Legal jurisdiction over malware-related crimes: From theories of jurisdiction to solid practical application

As far as malware-related crimes are concerned, extra territorial jurisdiction and the law of extradition need one another to work perfectly, but there has never been a standard universal rule governing them. While Universality Principle can be argued to be the most ideal solution to the problem, it is opposed by the supporters of the notion of self-regulation of the internet, not to mention it lacks the required universal support. Thus the determination of the issues has to be based on the analysis of existing measures of practical applications.     

Data attack of the cybercriminal: Investigating the digital currency of cybercrime

It is increasingly argued that the primary motive of the cybercriminal and the major reason for the continued growth in cyber attacks is financial gain. In addition to the direct financial impact of cybercrime, it can also be argued that the digital data and the information it represents that can be communicated through the Internet, can have additional intrinsic value to the cybercriminal. In response to the perceived value and subsequent demand for illicit data, a sophisticated and self-sufficient underground digital economy has emerged. The aim of this paper is to extend the author’s earlier research that first introduced the concept of the Cybercrime Execution Stack by examining in detail the underlying data objectives of the cybercriminal. Both technical and non-technical law enforcement investigators need the ability to contextualise and structure the illicit activities of the cybercriminal, in order to communicate this understanding amongst the wider law enforcement community. By identifying the potential value of electronic data to the cybercriminal, and discussing this data in the context of data collection, data supply and distribution, and data use, demonstrates the relevance and advantages of utilising an objective data perspective when investigating cybercrime.     

Challenges before crime in a digital era: Outsmarting cybercrime offenders – Workshop on Cybercrime, Computer Crime Prevention and the Surveillance Society

On 5 November 2010 within the framework of the Fifth International Conference on Legal, Security and Privacy Issues in IT Law (LSPI) and associated conference series a Closing Workshop was held at the Universitat Internacional de Catalunya (UIC) to review and address the main challenges of Cybercrime. The event complemented the CLSR 150th Anniversary Seminar on Digital Identity held the previous evening at the Barcelona office of law firm Roca Juyent. The Workshop was supported by the Computer Forensics Laboratories CFLabs and by CLSR. Copies of the journal were distributed via a booth at the event to enable relevant papers published in the journal to be accessed during the workshop event. The Cybercrime Workshop provided an opportunity for academics, practitioners and consultants from different backgrounds and nationalities to come together and exchange ideas to discuss significant developments in Cybercrime and emerging issues on IT security.     

The stages of cybercrime investigations: Bridging the gap between technology examination and law enforcement investigation

Cybercrime investigation can be argued as still in its infancy. The technical investigation practices and procedures of global law enforcement are also still evolving in response to the growing threat of the cybercriminal. This has led to considerable debate surrounding the adequacy of current technical investigation models, examination tools and the subsequent capability of law enforcement to tackle cybercrime. To bridge the gap between low-level technology recovery and digital forensic examination, and to overcome the many technical challenges now faced by law enforcement; this paper presents an extended cybercrime investigation model capable of guiding the investigative practices of the broader law enforcement community. The Stages of Cybercrime Investigations discussed throughout this paper, demonstrate the logical steps and primary considerations vital to investigating cyber related crime and criminality. The model is intended to provide both technical and non-technical investigative resources, covering mainstream law enforcement, partner agencies and specialist technical services, with a formal and common structure when investigating the complex technical nature of cybercrime. Finally, the model is further aimed at providing cybercrime investigators with a means to consolidate understanding, share knowledge and communicate the resulting outcomes as an investigation moves through each relevant stage.     

It wasn't all white light before Prism: Law enforcement practices in gathering data abroad,and proposals for further transnational access at the Council of Europe

This is a brief comment on a meeting held at the Council of Europe in Strasbourg, which discussed ways of improving transnational access to data by law enforcement through the Cybercrime Convention. In particular, the possible introduction of a new protocol, and a guidance note on art. 32(b), were considered. It is argued that there are serious concerns with both proposals. Moreover, the meeting revealed a surprising lack of knowledge as to current levels of cooperation between law enforcement and foreign service providers.     

The impact of cybercrime on businesses: a novel conceptual framework and its application to Belgium

Despite growing indications and fears about the impact of cybercrime, only few academic studies have so far been published on the topic to complement those published by consultancy firms, cybersecurity companies and private institutes. The review of all these studies shows that there is no consensus on how to define and measure cybercrime or its impact. Against this background, this article pursues two aims: 1) to develop a thorough conceptual framework to define and operationalize cybercrime affecting businesses as well as its impact, harms, and costs; and 2) to test this conceptual framework with a survey of businesses based in Belgium, which was administered in summer 2016 and elicited 310 valid responses. Consisting of five types, our conceptualization of cybercrime is, unlike others, technology-neutral and fully compatible with the legislation. Drawing on Greenfield and Paoli’s Harm Assessment Framework (The British Journal of Criminology, 53, 864–885, 2013), we understand impact as the overall harm of cybercrime, that is, the “sum” of the harms to material support, or costs, and the harms to other interest dimensions i.e., functional (or operational) integrity, reputation and privacy. Whereas we ask respondents to provide a monetary estimate of the costs, respondents are invited to rate the severity of the harms on the basis of an ordinal scale. We claim that this “double track” gives a fuller, more valid assessment of cybercrime impact. Whereas most affected businesses do not report major costs or harm, 15% to 20% of them rate the harms to their internal operational activities as serious or more, with cyber extortion regarded as most harmful.     

A comparative study on sanction system of cyber aider from perspectives of German and Chinese criminal law

In the context of the global information age, cases concerning the provision of technical assistance to commit cybercrimes are growing in leaps and bounds and a brand-new crime-as-a-service industry is beginning to take shape. German criminal law addresses this issue in the context of joint commission theory and individual incrimination as complementary, whereas the Chinese model, by contrast, has made marked progress in the fight against cyber aiding by introducing new criminal provisions. The change of cyber-aiding indeed represents a significant challenge to current criminal legislation and consideration of its criminal countermeasures is indispensably significant.     

The conference of European affairs committees: A collective voice for national parliaments in the European union

The role of national parliaments in the European Union has been the subject of intense debate in the last decade. The Maastricht and Amsterdam Treaties contained significant texts aimed at enhancing the role of national parliaments. Several major political figures in Europe have recently discussed the case for making the collective voice of national parliaments better heard and this issue is firmly on the ‘post‐Nice’ agenda.’ In parallel, an important debate has been running between the parliaments themselves about a collective role for national parliaments. Since 1989, a little‐known body has provided a forum for these debates. This article aims to set out the history of that body, and to highlight some of the issues surrounding an enhanced role for national parliaments.     

Unauthorised access to wireless local area networks: The limitations of the present Australian laws

Wireless local area networks (WLANs) have enjoyed a rapid increase in usage in recent years. WLANs serve to connect users to the Internet by means of radio or infrared frequencies. The rise in WLAN usage has however served to highlight some of the inadequacies of the present laws governing unauthorised access to WLANs. At present, the legislation serves to make unauthorised access, modification or impairment of electronic communications illegal. It is clear that the provisions prohibit the hacking of computer systems and denial of service attacks. However, it is unclear whether the legislation extends to additional forms of unauthorised access such as wardriving (using software to identify and map freely available WLAN) and joyriding (accessing a network with no further damage to the connection). The liability of Internet Service Providers and those engaged in unauthorised access in public places also remains unclear. Finally, the relationship of the offence of unauthorised access to the tort of trespass and the laws of copyright remain untested. The objective of this paper is to consider the measures necessary to increase the effectiveness of WLAN laws. The paper will begin by considering the nature of WLAN technology and the policy discourse to date. This will be followed by an examination of the present Australian law and an identification of areas of uncertainty. Finally, the paper will consider the measures required to enhance the certainty and effectiveness of the laws governing unauthorised access to WLAN.     

The Group of 77 in the international climate negotiations: recent developments and future directions

First, we describe and analyze the main set of G77 positions in the climate negotiations and the dynamics behind the emergence of these positions. While it is puzzling that the G77 has managed to maintain itself as a group in spite of internal differences along variables as prosperity, emissions and vulnerability to climate change, we claim that a core element behind this cohesion is that these countries share domestic governance problems as much as poverty and economic underdevelopment. Second, we discuss how recent trends of economic and political development in the third world influence the climate policy strategies of the G77 group in the future. The main factor here is the economicand social progress in states like China, India and Brazil, which separates them from the poorer and less powerful G77 states. Increasing heterogeneity along variables like governance, growth, and importance for the international economy is creating an increasing drive among the most successful G77 states towards bilateral agreements with industrialised powers. We do not foresee a departure from traditional G77 positions and membership by these states in the official climate negotiations or a departure from the Kyoto process, but an increasing reliance on bilateral agreements with industrialized countries that link considerations for energy security and the environment. The ability to gain these advantages without commitments may make these states less interested in adopting commitments for the post-Kyoto period. This is unfortunate for the LDCs and the AOSIS groups within the G77, who probably are most vulnerable to climate change.