Challenges and best practices from Eurojust’s casework in the area of cybercrime

19 November 2020
PUBLICATION ID: 2020/00280
Challenges and best practices from Eurojust’s casework in the area of cybercrime

There are several factors that make tackling cybercrime unique and challenging. Cybercrime by its nature is borderless and swiftly evolving, sometimes faster than national authorities can react. Adding an additional layer of complexity is the horizontal nature of cybercrime: almost any type of crime can nowadays occur over the internet. Electronic evidence of such crimes may be difficult to collect, owing to the volatility of data, and may require specific expertise. Judicial cooperation is essential to ensure timely preservation of electronic evidence, which ensures its admissibility in judicial proceedings. International judicial cooperation may be hampered by significant differences in domestic legal frameworks (e.g. regarding criminalisation of conduct or data retention legislation) and conflicts of jurisdiction. The whole phenomenon of cybercriminality is reshaping the traditional legal concept of the territoriality principle as a result of the supranational nature of the evidence required to ensure the successful prosecution of cybercriminals.

Therefore, an effective national response to cybercrime often requires multilevel collaboration. Strengthened international cooperation is key, as cyberspace is international and cross-border in nature. ‘Cybersecurity Strategy of the European Union: An open, safe and secure cyberspace’ focuses on creating a cyberspace that promotes access to the internet and ensures market growth, yet aims to achieve cyber-resilience and tackle cybercrime, striking the right balance between the fundamental rights of citizens and the rule of law. Furthermore, it promotes the use of international cooperation tools in the fight against cybercrime, as well as related police and judicial cooperation in third countries from which cybercriminal organisations operate.

The Council conclusions on ‘Resilience, Deterrence and Defence: Building strong cybersecurity for the EU’  complement the EU cybersecurity strategy by emphasising the need to prevent, deter, detect and respond to malicious cyber-activities. They underline that public authorities need to be provided with the tools to detect, investigate and prosecute cybercrime.

Eurojust focuses on countering cybercrime with a view to strengthening judicial cooperation in this field, particularly by facilitating the swift handling of judicial requests – a crucial factor in addressing the issue of the volatility of data and filling gaps arising from the application of different domestic data retention rules – and the early involvement of the judiciary in cybercrime operations to ensure that data are collected in compliance with the applicable rules during the investigation phase and as a result may be tendered as admissible electronic evidence in subsequent judicial proceedings. In addition, Eurojust either produces or contributes significantly to the production of strategic products in the area of cybercrime, thus helping practitioners to further develop the necessary cyber-specific skills.

This report aims to give an overview of Eurojust’s work in the area of cybercrime. The operational work performed by Eurojust offers an excellent insight into common challenges faced by practitioners, as well as best practices to overcome these challenges. Eurojust’s casework is a useful source of information on specific obstacles in the context of judicial cooperation and how they can be overcome, feeding into the discussion on how best to address the phenomenon of cybercrime. Succeeding is a chapter giving case examples. Finally, Eurojust’s corporate publications and projects of interest in the area of cybercrime are listed.

Publication details

Full report:


Executive summary: