Octopus Conference 2023
Bucharest, Romania | 13-15 December 2023
The Octopus Conference is part of the Octopus Project which is currently funded by voluntary contributions
from Canada, Hungary, Iceland, Italy, Japan, Netherlands, UK and USA.
Held every 12 to 18 months by the Council of Europe, the Octopus Conference constitutes one of the biggest and finest platforms of exchange in cybercrime gathering experts from more than 100 countries, international organisations, private sector and academia.
The focus for the 2023 edition will be two-fold:
- Securing and sharing electronic evidence: the tools are here – let’s use them!
- Capacity building on cybercrime and electronic evidence: 10 years of Cybercrime Programme Office (C-PROC) – What impact so far; what’s next?
Plenary of the Cybercrime Convention Committee (T-CY)
Participation in the T-CY plenary is restricted.
Meeting of the International Network of National Judicial Trainers
Invited participants only.
13 - 15 December
Octopus Conference 2023
Download our Save-the-Date
Meet all of the speakers (coming soon)
AGENDA: 13 December 2023
Workshop 1: Global state of cybercrime legislation
Legislation is the basis for criminal justice action on cybercrime and electronic evidence. Many governments around the world have undertaken legal reforms, often using the Budapest Convention on Cybercrime as a guideline. However, cybercrime legislation also needs to meet human rights and rule of law requirements to prevent misuse. The aim of this workshop is to review progress made worldwide in terms of cybercrime legislation and to identify possible risks and challenges.
- Visit the Global state of cybercrime legislation workshop page (coming soon)
Workshop 2: Spontaneous information sharing
Through its tools and mechanisms, the Budapest Convention on Cybercrime fosters swifter international cooperation on electronic evidence. Alongside other similar provisions of UN Convention against Transnational Organized Crime (UNTOC), Second Additional Protocol to the European Convention on Mutual Assistance in Criminal Matters, European Convention on Laundering, Search, Seizure and Confiscation of the Proceeds from Crime, Article 26 of the Budapest Convention on Cybercrime is an important tool for facilitating quick and efficient transmission of information (and sometimes evidence) in investigations, especially in transnational cybercrime cases, involving several jurisdictions and a high number of victims. More recently, the use of Article 26 became even more relevant in investigations into the criminal use of encrypted telephones (e.g. SkyECC) and/or cybercrime cases into the dark web.
It is important to note that the transmission under Article 26 can be subject to conditions and safeguards set forth in the domestic laws. These conditions aim to ensure compliance with legal procedures, protect individual rights, and maintain the integrity of the criminal justice system.
The aim of the workshop is to identify current practices of using the mechanisms under Article 26 of the Convention on Cybercrime by different parties, including limitations and conditions.
- Visit the Spontaneous information sharing webpage (coming soon)
Workshop 3: Online child sexual exploitation and abuse
Online sexual exploitation and sexual abuse of children can take many forms and will often include the following elements: grooming of the child, the production of images and or videos recording the sexual abuse of the child (CSAM) and exchange / sale / distribution / transmission / possession / storage of CSAM. Even after victims are rescued or grow into adulthood, the haunting images and videos of their abuse remain accessible to a global audience. Solutions are therefore needed to put an end to this growing problem.
The workshop aims to address the growing trends of OCSEA, the specific challenges posed by technological developments like end-to-end encryption, and the role of criminal justice systems in protecting victims and apprehending perpetrators. It seeks to understand the technical and legal tools available to mitigate the effects of OCSEA and explore strategies to prevent the spread and impact of Child Sexual Abuse Material (CSAM).
- Visit the Online child sexual exploitation and abuse workshop page (coming soon)
Workshop 4: Synergies between Conventions for a safer cyberspace
The standards of the Conventions maintained by the Council of Europe in the areas of cybercrime, protection of children against sexual abuse, trafficking in human beings and violence against women are not simply complementary, but meant to encourage work between criminal justice authorities, protection officers and policy makers to ensure better criminal justice and related action in these areas. Substantive law offences, use of procedural tools for investigation and preventive/protective work with victims and witnesses are just examples where harmonisation would be key, while concepts such as action on cyberviolence could serve to indicate where and how such synergies should work. The Workshop on Synergies is intended to give voice to four different – but connected – Conventions represented by their Committees in identifying the gaps and finding solutions for these synergies to work.
- Visit the Synergies between Conventions webpage (coming soon)
Workshop 5: Intersection of cybercrime and financial investigations
Establishing efficient collaboration between criminal justice authorities investigating cybercrime and institutions responsible for financial investigations is vital to safeguard societies from criminal activities. Both financial investigations and actions against cybercrime play a pivotal role in achieving this goal. The workshop will focus on identifying areas of collaboration, fostering domestic and international cooperation, disseminating effective models for interagency teamwork and highlighting the principles governing the exchange of information and evidence among financial and cybercrime experts.
- Visit the Intersection of cybercrime and financial investigations webpage (coming soon)
Workshop 6: Cybercrime and AI
Artificial Intelligence in the criminal justice sector can represent a serious threat or enhance the fight against cybercrime. Generative AI can produce various types of content, including text, imagery, audio and synthetic data. It may provide effective ways to tackle crimes such as enhancing surveillance systems and providing investigative assistance by analysing vast amount of data but may also be misused for criminal purposes. Falsified media can even be presented as evidence in court. The aim of this workshop is to examine what are the threats of generative AI for the criminal justice sector, what can be its role in countering cybercrimes, and what are the key issues that need to be taken into account in assessing the generative AI e-evidence.
- Visit the Cybercrime and AI webpage (coming soon)
AGENDA: 14 December 2023
Side event: CyberEAST to CyberEast+
The Closing Conference of the CyberEast project will follow the project themes of legislation and policies, capacity building, and co-operation, to tell the stories from the perspectives of the national partners demonstrating the impact and relevance of the project to improve their capacities regarding cybercrime and electronic evidence. The European Commission and the Council of Europe will formally assess and complete the project and launch a new regional action on cybercrime and electronic evidence in the region through the new CyberEast+ project. The workshop will also discuss and adopt a new Declaration on Strategic Priorities for the Eastern Partnership region with key project partners, serving as inspiration for policies and capacity building in the region’s countries.
- Visit the webpage (coming soon)
Side event: iPROCEEDS-2 to CyberSEET
The Closing Conference of the iPROCEEDS-2 project will encompass the project's main objectives, including legislation and strategic approaches, mechanisms for reporting, capacity enhancement in cybercrime, training for the judiciary and fostering collaboration between public and private sectors, as well as international cooperation. During the event, the accounts from national partners will take center stage, portraying how the project has improved their agencies competence in handling cybercrime and electronic evidence. This meeting will mark the formal evaluation and closing of the project and the launch of a new regional action targeting cybercrime and electronic evidence in the area. The new initiative, named the CyberSEET project, will be jointly undertaken by the European Commission and the Council of Europe from 2024 to 2027.
- Visit the webpage (coming soon)
Side event: GLACY+ to GLACY-e
Building on the positive results of GLACY+, its continuation, consolidation and expansion is foreseen with the 'Global Action on Cybercrime Enhanced (GLACY-e), a new EU-CoE joint project that started in August 2023. The latter is intended to extend the experience of the GLACY+ project, supporting new selected countries in Africa, the Pacific, Asia and Latin America, while reinforcing the leading role of the 8 hub countries for the capacity building agenda in their respective regions. The conference will offer the opportunity to review the impact of the GLACY+ project and share the lessons learned with the new countries to be on boarded in the new project.
- Visit the webpage (coming soon)
Side event: CyberSouth to CyberSouth+
The objective of the final conference is to jointly review and validate the progresses in the fight against cybercrime in the MENA region during the period 2018 – 2023; assess the impact of the CyberSouth project in five main areas related to the project’s results (legislation, work of police, work of judiciary, international co-operation, national strategies) and evaluate together what worked well (best practices) and what can be improved in the next phase.
- Visit the webpage (coming soon)
For the third time, the Council of Europe will be featuring Lightning Talks sessions, during which speakers will briefly present innovative ideas in the field of cybercrime. A lightning talk is a very short presentation lasting only a few minutes, given at a conference or similar forum. Several lightning talks will usually be delivered by different speakers in a single session.
We invite you to submit your proposal for a major innovative idea that you are willing to share with over 500 participants from around the world, who will reunite at the Octopus Conference in Bucharest. 10 proposals will be selected based on the diversity of topics and presenters. The sugested topics for this year's session include: artificial intelligence, e-evidence of war crimes, cyberdiplomacy, online child sexual exploitation and abuse, women in cyber AND public-private co-operation.
We strive to ensure the right balance of regions, professions, and relevance of subjects for discussion. Speakers using the format will be kept to a strict five-minute time limit, with four minutes for questions. You will be informed whether your proposal was selected mid November.
- Visit the Lightning Talks webpage
AGENDA: 15 December 2023
Atelier 7: Atelier régional pour l'Asie
La dépendance croissante à l'égard des technologies de l'information a entraîné une croissance exponentielle de la quantité de données créées et échangées chaque jour par les utilisateurs et les organisations. Le droit à la protection des données est donc devenu un droit autonome, dérivé du droit fondamental à la vie privée, tel qu'il est inscrit dans la Déclaration universelle des droits de l'homme. Le cadre juridique de la protection des données sert de base au développement d'un écosystème de confiance dans les autorités, qui protègent les citoyens contre les activités malveillantes.
Dans les enquêtes sur la cybercriminalité, les règles de protection des données posent des défis particuliers, tels que la quantité et la variété des données à traiter ou les procédures nécessaires pour assurer leur traitement efficace, impliquant également la coopération avec des entités privées (fournisseurs de services Internet, services bancaires, prestataires de services de cybersécurité).
Ainsi, le renforcement du cadre formel des réglementations en matière de protection des données, conformément aux normes mondiales, est l'une des conditions fondamentales pour permettre l'échange de données et assurer un juste équilibre entre, d'une part, les obligations positives des gouvernements de protéger les personnes contre la cybercriminalité grâce à une coopération internationale efficace et, d'autre part, le droit au respect de la vie privée et à la protection des données.
Visitez la page web de l'atelier régional pour l'Asie (bientôt disponible)
Workshop 7: Regional workshop for Asia
The growing reliance on information driven technology has led to exponential growth in the amount of data created and exchanged every day by users and organizations. The right to data protection has thus emerged as an autonomous right, derived from the fundamental right to privacy as enshrined in the Universal Declaration of Human Rights. The legal framework for data protection serves as the basis for developing an ecosystem of trust in authorities, that protect citizens from malevolent activities.
In cybercrime investigations, data protection rules pose particular challenges, such as the amount and variety of data to be processed or the procedures needed to ensure its efficient processing, involving also the cooperation with private entities (ISPs, banking services, cybersecurity providers).
Thus, strengthening the formal framework of data protection regulations, in line with global standards, is one of the basic conditions for enabling data exchange and for ensuring the right balance between the positive obligations of governments to protect people against cybercrime through effective international cooperation, on one side, and the right to privacy and protection of data, on the other side.
- Visit the Regional workshop for Asia webpage (coming soon)
Workshop 8: Regional workshop for Pacific
9h30 - 11h00 CET
Robust legal frameworks on cybercrime and electronic evidence are the cornerstone for successful investigations and criminal proceedings. International standards, such as the Budapest Convention, provide a framework for consistent definitions, standardised procedural powers and international cooperation mechanisms. But the absence of transposing such measures into national laws undermines a country’s ability to investigate, prosecute and adjudicate cases involving electronic evidence and to engage in the global efforts to effectively respond to the emerging challenges presented by cybercrime.
Small jurisdictions, such as the Pacific Island States, may encounter even bigger struggles in adopting and adapting appropriate laws, considering their specific legal, administrative, and technical contexts. The workshop is aimed at mapping specific challenges and possible solutions based on successful practices in the region.
- Visit the Regional workshop for Pacific webpage (coming soon)
Workshop 9: Regional workshop for Africa
9h30 - 11h00 CET
While electronic evidence is becoming more common and more significant to solving cases than traditional evidence, procedures to obtain such data from other jurisdictions are often lengthy and not effective. Such challenges raise difficulties in processing cases, leading to lower conviction rates and, consequently, slower justice for victims. The Second Additional Protocol to the Budapest Convention provides tools for enhanced co-operation and disclosure of electronic evidence – such as direct cooperation with service providers and registrars, effective means to obtain subscriber information and traffic data, immediate co-operation in emergencies or joint investigations, whilst ensuring a strong system of human rights and rule of law safeguards, especially when it comes to protecting personal data.
Almost a quarter of the African countries are either Parties or have been invited to accede to the Budapest Convention, and thus can benefit from enhanced tools for co-operation by signing the Protocol. The workshop is aimed at showcasing the relevance and expediency of the international co-operation measures provided for in the Protocol, as well as to discuss possible challenges in the implementation of such tools in the region.
- Visit the Regional workshop for Africa webpage (coming soon)
Workshop 10: Regional workshop for Latin America and the Caribbean
Many countries in LAC have undertaken efforts in recent years to establish specialized cybercrime units at the level of police and prosecutorial services, as well as units responsible for digital forensics.
However, the organizational setup and functions of such units keep evolving and are not always based on international good practices. Further, interagency cooperation between specialized cybercrime units and other services, to ensure that electronic evidence is admissible in courts, remain a challenge.
The workshop aims at identifying good practices of setting up forensic units in police/prosecutors’ office and how to ensure the inter-agency co-operation and to avoid overlapping of competencies in the area of digital forensics.
- Visit the Regional workshop for Latin America and the Caribbean webpage (coming soon)
Workshop 11: Capacity building as a game changer: What are the tools?
11h30 - 13h00 CET
The aim of the workshop is to share and identify capacity building efforts which enabled sustainable changes in national systems and increased the effectiveness of the tools against cybercrime. During the last decade, governments, international organizations, private sector as well as civil society organizations have been implementing different project activities to fight and prevent cybercrime at national, regional and international level. Some actions were more successful than others and it is important to capitalize on those experiences that had an impact and helped national institutions and society to effectively address cyber threats.
- Visit the Capacity building as a game changer webpage (coming soon)
Workshop 12: Online xenophobia, racism and freedom of expression
11h30 - 13h00 CET
Digital communication technologies are integrated at all levels of society and are used in various fields including work, education, health care, entertainment, and socialising, while at the push of a button ideas are shared in cyberspace nearly instantaneously and persons may spread hate, racism and xenophobia through these technologies very easily. By doing so, they violate human rights, rule of law and open the door to terrorism, violent extremism and even genocide. Furthermore, Russian aggression against Ukraine has been accompanied by waves of state propaganda celebrating strikes and justifying attacks, including on civilian infrastructure. Another fertile ground for online xenophobia and racism is provided by increased flows of refugees and migrants resulting from armed conflict.
This demonstrates that online hate has increased and should be countered while ensuring a proper balance between the freedom of expression and an effective fight against acts of a racist and xenophobic nature. The First Protocol to the Convention on Cybercrime, opened for signature in 2003, is an important step towards addressing hate in cyberspace by giving government important means to take stand against xenophobia and racism perpetrated online.
The workshop aims to present findings of the good practice study on the implementation of the First Protocol, provide further guidance and possibility to discuss challenges in addressing xenophobia and racism committed online.
- Visit the Online xenophobia, racism and freedom of expression webpage (coming soon)
Workshop 13: Strengthening 24/7 points of contact
11h30 - 13h00 CET
The workshop is expected to further explore the modalities to reinforce the functioning of the 24/7 Network of contact points under the Budapest Convention as follows: sharing good practices for the efficient processing of requests received; identifying additional ways to increase the operability of the Network and understanding the role and responsibilities of the Network with regard to the new tools of the Second Additional Protocol to the Budapest Convention.
- Visit the Strengthening 24/7 points of contact webpage (coming soon)
Participation is subject to registration and is free of charge. Registration will be open from 1 September to 31 October 2023.
* If you have any questions, please contact Octopus Conference Secretariat
- Visa: kindly note that visa arrangements are the traveler’s responsibility
- Accommodation: more details to be announced shortly
- Meals: more details to be announced shorty