Crime and jurisdiction in cyberspace: Towards solutions

Event report

[Read more session reports and live updates from the 12th Internet Governance Forum]

The session acts as a follow-up session to Workshop 87 from IGF 2016, which discussed the challenge of crime and jurisdiction in cyberspace. This session aimed to address questions regarding the applicable laws and jurisdiction in cyberspace; questions which have major implications on the rule of law and security, but also human rights in cyberspace. Mr Christian Borggreen, Computer & Communication Industry Association (CCIA), acting as an onsite moderator for the session, provided the background by mentioning that ‘Evidence of crimes is increasingly available in the form of electronic evidence, often stored in the cloud, which means – often stored in a different country with a different set of laws.
This raises complex questions and challenges for law enforcement, companies and users. ’.

Ms Priscila Costa Schreiner, from the Federal Prosecution Office in São Paulo, responded to a query about providing updates on the legal approach towards blocking of a mobile application that impacted more than hundred million users in Brazil. She mentioned ‘As provisions in our Internet civil rights framework, I want to emphasise that the Brazilian federal prosecution under this extreme measure should be considered only as a last resort, and with extreme caution.”

Mr Paul Mitchell, General Manager-Technology Policy at the Microsoft Corporation, commented on their warrant case, which he talked about the previous year, in which the US government is seeking access to email data stored in Microsoft’s data centre in Ireland. He mentioned that the IGF has always been a torch-bearer in exploring the advances made in economic, social and other benefits that the Internet has brought to the planet. At the same time, it has also brought uncertainty and disruption and accelerated clashes of values around the world. He emphasised the need of managing a balance between the rights of individuals, the rights of service providers such as Microsoft, and the rights of governments.

Mr Gregory T Nojeim, Senior Counsel and Director of the Freedom, Security, and Technology Project at the Center for Democracy & Technology in Washington, D.C, initiated the intervention by mentioning ’my piece of that puzzle is government surveillance’. However, he spoke with optimism on strengthening the system and mentioned that, ’It can be more efficient and still rights-protective as it is. I think a lot can be done on that score. It is difficult to see it adequately scaling to handle what you see as the volume of requests if there was an efficient mechanism for turning over data to governments that need it….’

Ms Cathrin BAUER-BULST, European Commission, highlighted the challenge of jurisdiction by mentioning a personal experience with her smart phone. She could find only ’two’  applications, ‘my local transport app and my banking app’ that store data locally in Belgium, where she currently resides. She said that, ’There is often very little section between the services we use and the jurisdiction we live in. In the European Union, we have done everything to facilitate it. Opened our market to services all over the world. However, when you are viewing it from the law enforcement perspective, all of a sudden this wonderful space has borders going up again. As soon as data is stored elsewhere or as soon as the provider is located elsewhere, you’re stuck.’

Mr Alexandru Frunza-Nicolescu, Council of Europe (COE), provided a brief introduction about the functioning of his organisation, and mentioned that the COE currently has 47 member states. They work in commitment to the Budapest Convention of Cybercrime, ensuring quality of implementation, and capacity building programmes. To provide an update on the current projects of the cybercrime commission within the COE, he mentioned that the commission is currently focused on mapping the current and future challenges to criminal justice in cyberspace, and possible solutions to address these challenges. He further mentioned that based on the work of two working groups, the trans-border group along with the information from law enforcement, private sector, academia, civil society, data protection and European Union bodies, started the process for building additional protocol of the Budapest Convention. In June 2017, the terms of this protocol were adopted and the group was established in this sense.

By Mohit Saraswat