Understanding cybercrime: Phenomena, challenges and legal response
Table of contents
Purpose
1. Introduction
1.1 Infrastructure and services
1.2 Advantages and risks
1.3 Cybersecurity and cybercrime
1.4 International dimensions of cybercrime
1.5 Consequences for developing countries
2. The phenomena of cybercrime
2.1 Definitions
2.2 Typology of cybercrime
2.3 Development of computer crime and cybercrime
2.3.1 The 1960s
2.3.2 The 1970s
2.3.3 The 1980s
2.3.4 The 1990s
2.3.5 The 21st Century
2.4 Extent and impact of cybercrime offences
2.4.1 Crime statistics
2.4.2 Surveys
2.5 Offences against the confidentiality, integrity and availability of computer data and systems
2.5.1 Illegal access (hacking, cracking)
2.5.2 Illegal data acquisition (data espionage)
2.5.3 Illegal interception
2.5.4 Data interference
2.5.5 System interference
2.6 Content-related offences
2.6.1 Erotic or pornographic material (excluding child pornography)
2.6.2 Child pornography
2.6.3 Racism, hate speech, glorification of violence
2.6.4 Religious offences
2.6.5 Illegal gambling and online games
2.6.6 Libel and false information
2.6.7 Spam and related threats
2.6.8 Extortion
2.6.9 Other forms of illegal content
2.7 Copyright and trademark related offences
2.7.1 Copyright-related offences
2.7.2 Trademark-related offences
2.8 Computer-related offences
2.8.1 Fraud and computer-related fraud
2.8.2 Computer-related forgery
2.8.3 Identity theft
2.8.4 Misuse of devices
2.9 Combination offences
2.9.1 Terrorist use of the Internet
2.9.2 Cyberwarfare
2.9.3 Cyberlaundering
2.9.4 Phishing
3. The challenges of fighting cybercrime
3.1 Opportunities
3.1.1 General automation of investigations
3.1.2 Creation of data in online services
3.1.3 Creation of data within the digitalization of offline processes
3.2 General challenges
3.2.1 Reliance on ICTs
3.2.2 Number of users
3.2.3 Availability of devices and access
3.2.4 Availability of information
3.2.5 Missing mechanisms of control
3.2.6 International dimensions
3.2.7 Independence of location and presence at the crime site
3.2.8 Automation
3.2.9 Resources
3.2.10 Speed of data exchange processes
3.2.11 Speed of development
3.2.12 Anonymous communications
3.2.13 Failure of traditional investigation instruments
3.2.14 Encryption technology
3.2.15 Summary
3.3 Legal challenges
3.3.1 Challenges in drafting national criminal laws
3.3.2 New offences
3.3.3 Increasing use of ICTs and the need for new investigative instruments
3.3.4 Developing procedures for digital evidence
4. Capacity building
4.1 Cybersecurity and cybercrime
4.2 Capacity building methodology
4.2.1 Set-up
4.2.2 Development of a project plan
4.2.3 Assessment as a starting point
4.2.4 Comparative analysis
4.2.5 Stakeholder consultations
4.2.6 Drafting process
4.2.7 Training, education and follow up activities
4.3 Strategy as a starting point
4.3.1 Implementation of existing strategies
4.3.2 Regional differences
4.3.3 Relevance of cybercrime issues within the pillars of cybersecurity
4.3.4 Taking strategies beyond the formulation of future plans
4.4 The relevance of a policy
4.4.1 Responsibility within the government
4.4.2 Defining the different components
4.4.3 Determination of stakeholders
4.4.4 Identification of benchmarks
4.4.5 Defining key topics for legislation
4.4.6 Defining legal frameworks that require amendments, updates or changes
4.4.7 Relevance of crime prevention
4.5 The role of regulators in fighting cybercrime
4.5.1 From telecommunication regulation to ICT regulation
4.5.2 Models for extension of regulator responsibility
4.5.3 Examples for involvement of regulators in fighting cybercrime
4.5.4 Legal measures
4.5.5 Technical and procedural measures
Organizational structures
Capacity building and user education
International cooperation
4.6 Capacity building experiences in African, Caribbean, and Pacific Group of States (ACP)
4.6.1 Methodology
4.6.2 Lessons learned
High standards in developing countries
5. Overview of activities of regional and international organizations
5.1 International approaches
5.1.1 The G7 (previously G8)
5.1.2 United Nations and United Nations Office on Drugs and Crimes
5.1.3 International Telecommunication Union
5.2 Regional approaches
5.2.1 Council of Europe
5.2.2 European Union
5.2.3 Organisation for Economic Co-operation and Development
5.2.4 Asia-Pacific Economic Cooperation
5.2.5 The Commonwealth
5.2.6 African Union
5.2.7 Arab League and Gulf Cooperation Council
5.2.8 Organization of American States
5.2.9 Caribbean
5.2.10 Pacific
5.2.11 Southern African Development Community (SADC)
5.3 Scientific and independent approaches
5.3.1 Stanford Draft International Convention
5.3.2 Global Protocol on Cybersecurity and Cybercrime
5.4 The relationship between regional and international legislative approaches
5.5 The relationship between international and national legislative approaches
5.5.1 Reasons for the popularity of national approaches
5.5.2 International vs. national solutions
5.5.3 Difficulties of national approaches
6. Legal response
6.1 Definitions
6.1.1 The function of definitions
6.1.2 Access provider
6.1.3 Caching provider
6.1.4 Child
6.1.5 Child pornography
6.1.6 Computer data
6.1.7 Computer data storage device
6.1.8 Computer system
6.1.9 Critical infrastructure
6.1.10 Cryptology
6.1.11 Device
6.1.12 Hindering
6.1.13 Hosting provider
6.1.14 Hyperlink
6.1.15 Interception
6.1.16 Interference
6.1.17 Multiple electronic mails
6.1.18 Remote forensic software
6.1.19 Seize
6.1.20 Service provider
6.1.21 Traffic data
6.2 Substantive criminal law
6.2.1 Illegal access (hacking)
6.2.2 Illegal remaining
6.2.3 Illegal acquisition of computer data
6.2.4 Illegal interception
6.2.5 Data interference
6.2.6 System interference
6.2.7 Erotic or pornographic material
6.2.8 Child pornography
6.2.9 Solicitation of children
6.2.10 Hate speech, racism
6.2.11 Religious offences
6.2.12 Illegal gambling
6.2.13 Libel and defamation
6.2.14 Spam
6.2.15 Misuse of devices
6.2.16 Computer-related forgery
6.2.17 Identity theft
6.2.18 Computer-related fraud
6.2.19 Copyright crimes
6.2.20 Terrorist use of the Internet
Cyberwarfare
6.3 Digital evidence
6.3.1 Definition of digital evidence
6.3.2 Importance of digital evidence in cybercrime investigations
6.3.3 Growing importance of digital evidence in traditional crime investigations
6.3.4 New opportunities for investigation
6.3.5 Challenges
6.3.6 Equivalences of digital evidence and traditional evidence
6.3.7 Relation between digital evidence and traditional evidence
6.3.8 Admissibility of digital evidence
6.3.9 Legal Framework
6.4 Justisdiction
6.4.1 Introduction
6.4.2 Different principles of jurisdiction
6.4.3 Principle of territoriality / principle of objective territoriality
6.4.4 Flag principle
6.4.5 Effects doctrine / Protective principle
6.4.6 Principle of active nationality
6.4.7 Principle of passive nationality
6.4.8 Principle of universality
6.5 Procedural law
6.5.1 Introduction
6.5.2 Computer and Internet investigations (Computer Forensics)
6.5.3 Safeguards
6.5.4 Expedited preservation and disclosure of stored computer data (Quick freeze procedure)
6.5.5 Data retention
6.5.6 Search and seizure
6.5.7 Production order
6.5.8 Real-time collection of data
6.5.9 Collection of traffic data
6.5.10 Interception of content data
6.5.11 Regulation regarding encryption technology
6.5.12 Remote forensic software
6.5.13 Authorization requirement
6.6 International cooperation
6.6.1 Introduction
6.6.2 Mechanisms for international cooperation
6.6.3 Overview of applicable instruments
6.6.4 United Nations Convention against Transnational Organized Crime
6.6.5 Council of Europe Convention on Cybercrime
6.6.6 International Cooperation in the Stanford Draft International Convention
6.7 Liability of Internet providers
6.7.1 Introduction
6.7.2 The United States approach
6.7.3 European Union Directive on Electronic Commerce
6.7.4 Liability of access provider (European Union Directive on Electronic Commerce)
6.7.5 Liability for caching (European Union Directive on Electronic Commerce)
6.7.6 Liability of Hosting Provider (European Union Directive)
6.7.7 Liability of hosting provider (HIPCAR)
6.7.8 Exclusion of the obligation to monitor (European Union Directive on Electronic Commerce)
6.7.9 Liability for hyperlinks (Austrian ECC)
6.7.10 Liability of search engines
Blank Page