There are countless cybercrimes going unpunished due to out of date international rules regarding cross-border jurisdictions, which prevent access to data and investigation of illegal activity.
According to Bond University Law Professor Dan Svantesson, global differences between various legal system causes high difficulties in the investigation process. Professor Svantesson has outlined the problems in his latest report ‘Law Enforcement Cross-Border Access to Data’.
“One of the issues is that cyberspace technically has no ‘borders’, meaning any data on the internet or even on private computers can be shared and viewed by unauthorised parties. When it comes to investigating these crimes however, we still need to observe legal jurisdictions, which can create a major roadblock,” Professor Svantesson said.
“For the big internet companies holding our data compliance with one State’s laws can result in a direct violation of another State’s laws, making accessing cross-border evidence extremely difficult and leading to a lack of investigation of cybercrimes.”
“Those Law enforcement agencies that do investigate often feel the need to resort to actions with questionable legal support just to access the cross-border evidence needed to issue charges. Although seen as ‘rogue actions’, without them there would be little opportunity for justice to be done. The victims of cybercrime are at a disadvantage due to disparities between jurisdictions, which is why we need to fix what is broken in the system.”
Professor Svantesson said advancements in technology played a role in the need for investigation into cybercrime and a change in the framework of the legal system would help prevent cybercrime going forward.
“Evidence that traditionally was stored in paper form or on a personal computer is now typically stored in the ‘cloud’, typically beyond the borders of the State investigating the crime.”
“We need to move away from territorial limits where the State can only investigate within its borders in favour of a better framework,” he said.
“Instead of focusing on where the data sits – which we may not always be able to ascertain anyhow – we need to focus on whether the law enforcement agency seeking access to the data –has a substantial connection, and legitimate interest, in the data. And we also need to consider any other competing interests.”