Advertisement

Cybercrime, Evidence and Territoriality: Issues and Options

  • Jan KleijssenEmail author
  • Pierluigi Perri
Chapter
Part of the Netherlands Yearbook of International Law book series (NYIL, volume 47)

Abstract

This chapter aims to explore policy proposals to deal with one of the most complicated problems posed by the Internet, namely that of jurisdiction. While cybercrime is a phenomenon without borders, the effective prosecution of such a crime is seriously hampered by conflicts of territoriality and jurisdiction. These problems are exacerbated by the evolution of information technology, in particular cloud computing which creates ‘loss of location’ problems for collecting the electronic evidence indispensable for prosecuting crime. The Cloud Evidence Group—a Working Group established by decision of the Cybercrime Convention Committee (T-CY) of the Council of Europe—has proposed, within the limits of agreed legal principles of territoriality and jurisdiction, a series of measures which, together with proper implementation of the Convention, would enable fast and effective access to electronic evidence, while respecting human rights and the rule of law.

Keywords

Council of Europe Cloud computing Territoriality Budapest Convention on Cybercrime Location of data Jurisdiction 

References

  1. Bach D, Newman AL (2006) Local Power, Global Reach: The Domestic Institutional Roots of Internet Governance. http://www18.georgetown.edu/data/people/aln24/publication-25786.pdf. Accessed 20 October 2016
  2. Balkin J, Grimmelmann J, Katz E, Kozlovski N, Wagman S, Zarsky T (2007) Cybercrime: Digital Cops in a Networked Environment. NYU Press, New YorkGoogle Scholar
  3. Brown CSD (2015) Investigating and Prosecuting Cyber Crime: Forensics Dependencies and Barriers to Justice. International Journal of Cyber Criminology 9:55–119Google Scholar
  4. Brownlie I (2003) Principles of Public International Law, 6th edn. Oxford University Press, OxfordGoogle Scholar
  5. Daskal J (2015) The Un-Territoriality of Data. Yale Law Journal 125:326–398Google Scholar
  6. Daskal J, Woods AK (2015) Cross-Border Data Requests: A Proposed Framework. https://lawfareblog.com/cross-border-data-requests-proposed-framework. Accessed 30 October 2016
  7. Goldsmith J (1998) The Internet and the Abiding Significance of Territorial Sovereignty. Indiana Journal of Global Legal Studies 5:475–491Google Scholar
  8. Handeyside H (2007) The Lotus Principle in ICJ Jurisprudence: Was the Ship Ever Afloat? Michigan Journal of International Law 29(1):71–94Google Scholar
  9. de Hert P, Kopcheva M (2011) International Mutual Legal Assistance in Criminal Law Made Redundant: A Comment on the Belgian Yahoo! Case. Computer Law & Security Review 27:291–297Google Scholar
  10. Hixson K (1988) Extraterritorial Jurisdiction Under the Third Restatement of Foreign Relations Law of the United States. Fordham International Law Journal 12(1):127–152Google Scholar
  11. Huston G (2013) IP Addresses and Traceback. APNIC Labs. https://labs.apnic.net/?p=433. Accessed 22 October 2016
  12. Ireland-Piper D (2014) The Enrica Lexie and St Antony: A Voyage into Jurisdictional Conflict. QUT Law Review 14(2):74–89Google Scholar
  13. Johnson DR, Post DG (1996) Law and Borders: The Rise of Law in Cyberspace. Stanford Law Review 48(5):1367–1402Google Scholar
  14. Kerr OS (2015) Search and Seizure in a Digital World. Harvard Law Review 119:531–585Google Scholar
  15. Kulesza J (2008) Internet Governance and the Jurisdiction of State: Justification of the Need for an International Regulation of Cyberspace. https://www.researchgate.net/profile/Joanna_Kulesza3/publication/228228013_Internet_Governance_and_the_Jurisdiction_of_States_Justification_of_the_Need_for_an_International_Regulation_of_Cyberspace/links/564e522108ae4988a7a62701.pdf. Accessed 20 October 2016
  16. Lacy E, Reed SR (2016) BWL cyberattack bills reach nearly $2M. http://www.lansingstatejournal.com/story/news/local/2016/09/22/bwl-ransomware-attack-costly-details-emerging/90826176/. Accessed 22 October 2016
  17. Mell P, Grance T (2011) The NIST Definition of Cloud Computing: Recommendations of the National Institute of Standards and Technology. NIST Special Publication 800–145. http://faculty.winthrop.edu/domanm/csci411/Handouts/NIST.pdf. Accessed 23 October 2016
  18. Narayanan V (2012) Harnessing the Cloud: International Law Implications of Cloud-Computing. Chicago Journal of International Law 12(2):783–809Google Scholar
  19. NIST (2014) Cloud Computing Forensic Science Challenges. Draft NISTIR 8006. http://csrc.nist.gov/publications/drafts/nistir-8006/draft_nistir_8006.pdf. Accessed 25 October 2016
  20. Osula A-M (2015) Transborder Access and Territorial Sovereignty. Computer Law & Security Review 31:719–735Google Scholar
  21. PC-OC (2012) Guidelines on Practical Measures to Improve Co-Operation in Respect of Transfer of Proceedings, Including a Model Request Form. PC-OC INF 78. http://www.coe.int/t/dghl/standardsetting/pc-oc/Source/PC_OC_INF_78%20Guidelines%20and%20model%20request%20form%20on%20transfer%20of%20proceedings.doc. Accessed 25 October 2016
  22. PC-OC (2014) Model Request Form for Mutual Assistance in Criminal Matters. PC-OC Mod (2014) 10rev.6. http://www.coe.int/t/dghl/standardsetting/pc-oc/PCOC_documents/Documents%202015/PC-OC%20Mod%20(2014)10rev6%20Model%20request%20form%20for%20MLA.pdf. Accessed 25 October 2016
  23. PC-OC (2015) Mutual Legal Assistance in the Treaties of the Council of Europe: Note for Practitioners. PC-OC(2015)03. http://www.coe.int/t/dghl/standardsetting/pc-oc/PCOC_documents/Documents%202015/PC-OC%20(2015)03%20Note%20for%20practitioners%20on%20mutual%20legal%20assistance.pdf. Accessed 25 October 2016
  24. Reidenberg JN (2005) Technology and Internet Jurisdiction. University of Pennsylvania Law Review 153:1951–1974Google Scholar
  25. Schultz T (2008) Carving up the Internet: Jurisdiction, Legal Orders, and the Private/Public International Law Interface. European Journal of International Law 19(4):799–839Google Scholar
  26. Svantesson D (2015) A New Jurisprudential Framework for Jurisdiction: Beyond the Harvard Draft. AJIL Unbound 109:69–74Google Scholar
  27. Svantesson D, Gerry F (2015) Access to Extraterritorial Evidence: The Microsoft Cloud Case and Beyond. Computer Law & Security Review 31:478–489Google Scholar
  28. Svantesson D, van Zwieten L (2016) Law Enforcement Access to Evidence Via Direct Contact With Cloud Providers – Identifying the Contours of a Solution. Computer Law & Security Review 32:671–687Google Scholar
  29. Swanson SR (2011) Google Sets Sail: Ocean-Based Server Farms and International Law. Connecticut Law Review 43(3):709–751Google Scholar
  30. Talbot D (2016) Cybersecurity: The Age of the Megabreach. MIT Technology Review. https://www.technologyreview.com/s/545616/cybersecurity-the-age-of-the-megabreach/. Accessed 30 October 2016
  31. T-CY (2013a) Guidance Note#3: Transborder Access to Data (Article 32). http://rm.coe.int/CoERMPublicCommonSearchServices/DisplayDCTMContent?documentId=09000016802e726a. Accessed 27 October 2016
  32. T-CY (2013b) Assessment Report: The Mutual Legal Assistance Provisions of the Budapest Convention on Cybercrime. http://rm.coe.int/CoERMPublicCommonSearchServices/DisplayDCTMContent?documentId=09000016802e726c. Accessed 23 October 2016
  33. T-CY (2014) Rules on Obtaining Subscriber Information. Report. https://rm.coe.int/CoERMPublicCommonSearchServices/DisplayDCTMContent?documentId=09000016802e7ad1. Accessed 25 October 2016
  34. T-CY (2015a) Guidance Note#10 (Draft): Production Orders for Subscriber Information (Article 18 Budapest Convention). https://rm.coe.int/CoERMPublicCommonSearchServices/DisplayDCTMContent?documentId=090000168064b77c. Accessed 28 October 2016
  35. T-CY (2015b) Criminal Justice Access to Data in the Cloud: Challenges. Discussion Paper. https://rm.coe.int/CoERMPublicCommonSearchServices/DisplayDCTMContent?documentId=0900001680304b59. Accessed 22 October 2016
  36. T-CY (2016a) Criminal Justice Access to Electronic Evidence in the Cloud - Informal Summary of Issues and Options Under Consideration by the Cloud Evidence Group. https://rm.coe.int/CoERMPublicCommonSearchServices/DisplayDCTMContent?documentId=09000016805a53c8. Accessed 25 October 2016
  37. T-CY (2016b) Criminal Justice Access to Data in the Cloud: Co-Operation with ‘Foreign’ Service Providers. Background Paper. https://rm.coe.int/CoERMPublicCommonSearchServices/DisplayDCTMContent?documentId=090000168064b77d. Accessed 27 October 2016
  38. T-CY (2016c) Emergency Requests for The Immediate Disclosure of Data Stored in Another Jurisdiction Through Mutual Legal Assistance Channels or Through Direct Requests to Service Providers: Compilation of Replies to the Questionnaire. http://rm.coe.int/CoERMPublicCommonSearchServices/DisplayDCTMContent?documentId=0900001680644318. Accessed 27 October 2016
  39. UNODC (2013) Comprehensive Study on Cybercrime. https://www.unodc.org/documents/organized-crime/UNODC_CCPCJ_EG.4_2013/CYBERCRIME_STUDY_210213.pdf. Accessed 20 October 2016
  40. Vaciago G (2011) Cloud Computing and Data Jurisdiction: A New Challenge for Digital Forensics. CYBERLAWS 2012: The Third International Conference on Technical and Legal Aspects of the e-SocietyGoogle Scholar
  41. von Behr I, Reding A, Edwards C, Gribbon L (2013) Radicalisation in the Digital Era. The Use of the Internet in 15 Cases of Terrorism and Extremism. http://www.rand.org/pubs/research_reports/RR453.html. Accessed 22 October 2016
  42. Walden I (2011) Accessing Data in the Cloud: The Long Arm of the Law Enforcement Agent. Queen Mary School of Law Legal Studies Research Paper No 74/2011. https://ssrn.com/abstract=1781067. Accessed 27 October 2016

Copyright information

© T.M.C. Asser Press and the authors 2017

Authors and Affiliations

  1. 1.Information Society and Action Against CrimeCouncil of EuropeStrasbourgFrance
  2. 2.University of MilanMilanItaly

Personalised recommendations