In its 2019 Internet Organised Crime Threat Assessment (“the Report”), Europol’s European Cybercrime Centre (EC3) discusses the key threats and shows that whilst criminals are developing innovative methods to commit cybercrimes, the majority of crime continues to be based on the utilisation of well-established methods that have historically provided results.
The ongoing use of these methods means that the common challenges for law enforcement have remain unchanged in recent years. The Report provides some insight into the 5 key challenges.
Loss of data
Due to legislative changes such as the GDPR, law enforcement may be denied access to data or may only be able to access very limited data as part of a criminal investigation.
Increasing technological development and internet use also presents a challenge for law enforcement, resulting in extremely large amounts of data where it is difficult to distinguish a specific user.
Encryption is another tool used by criminals to stop incriminating data from getting into the hands of law enforcement, whilst the use of cryptocurrencies such as Bitcoin allows criminals to deal in the proceeds of crime with a relative level of anonymity.
Lack of data required by law enforcement has a significant detrimental impact on their work, often resulting in investigations being delayed or even discontinued.
Loss of location
Whilst the use of encryption, cryptocurrencies and other technologies such as the dark web or cloud storage may result in the loss of data, they also present significant challenges for law enforcement in establishing the physical location of perpetrators, criminal infrastructure or electronic evidence.
This raises complex jurisdictional considerations and makes it difficult to determine who is responsible for conducting investigations.
Challenges associated with national legal frameworks
Legal frameworks vary between countries in Europe, making effective cross-border investigation and prosecution of cybercrime extremely challenging. The main differences relate to which conduct is criminalised and how investigations may be conducted.
The latter has a great impact on the collection of electronic evidence and the monitoring of criminal activities online, which are critical to any cybercrime investigation.
Obstacles to international cooperation
Whilst differences in national frameworks present challenges for cooperation amongst European member states, the lack of a common legal framework throughout the world presents significant challenges for international cooperation more generally. This is particularly problematic in the case of large-scale cyber-attacks that span multiple continents.
Mutual Legal Assistance is perceived as being slow and ineffective, with evidence often not being secured in time to ensure the success of a criminal case.
Challenges of public-private partnerships
The private sector often holds the keys to provide law enforcement with crucial data to facilitate investigations, and can play a key role in helping to dismantle criminal infrastructures. Despite the importance of public-private collaboration, there is no clear legal framework defining how the private sector may cooperate with law enforcement whilst ensuring that they are not breaching the privacy or rights of their customers.
Further challenges are associated with new and emerging technologies such as quantum computing and artificial intelligence. Whilst presenting opportunities for law enforcement and the private sector in detection and mitigation, there is also the potential for criminal misuse to fuel cybercrime.