Cooperation between criminal justice authorities and private sector entities, including in particular service providers, is essential to protect society against crime. Such cooperation concerns primarily access by police and prosecution services to data held by service providers for criminal justice purposes, but also the sharing of information and experience, as well as training. However, local Internet service providers are often reluctant to cooperate, criminal justice measures and national security measures are not clearly separated, and public trust is limited. Moreover, law enforcement powers such as those foreseen in the Budapest Convention on Cybercrime are not always clearly defined in criminal procedure law, and this adversely affects law enforcement/service provider cooperation as well as human rights and the rule of law.

In the specific context of Ukraine, public-private cooperation in cybercrime and electronic evidence has been hampered, chiefly among other reasons, by the absence of coherent legal framework for exercise of procedural powers available under the Budapest Convention on Cybercrime, as well as uneven practice of application of already available investigative powers. Availability, consistency and proportional use of these specialized solutions by the law enforcement represents, beyond reasons of efficiency for investigations, important safeguards for the private sector entities in terms of clarity and foreseeability of law and protection from arbitrary interference with privacy of individuals.

Following series of workshop sessions and on-site assessment of Ukrainian legal framework with regard to procedural powers under the Cybercrime Convention performed on 5-9 September 2016, two experts of the Council of Europe have been tasked, within the framework of its Cybercrime@EAP III project managed by the Cybercrime Programme Office (Bucharest, Romania), to assess both existing legal acts of Ukraine as well as prepared amendments and produce a report on public-private cooperation on cybercrime in Ukraine.

As a result of this work, a Report has been produced that looks into applicable regulations in Ukraine concerning cybercrime and electronic evidence from the perspective of the Budapest Convention on Cybercrime.  The list of issues discussed in the report includes matters of definitions of electronic evidence and types of data, implementation of procedural powers under the Cybercrime Convention, data retention and other aspects of Internet service providers’ obligations relevant for the law enforcement, safeguards and guarantees applicable to law enforcement access to electronic evidence, and many others.

The report and its main findings will be presented to all relevant stakeholders on 4 November 2016 in Kyiv, Ukraine, in order to plan specific future steps concerning necessary legislative amendments. The report will be a direct basis for further support provided to Ukraine by the Cybercrime Programme Office under the Cybercrime@EAP III project in terms of legislative development on the subject.

Report on Ukraine on current legislation and draft Laws supplementing and amending various issues related to cybercrime and electronic evidence.