On G8 and Council of Europe Cybercrime Initiatives
Gus Hosein
Presented September 22, 2000
International Forum on Surveillance by Design
Presented September 22, 2000
International Forum on Surveillance by Design
In 1995, at the Summit meeting in Halifax, Canada, the G7 (Russian had not yet joined), the heads of state created an Senior Experts Group on Organized Crime known as the "Lyon Group."
Ministerial Conference on Terrorism, Paris, France, July 30, 1996, Agreement on 25 Measures
11. Accelerate consultations, in appropriate bilateral or multilateral fora, on the use of encryption that allows, when necessary, lawful government access to data and communications in order to, inter alia, prevent or investigate acts of terrorism, while protecting the privacy of legitimate communications.
Foreign Ministers' Progress Report Denver Summit Of The Eight June 21, 1997
- To counter, inter alia, the use of strong encryption by terrorists, we have endorsed acceleration of consultations and adoption of the OECD guidelines for cryptography policy and invited all states to develop national policies on encryption, including key, management. which may allow, consistent with these guidelines. lawful government access to prevent and investigate acts of terrorism and to find a mechanism to cooperate internationally in implementing such policies.
Meeting Of Justice And Interior Ministers, Washington DC, 10 December 1997.
The development of effective solutions will also require unprecedented cooperation between government and industry. It is the industrial sector that is designing, deploying and maintaining these global networks and is primarily responsible for the development of technical standards. Thus, it is incumbent on the industrial sector to play its part in developing and distributing secure systems that, when accompanied by adherence to goof computer and personnel security practices, serve to prevent computer abuse. Such systems should also be designed to help detect computer abuse, preserve electronic evidence, and assist in ascertaining the location and identify of criminals.
We hereby endorse the following PRINCIPLES, which should be supported by all countries:
- There must be no safe havens for those who abuse information technologies.
- Investigation and prosecution of international high-tech crimes must be coordinated among all concerned States, regardless of where harm has occurred.
- [...]
- To the extent practicable, information and telecommunications systems should be designed to help prevent and detect network abuse, and should also facilitate the tracing of criminals and the collection of evidence.
Work in this area should be coordinated with the work of other relevant international fora to ensure against duplication of efforts.
Action Plan
In support of these PRINCIPLES, we are directing our officials to:
- Develop expedited procedures for obtaining traffic data from all communications carriers in the chain of a communication and to study ways to expedite the passing of this data internationally.
- Work jointly with industry to ensure that new technologies facilitate our effort to combat high-tech crime to preserving and collecting critical evidence.
- [...]
- Encourage internationally-recognized standards-making bodies in the fields of telecommunications and information technologies to continue providing the public and private sectors with standards for reliable and secure telecommunications and data processing technologies.
- [...]
- Work jointly with industry to ensure that new technologies facilitate our effort to combat high-tech crime by preserving and collecting critical evidence.
http://www.g8kyushu-okinawa.go.jp/e/documents/it1.html
7. [...] In order to maximise the social and economic benefits of the Information Society, we agree on the following key principles and approaches and commend them to others:
8. International efforts to develop a global information society must be accompanied by co-ordinated action to foster a crime-free and secure cyberspace. We must ensure that effective measures. [...] We will further promote dialogue with industry, building on the success of the recent G8 Paris Conference "A Government/Industry Dialogue on Safety and Confidence in Cyberspace". Urgent security issues such as hacking and viruses also require effective policy responses. [...]
Council Of Europe, Committee Of Ministers, Recommendation No. R (95) 13, Of The Committee Of Ministers To Member States Concerning Problems Of Criminal Procedural Law Connected With Information Technology (Adopted by the Committee of Ministers on 11 September 1995 at the 543rd meeting of the Ministers' Deputies).
5. In view of the convergence of information technology and telecommunications, laws pertaining to technical surveillance for the purposes of criminal investigations, such as interception of telecommunications, should be reviewed and amended, where necessary, to ensure their applicability.
6. The law should permit investigating authorities to avail themselves of all necessary technical measures that enable the collection of traffic data in the investigation of crimes.
8. Criminal procedural laws should be reviewed with a view to making possible the interception of telecommunications and the collection of traffic data in the investigation of serious offences against the confidentiality, integrity and availability of telecommunication or computer systems.
9. ... Provisions should be made for the power to order persons to submit any specified data under their control in a computer system in the form required by the investigating authority.
11. Specific obligations should be imposed on operators of public and private networks that offer telecommunication services to the public to avail themselves of all necessary technical measures that enable the interception of telecommunications by the investigating authorities.
12. Specific obligations should be imposed on service-providers who offer telecommunication services to the public ... to provide information to identify the user, when so ordered by the competent investigating authority.
Mandate
"Recent attacks against commercial web-sites, such as Amazon.com, drew international attention to the dangers that the Internet and other computer networks need to face: cyber-criminals and cyber-terrorists threaten business and government interests and may cause colossal damages. Time has come for the Council of Europe to take action, which today released a draft Convention to deal with crime in cyberspace.
"The draft Convention is expected to be finalised by an expert group by December 2000 and the Committee of Ministers could adopt the text and open it for signature as early as September 2001. Given the importance of the subject, non-member States, such as Canada, Japan, South-Africa and the United States, also actively participate in the negotiations."
Look what it has to say on Interception of Communications...
Article 18 - Interception
(under discussion)
Article 28 - Interception
[under discussion]
"Convinced that the present Convention is necessary to deter actions directed against the confidentiality, integrity and availability of computer systems, networks and computer data, as well as the misuse of such systems, networks and data, by providing for the criminalisation of such conduct, as described in this Convention, and the adoption of powers sufficient for effectively combating such criminal offences, by facilitating the detection, investigation and prosecution of such criminal offences at both the domestic and international level, and by providing arrangements for fast and reliable international co-operation, while ensuring a proper balance between the interests of law enforcement and respect for fundamental human rights.
NEVER TO BE MENTIONED AGAIN.
d. "traffic data" means:
- a code indicating a network, equipment or individual number or account, or similar identifying designator, transmitted to or from any designated point in the chain of communication;
- the time, date, size, and duration of a communication;
- as to any mode of transmission (including but not limited to mobile transmissions), any information indicating the physical location to or from which a communication is transmitted;
a. "subscriber data"(4) means:
- any information possessed by the service provider necessary to identify and determine the physical address of a subscriber, user, or account-payer of a service provider's communications services, and
- any information associated with such subscriber, user, or account-payer possessed by the service provider relating to a network, equipment or individual number or account or similar identifying designators, services, fees; the physical location of equipment, if known and if different from the location information provided under the definition of traffic data
NEVER TO BE MENTIONED AGAIN. Requires "effective" authentication perhaps?
... to establish as criminal offences under its domestic law when committed intentionally and without right:
a. the production, sale, procurement for use, import, distribution or otherwise making available of:
CERIAS at Purdue University Letter
Article 7 - Computer-related Forgery
Article 8 - Computer-related Fraud
Article 9 - Offences related to child pornography
Offering, distributing child pornography. Producing, and possessing in a computer system "when committed without right and intentionally"
Title 4 - Copyright and related offences
Article 14 - Search and Seizure of Stored Computer Data
5. Each Party shall take such legislative and other measures as may be necessary to empower its competent authorities to order for the purposes of criminal investigations and proceedings any person who has knowledge about the functioning of the computer system or measures applied to secure the computer data therein to provide all necessary information, as is reasonable, to enable the undertaking of the measures referred to in paragraphs 1 and 4.
Article 16 - Expedited preservation of data stored in a computer system
3. Each Party shall adopt such legislative or other measures as may be necessary to oblige a person to whom the procedures of preservation referred to in this Article are directed, to keep confidential the undertaking of such procedures for a period of time as permitted by national law.
Article 17 - Expedited preservation and disclosure of traffic data
Article 23 - Procedures pertaining to mutual assistance requests
3. Mutual assistance requests under this Article shall be executed in accordance with the procedures specified by the requesting Party except where incompatible with the law of the requested Party.
The explanatory text should specify that the mere fact that its legal system knows no such procedure is not sufficient grounds to refuse to apply the procedure requested by the requesting State.
Article 24 - Provisional measures: Expedited preservation of stored computer data
3. Upon receiving the request from another Party, the requested Party shall take all appropriate measures to preserve expeditiously the specified data in accordance with its domestic law . For the purposes of responding to a request, dual criminality shall not be required (30) as a condition to providing such preservation, but may be required as a condition for the disclosure of the data to the requesting Party.
6. Any preservation effected in response to the request referred to in paragraph 1 shall be for a period not less than 40 days in order to enable the requesting Party to submit a request for the search or similar access, seizure or similar securing, or disclosure of the data. Following the receipt of such request, the data shall continue to be preserved pending a decision on that request.
"The powers and procedures referred to in the present Article shall be subject to conditions and safeguards as provided for under national law."
Constraints on powers first, then powers; where is the CoE Data Protection?
Respect for civil liberties
Less ambiguous terminology
MLAT analysis
Dropping porn and copyright
Complete Consultation