
Reforma Política - 12.09.2014 – Apresentação de Everardo MacielFecomercioSP
O documento discute os problemas da representatividade política no Brasil, incluindo o alto custo das campanhas, formas heterodoxas de financiamento como emendas parlamentares, e a necessidade de reformas para aumentar a transparência do financiamento de campanhas e partidos políticos.
Seminário Terceirização e o STF: o que esperar? - 01092014 – Apresentação de ...FecomercioSP
O documento discute as etapas de aprovação do PL 4330/2004, que protege os direitos dos trabalhadores terceirizados. Ele garantiria os mesmos direitos da CLT e responsabilizaria as empresas contratantes em caso de descumprimento. O texto também rebate mitos sobre a lei e incentiva o acesso a mais informações em um site listado.
Seminário terceirização e o STF: o que esperar? - 01092014 – Apresentação de ...FecomercioSP
I. O documento discute a terceirização na Vale S.A., mencionando vantagens como redução de custos e maior flexibilidade, mas também desafios como a gestão de fornecedores e o cumprimento de obrigações trabalhistas.
II. São apresentados três exemplos de atividades terceirizadas pela Vale: serviços refratários, içamento de cargas e fornecimento de explosivos.
III. Informações sobre processos trabalhistas ativos e ajuizados em 2014 contra a Vale e suas empresas também são fornecidas.
Seminário Terceirização e o STF: o que esperar? - 01092014 – Apresentação de ...FecomercioSP
O documento discute a importância da terceirização para a indústria química brasileira. A terceirização é vista como forma de agregar valor através da especialização de tarefas, aumentando a competitividade. No entanto, a falta de regulamentação específica gera insegurança jurídica para o setor.
Seminário Terceirização e o STF: o que esperar? - 01092014 – Apresentação de ...FecomercioSP
O documento discute a terceirização no setor florestal brasileiro. O setor representa 6% do PIB industrial brasileiro e gera 5 milhões de empregos. A terceirização reduz a necessidade de aquisição de terras pelas empresas, gera renda para os produtores rurais e promove o desenvolvimento rural. No entanto, o Ministério Público do Trabalho vê a prática como terceirização ilícita.
SATTA MATKA SATTA FAST RESULT KALYAN TOP MATKA RESULT KALYAN SATTA MATKA FAST RESULT MILAN RATAN RAJDHANI MAIN BAZAR MATKA FAST TIPS RESULT MATKA CHART JODI CHART PANEL CHART FREE FIX GAME SATTAMATKA ! MATKA MOBI SATTA 143 spboss.in TOP NO1 RESULT FULL RATE MATKA ONLINE GAME PLAY BY APP SPBOSS
Call8328958814 satta matka Kalyan result satta guessing➑➌➋➑➒➎➑➑➊➍
Satta Matka Kalyan Main Mumbai Fastest Results
Satta Matka ❋ Sattamatka ❋ New Mumbai Ratan Satta Matka ❋ Fast Matka ❋ Milan Market ❋ Kalyan Matka Results ❋ Satta Game ❋ Matka Game ❋ Satta Matka ❋ Kalyan Satta Matka ❋ Mumbai Main ❋ Online Matka Results ❋ Satta Matka Tips ❋ Milan Chart ❋ Satta Matka Boss❋ New Star Day ❋ Satta King ❋ Live Satta Matka Results ❋ Satta Matka Company ❋ Indian Matka ❋ Satta Matka 143❋ Kalyan Night Matka..
The APCO Geopolitical Radar - Q3 2024 The Global Operating Environment for Bu...APCO
The Radar reflects input from APCO’s teams located around the world. It distils a host of interconnected events and trends into insights to inform operational and strategic decisions. Issues covered in this edition include:
Profiles of Iconic Fashion Personalities.pdfTTop Threads
The fashion industry is dynamic and ever-changing, continuously sculpted by trailblazing visionaries who challenge norms and redefine beauty. This document delves into the profiles of some of the most iconic fashion personalities whose impact has left a lasting impression on the industry. From timeless designers to modern-day influencers, each individual has uniquely woven their thread into the rich fabric of fashion history, contributing to its ongoing evolution.
Discover the Beauty and Functionality of The Expert Remodeling Serviceobriengroupinc04
Unlock your kitchen's true potential with expert remodeling services from O'Brien Group Inc. Transform your space into a functional, modern, and luxurious haven with their experienced professionals. From layout reconfiguration to high-end upgrades, they deliver stunning results tailored to your style and needs. Visit obriengroupinc.com to elevate your kitchen's beauty and functionality today.
Cover Story - China's Investment Leader - Dr. Alyce SUmsthrill
In World Expo 2010 Shanghai – the most visited Expo in the World History
https://www.britannica.com/event/Expo-Shanghai-2010
China’s official organizer of the Expo, CCPIT (China Council for the Promotion of International Trade https://en.ccpit.org/) has chosen Dr. Alyce Su as the Cover Person with Cover Story, in the Expo’s official magazine distributed throughout the Expo, showcasing China’s New Generation of Leaders to the World.
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
The Most Inspiring Entrepreneurs to Follow in 2024.pdfthesiliconleaders
In a world where the potential of youth innovation remains vastly untouched, there emerges a guiding light in the form of Norm Goldstein, the Founder and CEO of EduNetwork Partners. His dedication to this cause has earned him recognition as a Congressional Leadership Award recipient.
IMPACT Silver is a pure silver zinc producer with over $260 million in revenue since 2008 and a large 100% owned 210km Mexico land package - 2024 catalysts includes new 14% grade zinc Plomosas mine and 20,000m of fully funded exploration drilling.
AI Transformation Playbook: Thinking AI-First for Your BusinessArijit Dutta
I dive into how businesses can stay competitive by integrating AI into their core processes. From identifying the right approach to building collaborative teams and recognizing common pitfalls, this guide has got you covered. AI transformation is a journey, and this playbook is here to help you navigate it successfully.
Satta matka fixx jodi panna all market dpboss matka guessing fixx panna jodi kalyan and all market game liss cover now 420 matka office mumbai maharashtra india fixx jodi panna
Call me 9040963354
WhatsApp 9040963354
The Genesis of BriansClub.cm Famous Dark WEb PlatformSabaaSudozai
BriansClub.cm, a famous platform on the dark web, has become one of the most infamous carding marketplaces, specializing in the sale of stolen credit card data.
How are Lilac French Bulldogs Beauty Charming the World and Capturing Hearts....Lacey Max
“After being the most listed dog breed in the United States for 31
years in a row, the Labrador Retriever has dropped to second place
in the American Kennel Club's annual survey of the country's most
popular canines. The French Bulldog is the new top dog in the
United States as of 2022. The stylish puppy has ascended the
rankings in rapid time despite having health concerns and limited
color choices.”
Ii congresso de crimes eletrônicos e formas de proteção – 27 09-2010 – apresentação de cédric laurant
1. Cybercrime in Europe
Recent Legal & Policy Developments
Cédric Laurant
Presentation available at http://blog.cedriclaurant.org
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
(http://www.fecomercio.com.br/?option=com_eventos&view=interna&Itemid=11&id=2730)
2. Outline
• 1. Impact of cybercrime in the EU
• 2. General overview of the latest legal and public policy
developments in the field of cybercrime in Europe
• 3. Recent cybercrime developments (case law and new
laws) in a few EU Member States
• 4. How Europe’s recent legal and policy developments
may provide lessons for Brazil and Latin America
2
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
3.
4. Outline
• 1. Impact of cybercrime in the EU
• 2. General overview of the latest legal and public policy
developments in the field of cybercrime in Europe
• 3. Recent cybercrime developments (case law and new
laws) in a few EU Member States
• 4. How Europe’s recent legal and policy developments
may provide lessons for Brazil and Latin America
4
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
5. 1. Impact of cybercrime in Europe
• Uncertainty of the scope in the world: absence of reliable
statistical information about extent of problem, and about
arrests, prosecutions and convictions.
• Why?
– Difficult to estimate extent of financial loss and number of
offences committed by cybercriminals. (Some extrapolate
cybercrime-related losses to businesses and institutions in the United
States to about USD 67 billion per year, to 750 billion in the world.)
– Uncertain extent to which victims report cybercrime for
negative publicity and reputation damage concerns.
• Difficult to quantify impact of cybercrime on society and
develop strategies to address the issue.
5
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
6. From: Norton Cybercrime Report: The Human Impact (August 2010)
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
6
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
1. Impact of cybercrime in Europe
7. From: Norton Cybercrime Report: The Human Impact (August 2010)
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
7
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
1. Impact of cybercrime in Europe
8. From: Norton Cybercrime Report: The Human Impact (August 2010)
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
8
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
1. Impact of cybercrime in Europe
9. • Impact on EU-based companies, European computer users
and consumers whose personal information is misused,
leaked, stolen.
– The European Commission reported recently that governments and
society lose some €750 billion every year in the EU
– Other pan-European law enforcement agencies (Interpol and ENISA)
hesitate to come up with a number because of the lack of a single
Europe-wide definition of cybercrime.
– We will refer to the very recent Ponemon Institute, First Annual
Cost of Cybercrime Study, July 2010 to provide us with numbers on
the cost of cybercrime for US companies.
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
9
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
1. Impact of cybercrime in Europe
10. • Key conclusions from the Ponemon Institute study of July 2010 that
quantifies the economic impact of cyber-crime attacks:
– “Cybercrime attacks” include criminal activity conducted via the
Internet: theft of a company’s intellectual property, confiscation of online
bank accounts, creation and distribution of viruses on other computers,
posting confidential business information on the Internet, and disruption
of a country’s critical national infrastructure.
– “Cost” includes: “direct, indirect and opportunity costs that resulted from
the loss or theft of information, disruption to business operations,
revenue loss and destruction of property, plant and equipment, and the
external consequences of the cybercrime. The survey also captures the
total cost spent on detection, investigation, containment, recovery and
after-the-fact or “ex-post” response.
– Cybercrimes can do serious harm to an organization’s bottom line. The
median annualized cost of cybercrime of the 45 organizations
surveyed is $3.8 million per year. It can range from $1 million to $52
million per year per company.
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
10
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
1. Impact of cybercrime in Europe the US
11. From: Ponemon Institute, First Annual Cost of Cybercrime Study, July 2010
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
11
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
1. Impact of cybercrime in Europe the US
12. • Impact of cybercrime on US companies:
– Key conclusions from a recent study that quantifies the
economic impact of cyber-crime attacks:
• Cybercrime attacks are now common occurrences. The
companies surveyed experienced 50 successful attacks per week
and more than one successful attack per company per week.
• Cybercrime attacks can get costly if not resolved quickly:
average number of days to resolve a cyber attack was 14 days;
average cost per company of $17,696 per day. Malicious insider
attacks can take up to 42 days or more to resolve. Quick resolution
is needed for today’s cybercrime attacks.
• Information theft represents the highest external cost, followed
by the costs associated with the disruption to business operations.
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
12
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
1. Impact of cybercrime in Europe the US
13. From: Ponemon Institute, First Annual Cost of Cybercrime Study, July 2010
13
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
1. Impact of cybercrime in Europe the US
14. • Impact of cybercrime on US companies:
– Key conclusions from a very recent study that quantifies the economic
impact of cybercrime attacks:
• Detection and recovery are the most costly internal
activities.
14
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
1. Impact of cybercrime in Europe the US
15. From: Ponemon Institute, First Annual Cost of Cybercrime Study, July 2010
15
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
1. Impact of cybercrime in Europe the US
16. • Impact of cybercrime on US companies:
– Key conclusions from a very recent study that quantifies the economic
impact of cybercrime attacks:
• All industry sectors are impacted.
16
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
1. Impact of cybercrime in Europe the US
17. From: Ponemon Institute, First Annual Cost of Cybercrime Study, July 2010
17
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
1. Impact of cybercrime in Europe the US
18. • 2. Impact on European computer users whose personal
information is misused, leaked, stolen.
• 3. Impact on European consumers and e-commerce in the
EU.
The Norton Cybercrime Report: The Human Impact of August 2010
finds that:
– “For nearly 3 in 10 victims, the biggest hassle is the time it takes to
sort things out: […] 4 weeks to resolve an average cyber-crime
incident.”
– “There’s the emotional baggage, with around 1/5 of victims finding it
made them stressed, angry and embarrassed (19%), and 14%
mourning the loss of irreplaceable data or items of sentimental value,
such as photo collections.”
18
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
1. Impact of cybercrime in Europe
19. From: Norton Cybercrime Report: The Human Impact (August 2010)
19
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
1. Impact of cybercrime in Europe
20. Outline
• 1. Impact of cybercrime in the EU
• 2. General overview of the latest legal
and public policy developments in
the field of cybercrime in Europe
• 3. Recent cybercrime developments (case law and new
laws) in a few EU Member States
• 4. How Europe’s recent legal and policy developments
may provide lessons for Brazil and Latin America
20
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
21. • Everything really started in 2007 with large-scale cyber
attacks on Estonia:
21
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
22. 2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
“Cyberattacks on Estonia (also known as the Estonian
Cyberwar or Web War 1) refers to a series of cyber attacks that
began April 27, 2007 and swamped websites of Estonian
organizations, including Estonian parliament, banks, ministries,
newspapers and broadcasters, amid the country's row with
Russia about the relocation of the Bronze Soldier of Tallinn, an
elaborate Soviet-era grave marker, as well as war graves in
Tallinn. Most of the attacks that had any influence on the general
public were distributed denial of service type attacks ranging
from single individuals using various low-tech methods like ping
floods to expensive rentals of botnets usually used for spam
distribution. Spamming of bigger news portals commentaries and
defacements including that of the Estonian Reform Party website
also occurred.”
(Extract from: http://en.wikipedia.org/wiki/2007_cyberattacks_on_Estonia)
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
22
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
23. 2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
23
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
From “Times Comes to Its Senses on Cyber War”. Wired (24 June 2007) http://
www.wired.com/dangerroom/2007/06/httpwwwnytimesc/
24.
25. 2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
• A. Developments in the European Union
– Council of the EU (composed of ministers from the 27 EU
Member States)’s work:
• Council has adopted work strategies and practical measures
against cybercrime since 2008., i.e. “the multiple crimes
committed by means of electronic networks”. It is mainly
concerned with child pornography and other forms of sexual
violence, terrorism, threats and large scale attacks to
electronic networks, and other traditional Internet crimes
such as "identity fraud, identity theft, fraudulent sales,
financial offenses, illicit trading on the Internet, particularly
narcotics and arms dealing.”
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
25
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
26. 2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
• A. Developments in the EU
– EU’s “Stockholm Programme”:
• 5-year plan (2010-2014) for the EU’s DG Justice and Home
Affairs in the area of "freedom, security and justice”.
• Call on Member States to ratify the CoE Cybercrime
Convention as soon as possible, to give their full support to
the national alert platforms in charge of the fight against
cybercrime and the need for cooperation with countries
outside the European Union; invitation to the Commission to
take measures for enhancing/improving public private
partnerships, and Europol to step up strategic analysis on
cyber crime.
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
26
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
27. 2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
• A. Developments in the EU
– Council of the EU proposed 3 basic measures to respond
to cybercrime:
• strengthen partnership between public and private sector
to detect and prevent criminal activities
• improve knowledge and training among authorities
involved in the fight against cybercrime in Europe;
particularly, to set up a network of Head of police against
cybercrime, and
• reinforce technical and international co-operation with
countries that most actively deal with cybercrime.
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
27
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
28. 2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
• A. Developments in the EU
– Council of the EU: “Council conclusions concerning an Action Plan to
implement the concerted strategy to combat cybercrime” (26 April
2010):
• Call to action: how the main points of the strategy to combat cybercrime should
be implemented, both in the short and medium term; Council invited Member
States and the European Commission to introduce technological measures to
combat cybercrime; called for shot-term and medium-term measures to be
included in the Action Plan accompanying the Stockholm Programme
(2010-2014) and the future Internal Security Strategy.
• Short-term measures: update the functions assigned to Europol's European
Cybercrime Platform in order to facilitate the collection, exchange and analysis of
information; Member States are invited to set up their national cybercrime
reporting systems; set up a platform to report criminal acts committed on the
Internet; promote cross-border law enforcement cooperation and public-private
partnership, particularly in the fight against child pornography; enable data
exchange at a European scale and according to domestic laws; resort to joint
investigation and enquiry teams; promote the use of joint investigation teams.
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
28
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
29. 2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
• A. Developments in the EU
– Council of the EU: “Council conclusions concerning an Action Plan to
implement the concerted strategy to combat cybercrime” (26 April
2010):
• Medium-term measures: to ratify the CoE Cybercrime Convention; raise the
educational standards of specialization of the police, judges, prosecutors and
forensic staff in order to carry out cybercrime investigations; encourage
information sharing between Member States’ law enforcement authorities; assess
the situation of the fight against cybercrime in the EU and EU Member States in
order to better understand trends and developments and adopt a common
approach in the fight against cybercrime internationally; promote relationships
with European agencies (EUROJUST, EUROPOL, ENISA, etc.), international
bodies (INTERPOL, ONU, etc.) or third countries on new technology subjects;
promote and boost activities to prevent cybercrime by promoting best practices.
• The Council also called for the European Commission to draw up a feasibility
study on the idea of a new European cybercrime agency that would tie together
law enforcement agencies and other entities dedicated to fighting cybercrime.
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
29
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
30. 2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
• A. Developments in the EU
– 3 agencies:
• Europol (training national police, judges and prosecutors in
cybercrime)
• Eurojust
• European Network and Information Security Agency (“ENISA”)
– Next steps:
• Summer 2010: European Commission to propose new directive on
improving protection against attacks on networks and information
systems
• October 2010: European Commission to present “EU Internal
Security Strategy”, which includes cybersecurity.
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
30
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
31. 2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
• A. Developments in the EU
– General critique:
• “Quis custodiet ipsos custodes?” (Juvenal)
"Who will watch the watchers?”
• Oversight
• Council of the EU (represents EU countries’ governments
absence) of >< European Parliament (represents EU
citizens; increased powers since last year)
• Example of law providing such oversight: Directive 2009/136:
data breach notification requirements. Will provide better
information on cybercrime activities affecting businesses and
their customers.
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
31
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
32. 2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
A. Developments in the European Union and the Council
of Europe
• 2 different approaches to dealing with cybercrime and its 3
main challenges (transnational dimension, necessity for
international cooperation and differing legal standards):
– a. Compatibility of legislation: develop and standardize
relevant legislation.
– b. Territorialization: Internet access restricted by country or
region.
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
32
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
33. 2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
• a. Compatibility of legislation in the EU:
Several regional approaches have been undertaken in recent years in the EU:
– Harmonization of legislation on cybercrime within the EU’s 27
member States:
• Directive 2000/31/EC on certain legal aspects of information society
services, in particular electronic commerce, in the internal market
• Council of the European Union Framework Decision 2000/413/JHA on
combating fraud and counterfeiting of non-cash means of payment
• Council of the European Union Framework Decision 2004/68/JHA on
combating the sexual exploitation of children and child pornography
• Council of the European Union Framework Decision 2005/222/JHA on
attacks against information systems
• Directive 2006/24/EC on the retention of data generated or processed in
connection with the provision of publicly available electronic communication
services or of public communications networks and amending directive
2002/58/EC
• Council of the European Union Framework Decision 2008/919/JHA
amending framework decision 2002/475/JHA on combating terrorism.
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
33
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
34. 2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
• a. Compatibility of legislation in the EU:
– Differences between EU approach and other regional
approaches:
• Implementation of instruments adopted by the EU is mandatory for all
member States. (“Directives”, “framework decisions” and EU Member
States’ national laws)
• Pre-Lisbon Treaty: limited powers of the EU to legislate in the field of
criminal law constituted the main obstacle to harmonization within the
EU. Diversity of approaches because EU’s ability to harmonize national
criminal laws was limited to special areas.
• Post-Lisbon Treaty (amending the Treaty on the EU and the Treaty
establishing the European Community): Lisbon Treaty now gives the EU
a stronger mandate to harmonize legislation on computer-related crimes
in the future, although still limited to the 27 member States.
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
34
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
35. 2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
• a. Compatibility of legislation in the Council of Europe:
– Council of Europe has developed 3 major instruments to
harmonize cybercrime legislation:
• Convention on Cybercrime (or “Budapest Convention”): developed
between 1997 and 2001; provisions on substantive criminal law, procedural
law and international cooperation. As of 2010, has been signed by 46 States
and ratified by 26; 11 EU Member States have not ratified it yet.
• Additional Protocol to the Convention on Cybercrime, concerning the
Criminalisation of Acts of a Racist and Xenophobic Nature Committed
through Computer Systems: introduced in 2003. (As of end 2009, 34
States have signed it and 15 of them have ratified it.)
• 2007: CoE Convention on the Protection of Children against Sexual
Exploitation and Sexual Abuse opened for signature. Specific provisions
criminalizing the exchange of child pornography, and the knowing obtention
of access, through information and communication technologies, to child
pornography. As of late 2009, it has been signed by 38 States, 3 of which
have ratified it.
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
35
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
36. • The Council of Europe’s Cybercrime Convention:
– Adopted and opened for signature in 2001, entered into force on July
1, 2004.
– As of 2010, 46 States have signed it, 26 have ratified it.
36
2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
37. • Problems with the Council of Europe’s Cybercrime
Convention:
– No possibility for broad involvement of non-member states: Non-CoE
member states may not actively participate to its revision (exception:
Canada, Japan, South Africa and the United States), even though
Convention may be acceded to by any State that is not a CoE member.
• Article 37: accession requires States to consult with and obtain the
unanimous consent of the contracting States to the Convention.
• Article 44: participation in the debate about possible future
amendments is limited to parties of the Convention.
– Experience has shown that States prove to be reluctant to ratify or
accede to conventions they have not contributed to developing and
negotiating.
37
2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
38. • Problems with the Council of Europe’s Cybercrime
Convention:
– Slow signature, ratification and implementation process: compared
to global standards, the number and speed of signature and ratification
is slow. In the nine years since the first 30 States signed the Convention
in Nov. 2001, only 16 additional States have become signatories. Since
2001, no non-member of the Council of Europe has acceded to the
Convention, although five States (Chile, Costa Rica, the Dominican
Republic, Mexico and the Philippines) have been invited to do so. The
pace of ratification has been similarly slow. Also, in addition to being
ratified, the Convention needs to be implemented in national law to
become fully efficient, and proof of full adaptation is needed.
38
2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
39.
40. • Privacy issues with the Council of Europe’s
Cybercrime Convention:
– Convention lacks adequate safeguards for privacy: a significant number of provisions
grant sweeping investigative powers of computer search and seizure and government
surveillance of voice, e-mail, and data communications in the interests of law enforcement
agencies, but are not counterbalanced by accompanying protections of individual rights or
limit on governments' use of these powers.
– To protect individual privacy is a fundamental part of ensuring good security practices.
– Vague and weak privacy protections: for example, provisions on expedited preservation
of stored computer data and expedited preservation and partial disclosure of traffic data
make no mention of limitations on the use of these techniques with an eye to protection of
privacy and human rights.
– References to the protection of human rights, including the right to privacy, are restricted to
a minimum, and not well balanced against the interests of law enforcement authorities.
– The Convention ignores a multitude of treaties relating to privacy and data protection,
including the Council of Europe's 1981 Convention for the Protection of Individuals with
regard to the Automatic Processing of Personal Data and the European Union's 1995 Data
Protection Directive.
40
2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
41. • Council of Europe’s “Global Project on Cybercrime” (running
between March 1, 2009 – June 30, 2011)
– Objective: promote broad implementation of the Convention on
Cybercrime.
– To be achieved through results in the following areas:
• Legislation and policies
• International cooperation
• Law enforcement – service provider cooperation in the investigation of cybercrime
• Financial investigations
• Training of judges and prosecutors
• Data protection and privacy
• Exploitation of children and trafficking in human beings.
• Cooperation with 120+ countries
• Legislation strengthened in more than 100 countries, including in Argentina,
Colombia, Dominican Republic.
• Contributes to the organization of regional legislative workshops in Latin America
41
2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
42. 2. General overview of the latest legal and public policy developments in the
field of cybercrime in Europe
• b. Territorialization: Internet access restricted by country or
region
– Technical solutions range from a manipulation of the domain name system
and the use of proxy servers, to hybrid solutions that combine various
approaches.
– Practised by about two dozen countries, including several European
countries (Italy, Norway, Sweden, Switzerland and the United Kingdom), and
countries such as China, Iran and Thailand.
– The EU is also discussing the implementation of such obligations.
(“Proposal for a Council framework decision on combating the sexual abuse,
sexual exploitation of children and child pornography, repealing framework
decision 2004/68/JHA”, 25 March 2009.) Concerns: all technical solutions
currently available can be circumvented and risk of being overzealous in
blocking access to information on the Internet. Importance of protecting
fundamental rights (emphasized by Council of Europe’s Committee of
Ministers’ Recommendation on measures to promote respect for
freedom of expression and information with regard to Internet filters).
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
42
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
43. Outline
• 1. Impact of cybercrime in the EU
• 2. General overview of the latest legal and public policy
developments in the field of cybercrime in Europe
• 3. Recent cybercrime developments
(case law and new laws) in a few EU
Member States
• 4. Impact of European developments on Brazil and Latin
America
43
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
44. • The “European Privacy and Human Rights” project:
– Builds upon the legacy of EPIC's publication Privacy & Human Rights, a
survey on privacy regulations and developments worldwide, established 12
years ago (http://www.privacyinternational.org/phr).
– Objectives:
• inform and raise Europeans’ awareness about privacy and data
protection in the 27 EU Member States + ECTA countries (Iceland,
Norway, Switzerland and Lichtenstein) + all EU candidate countries
(Croatia, Macedonia, and Turkey;
• survey national privacy laws and improve the coverage of privacy
regulations and developments at the EU level;
• provide a digest on policy trends on privacy in Europe;
• highlight best practices, and shed light on areas subject to
improvement;
• provide a summary of pan-European trends and a comparative analysis
of policy implications with practical policy recommendations, and privacy
ranking (charts and maps).
3. Recent cybercrime developments (case law and new laws) in a few EU
Member States
45. • ESTONIA
– The Parliament has stated in its approval of development trends of criminal
policy until 2018 that the fight against cybercrime has to focus on
prevention of sexual abuse of minors, major computer-related fraud and
spreading of computer viruses. Also, the Parliament has declared that
cooperation with the private sector in crime prevention is needed in
order to raise the awareness of potential victims. Therefore the
existence of sufficient amount of IT specialists in law enforcement
authorities has to be assured.
– The Cyber Security Strategy Committee is focused on preventing and
combating cyber threats at a state level. The committee is led by the
Ministry of Defence. Estonia hosts the Cooperative Cyber Defence Centre of
Excellence (CCD COE) that was formally established on the 14th of May,
2008, in order to enhance NATO’s cyber defence capability. In spring 2010,
the Ministry of the Interior submitted Estonia’s official proposal to host the
Agency for the operational management of large-scale IT systems in the
area of freedom, security and justice.
3. Recent cybercrime developments (case law and new laws) in a few EU
Member States
46. • FINLAND
– Finnish Communications Regulatory Authority (FICORA)’s
Computer Emergency Response Team (CERT-FI) reported in its
2008 Annual Information Security Review that there had been few
cases reported where access to confidential information of Finnish
organizations were accidentally available on websites. After doing
an international survey they concluded that the slip-ups were fairly
common world-wide.
– In December, 2008 the Finnish Science and Technology Policy
Council adopted the “Review 2008,” which outlines policy on
education, science, technology, and innovation. The policy
measures will be redefined on the basis on an international
assessment to be completed in fall 2009. On January 28, 2009
Finland celebrated Data Protection Day with a theme of “Raising
Awareness,” focused on finding ways to improve citizen awareness
of data protection issues.
3. Recent cybercrime developments (case law and new laws) in a few EU
Member States
47. • FINLAND
– The Annual Review of 2009 reported on the computer worm
Conficker spreading to millions of computers in 2009. Also, during
2009, a troijan has been reported to interfere with Finnish
online banking sessions and to make several unauthorized
bank transfers. The Annual report states further that international
information security communities and authorities have
tightened their cooperation over the course of the year. In
addition to dealing with the Conficker worm, this cooperation
ensured that certain companies offering malicious content have now
been shut off from the Internet. The report notes that CERT-FI
completed a research on European CERT organisations during
2009. This research was the first of its kind in Europe, and its results
were met with international interest. The report notes further that a
new act concerning signals intelligence in Sweden came into force
on 1 Dec. 2009. FICORA has issued regulations for the telecom
operators concerning informing their customers of
international information security threats targeted to services
offered to Finnish customers.
3. Recent cybercrime developments (case law and new laws) in a few EU
Member States
48. • IRELAND
– Ireland does not have a mandatory data security breach notification law, but in
July 2010 the Data Protection Commissioner (“DPC”) published a data security
breach code of practice. If the code were approved by the Oireachtas, it would
have the force of law and the Data Protection Acts specifically provide for an
approved code to be taken into account in court proceedings. However, the code
has not been approved and is therefore of guidance only.
– The code provides that where there is a data security breach, the data
controller must give immediate consideration to informing those affected
and that, if appropriate, other organisations should be informed such as An
Garda Síochána (the police force) and financial institutions. It states that if the
data is encrypted to a high standard the data controller “may conclude that there
is no risk to the data and therefore no need to inform data subjects”. Data
processors must report loss of control of personal data to the relevant data
controller as soon as the processor becomes aware of the incident.
– All data security breaches should be reported to the DPC as soon as the
data controller becomes aware of the incident and at least within two working
days of becoming aware, unless the breach affects less than 100 data subjects
who have all been informed of the breach without delay and where the data is not
sensitive nor of a financial nature. The DPC may require a detailed report of the
incident and may carry out its own investigation.
3. Recent cybercrime developments (case law and new laws) in a few EU
Member States
49. • LITHUANIA
– It has signed and ratified the CoE Convention on Cybercrime. On May 1, 2004,
Lithuania joined the European Union. On February 1, 2007, Lithuania signed the
Additional Protocol to the Convention on cybercrime.
– The Criminal Code of Lithuania provides for criminal liability for crimes against
security of electronic data and information systems. Article 196 states, "A person
who unlawfully destroys, damages, removes or modifies electronic data or a technical
equipment, software or otherwise restricts the use of such data thereby incurring major
damage shall be punished by community service or by a fine or by imprisonment for a
term of up to four years”.
– A fine or imprisonment for a term of up to four years is intended to a person who
unlawfully disturbs or terminates the operation of an information system thereby
incurring major damage, or a person who unlawfully observes, records, intercepts,
acquires, stores, appropriates, distributes or otherwise uses the electronic data which
may not be made public. A legal entity shall also be held liable for these acts.
– A person who unlawfully connects to an information system by damaging the
protection means of the information system shall be punished by community service or
by a fine or by arrest or by imprisonment for a term of up to one year. A person who
unlawfully produces, transports, sells or otherwise distributes the installations or
software, also passwords, login codes or other similar data directly intended for the
commission of criminal acts or acquires or stores them for the same purpose shall be
punished by community service or by a fine or by arrest or by imprisonment for a term
of up to three years. A legal entity shall also be held liable for these acts.
3. Recent cybercrime developments (case law and new laws) in a few EU
Member States
50. • NORWAY
– In 2006 a government appointed commission delivered its report on the protection of
critical infrastructure and critical societal functions in Norway. One of the
recommendations from the commission is that all Internet service providers should
be required to deliver security software as part of their services, and that all
vendors of wireless networks should be required to deliver equipment with
satisfactory security installations and user manuals in Norwegian.
– The Norwegian Centre for Information Security (NorSIS) is a Government
funded centre for information security. They target small and medium sized
enterprises as well as public authorities and the general public. NorSIS provides:
• Awareness-raising through training and information
• Compilation and creation of guidelines and tutorials concerning information
security topics
• An overall awareness towards information security
– Internet banking has a very high penetration in Norway. In 2009 85% of the adult (over
16) population used internet banking. Even in the group over 65 years of age, the
penetration is 74%. Most banks use a BankID for secure logon. This type of login
requires a token or a mobile phone that generates a code, in addition to the
customer's username and PIN. BankID can also be used as a digital signature. There
has generally been very few security breaches related to internet banking in
Norway. If a customer falls victim to a security breach, the burden of proof is on
the bank to prove that the customer has exhibited gross negligence or wilfully
tried to deceive the bank.
3. Recent cybercrime developments (case law and new laws) in a few EU
Member States
51. • POLAND
– Cybercrime legislation is developing fast in Poland. The list of
computer offences has expanded in size pursuant the 2004
amendment of the Penal Code. This legal change was related to
accession of Poland to the European Union and it was aimed at
harmonising the Polish criminal legislation with the Council of Europe
Convention on Cybercrime. In effect, three new offences: system
interference (Article 269a), misuse of devices (Article 269b), and data
interference (Article 268a) were introduced to the Penal Code. Additionally,
the possession of child pornography was prohibited (Article 202).
– The change of cyber criminal law of 2008 was aimed at implementation of
regulations contained in two EU Framework Decisions to the legal
system of Poland. This goal was accomplished in the case of the
criminalisation of hacking (Article 267 § 2) and the so-called virtual child
pornography (Article 202 § 5) in the Penal Code. A newly established
provision of hacking (Article 267§ 2) implements literally Article 2 of the
2005 Framework Decision and penalizes anyone who, without authorisation
obtains access to the whole or any part of an information system. An official
explanation for this legislative change stresses the usefulness of
punishability of “pure access” as a legal weapon against distributors of
spyware and other malicious software used for taking control over infected
computers.
3. Recent cybercrime developments (case law and new laws) in a few EU
Member States
52. • POLAND
– The Council of Europe Convention on Cybercrime was not ratified by
Poland despite many steps of the legislator to implement its provisions.
The ratification procedure commenced by the Ministry of Justice in May
2008 is still pending due to not fully solved implementation problems.
According to a memorandum obtained from the Department of
International Cooperation and European Law of the Ministry of Justice,
the only inconsistency concerns the child pornography regulation.
Article 202 § 4a of the Penal Code sets a lower age-limit of a child
protection against exploitation for pornography than it is required (as a
minimum) under Article 9 (3) of the Convention. There are however
some other, more significant gaps in the domestic law of Poland vis-à-
vis the Cybercrime Convention.
3. Recent cybercrime developments (case law and new laws) in a few EU
Member States
53. • SWEDEN
– In 2008, a proposed bill would allow the National Defense Radio
Establishment (Försvarets Radioanstalt - FRA) permission to use data
mining software to search for sensitive keywords in all phone and e-
mail communication passing through cables or wires across the
country’s borders without a court order. Until then the FRA could only
listen to radio transmissions and did not have the authority to monitor the
Internet. The FRA would still has to get approval from a parliamentary
committee on military intelligence affairs and it would only be permitted to
“tap into communications through pattern analysis and key word
searches, and would not be entitled to target specific individuals.”
Before the passing of this act, such traffic can only be monitored with court
approval if police suspect a crime, although the agency is free to spy on
airborne signals, such as radio and satellite traffic. The new legislation
became widely controversial and has posed a threat to cross-border
communications. The Act allows for the interception of e-mail, telephone
and faxes, and is therefore a threat to anyone dealing with a Swedish
organization. Even though domestic Internet communication is intended for
two persons residing in Sweden, the same information may cross national
borders through Germany, Denmark and USA. The implication is that
Swedes as well as people residing outside of Sweden may be subject to the
surveillance of FRA.
3. Recent cybercrime developments (case law and new laws) in a few EU
Member States
54. • SWEDEN
– The FRA wiretapping law adopted in June 2008 consists of four statutes,
including a newly adopted statute on signals intelligence and changes in
three other statutes. The law entered into force by January of 2009 and the
actual operations started later the same year. “FRA has a mandate to
search for ‘external threats’, which involves everything from military
threats, terrorism, IT-security, supply problems, ecological imbalances,
ethnic and religious conflicts, migration to economic challenges in the
form of currency and interest speculation.” Causing further controversy
is the lack of any requirement that the FRA should have a reason to
suspect crime or a court order before being allowed to partake in
surveillance of Swedish residents. After criticism by privacy groups and a
massive public debate about such sweeping powers, the Act was amended.
In addition, “a legal complaint has been made to the EU in July about this
Act’s possible breach of the EU’s privacy and discrimination law with
regard to cross-border legal consultations.” The European Commission,
who would have to bring formal infringement procedures against Sweden,
has not yet made any such action
3. Recent cybercrime developments (case law and new laws) in a few EU
Member States
55. • Conclusions
– Data retention
– Security breach notification laws
– Progress on cybersecurity goes hand in hand with
improvements on data protection legislation (ex.: data
protection quality principles help build efficient
cybersecurity rules
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
55
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
3. Recent cybercrime developments (case law and new laws) in a few EU
Member States
56. Outline
• 1. Impact of cybercrime in the EU
• 2. General overview of the latest legal and public policy
developments in the field of cybercrime in Europe
• 3. Recent cybercrime developments (case law and new
laws) in a few EU Member States
• 4. How Europe’s recent legal and
policy developments may provide
lessons for Brazil and Latin America
56
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
57. Outline
• How Europe’s recent legal and policy developments may
provide lessons for Brazil and Latin America
– Lessons about what to do and not to do…
57
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
58. • The challenges of cybercrime in Latin America
– 1. Challenges to international cooperation on cyber-
crime:
• Transnational character of computer crimes
• Lack of appropriate legislation on cyber-crime
• Lack of harmonization between different national laws
• Legal powers for investigation are insufficient (e.g.,
inapplicability of seizure powers to intangibles such as
computer data)
• Lack of specialized personnel and equipment
(Extract from: Cristina Schulman, CoE, “Meeting the challenge of cybercrime in Latin America,”
Regional Workshop, Mexico City, August 26-27, 2010.)
58
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
4. How Europe’s recent legal and policy developments may provide
lessons for Brazil and Latin America
59. • The challenges of cybercrime in Latin America
– 2. Challenges to fighting cyber-crime:
• Policies and awareness of decision-makers
• Harmonized and effective legislation
• Regional and international cooperation
• Law enforcement capacities and training
• Judicial training
• Law enforcement and cooperation among ISPs
(Extract from: Cristina Schulman, CoE, “Meeting the challenge of cybercrime in Latin America,”
Regional Workshop, Mexico City, August 26-27, 2010.)
59
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
4. How Europe’s recent legal and policy developments may provide
lessons for Brazil and Latin America
60. • The challenges of cybercrime in Latin America
– 3. Difficulties of regional and international cooperation:
• Limitations regarding skills, knowledge and training of judges, and to some
extent prosecutors. Direct impact on mutual legal assistance process (e.g.,
difficulty to understand cyber-crime matters; reluctance to open a case or
issue search warrants).
• Insufficient use of possibility provided by international agreements for direct
contacts between judicial authorities in urgent cases and efficient
communication channels.
• Involvement of Contact Points (“CP”) network established under Cyber-crime
Convention in the MLA process is too limited.
• Not all CP sufficiently trained, resourced or available to assist competent
authorities and facilitate the process.
• Authorities for MLA of many countries receive a large volume of requests.
(Extract from: Cristina Schulman, CoE, “Meeting the challenge of cybercrime in Latin America,”
Regional Workshop, Mexico City, August 26-27, 2010.)
60
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
4. How Europe’s recent legal and policy developments may provide
lessons for Brazil and Latin America
61. • Are there any advantages of using the CoE Cybercrime Convention
as a model of legislation in Latin America?
– Provides important tools for law enforcement to investigate cyber-crime.
– Provides for Latin American countries:
• Harmonization of criminal law provisions on cyber-crime with those
of other countries.
• Legal and institutional basis for international law enforcement and
judicial cooperation.
• Participation in the Consultations of the Parties. (T-CY: “Convention
Committee on Cybercrime”).
• The treaty as a platform facilitating public-private cooperation.
Convention provides global standards and a framework for an
effective fast international cooperation.
(Extract from: Cristina Schulman, CoE, “Meeting the challenge of cybercrime in Latin America,” Regional
Workshop, Mexico City, August 26-27, 2010.)
61
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
4. How Europe’s recent legal and policy developments may provide
lessons for Brazil and Latin America
62. • Relationship between data protection, cyber-security and
cyber-crime:
– A strong data protection framework is necessary to provide
support to cyber-crime laws.
– Implementing data protection processing rules during cyber-crime
investigations improves its accuracy and efficiency.
– Security breach notification requirements in the US since 2005:
triggered by leaks, disclosures or theft of personal information.
• Lack of data protection frameworks in LAC (with a few
exceptions: Argentina, Uruguay, Mexico).
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
62
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
4. How Europe’s recent legal and policy developments may provide
lessons for Brazil and Latin America
63. • Differences in national approaches: create safe havens and
prevent international cooperation.
• Necessity to harmonize legislation and regional or global
conventions: close gaps in existing legislation and promote
consistency, coherence and compatibility of laws.
• Current legal instruments have a limited, mostly regional, reach:
applicable only to the Member States of the regional organizations
to which they belong. So far no efforts have been made at the global
level to harmonize legislation on cybercrime.
• Calls were made for the development of an international
convention on cybercrime at various recent international expert
meetings.
– Proposal made last April at the UN, but rejected as Russia, China and a number
of developing countries could not reach agreement with the United States,
Canada, the U.K. and the EU because of disagreements over national
sovereignty issues, concerns for human rights and the existence of the CoE
Cybercrime Convention.
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
63
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
4. How Europe’s recent legal and policy developments may provide
lessons for Brazil and Latin America
64. • Inadequate means for law enforcement authorities and the judiciary
branch? Recent discussion in international fora have agreed about
the poor preparation and insufficient capacity to address
developments in cybercrime, and gather and use evidence from
cybertechnologies in the preparation of prosecutions.
• There is universal agreement that national laws are not keeping
pace and that amendments are needed to support investigation,
prosecution and conviction of offenders on the basis of evidence
captured through cybertechnology.
• Urgent need for common rules and cooperation between States
so that authorities can act more effectively across jurisdictions to
bring offenders to justice.
• Cybercrime is constantly changing and using new technologies
that current global standards could not have foreseen.
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
64
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
4. How Europe’s recent legal and policy developments may provide
lessons for Brazil and Latin America
65. Cédric Laurant
Attorney (Washington, DC)
Independent Privacy Consultant (Brussels)
Senior Research Fellow, Center for Media and
Communication Studies, Central European University
(Budapest, Hungary)
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
65
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"
E-mail: cedric [at] laurant - dot- org
Websites: http://cedriclaurant.org
http://security-breaches.com
66. Independent consultant based in Brussels, Belgium.
Attorney, member of the District of Columbia Bar.
Specialty areas: international privacy, data protection and information security.
Senior Research Fellow, Central European University (Budapest, Hungary). Currently directing the research
of the "European Privacy and Human Rights”, a European Commission-funded privacy research and advocacy
project. Info at: http://phr.privacyinternational.org/
Former Research Director, Privacy & Human Rights – An International Survey of Privacy Laws and
Developments (EPIC & Privacy International 2003, 2004, 2005).
Former Visiting Law Professor, Universidad de los Andes (Bogota, Colombia) and International Privacy
Project Director, Electronic Privacy Information Center (Washington, DC).
Lic. Jur., University of Louvain (Belgium); LL.M., Columbia Law School (New York, NY); M.A. (London).
Profile/CV: http://www.linkedin.com/in/cedriclaurant
Blogs: http://blog.cedriclaurant.org; http://blog.security-breaches.com
Cédric Laurant
Bio
2nd Congress on Cybercrimes and Protection Measures
(II Congresso Crimes Eletrônicos e formas de proteção)
São Paulo - BRAZIL – Sept. 27-28, 2010
66
Cédric Laurant: “Cybercrime in Europe:
Recent Legal & Policy Developments"