Would you like to share an article on cybercrime? Please contribute!

These articles do not necessarily reflect official positions of the Council of Europe

Blogs Blogs


1. Organised by UNODC, it was held between 25 and 28 February 2013, in Vienna, the second meeting of the Intergovernmental Expert Group on Cybercrime of the United Nations, attended by expert representatives of 85 UN Member States, besides of representatives of many international organizations (including the Council of Europe). This group’s mandate, issued by the 12th United Nations Congress on Crime Prevention and Criminal Justice, held in Salvador, Brazil, in April 2010 (paragraph 42 of the conclusions) states that a comprehensive study on the impact and responding to cybercrime should be drafted. After the first meeting, in January 2011, a draft comprehensive study was prepared by the Secretariat of UNODC ( This study gathers information about some relevant international instruments, best practices, technical assistance and international cooperation. It also points out some options to strengthen the response to the phenomenon of cybercrime, both nationally and internationally.

2. Several issues were raised on the circumstances of the preparation and dissemination of the study. This study was written by the Secretariat, based on information gathered via the dissemination of questionnaires by all UN Member States. But in fact, only 69 States responded to this study (around one third of the UN members). And some of them did not provide information to all the questions. Thus, the information collected is not representative of the majority of the countries in the world. On the other hand, the study was made available just one week before the meeting (even if it is a 300 pages “heavy” report). Thus, it was not possible to many States to develop proper internal consultation on this regard. Besides, the study was only published in English - and was not translated to the other official UN languages - which surely inhibited some States to analyze it in deep.

3. The reading of the study and the discussions revealed that a good part of the States (the study mentions 60% of the respondent States) did not establish yet proper internal cybercrime legislation and regulations on gathering digital evidence. Within the European States this number falls to 20%, but in the rest of the world it rises up to 80%, the number of States that did not adopt yet a comprehensive legal framework. Most delegates underlined that these figures clearly claim the need of increasing the support to developing countries to establish their domestic legislation. A similar conclusion was achieved regarding specialized agencies and bodies, within law enforcement agencies and prosecutorial bodies.
A very broad consensus was expressed referring the urgent need of technical cooperation among States and support in capacity building, in view of developing international cooperation and in view of strengthening effectiveness and efficiency investigating computer crimes.

4. One of the most highlighted discussions referred the need – or not -, of a new international instrument on cybercrime. It was quite clear to all the delegations the importance of considering the international dimension of cybercrime and the essential role, in most of the concrete cases, of international cooperation in the investigation of this type of crimes. It was also emphasised by some States the need to revisit the principles of national sovereignty and territoriality. In fact, in the “cloud environment”, the classic international instruments of cooperation are no longer really useful: the classic mechanism of rogatory letters requires too much time and bureaucracy. And this leads the discussion to the need to implement new possibilities and channels to international cooperation.

5. At this point of the discussions, it was pretty clear that since 2011, the landscape evolved: during the first meeting of the expert group, many States were quite expressive, requiring a new treaty – now, during the 2013 meeting, only a few of them openly supported that option. On the opposite side, many delegations insisted that Budapest Convention already provides practical interesting possibilities of international cooperation, including obtaining data from outside their borders.
An interesting issue was raised: most of the States against Budapest Convention are also against any possibility of considering with flexibility the principle of national sovereignty: they don’t accept Budapest because this convention already allows the Parties to obtain data stored in another Party, without prior authorisation of that Party. It is the most debated questions of Article 32, b, of Budapest Convention. But on the other hand, they don’t provide any solution to the need of obtaining evidence from the “cloud” and always refer to the cooperation between sovereign States.

6. Still regarding the need – or not –, of a new international instrument, most States expressed their concerns referring the collateral consequences of initiating a new process of discussion of a new treaty: the negotiation would be certainly very long and time consuming; besides, the final result of this process is absolutely unknown. The fact that a new process begins doesn’t mean that a new treaty is effectively draft. But even if consensus is achieved and it is possible to draft a new treaty on cybercrime, it is clear that the final result will be modest, for example if compared with the standard of Budapest Convention. In fact, as some of the States opposed Budapest because this instrument already includes practical measures to transborder access to data – and they claim that such approach violates the principle of sovereignty – the Convention is thus unacceptable for them. And it will be certainly unacceptable to them any further development of this concept. The question is, in one hand, that obtaining very simply and quickly data from outside the investigating Stare is essential in cybercrime cases; on the other hand, most States mentioned a strong support to the need of enlarge the possibilities already described under Article 32, b, of Budapest Convention and a refusal to reduce them. Besides, those who support the drafting of a new treaty, even if confronted with this question, did not seem to have any solution to it.
It must be said that most of the delegations who expressed themselves, opposed new legal solutions to the problem of cybercrime. And that includes soft law solutions, or model laws that, it seems, nobody supported.
At the end of the day, there was the impression that the only reason to some States to refuse Budapest Convention is the fact that they didn’t take part or intervene in the process of drafting it.

7. The outcome of the working group is pretty clear: there is consensus on the need of implementing comprehensive and holistic action plans against cybercrime, considering technical assistance to many States, and training; but regarding eventual legal solutions, the group only assumed that “the deliberations, as well as the study reflected a compilation of views and different approaches taken by States to preventing and combating the phenomenon of cybercrime”. This diplomatic and open statement means, in the polite UN language, that no consensus was obtained, at all, on this topic. The report from this meeting of the Intergovernmental Expert Group on Cybercrime will be submitted to consideration to the UN Crime Commission (CCPCJ) that will meet from 22 to 26 April, in Vienna. Next leg will be then played by end-April.



Cooperation against cybercrime in 2012: did we make any progress?

Reports suggest that 1.5 million people become victims of cybercrime every day (e.g. Symantec), that 1000+ denial of service attacks are recorded worldwide every 24 hours (e.g. ARBOR SERT Atlas Threat Index), that some 50,000 unique phishing attacks are noted every month (e.g. RSA Online Fraud Reports) or that thousands of children are victims of online sexual exploitation and abuse (e.g. Operation Sunflower). Listings of cyber-attacks in 2012 are truly frightening (e.g. It is, therefore, no wonder that the vast majority of people believe that the risk of becoming victim of cybercrime keeps increasing (e.g. Eurobarometer of July 2012).

This begs the question whether we did make any progress at all in the course of 2012?!

A year ago, I argued that there was no single solution but that we need – through a multi-stakeholder approach – “to weave a web of responses” to the threat of cybercrime. The Council of Europe contribution to this web consists in particular of the Budapest Convention on Cybercrime and the many measures built around it: “In such a web, the Budapest Convention is a node linked to crime prevention and criminal justice in general, to law enforcement capabilities and to many other rule of law as well as human rights issues. And, importantly, it is connected to the many measures taken by the private sector, by governments and by other international organizations.”

I believe that in 2012, our web of responses has become stronger, larger and more close-knit:

As a result, we see more cooperation between Parties to the Budapest Convention and more investigations and prosecution in countries that have brought their laws in line with this treaty.

We did a cursory review of the criminal law reforms undertaken by governments around the world in recent years. Our preliminary analysis suggests that at least 140 out of 193 members of the United Nations have undertaken or are undertaking reforms of their legislation related to cybercrime and/or electronic evidence. And at least 125 (some 90%) of them have used the Budapest Convention as a guideline or at least as a source of inspiration. The progress made towards greater global harmonization of criminal law frameworks is good news.

On the other hand, it is also clear that many of them would need further assistance to fully implement the principles of this treaty and to set up the necessary criminal justice capacities for enforcement and international cooperation. A major technical assistance effort is required.

The most sensible way ahead in 2013 would thus seem to be to:

  1. Use the Budapest Convention as a guideline to allow as many States as possible to implement the principles of this treaty (whether or not they actually wish to become Parties).
  2. Encourage additional States to seek accession to this treaty so that they can make use of it as a framework for efficient international cooperation.
  3. Provide technical assistance to enhance the criminal justice capacities of States to investigate, prosecute and adjudicate cybercrime and other offences involving electronic evidence and to engage in international as well as public/private cooperation.

The Council of Europe will pursue this approach in 2013. We plan, among other things, to launch a new joint project with the European Union to support implementation of the Budapest Convention worldwide.

We are nevertheless conscious that a number of States – for political reasons – may continue to oppose the Budapest Convention and call for a new international treaty on cybercrime. There has been no consensus on a new international treaty in recent years and it is unlikely that a consensus will come about in 2013. Continued controversies in this respect – as pointed out previously – not only run the risk of disrupting reforms currently underway in many countries and of undermining technical assistance but also of sharpening international divisions.

At the end of February, the United Nations Intergovernmental Expert Group on Cybercrime will meet in Vienna. Hopefully, the Expert Group will not go down that path but will use this unique opportunity to add impetus to global capacity building efforts. This would give practitioners what they need and have an effective and immediate impact on criminal justice action and international cooperation against cybercrime.


B-CCENTRE urgently looking for a legal researcher

The Belgian Cybercrime Centre of Excellence for Training, Research and Education is looking for a legal researcher to work on a European project starting as soon as possible @KU Leuven. You can find the description of the vacancy on the b-ccentre site Do you know a good candidate for this job? Please pass the information with your contacts.
Concerning required language knowledge: English is a must (proficient: read, speak and write), Dutch and/or French an asset.
Deadline is 20 January.

Report national cyber crime and online threats reporting centres

This week my consultancy published a report into (inter)national cooperation, (the participation in) national centres and the gathering, analysing and sharing of complaints, data and intelligence. The report shows the the situation at present for the participants in 13 European (3 non-EU MS) and gives conclusions and recommendations. These are the more valuable as they by far come from the participants themselves.


You will find that there is a plea for a form of level playing field which ensures and enables cooperation, the sharing of data and solving online threats between different entities and countries. At present most participants attest to the fact that cooperation is difficult if not impossible due to different factors. My conclusion is that for these individual entities it is impossible to change this situation, beyond the coincidental, as they are depend on others, e.g. government, other entities, inclusion in centres or not, etc,. for success. Topics cyber seem to overwhelming for individual entities if not governments.


You can find the full report under this link:

should you wish to familiarise yourself with my blog posts in the future also or just click below.


Brazilian judge order arrest of google director for disrespect a court order

Brazilian judge order arrest of google director for disrespect a court order
Tools on Cybercrime & Electronic Evidence Empowering You!
Web Content Display Web Content Display

This tool is co-funded  by the GLACY  and Cybercrime@Octopus projects