Responding internationally

International cybercrime — attacks on mission-critical government or private

computers from across national boundaries — is an increasing threat. Can

governments respond?

Self-protection through strong secur-ity tools and practices remains

the principal defense. Ultimately, however, governments must address the

investigation of cybercrimes and the prosecution of criminals. Most countries

recognize the need to update their laws to fight crimes committed in cyberspace.

But countries today mostly are in the same boat that the Philippines was

in after the "love bug" struck in May — they have no effective legal tools

to prosecute cybercriminals. As with many issues, it often takes a crisis

to precipitate action. In June, the Philippines outlawed most computer crimes

as part of a comprehensive e-commerce statute.

To prosecute crimes across national borders, an act must be a crime

in both jurisdictions. Thus, though local legal traditions must be respected,

nations must define cybercrimes similarly. One approach to encourage such

harmony is to develop a model law that can be adapted to local conditions.

Such an effort is underway in the Council of Europe (COE).

The COE, Europe's oldest political organization, has created model laws

and treaties covering human rights, education and the environment. Its Draft

Convention on Cyber Crime was crafted by law enforcement officials from

Europe, the United States and Japan.

The convention will address a range of cybercrimes, including illegal

access, illegal interception, data interference, system interference, computer-related

forgery, computer-related fraud, and the aiding and abetting of these crimes.

It also tackles investigational matters related to jurisdiction, extradition,

the interception of communications, and the production and preservation

of data. And it sets minimum standards for penalties.

As with most cybersecurity initiatives, the COE's framework is controversial.

The computer industry argues that it had little meaningful input in the

draft convention. The COE accepts comments on its draft, then releases a

revision. The latest version is at www.coe.int.

Industry believes requiring service providers to monitor communications

and provide assistance to investigators would be burdensome and costly.

It also objects to a provision criminalizing the use of hacking programs,

which may have been designed for legitimate security testing purposes.

The Global Internet Liberty Campaign (www.gilc.org) has joined the opposition,

objecting to a lack of procedural safeguards and due process to protect

individuals' rights. It believes ensuing national laws might place restrictions

on privacy, anonymity and encryption.

The council wants to finish its work by the end of the year, after which

member nations and others could sign on to the convention and implement

the provisions in their own laws. In the meantime, government and industry

should engage the COE process at all levels to ensure a workable outcome.

McConnell, former chief of information policy and technology at the Office

of Management and Budget, is president of McConnell International LLC (www.

mcconnellinternational.com).

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.

Featured

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

  • Shutterstock image.

    Merged IT modernization bill punts on funding

    A House panel approved a new IT modernization bill that appears poised to pass, but key funding questions are left for appropriators.

  • General Frost

    Army wants cyber capability everywhere

    The Army's cyber director said cyber, electronic warfare and information operations must be integrated into warfighters' doctrine and training.

  • Rising Star 2013

    Meet the 2016 Rising Stars

    FCW honors 30 early-career leaders in federal IT.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group