National Crime Agency of UK (NCA) Lucie Usher, US Dept of Justice (Cybercrime and Intellectual Property Section) Louisa Marion, Republic of Moldova General Inspectorate of Police Alexander Fiti, ICTA Director/Legal Advisor Jayantha Fernando, Council of Europe Project Manager Giorgi Jokhadze, Senior DIG (Administration) Gamini Nawaratne
Representatives of Mauritius, Morocco, Philippines, South Africa, Senegal, Sri Lanka and Tonga successfully completed a three-day specialised training recently, targeted for Government 24/7 points of contact under the Budapest Cybercrime Treaty.
The program is jointly organised by the Council of Europe and ICT Agency of Sri Lanka (ICTA) and Sri Lanka Computer Emergency Readiness Team (SL CERT) with support from Sri Lanka Police Department. The three-day workshop and training is part of the joint European Union/Council of Europe project on Global Action on Cybercrime (GLACY), 2013-2016.
Explaining the aim of the specialised program, ICTA Director/Legal Advisor Jayantha Fernando said: “Given the threat of cybercrime and the increasing relevance of electronic evidence in criminal proceedings, retrieving evidence becomes essential in order to prosecute offenders or to prove the innocence of suspects. Cybercrime and electronic evidence very often have a transnational dimension. International cooperation between states and Law Enforcement agencies is therefore crucial. Expeditious international cooperation is a condition for effective measures against cybercrime and other offences involving electronic evidence. This was the key area of focus during the last three days.”
“The Budapest Convention on Cybercrime contains a range of procedural law and international cooperation measures aimed at preserving electronic evidence, search, seizure or intercept data and others. One of the solutions it offers is the creation and operation of the global network of 24/7 national points of contact, tasked with the provision of technical advice, preservation of data, collection of evidence, provision of legal information, locating of suspects in cases involving cybercrime and electronic evidence”.
Tracing the history of the Budapest Cybercrime convention Council of Europe Project Manager Giorgi Jokhadze,said: “The Budapest Cybercrime Convention is the only available International treaty on the subject. Sri Lanka became the first country in South Asia to join the Budapest Cybercrime Convention and it entered into force in Sri Lanka on 1 September 2015. Legal Division of ICT Agency of Sri Lanka (ICTA), which coordinated Sri Lanka’s accession to the said Convention, has been working with Sri Lanka CERT and the Council of Europe to develop a number of capacity building initiatives for the Judiciary, Prosecution Service and the Police Department. This program is one such initiative done at an international scale.”
Louisa Marion from the US Dept of Justice (Cybercrime and Intellectual Property Section), Lucie Usher of the National Crime Agency of UK (NCA), Alexander Fiti of the General Inspectorate of the Police Ministry of Internal Affairs, Republic of Moldova, amongst other experts will conduct the training along with Council of Europe Project Manager Giorgi Jokhadze. Delegation of European Union to Sri Lanka and the Maldives, Trade and Communication Section Deputy Head Roshan Lyman and ICTA Director/Legal Advisor Jayantha Fernando addressed the opening sessions.
The workshops and themes were as follows:
Day 1, Workshop 1:
(1) Current standing and best practices: Necessity to have a 24/7 point of contact: requirements of the Cybercrime Convention and beyond,
(2) Operation of the 24/7 point of contact: Best practices and examples
(3) Synergies between 24/7 points of contact and other authorities for international cooperation in criminal matters (Interpol, MLA etc)
(4) Example of 24/7 cooperation with multinational service providers.
Day 1, Workshop 2: Setting up a 24/7 point of contact: (Based on the Guide for 24/7 Points of Contact under Cybercrime Convention) authority and institutional set up, necessary legal framework, competencies and standards, practical and managerial considerations, visibility, awareness, national cooperation and other issues.
Day 1, Workshop 3: Review of situation within GLACY Project Countries.
Day 2, Training session 1: Case scenario based on data preservation, teamwork exercise (making use of the standard template for data preservation from EAP II project.
Day 2, Training session 2: Executing a foreign request for subscriber and traffic data – teamwork exercise,
Day 3, Training session 3: Case scenario involving a request for data (subscriber, traffic, content) to a multinational service provider – mix of topics on 24/7 and MLA – team work,
Day 3, Lessons learned: Possible solutions and way forward for GLACY states.