News | March 04, 2011

Towards a New Harmonized Global Framework on Cybercrime

The EastWest Institute’s Cyber Crime Working Group has concluded that current legal measures to combat cybercrime are inadequate.

The group is co-chaired by retired Norwegian judge Stein Schjolberg and advocate Pavan Duggal of the Supreme Court of India – one of the leading experts on cyber law in Asia – and consists of experts from Norway, India, Russia, the United Kingdom, France, Switzerland, Sri Lanka, Italy, and Belgium. In a meeting held March 1-2 in Brussels, the group called for new progressive international legal frameworks, including the need for a global tribunal on cyberspace.

The objective of the EastWest Institute’s Cyber Crime Working Group is to propose a new set of harmonized legal frameworks to combat cyber crime through increased international cooperation. During an intense two-day discussion, participants agreed that, for the moment, new international legal frameworks should be focused on the regional rather than the global level.  Participants also pointed out that any new legal approaches alone will not be sufficient: rather, a much more integrative approach involving not only governments, but also the private sector, civil society, and non-government sector, is needed.

Regarding the new global tribunal on cyberspace, one of the main challenges will be establishing the legitimacy of such a tribunal. Currently, there is no international body with a mandate to deal with cyberspace complaints.  A new global tribunal would require the consent of all countries including the United States, which might prove difficult to obtain.

Preceding the establishment of such a court, state sovereignty—a concept that in the past has caused disagreements among major cyber nations such as the United States and Russia—would require extensive philosophical discussion, as one expert emphasized. Another expert stated that the new tribunal could derive its legitimacy from cooperating on non-politically sensitive issues that have a broad consensus among nations, like banning child pornography from the Internet.

Co-chairs Duggal and Schjolberg emphatically stated that this is only the beginning of a long process for achieving an agreement that reconciles and incorporates diverse legal viewpoints into comprehensive new legal frameworks. Simple questions such as “should new legal frameworks be based on common or civil law?” could be major stumbling blocks. For example, India chose not to join the European Convention on Cyber Crime because it would have introduced a completely alien legal framework into the Indian legislative process.

Participants also agreed that any new legal frameworks have to take into account the involvement of various stakeholders, especially in the private sector. As one participant pointed out, the reason why the European Convention on Cyber Crime is not as widely accepted is that the convention was composed without the involvement of the private sector. Involving civil society as a whole and non-governmental organizations also is deemed essential, especially considering education and training.

The clash of privacy rights and free speech advocacy with cybersecurity will also need to be studied carefully. For example, the European Union has already endorsed a proposal to create a European center to exchange information on inquiries made on child pornography cases. It is, however, not widely accepted due to privacy concerns.

Addressing child pornography, the group stressed the need to redefine the term “child pornography” to make a distinction between real children and virtual children. This attempt, as one expert pointed out, is a good starting point for private-public partnerships. For example, for Russia, this was the starting point in developing the first private-public partnership in the field of cybersecurity.

The cyber crime working group is scheduled to present preliminary findings during a briefing session at the Second Worldwide Cybersecurity Summit on June 1-2, 2011 in London and to deliver a final set of recommendations at the time of the Third Worldwide Cybersecurity Summit in Delhi, India in 2012.

To register for the Second Worldwide Cybersecurity Summit in London, please visit: http://www.cybersummit2011.com/