Building up Specialized Cybercrime Units and Responsibilities for Managers Virgil SPIRIDON ROMANIAN NATIONAL POLICE Head of National Cybercrime Unit
SCOPE for fighting cybercrime Freedom of communication Safe business environment Protection of the critical infrastructure Protection of the privacy Security of the children
PRESENTATION OF THE STUDY Purpose : To help public authorities create or further strengthen specialised cybercrime units as a key element of the response to cybercrime. Means : * In June 2011, the Council of Europe and the European Union Cybercrime Task Force (EUCTF) sent out a common questionnaire to high-tech crime units in Europe and other regions of the world. * July-September 2011, replies were analysed to set up a draft version of the study. * In September 13-15, 2011 the study was evaluated and discussed on the meeting from Montenegro
1. Introduction 2. The purpose of specialised units 3. Types of specialised units 4. Institutional set up and organisation 5. Functions and responsibilities 6. Steps towards the creation of a specialised unit 7. Practical experience and statistics 8. Assessment and conclusions 9. Appendix: Profiles of specialised units
SPECIALIZED UNITS There is no single solution that will be appropriate for all countries and it is vital that the development of cybercrime units evolve in accordance with the needs of each country based upon: - legislation, - reliance on IT, - prevalence of different types of criminal activity and - other matters.
TYPES OF SPECIALIZED UNITS Evolution of ICT and Internet in particular Increase of cybercrime in all regions of the world Evolution of an underground economy Involvement of computer in most types of crime nowadays Need for specialist skills and specialised services
TYPES OF SPECIALIZED UNITS From the analysis of the current types of cybercrime units it appears that a cybercrime unit should be structured in three sections: - investigation - data and information analysis - computer forensics One unit at the central level coordinating a number of field offices seems to be an efficient formula. However, the units should remain flexible enough to respond to the evolution of cybercrime and technology and to changes in the environment in which it operates.
TYPES OF SPECIALIZED UNITS Cybercrime Unit (offences against + by means of computers) e.g. France, Cyprus, Czech Republic, Mauritius, Romania, Spain High tech Crime Unit (against + technical support) e.g. Austria, Belgium, Ireland, Luxembourg Computer forensic Unit (forensics + technical support) e.g. Brazil Central Unit (intelligence + support) e.g. UK Crime-specific units-e.g.-uk-ceop Specialised prosecution units-e.g. Romania, Belgium and Serbia
SPECIALIZED UNITS Specialised cybercrime units cannot be effective in isolation The creation or strengthening of specialised cybercrime units should be part of an effective cybercrime strategy in which the police unit on national level can be a driving force The cybercrime strategy should cover measures such as: -cybercrime prevention -cybercrime reporting systems -legislation harmonised with international standards such as the Budapest Convention -institutional development and training of personnel -public-private partnerships and cooperation (service providers, ICT companies, financial sector and credit card companies, and others) -international cooperation
INSTITUTIONAL SET UP AND ORGANISATION Regulations : national and internal The organisational setting e.g. organised crime department, criminal police department, financial police department, IT department Premises Internal organisation and structure
STEPS TOWARDS THE CREATION OF THE SPECIALISATION UNITS 1. Assessing needs and making a decision 2. Legal basis 3. Manager of the unit 4. Staffing the unit 5. Training programme 6. Equipment and other resources 7. Independence of and knowledge about unit 8. Action plan / évaluation mechanisms
FUNCTIONS AND RESPONSABILITIES Strategic responsabilities Drafting national legislation on cybercrime Contributing to national strategy on cybercrime Prevention National systems for reporting criminal activities Cooperation at national and international level Intelligence analysis and dissemination Defining guidelines for investigations Delivering training programmes Assessment and analyses of cybercrime phenomena
FUNCTIONS AND RESPONSABILITIES Tactical responsabilities Coordinating and conducting investigations Collection, examination and analysis of digital evidence within the forensic science framework of the country Specialised support to other non cybercrime police units Practical interagency cooperation The private sector International cooperation Sometimes big differences between countries
QUALITIES AND RESPONSIBILITIES FOR MANAGERS IT Background Reputation Communication skills and language skills Knowledge of operational/tactics/legislation/computer forensic Knowledge of European/international situation Open to new evolutions Strategic abilities
THANK YOU!