The Internet is a fascinating and extremely resourceful medium capable of keeping an audit trail of the activity happening thereon (Digital Evidence). The breadth of information capable of being transferred through this channel was unimaginable only some years ago, but is taken for granted in today’s world. This is possible due to the digitisation of information, which renders such information easier to distribute and cheaper to store, infinitely scalable and capable of consumption by a number of consumers simultaneously. The Internet knows no borders. Therefore, information can be transferred in a fraction of a second to opposite sides of the globe.

Despite the undeniable value of this unprecedented platform for the exchange of information, it is also clear that the Internet has given rise to new challenges and a massive increase in criminal activity, ranging from new ways to commit old crimes (such as distribution of child pornography, theft, fraud, defamation and others), to ‘new’ crimes where an information system is the target of the crime, (such as hacking, denial of service attacks, viruses and the like). These activities have been collectively designated as ‘cybercrime’.

A response to these problems is to amend current legislation or to create an altogether new legislative framework. However, due precisely to the global and borderless nature of cybercrime, national legislation is not always a solution in its own right. This is due to the fact that what constitutes a crime in one country may be perfectly legitimate in another country. Withal, there is no global enforcer of rights that can be relied on in cases where there is agreement between jurisdictions on points of law and rights and where the efficiency of enforcement agencies differs substantially. Hence, a perpetrator may choose to initiate an activity from a place where such activity has not been rendered illegal or where the enforcement instruments are weak or inexistent. That place then becomes a hub for that activity and law enforcement officers from countries targeted by the perpetrator have no rights over or reach on the perpetrator(s) whatsoever.

The only way to tackle the cybercrime issue is through harmonisation, on a global level, of both the definition and understanding of the most significant crimes and the manner in which they are handled. This includes defining how digital evidence is treated and how law enforcement officers across borders aid each other in the collection, preservation and sharing of this information, without infringing any fundamental human rights.

Every country which does not have a proper anti-cybercrime framework in place represents a threat to the rest of the world as it offers a ‘safe harbour’ for online criminal activity.

There have been a number of regional and international initiatives intended to create model laws, with a view to harmonisation of the laws of those countries which follow their models. Europe’s Council framework decision 2005/222/JHA ‘on Attacks against Information Systems’ aimed “to improve cooperation between judicial and other competent authorities, including the police and other specialised lawenforcement services of the Member States, through approximating rules on criminal law in the Member States in the area of attacks against information systems”. Another project resulted in theHIPCAR Model Policy Guidelines & Legislative Texts on Cybercrime/eCrimes,drawn up in collaboration between the International Telecommunications Union (ITU), the Caribbean Community (CARICOM) Secretariat and the Caribbean Telecommunications Union (CTU).

A very successful initiative has been the Council of Europe’s Budapest Convention on Cybercrime, an international treaty which aims at achieving harmonisation among its signatories. The Budapest Convention deals with four categories of computer-related crimes: namely security breaches (e.g. hacking), fraud and forgery, copyright infringement and child pornography. It also establishes domestic procedures for detecting, investigating, and prosecuting computer crimes and collecting electronic evidence of any criminal offence. It finally caters for a rapid and effective system for international cooperation among its member states.

A law tackling the specific issue of electronic/digital evidence is necessary within any country’s legislative framework, as the value of state-of-the-art collection and retention of electronic evidence will be significantly reduced if electronic evidence is not duly recognised in a court of law, in accordance with properly prescribed rules of evidence.

Laws relating to digital evidence deal with the admissibility and probative weight of electronic evidence in proceedings before any court, detailing how traditional evidence rules such as “best evidence”, authentication of evidence submitted to court, cross examination, presumption of integrity, standards, proof by affidavit and admissibility of electronic signatures should be applied when the evidence is electronic in nature, and when and where such evidence can be considered as “hearsay evidence”.

Once again, model laws at the regional/international level have provided countries with successful starting points. Examples of these are the HIPCAR Model Policy Guidelines & Legislative Texts on Eletronic Evidenceas well as theCommonwealth Draft Model Law on Electronic Evidence.

Of course, in such matters, model laws may not be sufficient and will need to be adapted to a country’s specific circumstances and supplemented with specialised training to enforcement officers, investigators, prosecutors and members of the judiciary.

  • Equinox Advisory has provided governments with expertise and consultancy services in the following matters:
  • Drafting  and implementation of national anti-cybercrime strategies based on international best practices while taking the country’s specific exigencies into account;
  • Conducting of gap-analyses of a country’s anti-cybercrime policies and legislation;
  • Drafting of legislation to address cybercrime, including regulations for the preservation of digital evidence and for international cooperation, ensuring that such legislation is consistent with and complementary to other national legislation;
  • Drafting of legislation to ensure the admissibility of electronic evidence, ensuring that such legislation is consistent with and complementary to other national legislation;
  • Advice relating to the setting up of anti-cybercrime units and ‘hand-holding’ during the process;
  • Advice relating to the setting up of a laboratory for the investigation and examination of digital evidence and ‘hand-holding’ during the process;
  • Conducting of workshops relating to cybercrime;
  • Intensive in-country training relating to cybercrime, including ‘training of trainers’, training of enforcement officials, members of the legislature, members of the judiciary, investigators and prosecutors in both technical and legal aspects of cybercrime and digital evidence.

For more information about our Cybercrime & Digital Evidence services, please contact us here.