1. Law enforcement should invest in capacity building in the areas of Internet monitoring, cyber-patrols, undercover online investigations (cyber-infiltration), the use of OSINT by specialised officers, social network analysis, and the use of automatic searching tools to analyse evidence. The development and use of such tools must adhere to the rule of law principles. Countries should consider adapting existing legislation to allow for cyber-patrolling and covert online investigations (cyber-infiltration) – with careful consideration for ethical implications. Authorities should also consider investing in tools to assist investigators in handling and processing large-volume data (big data capabilities). Resources could be pooled at the supranational level for the development of technological products, such as web-crawlers as well as sharing expertise on their use.

2. Law enforcement and labour inspectorates should implement more stringent regulations and frequent controls on job advertisement websites. This could be done with the support of technological tools developed in cooperation with private companies (e.g., online job advertisement validator tools, tools to scrape job advertisements sites and apply THB markers). Labour inspectorates should develop digital expertise and increase their online presence.

3. Countries/private providers/NGOs must enhance online confidential reporting mechanisms, allowing anonymous reporting of THB cases as well as victims’ self-identification. Chat, including chatbots, and instant messaging functions could be valuable online tools. Countries should work with private companies offering online services to design out opportunities for traffickers, develop content analytics to detect THB instances and set up easily accessible mechanisms for clients to flag up suspicious activities/advertisements. Where allowed by domestic legislation, this should be extended to companies offering online adult services. Online content and information (e.g., IP addresses) linked to flagged activities/advertisements should be stored securely by companies.

4. Law enforcement should consider training officers specialised in both ICT and THB. Countries should also consider creating technical support groups staffed by sworn or non-sworn police officers with specialised ICT capabilities embedded within THB units. Furthermore, countries should review the design of the internal distribution of digital investigative capabilities to anticipate and avoid potential bottlenecks in investigations. As ICT-facilitated crime, including THB, is likely to continuously increase, the lack of specialist officers at the local level and the overreliance on assistance from (busy) centralised cyber-crime units are likely to create bottlenecks.

5. Law enforcement should make sure that all officers possess an adequate level of expertise in collecting and handling electronic evidence. Training on electronic evidence should be made integral to training curricula and constantly kept up-to-date due to the fast-changing technological and behavioural landscape. As the preservation of electronic evidence is key to building strong investigations, also counsellors and NGOs first-respondents need to be familiar with strategies to preserve digital evidence (e.g., by storing chat histories).

6. Countries/international organisations should regularly carry out a strategic analysis to generate knowledge on emerging trends on offenders’ modus operandi as well as to keep up-to-date with the fast-changing behavioural patterns of technology users and the technological landscape. Based on this strategic evidence, countries can then launch targeted police operations, set up cooperation agreements, as well as devise targeted awareness-raising campaigns. Knowledge should be regularly disseminated at the national and supra-national levels.

7. Countries should increase cross-border cooperation through streamlined procedures, the sharing of best practices and technologies (e.g., specialised software) and the enhanced dissemination of practical information about the contact points/dedicated units that serve as “privileged contact” in the case of THB cases, including ICT-facilitated THB. Cooperation and support between destination and origin countries should be encouraged (e.g., expensive technological equipment might be affordable only to more affluent destination countries).

8. Prosecutors should be provided with specific training on technology-facilitated THB and the handling of electronic evidence as well as its presentation before a judge/jury. Countries should take measures to ensure that prosecutors are familiar with procedures to request electronic evidence from private companies as well as obtaining evidence and cooperation from other countries both within the EU legal framework (via Joint Investigation Teams and European Investigation Orders) and outside the EU legal framework.

9. Countries should develop data-sharing procedures with companies holding relevant data and consider developing cooperation protocols with private companies, including social network and gig-economy companies as well as rental platforms to foster the timely provision of information. Such protocols/procedures should clarify the legal requirements under which ICTs companies, ISPs and content hosts operate; designate a contact point within companies; and clarify the national agencies responsible for specific actions, e.g. requesting evidence or taking down THB-related content. Refusal to share evidence or take down THB-related content should be timely, explicit, and motivated.

10. A smoother process should be established for Mutual Legal Assistance Requests (MLAs), including clearer procedures, increased usage of enhanced networks of contact points, including EJN contact points, and requirements for MLAs to be clearly set out and discussed at the outset. Countries should ensure that their personnel are adequately trained to process MLAs, EIOs and other international tools. Countries and international organisations should develop commonly agreed and accepted templates underpinning cooperation processes with a view to ease communication, decrease administrative burdens and minimise mistakes in the requests. Countries should also develop the use of secure forms of electronic communication and promote their adoption to smoothen international cooperation.

11. Joint Training Activities (JTAs) should be envisaged for countries that are systematically engaged in joint THB cases. Transnational knowledge exchange can be fostered through participation in international/regional training focused on specific aspects of investigating ICT-facilitated THB. Such training should include case studies and scenarios on ICT-facilitated THB. Training on ICT-facilitated THB and associated legal instruments should also be provided to prosecutors and judges.

12. NGOs should receive training on the latest developments in both technological and THB landscapes, including changes in recruitment strategies. NGOs should be in a position to exchange experiences on international best practices.

13. Authorities should devise common procedures for the rapid exchange of digital evidence with Internet Service Providers (ISPs) and should re-assess the length of data retention obligations imposed on ISPs (current periods are too short considering the length of police investigations). Efforts should be made to adopt a common framework regarding data retention obligations and sharing of electronic evidence.

14. To leverage on the full potential offered by the Cybercrime Convention, countries should (a) complete the harmonisation of national legislations with the Convention; (b) widen and enhance the training on the possibilities offered by the Convention as not all State Parties are currently using the tools available to their full potential; (c) raise awareness on the broad scope of the procedural powers and tools for international cooperation of the Convention, particularly in relation to THB cases; and (d) swiftly implement the measures included in the Second Additional Protocol.

15. Countries should carefully assess the issue of where their contact point (as per the Cybercrime Convention) is located within the criminal justice system to avoid bottlenecks. With the increasingly central role played by ICTs and electronic evidence, such contact points will be under increasing pressure and will be quickly overwhelmed if not adequately staffed. Countries might wish to consider staffing such contact points with personnel possessing expertise in different crime types, including ICT-facilitated THB.

16. Countries outside Europe should be encouraged to adopt key international legal tools, such as the CoE Cybercrime Convention and the CoE Convention on Mutual Assistance in Criminal Matters, to smoothen and enhance international cooperation.

17. Cooperation and synergies should be increased between the monitoring mechanism of the Anti-Trafficking Convention (GRETA and Committee of the Parties) and T-CY, for example, in the form of exchange of views as well as the development of capacity-building activities focusing on both conventions.

18. Private companies, working with the authorities and NGOs, should increase online social advertising to prevent victimisation and improve the detection of technology-facilitated THB. Countries should increase their efforts to inform individuals about their employment rights in a language they understand, in cooperation with NGOs and with companies that provide hosting services for job advertisements. The impact of campaigns should be routinely evaluated.

19. Countries, NGOs and private companies that provide online and ICT services should run initiatives to raise awareness on technology-related risks, including how traffickers might exploit technology and how potential exploitative situations might begin. Schools and educators should be made part of this effort as children and young adults are exposed to heightened risks. Countries and NGOs should work with private companies offering communication and messaging services to design into the system information/warnings on the safe use of private channels of communications.

20. NGOs should offer training on techniques of data protection and safe use of technology as part of victims’ protection and reintegration programmes. Victims should not be cut out of technology with the effect of disempowering them.

21. Countries should include a technology strategy in their national action plans for combating trafficking in human beings.