Cybercrime

Cybercrime

Technological breakthroughs over the past few years have brought many positive developments for society. Cybercriminals exploit the speed and anonymity of the Internet to commit a range of criminal acts, from large-scale cyber-attacks to activities such as using malware, phishing and spam, or the use of crypto-currencies for illicit transactions. Further, technology can also facilitate serious organised crimes, such as terrorism and money laundering.

The often borderless nature of cyber- and cyber-related crime makes effective cross-border cooperation essential to investigate and prosecute perpetrators. Eurojust supports national authorities to work together and to make use of available cross-border investigative tools. Eurojust also hosts the European Judicial Cybercrime Network at the Agency’s premises in The Hague.

Challenges

Cybercrime is a growing and fast-evolving crime area which accounts for a substantial share of Eurojust’s overall casework. Eurojust also notes the growing overlap between crimes which originate on the Internet and cyber-enabled crimes such as terrorism and money laundering. The growing sophistication of cybercrime-related tools and practices such as encryption presents further challenges to investigators and prosecutors, by enabling criminals to avoid detection and prosecution by hiding data and evidence. Further, recent developments show a growing need for regulation concerning emerging technologies, including the Internet of Things [IoT].

In 2019, Europol and Eurojust published a joint report identifying and categorising the current developments and common challenges in combating cybercrime, which fall into five different areas:

  1. Loss of data: electronic data is the key to successful investigations in all the cybercrime areas, but the possibilities to obtain such data have been significantly limited.

  2. Loss of location: recent trends have led to a situation in which law enforcement may no longer establish the physical location of the perpetrator, the criminal infrastructure or electronic evidence.

  3. Challenges associated with national legal frameworks: the differences in domestic legal frameworks in EU Member States often prove to be serious impediments to international cybercrime investigations.

  4. Obstacles to international cooperation: in an international context, no common legal framework exists for the expedited sharing of evidence (as it does exist for the preservation of evidence). There is also a clear need for a better mechanism for cross-border communication and the swift exchange of information.

  5. Challenges of public-private partnerships: cooperation with the private sector is vital for combating cybercrime, yet no standardised rules of engagement are in place, and investigations can thus be hampered.

 

Eurojust’s role

Eurojust helps EU Member States to tackle cybercrime offences by helping law enforcement and judicial professionals to map out the legal requirements to effectuate necessary interventions, and by facilitating the use of judicial cooperation tools such as the European Investigation Order (EIO) and the European Arrest Warrant (EAW). Further, the Agency coordinates cross-border investigations through the organisation of operational and coordination meetings and common action days. By ensuring effective communication and resource sharing, Eurojust also helps the involved authorities to address the technical requirements of cybercrime investigations, which may include encryption, data retention and solutions for Internet governance-related challenges.

EJCN

As part of the efforts to develop understanding and best practice around this complex crime area, Eurojust hosts the European Judicial Cybercrime Network (EJCN) . It was established in 2016 to foster contacts between practitioners specialised in countering the challenges posed by cybercrime, cyber-enabled crime and investigations in cyberspace, and to increase efficiency of investigations and prosecutions.

The EJCN facilitates and enhances cooperation between competent judicial authorities by enabling the exchange of expertise, best practice and other relevant knowledge regarding the investigation and prosecution of cybercrime. The network also fosters dialogue among different actors and stakeholders that play a role in ensuring the rule of law in cyberspace.

In line with the Council Conclusions of 9 June 2016, Eurojust supports the network and ensures close cooperation. Among others, Eurojust participates in the EJCN Board and hosts the regular meetings of the EJCN (a summary of the outcome of the 7th EJCN plenary meeting held on 14/15 November 2019 can be found here). The Agency also supports the exchange of information and consults the EJCN about the development of policy work and other stakeholder activities to ensure a strong interaction between Eurojust’s expertise in international judicial cooperation and the operational and subject matter expertise of the EJCN members.

Cybercrime Judicial Monitor

In addition to its operational work, Eurojust helps national authorities to develop relevant understanding and skills and to spread public awareness around cybercrime. These efforts include Eurojust’s publication of the Cybercrime Judicial Monitor (CJM), an annual report that highlights recent legislative developments and case law in relation to cybercrime, cyber-enabled crime and e-evidence. In each report, a particular topic of interest is analysed. Through this report, common challenges, best practices and lessons learned in cybercrime cases can be shared among practitioners. Previously published editions of the Cybercrime Judicial Monitor are available here.

Projects and initiatives

Eurojust is involved in a range of cybercrime-related projects and initiatives, including:

  • the SIRIUS project , launched in October 2017 by Europol, in close cooperation with Eurojust and the European Judicial Network (EJN). The project is a platform that helps investigators to cope with the complexity and volume of information in a rapidly changing online environment by providing guidelines and tools, and by sharing experience with peers, both online and in person;

  • the reports of the observatory function on encryption, in which Eurojust and Europol jointly present insights into the opportunities of law enforcement to potentially cope with encryption and its related legal and technical challenges. The second report was published in January 2020 and can be accessed here; and

  • the GLACY+ conferences (Global Action on Cybercrime Extended), which have been co-organised and hosted by Eurojust in 2018 and 2019. The GLACY+ project is a joint initiative of the European Union and the Council of Europe to strengthen the global fight against cybercrime by reinforcing the cyber capacity of 12 priority countries in Africa, Asia-Pacific, and Latin America and the Caribbean.