Criminal justice action on cybercrime

Back EAP III: Report on Ukraine regarding public-private cooperation on cybercrime

EAP III: Report on Ukraine regarding public-private cooperation on cybercrime

Cooperation between criminal justice authorities and private sector entities, including in particular service providers, is essential to protect society against crime. Such cooperation concerns primarily access by police and prosecution services to data held by service providers for criminal justice purposes, but also the sharing of information and experience, as well as training. However, local Internet service providers are often reluctant to cooperate, criminal justice measures and national security measures are not clearly separated, and public trust is limited. Moreover, law enforcement powers such as those foreseen in the Budapest Convention on Cybercrime are not always clearly defined in criminal procedure law, and this adversely affects law enforcement/service provider cooperation as well as human rights and the rule of law.

In the specific context of Ukraine, public-private cooperation in cybercrime and electronic evidence has been hampered, chiefly among other reasons, by the absence of coherent legal framework for exercise of procedural powers available under the Budapest Convention on Cybercrime, as well as uneven practice of application of already available investigative powers. Availability, consistency and proportional use of these specialized solutions by the law enforcement represents, beyond reasons of efficiency for investigations, important safeguards for the private sector entities in terms of clarity and foreseeability of law and protection from arbitrary interference with privacy of individuals.

Following series of workshop sessions and on-site assessment of Ukrainian legal framework with regard to procedural powers under the Cybercrime Convention performed on 5-9 September 2016, two experts of the Council of Europe have been tasked, within the framework of its Cybercrime@EAP III project managed by the Cybercrime Programme Office (Bucharest, Romania), to assess both existing legal acts of Ukraine as well as prepared amendments and produce a report on public-private cooperation on cybercrime in Ukraine.

As a result of this work, a Report has been produced that looks into applicable regulations in Ukraine concerning cybercrime and electronic evidence from the perspective of the Budapest Convention on Cybercrime.  The list of issues discussed in the report includes matters of definitions of electronic evidence and types of data, implementation of procedural powers under the Cybercrime Convention, data retention and other aspects of Internet service providers’ obligations relevant for the law enforcement, safeguards and guarantees applicable to law enforcement access to electronic evidence, and many others.

The report and its main findings will be presented to all relevant stakeholders on 4 November 2016 in Kyiv, Ukraine, in order to plan specific future steps concerning necessary legislative amendments. The report will be a direct basis for further support provided to Ukraine by the Cybercrime Programme Office under the Cybercrime@EAP III project in terms of legislative development on the subject.

Report on Ukraine on current legislation and draft Laws supplementing and amending various issues related to cybercrime and electronic evidence.

Kyiv 9 November 2016
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page

Efficient international cooperation, including expeditious mutual legal assistance is one of the most important conditions for effective measures against cybercrime and other offences involving electronic evidence given the transnational and volatile nature of electronic evidence. In practice, however, procedures are considered too complex, lengthy and resource intensive, and thus too inefficient. This is also true for the countries participating in the Eastern Partnership.

According to information available, police and judicial authorities in the six EaP countries:

  • typically request traffic and subscriber data via 24/7 points of contact, police-to-police cooperation, mutual legal assistance or directly from multi-national service providers. Content is rarely requested given the complexity of the procedures;
  • mostly send requests but increasingly also receive requests from abroad;
  • send/receive requests primarily related to fraud as well as organised crime. Increasingly they also cover offences against computer data and systems.

The six EaP countries are considered important sources and targets of cybercrime (and thus are of major concern for member states of the European Union and the Council of Europe), but the level of international co-operation on cybercrime and electronic evidence is extremely limited and very few requests for mutual legal assistance related to electronic evidence are sent or received.

Specific objective:  to enable efficient regional and international co-operation on cybercrime and electronic evidence

Indicators:

  • authorities responsible for mutual legal assistance have their capacities enhanced with regard to cybercrime and electronic evidence;
  • the effectiveness of 24/7 points of contact will be enhanced;
  • draft amendments to rules and procedures on mutual legal assistance will be available for adoption.