This portal aims to provide and collect information regarding existing policies, strategies, preventive, protective and criminal justice measures against cyberviolence taken by public sector, civil society and private sector organisations.
Are you aware of the initiatives aimed to tackle the phenomenon of cyberviolence at the national or international levels?
Did you come across an interesting study, research or any other resource on the topic of cyberviolence?
Do you have an idea of how to improve this platform?
Contribute and share it with us helping to keep this platform up to date.
As proposed in the T-CY Mapping study on cyberviolence:
Cyberviolence is the use of computer systems to cause, facilitate, or threaten violence against individuals that results in, or is likely to result in, physical, sexual, psychological or economic harm or suffering and may include the exploitation of the individual’s circumstances, characteristics or vulnerabilities.
This working definition is rather broad and needs to mature further. On the other hand, it is a reality that any crime may have a “cyber” element that may change the nature and scope of the crime.
Types of cyberviolence
In practice, acts of cyberviolence may involve different types of harassment, violation of privacy, sexual abuse and sexual exploitation and bias offences against social groups or communities. Cyberviolence may also involve direct threats or physical violence as well as different forms of cybercrime.
There is not yet a stable lexicon or typology of offences considered to be cyberviolence, and many of the examples of types of cyberviolence are interconnected or overlapping or consist of a combination of acts.
Not all of forms or instances of cyberviolence are equally severe and not all of them necessarily require a criminal law solution but may be addressed by a graded approach and a combination of preventive, educational, protective and other measures.
Cyberharassment is perhaps the broadest form of cyberviolence and involves a persistent and repeated course of conduct targeted at a specific person that is designed to and that causes severe emotional distress and often the fear of physical harm.
Cyberharassment is often accomplished by a “storm of abuse”. Harassers terrorize victims by threatening violence. Offenders post defamatory falsehoods to cause the victim embarrassment or worse among friends, family or co-workers. Offenders impersonate victims in online ads, and suggest – falsely – that their victims are interested in sex with strangers. Sometimes, harassers manipulate search engines to ensure the prominence of the lies in searches of victims’ names. Harassers invade victims’ privacy by posting their sensitive information, such as nude images or national identity numbers. Or harassers may use technology to knock people offline. Cyberharassment in popular discourse may be described as or related to “revenge porn” or “sextortion.”
Cyberharassment is often targeted at women and girls and termed “cyber violence against women and girls” (CVAWG or Cyber VAWG) involving:
- Unwanted sexually explicit emails or other messages;
- Offensive advances in social media and other platforms;
- Threat of physical or sexual violence;
- Hate speech meaning language that denigrates, insults, threatens or targets an individual based on her identity (gender) and/or other traits (such as sexual orientation or disability).
Cyberharrassment thus involves a range of conduct, including for example “cyberbullying” and “revenge porn”.
ICT-related violations of privacy
Many forms of cyberviolence represent or are related to a violation of victims’ privacy.This may include computer intrusions to obtain, steal, reveal or manipulate intimate data, the researching and broadcasting of personal data (“doxing”), or acts such as “cyberstalking” or “sextortion/revenge porn”.
Online sexual exploitation and sexual abuse of children
Children seem to represent a primary group of victims of cyberviolence, in particular with respect to online sexual violence.
While the “online sexual exploitation and sexual abuse of children" are not necessarily new and distinct forms of sexual exploitation and sexual abuse of children, ICTs have increased the accessibility to children by persons looking to sexually abuse and exploit them. ICTs facilitate the sharing of images and videos of the sexual abuse and thus reinforce the long-lasting harmful impact of the abuse of children. ICTs also contribute to making commercial gains from sexual exploitation of children easier. ICTs however do not, in and by themselves, give rise to distinct types of sexual offences against children.
Online sexual exploitation and sexual abuse of children includes the behaviour listed in articles 18 to 23 of the Lanzarote Convention and in article 9 of the Budapest Convention in an online environment or otherwise involving computer systems:
- Sexual abuse (article 18), that is, “a) engaging in sexual activities with a child who, according to the relevant provisions of national law, has not reached the legal age for sexual activities; or b) engaging in sexual activities with a child where:
- use is made of coercion, force or threats; or
- abuse is made of a recognised position of trust, authority or influence over the child, including within the family; or
- abuse is made of a particularly vulnerable situation of the child, notably because of a mental or physical disability or a situation of dependence.“
- Child prostitution (article 19), that is, “a) recruiting a child into prostitution or causing a child to participate in prostitution; b) coercing a child into prostitution or profiting from or otherwise exploiting a child for such purposes; or c) having recourse to child prostitution.”
- Child pornography (article 20), that is, “a) producing child pornography; b) offering or making available child pornography; c) distributing or transmitting child pornography; d) procuring child pornography for oneself or for another person; e) possessing child pornography; f) knowingly obtaining access, through information and communication technologies, to child pornography”. “Child pornography” shall mean any material that visually depicts a child engaged in real or simulated sexually explicit conduct or any depiction of a child’s sexual organs for primarily sexual purposes.
- Corruption of children (article 22), that is, “the intentional causing, for sexual purposes, of a child who has not reached the age [below which it is prohibited to engage in sexual activities with a child] to witness sexual abuse or sexual activities, even without having to participate”.
- Solicitation of children for sexual purposes (article 23) – also called “grooming” – that is, “the intentional proposal, through information and communication technologies, of an adult to meet a child who has not reached the age set [below which it is prohibited to engage in sexual activities with a child] for the purpose of committing any of the offences established in accordance with article 18, paragraph 1.a [engaging in sexual activity with a child], or article 20, paragraph 1.a [producing child pornography], against him or her, where this proposal has been followed by material acts leading to such a meeting”.
Online sexual exploitation and sexual abuse are major forms of cyberviolence targeting children. It should be kept in mind, however, that children are also victims of other types of cyberviolence.
ICT-related hate crime
Cyberviolence may be motivated by “a bias against the perceived personal characteristic of the victim or a perceived group membership of the victim. These groups or characteristics include but are not limited to race, ethnicity, religion, sexual orientation or disability.”
It includes conduct that can be criminalised under the Budapest Convention’s Additional Protocol on Xenophobia and Racism (ETS 189).
Hate crime has serious consequences for individuals and societies and may lead to communal violence and the destabilisation of entire societies.
The Group concluded, however, that a full mapping of the issue of hate crime would not be feasible within the mandate and timeframe given by the T-CY.
ICT-related direct threats or actual violence
Cyberviolence also comprises direct threats of violence or direct physical violence. Computer systems may be used in connection to murder, kidnapping, rape and other acts of sexual violence, or extortion.
Forms of direct violence include interference with medical devices causing injuries or death, or attacks against critical infrastructure by means of computers. “Swatting” is another example.
Considering the definition proposed above, some forms of cybercrime may also be considered acts of cyberviolence, such as illegal access to intimate personal data, the destruction of data, blocking access to a computer system or data, etc. This is for example captured in 18 United States Code Section 1030(a)(7) on “extortion involving computers”.
Denial of service attacks may lead to physical harm of individuals – for example, if fire emergency telephone lines are unable to accept calls or if traffic control systems or hospital services are disabled.
An increasing number of studies – many of them with statistical data – is available covering different aspects of cyberviolence, in particular targeting children, as the following examples illustrate.
Given that concepts and definitions are yet to be agreed upon, and that cyberviolence is often a continuum of offline violence, it is difficult to compare different sets of data and to arrive at an overall assessment of the scale and impact of cyberviolence.
Nevertheless, it is safe to conclude that cyberviolence is a growing problem with significant impact on an increasing number of individuals, in particular women and children, in many regions of the world.
Challenges to the investigation and prosecution of cyberviolence
A range of issues arises in relation to cyberviolence that need to be taken into consideration. For example:
Victims have no information on available remedies:
A particularly-distressing aspect of cyberviolence is that victims may not know how to get help. They may be warned viciously not to contact law enforcement, and they may not know whom to contact anyway (see further discussion below). Their normal methods of communication may be cut off or compromised and a sustained attack may so shock and disturb them that their ability to defend themselves, or even to think straight, may be diminished.
Limited help by law enforcement:
Victims may have the impression that law enforcement was of little use, or that it required great persistence to obtain useful aid. Cyberviolence may involve methods that are particularly difficult for police forces to investigate, and victims may be told – correctly or incorrectly – that there is nothing that law enforcement can do. Like any other form of violence against women, online violence against women is often overlooked because of a lack of awareness and gendered understanding of violence. Victims’ experience are often considered as “incidents” rather than patterns of behaviour, and victims are blamed for the violence they face.And thus, a single individual’s complaint may fail to reveal that it is part of a larger pattern in which a particular perpetrator may be targeting dozens of victims in multiple jurisdictions, such as was the case with Aydin Coban who victimized more than three dozen teenage girls and boys in many countries including the Netherlands and Canada (leading to the suicide of 15 year-old Amanda Todd).In some countries, only certain police forces have authority to investigate such crimes. It may be difficult for victims to learn which unit to turn to or, as a practical matter, it may be difficult to work with the unit (if the unit is in the capital and the victim is hundreds of kilometres away). Victims may also encounter law enforcement or officials who are unacquainted with the phenomenon and do not understand the potential gravity. Finally, local law may not address certain types of attack under criminal law (possibly for valid reasons), so there is simply no legal basis for prosecution.
Protection of children versus protection of adult victims:
Children may to some extent be better protected than adults because child exploitation statutes may be usable to cover cyberviolence against children. If a 14-year-old girl is stalked and secretly filmed, for example, child exploitation statutes may be available for a prosecution. However, a country’s statutes may not offer the same protection to a 19-year-old woman.
Role of social media providers:
Various Internet/social media platforms can play a role in cyberviolence. Information on social media can be used to identify and locate victims, to learn about their vulnerabilities (what shifts they work and their commuting hours, for example), to gather details about them, and for other purposes. Other platforms may be used to post victimizing messages – solicitations for rape, for example – or to threaten targets.
Of course, some platforms have fostering crime as a business model, so complaints and removal are irrelevant to them. Other platforms offer mechanisms for complaints or for removal of postings. These mechanisms may not be sufficient or quick enough, and victims may find that a posting has been disseminated widely and removal in one location is useless.
In some countries, groups have begun to protest the lack of action by providers. There is an opportunity for Internet platforms, especially those with wide reach and sufficient staffing, to take active steps against cyberviolence, including removal of posts and preserving evidence.
In January 2018, it was reported that Facebook reached a settlement in Northern Ireland with a teenage victim of revenge porn “after her [intimate] photo appeared several times between November 2014 and January 2016. She alleged misuse of private information, negligence and breaching the Data Protection Act. Her lawyers [….] claimed the settlement had “moved the goalposts” in terms of how social media networks such as Facebook would have to respond to indecent and abusive messages and images being posted on their sites.”
Free speech versus hate speech:
Countries have different views about the degree to which speech should be limited by society – that is, where to set the balance between one person’s fundamental right to express him/herself and another person’s fundamental right to safety. For example, a website may post the schools that the children of police attend, with photos of the children. If no explicit threat is included on the site, countries may differ about whether such postings constitute illegal speech. If an explicit threat is included, countries may still differ about whether it is serious enough that it constitutes a crime.
Many countries restrict or ban hate speech, normally defined as expression that attacks discrete identifiable groups, such as religious, ethnic, or national groups.
The US does not restrict hate speech absent a sufficient level of danger. Given the current concentration of data subject to US law, US domestic law has much influence on the Internet. Its rejection of many restraints on speech has repercussions for people who are outside the United States. In addition, because of US law, the US government sometimes declines to provide mutual legal assistance in cases that involve hate speech.
As private entities, providers are permitted under US law to make their own rules about what material they carry on their systems. Some choose to regulate content, but others permit speech that is illegal outside the US. In recent years, European countries have sought cooperative agreements with such providers to remove speech that is illegal by European standards. Some countries have taken binding steps to enforce such removal.
Strasbourg, France 9 July 2019
Recommendations at the level of the Council of Europe and Cybercrime Convention Committee: The...
Strasbourg, France 13 July 2018
Key messages on cyberviolence resulting from Octopus Conference 2018: Cyberviolence comprises a...