[AfrICANN-discuss] EU Debates Cybercrime Law Enforcement

Anne-Rachel Inné annerachel at gmail.com
Wed Apr 2 10:11:56 SAST 2008

EU Debates Cybercrime Law Enforcement

By JAN SLIVA – 1 day ago

BRUSSELS, Belgium (AP) — Two groups working separately to boost
Europe's defenses against online crime will present proposals this
week, almost a year after most of the nation of Estonia's links to the
Internet were disrupted for days or weeks.

At a two-day conference starting Tuesday in Strasbourg, France, the
Council of Europe will to review implementation of the international
Convention on Cybercrime and discuss ways to improve international

Cyber defense also will be on the agenda when heads of state from
NATO's 26 member nations gather in Bucharest Wednesday for three days.
The leaders are expected to debate new guidelines for coordinating
cyber defense.

The Convention on Cybercrime, a binding treaty ratified by most
members of the 47-nation Council of Europe, provide guidelines to
protect computer users against hackers and Internet fraud.

The controversial agreement also covers electronic evidence used in
prosecution of such offenses as child sexual exploitation, organized
crime and terrorism. At this week's conference, the council will
discuss guidelines to bolster the convention to improve cooperation
between investigators and Internet providers, according to the
council's Web site.

Participants and speakers at the conference — including police
officials and representatives of technology companies such as
Microsoft Corp., eBay Inc., McAfee Inc. and Symantec Inc. — also will
address training.

NATO's three-day summit, which is to focus on enlarging the treaty
organization and on its operations in Kosovo and Afghanistan, will
include a special briefing on cyber defense, according to the treaty
organization's Web site.

Some cybercrime experts are casting current Internet security
challenges in terms of terrorism, while others remain focused on data
loss, identity theft and fraud.

Marco Gercke, lecturer in computer law at University of Cologne in
Germany, said cybercrime poses new law enforcement challenges because
data can now be exchanged very fast over vast international reaches.

"Compared to regular terror attacks, it is much easier for the
offenders to hide their identity. There are at least 10 unique
challenges that make it very difficult to fight computer-related
crime," said Gercke, one of the conference participants. "The success
rate of cybercrime is very high."

Privacy advocates, the American Civil Liberties Union and others are
concerned that the Cybercrime Convention presses businesses and
individuals to aid law enforcement in new ways and subjects them to
surveillance that violates the U.S. Constitution.

President Bush signed the treaty in 2003 and the U.S. Senate ratified
it in 2006. The convention has been ratified by 21 other nations.

The type of assault Estonian Internet service providers suffered —
which included denial-of-service attacks, where criminals flood a
server with so many requests for connections that it is overwhelmed —
is particularly difficult to block because servers can't easily
distinguish between legitimate and bogus requests for access, experts
have said.

Estonian officials initially blamed the attacks on the Russian
government but later acknowledged they had no proof of government
involvement, though they said most of the computers launching the
attacks were in Russia.

Estonia has set up a center to tackle computer-related crime and wants
a global treaty on combatting cyber attacks because laws in many
countries are inadequate or conflict, which can make prosecution of
cyber criminals difficult.

The tiny Baltic state, which has one of the world's highest rates of
Internet use, has said the attacks damaged its economy because it
depends heavily on the Internet.

Russian officials deny any involvement in the cyber onslaught which
erupted during violent protests by ethnic Russians against moving a
Soviet-era monument out of the Estonian capital of Tallinn.

Web sites run by media outlets, government institutions and banks
denied access to users outside Estonia. Among other impacts, Estonians
traveling abroad couldn't get at their bank accounts.

The attack also included e-mail spam.
On the Net:

    * http://www.coe.int/cybercrime
    * http://www.nato.int/docu/update/2008/04-april/e0402b.html

More information about the AfrICANN mailing list