1. Being kindly invited to attend a regional workshop on effectiveness of legislation and on international judicial cooperation, within the CyberCrime@IPA Project (Istanbul, 10-12 April 2013), I had the privilege to join an interesting exercise regarding practical aspects of fighting cybercrime. States from Southern Europe discussed their legislations and the way they face, in the real life, criminal investigations and international cooperation on cybercrime. It was an interesting exercise because it was detected that good part of the noise, creating difficulties in concrete cybercrime investigations and jeopardising international cooperation efforts, would be avoid if some small problems were fixed – for example, some small alterations were introduced in details of the national legal frameworks and in some routines.
2. The first topic was the effectiveness of legislation. The aim of the meeting was to detect if the represented States have an updated legislation on cybercrime and digital evidence and it was concluded that, in fact, most of the countries have improved and modernised their legislations in the recent years. However, some gaps were still related, for example referring to preservation of data, retention of traffic data or interception of digital communications. Some difficulties were also mentioned in the moment of using, in court, digital evidence.
3. If the general picture was very interesting regarding legislation, it cannot be said the same with respect to the effectiveness of international cooperation, the second topic.
4. It was mentioned that States do not use very often Budapest Convention, even if they are a Party, using instead the traditional and less efficient classic cooperation instruments. The problem here is that the central authorities, competent to receive and send the classic mutual legal assistance requests showed themselves clearly overburdened and not able to satisfy, in due time (and even less, in an expedite manner) requests on cybercrime or digital evidence, as Article 31 of Budapest Convention states.
Some possible solutions were discussed, mainly the possibility of adopt multi-language forms that would make easier to send, receive and execute requests on obtaining digital evidence, avoiding, for example, the cost (in money and time) of translation. Another option mentioned was the possibility of increasing the already existing mechanisms (but not currently used) of direct contacts between judicial authorities (for example, exploring the possibilities of Article 4 of the 2nd Additional Protocol to the 1959 Convention on Mutual Legal Assistance in Criminal Matters).
5. Still regarding direct contacts, one of the most interesting conclusions respects some lack of effectiveness of the existing 24/7 contact points: this interesting operative tool is not being used as it could be. Sometimes, it is not sufficiently known internally. In other cases, does not have regular contact with the authorities in charge of international cooperation – thus, cannot follow up next steps of the incoming informal cooperation requests.
6. Another interesting conclusion regards the need that investigators (police or prosecutors) underline of obtaining data from Internet service providers or web service providers from abroad, in an expedited manner. It seems clear that ISPs are not included in the concept of authorised person, included on Article 32, b, of Budapest Convention. Thus, it is not possible to States to use this legal ground on this context.
This is not an isolated question, as it was clearly noted that beyond formal international cooperation, many times, in concrete investigations, there is need of informal cooperation (both informal police to police cooperation and informal cooperation provided by multinational ISP or web services providers). At this point, it was detected an important paradox: some of the represented States don’t see with good eyes informal cooperation. At least at the moment of using evidence in court, some legal systems don’t accept evidence that was obtained by “alternative” means, other than formal international cooperation. On the other side of the coin, some States will not allow, at all, any kind of contact from foreign authorities with their nationals, within their territory.
7. As mentioned, this is a strange paradox, as most of the law enforcement agencies from the region (as from the rest of the world, in fact) claim the need of flexible access to information stored by multinational (global) service providers and web services providers.
Besides, it is nowadays clear the receptivity from some of the major US based web services providers to provide information to law enforcement agencies from different countries, directly, without the need of a formal request – the official policy of the US Government is to encourage providers to send directly non-content information (subscriber and traffic data) to those who directly ask for it, even if it will not be an obligation to providers to respond.
8. In these matters, there is room for initiatives from the Council of Europe, supporting the efficiency of the 24/7 network or providing technical assistance, for example, developing multi-language forms and model requests. Efforts can be made helping the different countries to revisit the views they may have on subscriber information and on the required proceedings to obtain it. And it would be interesting to implement a landscape facilitating multilateral dialogue, for instance, between the Parties from Budapest Convention and the major multinational ISPs and web services providers, helping the States to send requests to the providers with respect by their formal requirements and internal policies.