Cybercrime

Cybercrime cases in 2021

Technological breakthroughs over the past few years have brought many positive developments for society. Cybercriminals exploit the speed and anonymity of the Internet to commit a range of criminal acts, from large-scale cyber-attacks to activities such as using malware, phishing and spam, or the use of crypto-currencies for illicit transactions. Further, technology can also facilitate serious organised crimes, such as terrorism and money laundering.

The often borderless nature of cyber- and cyber-related crime makes effective cross-border cooperation essential to investigate and prosecute perpetrators. Eurojust supports national authorities to work together and to make use of available cross-border investigative tools. Eurojust also hosts the European Judicial Cybercrime Network at the Agency’s premises in The Hague.

Challenges

Cybercrime is a growing and fast-evolving crime area which accounts for a substantial share of Eurojust’s overall casework. Eurojust also notes the growing overlap between crimes which originate on the Internet and cyber-enabled crimes such as terrorism and money laundering. The growing sophistication of cybercrime-related tools and practices such as encryption presents further challenges to investigators and prosecutors, by enabling criminals to avoid detection and prosecution by hiding data and evidence. Further, recent developments show a growing need for regulation concerning emerging technologies, including the Internet of Things [IoT].

In 2019, Europol and Eurojust published a joint report identifying and categorising the current developments and common challenges in combating cybercrime, which fall into five different areas:

  1. Loss of data: electronic data is the key to successful investigations in all the cybercrime areas, but the possibilities to obtain such data have been significantly limited.

  2. Loss of location: recent trends have led to a situation in which law enforcement may no longer establish the physical location of the perpetrator, the criminal infrastructure or electronic evidence.

  3. Challenges associated with national legal frameworks: the differences in domestic legal frameworks in EU Member States often prove to be serious impediments to international cybercrime investigations.

  4. Obstacles to international cooperation: in an international context, no common legal framework exists for the expedited sharing of evidence (as it does exist for the preservation of evidence). There is also a clear need for a better mechanism for cross-border communication and the swift exchange of information.

  5. Challenges of public-private partnerships: cooperation with the private sector is vital for combating cybercrime, yet no standardised rules of engagement are in place, and investigations can thus be hampered.

Eurojust’s role

Cover of report: Challenges and best practices from Eurojust’s casework in the area of cybercrime

Challenges and best practices from Eurojust’s casework in the area of cybercrime

View report

Eurojust helps EU Member States to tackle cybercrime offences by helping law enforcement and judicial professionals to map out the legal requirements to effectuate necessary interventions, and by facilitating the use of judicial cooperation tools such as the European Investigation Order (EIO) and the European Arrest Warrant (EAW).

Further, the Agency coordinates cross-border investigations through the organisation of operational and coordination meetings and common action days. By ensuring effective communication and resource sharing, Eurojust also helps the involved authorities to address the technical requirements of cybercrime investigations, which may include encryption, data retention and solutions for Internet governance-related challenges.

EJCN

As part of the efforts to develop understanding and best practice around this complex crime area, Eurojust hosts the European Judicial Cybercrime Network (EJCN). It was established in 2016 to foster contacts between practitioners specialised in countering the challenges posed by cybercrime, cyber-enabled crime and investigations in cyberspace, and to increase efficiency of investigations and prosecutions.

The EJCN facilitates and enhances cooperation between competent judicial authorities by enabling the exchange of expertise, best practice and other relevant knowledge regarding the investigation and prosecution of cybercrime. The network also fosters dialogue among different actors and stakeholders that play a role in ensuring the rule of law in cyberspace.

In line with the Council Conclusions of 9 June 2016, Eurojust supports the network and ensures close cooperation. Among others, Eurojust participates in the EJCN Board and hosts the regular meetings of the EJCN (see: a summary of the outcome of the 14th EJCN plenary meeting held on 15-16 June 2023). The Agency also supports the exchange of information and consults the EJCN about the development of policy work and other stakeholder activities to ensure a strong interaction between Eurojust’s expertise in international judicial cooperation and the operational and subject matter expertise of the EJCN members.

Cybercrime Judicial Monitor

Cybercrime Judicial Monitor

Latest Issue

Cybercrime Judicial Monitor - Issue 8, June 2023

View publication

In addition to its operational work, Eurojust helps national authorities to develop relevant understanding and skills and to spread public awareness around cybercrime. These efforts include Eurojust’s publication of the Cybercrime Judicial Monitor (CJM), an annual report that highlights recent legislative developments and case law in relation to cybercrime, cyber-enabled crime and e-evidence.

In each report, a particular topic of interest is analysed. Through this report, common challenges, best practices and lessons learned in cybercrime cases can be shared among practitioners. See previously published editions of the Cybercrime Judicial Monitor.

Projects and initiatives

Eurojust is involved in a range of cybercrime-related projects and initiatives, including:

  • the SIRIUS project, launched in October 2017 by Europol, in close cooperation with Eurojust and the European Judicial Network (EJN). The project is a platform that helps investigators to cope with the complexity and volume of information in a rapidly changing online environment by providing guidelines and tools, and by sharing experience with peers, both online and in person;

  • the reports of the observatory function on encryption, in which Eurojust and Europol jointly present insights into the opportunities of law enforcement to potentially cope with encryption and its related legal and technical challenges. The third report was published in July 2021; and

  • the GLACY+ conferences (Global Action on Cybercrime Extended), which have been co-organised and hosted by Eurojust in 2018 and 2019. The GLACY+ project is a joint initiative of the European Union and the Council of Europe to strengthen the global fight against cybercrime by reinforcing the cyber capacity of 12 priority countries in Africa, Asia-Pacific, and Latin America and the Caribbean.

  • the multi-agency EU Innovation Hub for Internal Security, which provides a joint platform to support the delivery of cutting-edge technologies for the security of citizens in the European Union. In April 2021, Eurojust contributed to a project launched by the Innovation Hub, aimed at developing accountability principles to guide human-centred and socially driven AI capabilities for security and justice organisations. The project aims to create a toolkit for practitioners to auto-evaluate future AI systems in light of the accountability principles.

Publications

PUBLICATION DATE:27 October 2023
The use of advertising to fund websites and mobile apps that offer pirated content has become an insidious practice within the online piracy landscape. This flyer gives an overview of the scale of the problem, the actors operating within the advertising ecosystem, and the types and formats of...
PUBLICATION DATE:25 August 2023
The Digital Services Act (“DSA”) is a European Union (“EU”) law that brings updated and harmonised rules for providers of digital services. As regards access to electronic evidence, especially in a cross-border context, the DSA (Article 10) importantly harmonises rules on disclosure orders addressed...
PUBLICATION DATE:09 August 2023|Last update: 23 January 2024
The Second Additional Protocol to the Council of Europe Convention on Cybercrime (Budapest Convention) on enhanced cooperation and disclosure of electronic evidence (Protocol) aims to enhance cooperation among the Parties, as well as between the Parties and service providers and other entities, for...
PUBLICATION DATE:09 August 2023|Last update: 23 January 2024
The Second Additional Protocol to the Council of Europe Convention on Cybercrime (Budapest Convention) on enhanced cooperation and disclosure of electronic evidence (Protocol) aims to enhance cooperation among the Parties, as well as between the Parties and service providers and other entities, for...
PUBLICATION DATE:22 June 2023
This is the eighth issue of the Cybercrime Judicial Monitor (CJM), published yearly, and distributed to judicial and law enforcement authorities active in the field of combating cybercrime and cyber-enabled crime. The first section covers legislative developments in the area of cybercrime, cyber...
PUBLICATION DATE:20 December 2022|Last update: 23 January 2024
The Council of Europe Convention on Cybercrime (Budapest Convention) was the first international treaty to focus explicitly on cybercrime. Its aim is to function as an international framework for the harmonization of cybercrime-related legislation and to facilitate the fight against criminal...
PUBLICATION DATE:20 December 2022|Last update: 23 January 2024
The Council of Europe Convention on Cybercrime (Budapest Convention) was the first international treaty to focus explicitly on cybercrime. Its aim is to function as an international framework for the harmonization of cybercrime-related legislation and to facilitate the fight against criminal...
PUBLICATION DATE:20 December 2022|Last update: 23 January 2024
The Council of Europe Convention on Cybercrime (Budapest Convention) was the first international treaty to focus explicitly on cybercrime. Its aim is to function as an international framework for the harmonization of cybercrime-related legislation and to facilitate the fight against criminal...
PUBLICATION DATE:27 July 2022|Last update: 23 January 2024
The Second Additional Protocol to the Council of Europe Convention on Cybercrime (Budapest Convention) on enhanced co-operation and disclosure of electronic evidence (Protocol) aims to further enhance cooperation on cybercrime and the ability of criminal justice authorities to collect electronic...
PUBLICATION DATE:13 July 2022|Last update: 23 January 2024
The Council of Europe Convention on Cybercrime (Budapest Convention) was the first international treaty to focus explicitly on cybercrime. Its aim is to function as an international framework for the harmonization of cybercrime-related legislation and to facilitate the fight against criminal...