The Academy of European Law, ERA, hold on 24th and 25th May in Milan a conference called: Fighting cybercrime: between legislation and concrete action.
We attended the Friday session that enabled Google and Microsoft to show their good will to cooperate with the authorities to fight cybercrime, the latter showing initatives such as the use of photoDNA together with the US National Center for Missing and Exploited Children’s (NCMEC), that allow ISPs to detect photos of child pornography and block them.
 A passionate prosecutor from Belgium explained in details his frustration not to be able to get any information from yahoo in the US to identify two IP addresses in a solving of a case, which showed the way to a rather broad consensus to increase international cooperation at Sate level and with private entities and increase law enforcement of criminal sanctions against cybercrime.
The question of the definition of cybercrime appeared quickly as a "topic ". Whereas several speakers of the conference refered to the definition of the Convention of the Council of Europe from 2001 and the notion of "serious crimes", particular attention was given to child pornography in the different presentations and seemed to appear as the referent example to illustrate security measures of infrastructure and legal action. Spam activities and infringement of intellectual property rights are also in the scope of cybercrime.
 This indicates how it is needed to be vigilent that those rather vague definitions of cybercrime, or to be more precise (!), definitions that do not clearly categorise enough, in the scope of future simplified and strengthened law enforcement, cyber actions of different nature in terms of harms to society, do not invade the sphere of freedom of speech in an unbalanced way...
 The parallel with counterfeiting and IPRs infringement came to my mind, maybe also because three committees vote on ACTA this week...
I think both me and Julien can happily note that after I made an intervention to the effect that cybercrimes must be perceived by the public as legitimate in order for measures against them to be perceived as legitimate, many individuals approached during the coffee break to express their support. I also had the feeling many of the participants were well aware that these conferences often have a political, rather than academic, interest and felt that it is a small problem that a multitude of views are often not heard on these topics.
In my opinion, because these conferences are very close-minded in their approaches to topics like cybercrime, measures developed inside the framework of each participants' home organisation end up of low quality. It was truly spectacular to note how one experienced participant with long experience from Interpol could readily start talking about how global justice requires an international court of cybercrime, while not being able to appropriately specify what types of crimes that would actually entail(!) Instead, there was a generally vague definition to "cyberattacks", the likes of which (as far as I'm aware of from the technical community) either aren't much of a threat or even much of a problem presently, at least not one that wouldn't better be solved by increasing technical capacity to address them rather than judiciary.
In general, prosecutors and attorneys tasked with upholding the law should be considering themselves much more responsible with respect to the general framework of society than they appear to be doing. It is after all not a small task to be responsible for the maintenance of our co-existence.
Add new comment