March 21, 2006 2:47 PM PST

Interpol: Give us tools to fight cybercrime

Interpol has called on politicians to help law enforcement officers bring cybercriminals to justice by making it easier for evidence to be transferred between countries.

The international police organization said Monday that a new global legislative framework was needed to deal with cybercrime, which has evolved dramatically since the current legislation was passed.

"With phishing and pharming, new technologies are being dealt with by old laws," said Bernhard Oputal, a crime intelligence officer with Interpol's financial and high-tech crime division.

"There are still some places in the world criminals move to where ISPs still permit phishing."
--Bernhard Oputal, crime intelligence officer, Interpol

"We need an integrated legal framework to exchange data. A lot of legislation doesn't consider a data stream as evidence, because the evidence is hidden behind 0s and 1s. We have to rethink the legislative framework," Oputal told ZDNet UK.

Many organized-crime gangs have turned to the Internet in recent years, using fake Web sites and e-mails to defraud users. According to experts, these gangs are based in countries such as Russia, China and the U.S. but target Internet users across the globe.

Interpol said it has experienced problems with the international transfer of evidence and said some Internet service providers were unwilling to provide data, a problem exacerbated by the speed with which phishing sites disappear after capturing information.

"I need a legal basis to get the data out of the service providers. The current system is protecting the offenders, not the victims," Otupal said. "There are different types of service providers--some who are willing to tackle the problem, and some who say, 'We are content providers; that's not our role.'"

A global framework for legislation should be provided by the Council of Europe's Convention on Cybercrime, according to Otupal. The Convention, ratified in 2001, is a European treaty designed to allow for a common criminal policy on cybercrime.

Following its announcement on Monday that it will bring prosecutions against suspected cybercriminals, Microsoft agreed that current legislation needed to be reformed in some countries. The software giant said it will prosecute more than 100 phishers over the coming year and said it's involved in lobbying for stronger antiphishing laws.

"There is basic legislation to enforce the law in most countries. Whether the sanctions are proportionate to the damage caused remains to be seen," Jean-Christophe le Toquin, an attorney for Microsoft in Europe, told ZDNet UK. "The Council of Europe Convention lets us use existing tools. We are pushing for stronger laws if (those tools) are not sufficient," le Toquin added.

Interpol admitted that it was limited in its power to stop phishers because of the lack of a cohesive global legal framework.

"Are these cybercriminals beyond the long arm of the law?" said Pat Cox, a former president of the European Parliament, speaking at the launch of Microsoft's Global Phishing Enforcement Initiative. "More or less, yes," Otupal answered.

"There are still some places in the world criminals move to where ISPs still permit phishing," Otupal later told ZDNet UK. "Criminals go to countries where this use of technology and movement of money across borders isn't criminal. Another big problem is that criminals (can operate in) many different countries--25 countries in a recent case," he said.

Otupal also wants to see "more trust between parties" in divulging information to their customers, and to the police. He said banking institutions are afraid their reputations will be damaged if their customers know that other customers have fallen victim to fake Web sites.

"Banks are not willing to admit they've been abused through cybercrime, and internal investigation doesn't necessarily work," he told ZDNet UK.

Tom Espiner of ZDNet UK reported from London.

See more CNET content tagged:
cybercrime, phishing, legislation, framework, law

2 comments

Join the conversation!
Add your comment
There are tools to protect from cybercrime - Interpol should promote them
I am using an excellent tool to protect myself from cybercrime - CallingID. When I visit a site I automatically see who owns the site I visit, where the owner is located and if the owner is a real company. Before I buy or login to any site I make sure that CallingID identified the site owner as a company that I can deal with. CallingID protected me from Cybercrime many times.
Posted by ba_oren (16 comments )
Reply Link Flag
There are tools to fight cybercrime - Interpol should encourage users to be
I use CallingID - it is a free toolbar that protects me from cybercrime. When I go to a site I see who owns it, where is the owner located and ifthe owner is a real organization. CallingID protected me several times from scams!
Posted by ba_oren (16 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.