International Workshop on Cooperation against Cybercrime in South Asia
Colombo, Sri Lanka, 5-6 April 2011
Conclusions
An international workshop on cooperation against cybercrime in South Asia was held in Colombo on 5 and 6 April 2011 with the participation of more than one hundred public and private sector representatives from Bangladesh, India, Maldives, Pakistan and Sri Lanka. The workshop was addressed by the Hon Mohan Pieris, President’s Counsel, the Attorney General of Sri Lanka, by Supreme Court Justice Suresh Chandra, by Suhada Gamlath, Secretary Justice, and by Professor P.W. Epasinghe, Chairman ICTA and Advisor to the President of Sri Lanka. Speakers and participants from countries of South Asia as well as the Council of Europe and the Cybercrime Convention Committee shared their experience.
An international workshop on cooperation against cybercrime in South Asia was held in Colombo on 5 and 6 April 2011 with the participation of more than one hundred public and private sector representatives from Bangladesh, India, Maldives, Pakistan and Sri Lanka. The workshop was addressed by the Hon Mohan Pieris, President’s Counsel, the Attorney General of Sri Lanka, by Supreme Court Justice Suresh Chandra, by Suhada Gamlath, Secretary Justice, and by Professor P.W. Epasinghe, Chairman ICTA and Advisor to the President of Sri Lanka. Speakers and participants from countries of South Asia as well as the Council of Europe and the Cybercrime Convention Committee shared their experience.
The workshop agreed that:
Cybercrime – ranging from offences against computer data and systems to offences committed by means of computer systems and data as well as content-related offences – was a concern common to all countries. Specific threats include malware, botnets, fraud and criminal money on the internet, denial of service attacks and attacks against infrastructure by criminals as well as terrorists. The fact that almost any crime can have an element of electronic evidence entails major challenges to criminal justice systems;
A distinction should be made between strategies against cybercrime – primarily aimed at criminal justice and the rule of law – and strategies to enhance cybersecurity – primarily aimed at enhancing the protection, reliability and resilience of computer systems and the information infrastructure in general. Intentional attacks against the confidentiality, integrity and availability of computer systems are to be addressed by both, and thus both are linked;
Legislation providing for the criminalization of conduct and for effective investigations is an essential precondition for criminal justice measures. Legislation should be harmonized with international standards, that is, the minimum standards of the Budapest Convention on Cybercrime, in order to ensure consistency and interoperability. It was noted that the legislation of Sri Lanka is already largely in conformity with the Budapest Convention, and important legislation in line with this treaty has also been adopted in India and Bangladesh. In Pakistan a previous ordinance on electronic crime is to be amended and brought in line with the Budapest Convention when transformed into a law in the very near future. In the Maldives, the preparation of such legislation – possibly through a special law – should be envisaged;
Conditions and safeguards regarding investigative powers should be put in place to ensure due process and protect fundamental rights. Countries should also consider data protection regulations to protect the rights of individuals, to facilitate international law enforcement cooperation and to enable e-commerce and out-sourcing of services;
Parliamentarians need to assume responsibility to ensure that domestic legislation is adopted to criminalize conduct, allow for effective investigation and establish safeguards and conditions as well as provisions for international cooperation. Exchanges of views and experience among parliamentarians of South Asia are encouraged, possibly through a regional parliamentary advisory group;
A “buy in” from policy makers is necessary to allow for the adoption of policies, strategies and responses to threats in a timely manner;
The effectiveness and adequacy of legislation should be monitored and assessed on a continued basis in view of fast evolving challenges;
Preventive measures, including awareness and education, should be promoted. High-tech crime units, Computer Emergency Response Teams (CERTs) and the private sector have a role to play in this respect. The national CERTs of Sri Lanka and India and the NR3C of Pakistan already have good practices to share in this respect;
Channels for reporting complaints and incidents by the public should be established to provide a better understanding of cybercrime threats and trends and provide leads for investigations;
Institutional capacities need to be reinforced to permit the enforcement of legislation and responses to incidents. This includes:
- CERTs such as those created in India and Sri Lanka,
- high-tech crime units such as those at the Federal Investigation Agency of Pakistan and the Central Bureau of Investigations in India or the cybercrime squad in the Criminal Investigation Department of Bangladesh. The CoE should develop a toolkit to provide guidance on the establishment of high-tech crime units by making use of the experience available in South Asia,
- comprehensive law enforcement training ranging from first responders to forensic investigators,
- digital forensic laboratories to cope with the increasing need for handling of electronic evidence,
- an important role by prosecutors in the criminal procedure,
- the training and specialization prosecutors and judges. The judicial training concept adopted by the Council of Europe may provide guidance to help ensure that cybercrime and electronic evidence matters are mainstreamed into judicial training. In Bangladesh (where special cyber-tribunals have been created) and in Sri Lanka cybercrime training modules are already being delivered. Countries are encouraged to share experience by making available existing modules and training materials. This would contribute to common approaches on training and facilitate networking between judicial training institutions and between trained judges and prosecutors;
- Online resources for the training of law enforcement, prosecutors and judges in order to complement face-to-face training. The Council of Europe should consider linking cybercrime training initiatives in Asia with similar activities in Europe,
- training and education for private sector entities with large IT infrastructure. This includes in particular the financial sector but also the respective regulators;
- high-tech crime units such as those at the Federal Investigation Agency of Pakistan and the Central Bureau of Investigations in India or the cybercrime squad in the Criminal Investigation Department of Bangladesh. The CoE should develop a toolkit to provide guidance on the establishment of high-tech crime units by making use of the experience available in South Asia,
- comprehensive law enforcement training ranging from first responders to forensic investigators,
- digital forensic laboratories to cope with the increasing need for handling of electronic evidence,
- an important role by prosecutors in the criminal procedure,
- the training and specialization prosecutors and judges. The judicial training concept adopted by the Council of Europe may provide guidance to help ensure that cybercrime and electronic evidence matters are mainstreamed into judicial training. In Bangladesh (where special cyber-tribunals have been created) and in Sri Lanka cybercrime training modules are already being delivered. Countries are encouraged to share experience by making available existing modules and training materials. This would contribute to common approaches on training and facilitate networking between judicial training institutions and between trained judges and prosecutors;
- Online resources for the training of law enforcement, prosecutors and judges in order to complement face-to-face training. The Council of Europe should consider linking cybercrime training initiatives in Asia with similar activities in Europe,
- training and education for private sector entities with large IT infrastructure. This includes in particular the financial sector but also the respective regulators;
Guidelines for handling, analyzing and presenting electronic evidence in court should be developed to ensure that evidence is accepted in criminal proceedings. The Council of Europe should make use of the expertise available in South Asia in this respect;
Considering that most cybercrime is aimed at obtaining undue economic benefits, measures should be taken to protect individuals and the financial system from attacks, to prevent money laundering and the financing of terrorism and to search, seize and confiscate crime proceeds on the Internet. This will help safeguard the financial infrastructure. Interagency and public-private cooperation, including trusted fora for intelligence sharing and analysis, should be created. The forthcoming typology study on criminal money flows of the Council of Europe will document good practices in this respect;
Public-private cooperation is a condition for effective prevention and investigation of cybercrime and for enhancing cybersecurity in general. The Budapest Convention already includes obligations for service providers to cooperate with law enforcement during investigations but this should be complemented by a culture of cooperation and structured cooperation along the lines of the law enforcement/service provider cooperation guidelines adopted by the Council of Europe’s Octopus Conference in 2008. India and other countries of South Asia already have valuable experience in this respect;
Cybercrime is often transnational crime or involves evidence located in foreign jurisdictions or held by foreign service providers. Efficient international cooperation to secure volatile electronic evidence and obtain it for investigation and criminal proceedings is the main challenge. The setting up a regional council or similar mechanism for cooperation against cybercrime in South Asia is encouraged. Existing channels of police-to-police cooperation, CERT-to-CERT cooperation and judicial cooperation should be exploited. The Commonwealth framework may be useful in this respect, but also existing South Asia regional cooperation frameworks could offer opportunities to enhance cooperation against cybercrime in South Asia. Countries are encouraged to seek accession to the Budapest Convention.
The workshop permitted a dynamic exchange of information and good practices among participants with immediate impact on cooperation between institutions within participating countries as well as between countries. Participants identified specific steps to be taken by their respective institutions. Follow up will therefore be required at the domestic level as well as regional and international levels. The Council of Europe and other organizations and donors should assist in such follow up.
The Council of Europe expressed its readiness to continue its cooperation with countries of South Asia against cybercrime. Representatives of South Asia may consider participation in the Octopus Conference on Cooperation on Cybercrime and the 10th anniversary of the Budapest Convention (Strasbourg, France, 21-23 November 2011).
Participants thanked the authorities of Sri Lanka, and in particular Jayantha Fernando and his team from ICTA, and the Council of Europe for providing an excellent forum for enhanced cooperation against cybercrime in South Asia.
No comments:
Post a Comment