24/7 High Tech Crime Network

Similar documents
Snapchat Law Enforcement Guide

THE G8 24/7 NETWORK OF CONTACT POINTS Protocol Statement

Legal Framework to Combat Cyber Crimes in the Region: Qatar as a Model. Judge Dr. Ehab Elsonbaty Cyber Crime expert ehabelsonbaty@hotmail.

Strategic Priorities for the Cooperation against Cybercrime in the Eastern Partnership Region

V Seven areas are covered by this Notice:

So why is the head of a federal agency with jurisdiction over customs, immigration, and border crimes appearing at a

Pan-American Governmental Access to Data in the Cloud

The FBI and the Internet

Council of Europe Project on Cybercrime in Georgia Report by Virgil Spiridon and Nigel Jones. Tbilisi 28-29, September 2009

ESI Incident Response Procedures 1

Cybercrime & Cybersecurity

CYBERCRIME AND THE LAW

AOL Inc. Law Enforcement Manual

Packerland Broadband Subscriber Privacy Notice

Cyber Crime and Digital Forensics in Japan

Networks and the Internet A Primer for Prosecutors and Investigators

How To Get A Facebook Subpoena

Cybercrime in Canadian Criminal Law

New Hampshire Cyber Crime Initiative Overview Briefing. NH Assistant Attorney General Lucy H. Carrillo Internet Crimes Prosecutor

139TH INTERNATIONAL TRAINING COURSE PARTICIPANTS PAPERS THE CRIMINAL JUSTICE RESPONSE TO CYBERCRIME. Elcio Ricardo de Carvalho* I.

The Massachusetts Strategic Plan for Cyber Crime

STATE OF NEVADA Department of Administration Division of Human Resource Management CLASS SPECIFICATION

Cyber Crime and Data Retention

CRIMINAL JUSTICE RESPONSES TO TRAFFICKING IN PERSONS: ASEAN PRACTITIONER GUIDELINES

STATE OF NEW HAMPSHIRE STRATEGIC PLAN TO ADDRESS CYBER CRIME

Report of the Strategic Meeting on Cybercrime

Digital Forensics for Attorneys Overview of Digital Forensics

Expert Group Meeting on the Technical and Legal Obstacles to the Use of Videoconferencing

Public-Private Partnerships against cybercrime. Jean-Christophe Le Toquin Director Internet Safety Microsoft EMEA

U. S. Attorney Office Northern District of Texas March 2013

ITM 642: Digital Forensics Sanjay Goel School of Business University at Albany, State University of New York

1 of 3 3/29/2010 6:55 AM

Digital Evidence Collection and Use. CS 585 Fall 2009

UNITED STATES DISTRICT COURT DISTRICT OF MINNESOTA Criminal No (DSD/FLN) This matter is before the court upon the objection by

Department of Justice Policy Guidance: Use of Cell-Site Simulator Technology

Council Conclusions on a Concerted Work Strategy and Practical Measures Against Cybercrime

COMPUTER USE POLICY. 1.0 Purpose and Summary

Currently pursuing a Master s degree in Criminal Law at the Faculty of Law of the University of Lisbon.

U.S. Department of Justice FY 2016 Budget Request NATIONAL SECURITY. +$106.8 Million in Program Increases. FY 2016 Overview

Peace and Justice in Cyberspace

What legal aspects are needed to address specific ICT related issues?

October 19, 2015 POLICY DIRECTIVE Assistant Secretary U.S. Immigration and Customs Enforcement

America Online. Compliance & Investigations AOL Way Dulles, VA Law Enforcement Training Manual

Attorney General Balderas Criminal Affairs Update to Courts, Corrections & Justice Interim Committee

Fact sheet 2 Overview of the Extradition Process

Violence Against Women Formula Grants

APPLICATION OF INFORMATION TECHNOLOGY IN COMBATING MONEY LAUNDERING IN UKRAINE: legal

International Investigations: Issues to Consider When Conducting or Defending Against an FCPA Investigation Outside the United States

CO-CHAIRS SUMMARY REPORT ARF CYBERCRIME CAPACITY-BUILDING CONFERENCE BANDAR SERI BEGAWAN, BRUNEI DARUSSALAM APRIL 27-28, 2010

To do Justice, as no one is above the Law nor beneath its protection.

Department of Communications. Enhancing Online Safety for Children Discussion Paper. Submission by the Australian Federal Police

ORDER OF PROTECTION FREQUENTLY ASKED QUESTIONS BY PLAINTIFFS

Edward Lowery III. Special Agent in Charge Criminal Investigative Division, U.S. Secret Service. Prepared Testimony

Responding to Victim/Witness Intimidation:

NETWORKS AND THE INTERNET

STFC Monitoring and Interception policy for Information & Communications Technology Systems and Services

SENATE STANDING COMMITTEE ON LEGAL AND CONSTITUTIONAL AFFAIRS AUSTRALIAN FEDERAL POLICE. Question No. 100

Cyber crime: Police Roles and Responsibilities Within a Collaborative Framework

The President s Task Force on Identity Theft and The FTC s Role in Identity Theft

F ACEBOOK ACCOUNT SEARCH WARRNT AFFIDAVIT. at l2/criminal/ccips/online/library.htm under "Guides from ISPs."

Understanding Nebraska's Protection Orders

THE EXPUNGEMENT PROCESS

North Las Vegas Municipal Court. Strategic Budget Priorities Process (SBPP) Group July 2010

Ophotobucliêt : tJ St Suite 770 Denver, CO 80202

HOME OFFICE EVENT FOR SECURITY & POLICE PROFESSIONALS

Lawrence Police Department Administrative Policy. August A. Access to CJIS sensitive data is only available to authorized users.

Departmental Policy for Handling of Domestic Violence Incidents Involving Law Enforcement Officers 1

D.V., Threat, and Working with CPS (W6)

WEST VIRGINIA STATE POLICE LEGAL SERVICES

As Required by the Privacy Regulations Created as a Result of the Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Guidelines for Governments on Preventing the Illegal Sale of Internationally Controlled Substances through the Internet

ADDRESSES SYSTEM LOCATION

Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form

GUIDELINES for Prosecuting Attorney Victim Rights Programs

Computer Forensics Preparation

Instant Messenger Operator Manual

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

5957/1/10 REV 1 GS/np 1 DG H 2 B LIMITE EN

THE PROPOSED CANADIAN SECURITIES ACT: CRIMINALIZING SECURITIES REGULATION IN CANADA. James D.G. Douglas November 22, 2010

LEGISLATION ON CYBERCRIME IN NIGERIA: IMPERATIVES AND CHALLENGES

Orders of Nondisclosure Overview

Transcription:

24/7 High Tech Crime Network Albert Rees Computer Crime & Intellectual Property Section Criminal Division, U.S. Department of Justice

24/7 Network The G-8 24/7 Network for Data Preservation Points of contact in participating countries that require urgent assistance with investigations involving electronic evidence About 48 participating countries, including: Brazil Canada Chile Jamaica Mexico Peru OAS Regional Cyber Crime Workshop, April 2007 2

Electronic Evidence E-mail Chat logs and instant messenger info Web-based email Web pages Data stored in computers Customer records And more THIS EVIDENCE CAN DISAPPEAR QUICKLY OAS Regional Cyber Crime Workshop, April 2007 3

Internet Service Providers (ISP) Essential link to the Internet Accessing the Internet through an ISP creates important records and other information Customer records Connection information Stored data THE ISP OFTEN HAS CRITICAL EVIDENCE OAS Regional Cyber Crime Workshop, April 2007 4

The ISP and Investigations Locating the ISP An ISP s servers may be anywhere in the world Often in the United States Working with the ISP Law enforcement point of contact Requests from outside the country Data retention practices differ ISP policy A country s laws Data preservation is key step in investigation OAS Regional Cyber Crime Workshop, April 2007 5

US Approach to Data Preservation Law enforcement contacts ISP & requests that any existing data be retained Contact can be by mail, e-mail, fax Contact can be 24/7 Appropriate legal process to obtain data Subpoena, court order, search warrant Exception for emergencies OAS Regional Cyber Crime Workshop, April 2007 6

Why a 24/7 Network? Importance of timely response to cybercrimes Need to find and preserve electronic evidence Data stored on computers and storage devices Data and records kept by ISP Need to identify points of contact Law enforcement organization with cyber expertise Knowledge of local laws and procedures OAS Regional Cyber Crime Workshop, April 2007 7

24/7 Operations in the US Computer Crime & Intellectual Property Section (CCIPS), Department of Justice is the point of contact Each day one prosecutor takes 24/7 calls Duty mobile phone for calls after office hours OAS Regional Cyber Crime Workshop, April 2007 8

CCIPS receives call 24/7 Process Requestor identifies assistance sought Preserve records Report online criminal activity in US affecting requesting nation Shut down web site Child pornography Phishing OAS Regional Cyber Crime Workshop, April 2007 9

24/7 Process CCIPS determines if request indicates a violation of US law If US law is violated, CCIPS contacts appropriate US law enforcement US law enforcement works with requesting law enforcement to obtain needed evidence Evidence obtained & shared informally between law enforcement agencies OAS Regional Cyber Crime Workshop, April 2007 10

24/7 Process If no US law is violated CCIPS can contact ISP to request record preservation CCIPS informs requesting country of results of preservation request THE 24/7 PROCESS IS AN IMPORTANT STEP, BUT IS NOT A SUBSTITUE FOR FORMAL PROCEDURES OAS Regional Cyber Crime Workshop, April 2007 11

Providing Electronic Evidence Through Diplomatic Channels Convention on Cybercrime MLAT Letters Rogatory US obtains requested info by subpoena, court order or warrant & provides to requesting agency OAS Regional Cyber Crime Workshop, April 2007 12

CCIPS Ways to Expedite Preservation Identification of major ISPs in US Identification of legal points of contact at ISPs Many US ISPs have developed procedures on timely processing of law enforcement requests OAS Regional Cyber Crime Workshop, April 2007 13

24/7 Network Membership Contact point available 24/7 English speaking Technical knowledge Knowledge about domestic laws and policies OAS Regional Cyber Crime Workshop, April 2007 14

24/7 Network Membership Capability Knowledge of ISPs in country Knowledge of legal points of contact at ISPs Knowledge of cyber law enforcement agencies in country Prosecutor Police OAS Regional Cyber Crime Workshop, April 2007 15

24/7 Network Membership Capability Knowledge of law enforcement authority to compel ISPs to Preserve records Provide records Knowledge of procedures to provide information in accordance with international law LARGE OFFICE NOT REQUIRED! OAS Regional Cyber Crime Workshop, April 2007 16

Joining the 24/7 Network Informal process Registration form OAS Regional Cyber Crime Workshop, April 2007 17

International Cooperation Is Necessary for Success Online criminals operate internationally Electronic evidence can be anywhere ISPs operate internationally Countries must work together to meet this challenge Improved formal and informal mechanisms Better person-to-person contacts OAS Regional Cyber Crime Workshop, April 2007 18

FOR MORE INFORMATION Albert Rees +1 (202) 514-1026 albert.rees@usdoj.gov OAS Regional Cyber Crime Workshop, April 2007 19

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information