Cybercrime

Regional workshop for Asia

Date: 17 November
Languages: english
Time: 7:00 – 8:50 (CET)

In Asia, substantive legislation for combatting cybercrimes is either largely or partially in place, while approximately 60% of the countries have procedural powers in this respect. The workshop aims to provide a platform for dialogue between decision-makers and practitioners in the region, to identify the particular challenges and good practices for international cooperation on cybercrime and electronic evidence in Asia. The workshop is structured as a roundtable discussion between decision-makers and practitioners from the region, with emphasis on participant engagement.

• See our workshop page with all information on this workshop

Regional workshop for Africa

Date: 17 November
Languages: english, french, portuguese, arabic
Time: 9:00 – 10:50 (CET)

Internet penetration and related services such as mobile-based financial services, are rapidly growing in Africa. This is accompanied by increasing cybercrime. Many countries in Africa have made it a priority to develop legal frameworks to efficiently criminalize offences against and by means of computers, permit domestic investigations and allow for effective international cooperation between criminal justice authorities, in line with international standards, in particular those of the Budapest and Malabo Convention. The benefits of cooperative approaches were confirmed on the occasion of the First Africa Forum on cybercrime in 2018 and again in the Second Africa Forum in June 2021. This workshop is to follow up on the agreement reached in these forums to further strengthen domestic and international cooperation on cybercrime in Africa as well as on the commitment by regional and international organisations to support such efforts. The specific aim is to identify concrete initiatives to be undertaken in the near future.

• Find out more on our workshop page

Regional Workshop for Latin America and the Caribbean

Date: 17 November
Languages: ENGLISH, SPANISH, PORTUGUESE
Time: 18:00 – 19:50 (CET)

Obtaining subscriber information to identify the user of an Internet Protocol (IP) address used in a criminal offence or the owner of an email or social media account used for criminal purposes is crucial for any criminal justice authority investigating crime online. The same is true for domain name registration information regarding the owner of an Internet domain used for fraudulent purposes. In emergency situation where lives are at risk, expedited access to the content of an account may also be required. Often such information is held by service providers in other jurisdictions. The aim of this workshop is to identify current good practices to obtain data needed in a criminal investigation from multi-national service providers by authorities in Latin America and the Caribbean and to explain new solutions that may soon become available under the Second Additional Protocol to the Budapest Convention.

• Find out more on our workshop page

Regional Workshop for Pacific

Date: 18 November
Languages: english
Time: 7:00 – 8:50 (CET)

Online sexual exploitation and abuse of children (OCSEA) has been a major violation of the rights of children for many years. The COVID-19 pandemic, and increasing screen time by each and every one, has exacerbated the prevalence and risks of OCSEA, including in the Pacific region. While comprehensive approaches are needed to prevent OCSEA, and identify, protect and assist victims, effective criminal justice is an important part of the response to protect children against OCSEA and bring offenders to justice. The aim of this workshop is to share information on the threat of OCSEA as well as good practices in terms of policies, legislation, institutional capacities and domestic and international cooperation on OCSEA.

• Find out more on our workshop page

Date: Wednesday, 17 November 2021
Languages: english, french, spanish
Time: 9h00 – 10h50 (CET)

COVID-19 related cybercrime not only compounds the social and economic impact of the pandemic but may further weaken the ability of public authorities to respond to cyberattacks. This weakening of defences is likely to be further exploited for criminal purposes and possibly for terrorist use of information and communication technologies, such as denial of service attacks against hospitals or interference with systems and data of health research facilities.

In this context, the importance of an effective response to cybercrime and other crime involving electronic evidence is undeniable. Criminal justice authorities need to undertake domestic investigations and engage in international and other forms of cooperation to detect, investigate, attribute and prosecute the above offences and bring to justice those that exploit the COVID-19 pandemic for their own criminal purposes.

What have we learnt from the current pandemic and how well are we prepared for the similar crises in the future? This workshop aims at exploring these questions and seeking to provide possible solutions.

Date: Wednesday, 17 November 2021
Languages: english, french, spanish
Time: 11:00 – 12:50

Considering the difficulty to follow a money trail in the blockchain and the somewhat anonymity that surrounds transactions using cryptocurrencies, this virtual asset is preferred by cybercriminals when conducting their illicit activities and laundering the proceeds resulted from them. Ransomware, hacking and other types of cybercrime are without doubt highly inter-connected with cryptocurrency and the response of judicial authorities is sometimes hampered by the complexity of this mix of crimes. The lack of legislation on virtual assets and even more importantly, on seizing them also contributes to this void that cybercriminals exploit. The COVID-19 Pandemic only increased the use in virtual assets both for legitimate and illegitimate purposes. The aim of this workshop is to provide participants with information on how criminals abuse cryptocurrencies in hiding the illicit gains resulted from criminal endeavours and emphasise on the importance of defining legislation on domestic level in relation to handling and seizing this type of currency.

Date: Wednesday, 17 November 2021
Languages: english, french, spanish
Time: 11:00 – 12:50 (CET)

Specific legislation is the basis for criminal justice action on cybercrime and electronic evidence. Many governments around the world have undertaken legal reforms, often using the Budapest Convention on Cybercrime as a guideline. However, cybercrime legislation also needs to meet human rights and rule of law requirements to prevent misuse. The aim of this workshop is to review progress made worldwide in terms of cybercrime legislation and to identify possible risks and challenges.

Date: Wednesday 17 November 2021
Languages: english, french
Time: 14:00 – 15:50 (CET)

Online child sexual exploitation and abuse has been a major violation of children’s rights for many years; it has been further increasing since the onset of the COVID-19 pandemic. Over the past decade multi-national service providers deployed technology for the automated detection of child sexual abuse materials (CSAM) that there uploaded or disseminated via their services. Tens of millions of CSAM have been identified and reported in this way, and in many cases have helped rescue victims and identify and prosecute offenders worldwide. At the same time, the use of such techniques have raised rule of law and human rights concerns, for example, that they interfere with the privacy of communications or involve the transborder transfer of personal data or violate due process requirements. These concerns came to the forefront with the entry into force of the European Union’s European Electronic Communication Code which brought these providers under the strict rules of the E-privacy Directive of the EU. In June 2021, the Council of Europe published an independent experts’ report on this matter.  The aim of the workshop is to continue the search for solutions that permit governments to meet their positive obligation to protect children against online sexual violence and enable service providers to use automated technologies to identify and report CSAM with the necessary privacy, data protection and rule of law safeguards.

Date: Wednesday, 17 November 2021
Languages: english, french, spanish
Time: 14:00 – 15:50 (CET)

During the COVID-19 pandemic and due to restrictions imposed, more and more businesses switched their activities to the online environment, with their employees working from their homes. While in most business environments, methods of protection are in place to counter cyber threats, personal computers might not have the same level of compliance with Internet security rules, thus leaving their users defenceless against ransomware attacks. Ransomware attacks have been in the last two years hitting hard targeting both personal workstations but also on critical infrastructure, exposing hospitals and medical facilities to the concentrated attacks of cybercriminals. The response of both judicial authorities and the private sector needs to be adequate to meet the challenges posed by this growing form of criminal activity. The workshop aims to provide recommendations on how to protect oneself against this form of cybercrime and provide the required tools to mitigate this threat. Another purpose is to determine how co-operation on ransomware can be further supported on Council of Europe level.

Date: Wednesday, 17 November 2021
LanguageS: English, French, Spanish
Time: 16:00-17:50 (CET)

Rapid progress in AI raises:

• • • additional risks of cybercrime (offenders weaponizing AI, AI detecting vulnerabilities to commit cybercrime or automate attacks. AI as target manipulated by offenders)
    • questions of criminal liability (who is liable for decisions made and crime committed by AI technology?)
    • complex challenges related to electronic evidence (how can e-evidence related to crime involving AI be secured and used in criminal proceedings?)

On the other hand, AI may bring benefits to the criminal justice response to cybercrime (improving cybersecurity; detecting attacks; helping identify, investigate and prosecute offenders; or automating domestic and international cooperation). However, this in turn raises additional questions (how can rule of law and due process safeguards be ensured; what implications on territoriality and jurisdiction when AI-led investigations cross borders?).

Organisations worldwide are currently working on questions related to artificial intelligence, including the Council of Europe.

Within this context, the aim of the workshop is to identify key issues that should be taken into account when designing the future criminal justice response to cybercrime and e-evidence in relation to AI.

Two sessions of Lightning Talks will take place:

Date: Wednesday, 17 November 2021
Languages: english, french, spanish, portuguese, arabic
Time: 16:00 – 17:50 (CET)

Date: Wednesday, 18 November 2021
Languages: english, french, spanish, portuguese (to be confirmed)
Time: 13:00 – 13:45 (CET)

For the second time the Council of Europe will be organizing two sessions of Lightning Talks during its annual Octopus conference. A lightning talk is a very short presentation lasting only a few minutes, given at a conference or similar forum. Several lightning talks will usually be delivered by different speakers in a single session.

Capacity building: judicial training

Date: thursday, 18 November
Languages: english, french, spanish, portuguese, arabic (to be confirmed)
Time: 9:00 – 10:50 (CET)

Given that not only cybercrime but any type of crime may involve evidence on a computer system (electronic evidence) any judge or prosecutor need to have the necessary skills to prosecute or adjudicate cases involving such evidence. In 2009, the Council of Europe developed a concept for cybercrime training for judges and prosecutors. Implementation of this concept has since been supported in numerous countries, typically in cooperation with domestic judicial training institutions. More recently, networking of judges and prosecutors trained under different programmes was promoted. In order to ensure that over time, any judge or prosecutor has access to and can participate in relevant training, sustainability of such programmes and strategic approaches to training are essential. A further challenge is that due to the COVID pandemic, much training is now only available online. For this reason, C-PROC is currently developing a platform for online training that will be put at the disposal to project countries. The aim of this workshop is to review how the sustainability of judicial training on cybercrime and e-evidence can be ensured through strategic approaches to training, networking of trainers and tools such as the online platform for judicial training.

• More information on our workshop page

Capacity building: guides and tools

Date: thursday 18 November
Languages: english, french, spanish
Time: 11:00 – 12:50 (CET)

Capacity building on cybercrime and electronic evidence is a complex and time- and resource-intensive process involving large numbers of organisations and practitioners. Given the growth of cybercrime and the fact that any crime may involve electronic evidence, any investigator, prosecutor or judge will be confronted with and needs to be equipped with the necessary skills to handle such cases. A number of guides and other tools have been developed by the Council of Europe and other organisations in recent years to help criminal justice practitioners acquire such skills. These guides and tools may complement training programmes or serve self-learning. The aim of this workshop is to increase knowledge of participants of such guides and tools and promote their adaptation to meet domestic needs.

• More information on our workshop page

Date: 18 November
Languages: english, french, spanish
Time: 9:00 – 10:50 (CET)

Cybercrime is an increasingly technologically advanced and fast-growing type of crime. It is extremely costly, allegedly impacts very large number of victims, and is psychologically impactful, which makes the effects of victimization in cyberspace hard to quantify. There is limited understanding of who the victims (individuals and organisations) are and how cybercrime affects different categories of victims. Compared to traditional crime, cyber victimization entails elements of accessibility (perpetrators can reach significant number of victims), anonymity, and thus limited detectability (sometimes victims are not even aware they have been victimized), and is also hard to constrain, due to the astonishing speed with which data is shared and how volatile possible evidence is. 

In this workshop we will explore who are the cybercrime victims (individuals and organisations) and look into the criminal justice response but also alternative remedies (such as restorative justice) available to them.

Date: 18 November
Languages: english, french, spanish
Time: 11:00 – 12:50 (CET)

Cybercrime perpetrators are as diverse and complex as the cybercrime that they commit. For example, they come from different backgrounds and have different (egotistical, technical, monetary, ideological, political, professional, vengeful, sexual or other) motivations. They may or may not be professional criminals, and individuals or part of organised groups or networks (example of Advanced Persistent Threats). Some may commit crime on their own account or make their services available to others, and some may be supported by or be state actors. A better understanding of the types of perpetrators and their motivations and techniques can be instrumental for the prevention of cybercrime and for a more effective criminal justice response. The aim of this workshop is to contribute to such a better understanding and to initiate steps towards a typology of offenders. 

Outlook 1: Cybercrime: threats and trends

Date: thursday 18 november 2021
Languages: ENGLISH, French, sPANISH
Time: 14:30 – 15:30 (CET)

Reports on published by public and private sector organisations show a rapidly evolving – and at times contradictory – picture regarding cybercrime and cyberattacks. The aim of this session is to come to predictions regarding cyber threats and trends in 2022/2023 and challenges that criminal justice authorities need to be prepared for.

• More on our workshop page

Outlook 2: Human righs and rule of law in cyberspace

Date: thursday 18 november 2021
Languages: ENGLISH, French, sPANISH
Time: 15:30-16:15 (CET)

As cybercrime is a threat to human rights, governments not only have the “negative” obligation to refrain from interfering with these rights (unless certain conditions are met) but it is increasingly considered that governments have a “positive” obligation to protect individuals against interference with their rights by others. This includes, for example, the obligation to put effective means in place to protect individuals against cybercrime through criminal law. However, such means are also subject to conditions. This session will discuss what is takes to provide for criminal justice response that is effective and that meets human rights and rule of law requirements at the same time.

• More on our workshop page

Outlook 3: Cooperation against cybercrime in 2022

Date: thursday 18 november 2021
Languages: ENGLISH, French, sPANISH
Time: 16:30-17:30 (CET)

Having discussed threats and challenges but also shared experiences and good practices throughout this conference, the aim of this session is to have international organisations involved in policies, standard setting and capacity building on cybercrime share their intentions on how to enhance international cooperation on cybercrime and e-evidence in 2022.

• More on our workshop page