Considering the Council of Europe’s Convention on Cybercrime as an example of legal measures realized as a regional initiative, countries should complete its ratification, or consider the possibility of acceding to the Convention of Cybercrime. Other countries should, or may want to, use the Convention as a guideline, or as a reference for developing their internal
legislation, by implementing the standards and principles it contains, in accordance with their own legal system and practice.

High Level Experts Group (HLEG), ITU in Geneva (November 2008)

• What is cybercrime?
• Global organizations (NEW)
• Law survey
• Investigation &Prosecution
• Cybersecurity
• About this site

2009

May

• The Norwegian Parliament (Stortinget) has on May 28 adopted the New Penal Code, including several provisions on cybercrime. See §§ 201, 202, 204, 206, 311, 351, 361, and 371.

April

• A new Bill on cybercrime has been filed in The Philippine Senate.

• Bangladesh has introduced a new law on cybercrime.

March

• Germany has ratified the Council of Europe Convention on Cybercrime.

• In Norway a Bill on a new Criminal Law (2008-2009) has in § 202 introduced a provision on identity theft, using the term Identity Infringements that reads as follows:
  “With a fine or imprisonment not exceeding 2 years shall whoever be punished, that without authority possesses of a means of identity of another, or acts with the identity of another or with an identity that easily may be confused with the identity of another person, with the intent of
  a) procuring an economic benefit for oneself or for another person, or
  b) causing a loss of property or inconvenience to another person.”
  (unofficial translation)

February

• President Barack Obama has directed the National Security and Homeland Security Advisors to conduct a review of the plan, programs, and activities underway throughout the government dedicated to cyber security, including new regulations to combat cybercrime.

• US Vice President Joe Biden gave a presentation at the 45th Munich Conference on Security Policy on February 7. Among many issues he emphasized the need to tackle terrorism and cyber-security.

January

• The Kenya Communications (Amendment) Act (pdf) was passed by the Kenyan Parliament and signed into law by the President on January 2. The Act includes legislation on cybercrime in Sections 83 W-Z and 84 A- F on: unauthorized access to computer data, access with intent to commit offences, unauthorized access to and interception of computer service, unauthorized modification of computer material, damaging or denying access to computer system, unauthorized disclosure of passwords, unlawful possession of devices and data, electronic fraud, tampering with computer source documents, and publishing of obscene information in electronic form.

2008

December

• New legislation on spam has entered into force in Ireland, including fines up to 250.000 Euro, or ten percent of the offenders turnover.

• Cybercrime legislation has been adopted in India, amending the Information Technology Act, 2000 (No. 21 of 2000)

• Sri Lanka will soon be a signatory State to the Convention on Cybercrime

November

• Judge Stein Schjolberg was awarded a Silver Medal by the ITU Secretary General, Dr. Hamadoun I. Touré in Geneva on November 12. He was awarded the Silver Medal in recognition of his contribution as the Chairman of the global High Level Experts Group (HLEG) on cybersecurity.

Judge Schjolbergs Speech of Thanks to the Secretary General (pdf)

• At the ITU-Meeting on November 12 in Geneva, Judge Schjolberg made a proposal for a Geneva Protocol on Cybersecurity and Cybercrime (pdf):

"Cybersecurity and cybercrime, including massive and coordinated cyber attacks against countries critical information infrastructure, and terrorist misuse of the Internet, are of critical concern to the global society.

A global agreement or Protocol at the United Nations level should be established that includes developing and putting into action solutions aimed at addressing the global challenges. International Telecommunication union (ITU) in Geneva is uniquely positioned for developing a global agreement or protocol on cybersecurity and cybercrime. It may be then called the Geneva Protocol, since the importance to the global society is almost equally as important as the Kyoto Protocol. A Geneva Protocol may be a non-binding statement of mutual intentions."

October

• Amendments of the Computer Misuse Act in the United Kingdom came into force on October 1.
• In Gambia a draft Information and Communications Bill 2008, including computer misuse and cybercrime issues, has been introduced.
• The Economic Community of West African States (ECOWAS) has initiated drafting a report on a preceding meeting on regional guidelines on cybercrime.

September

August

• The United States Senate has passed a Bill on Cybercrime.
• A Computer Misuse Bill has been presented in Uganda.

July

• Azerbaijan to join the Convention on Cybercrime.

June

• Italy has ratified the Convention on Cybercrime on June 5.
• A review of Australian procedural laws is prepared in order to eventually accede to the Convention on Cybercrime.
• A new comprehensive OECD report calls for a strategy for a global partnership against malware (pdf. 1.6 mb).

May

• The government of New Zealand has outlined plans to make the country party to the Convention on Cybercrime by 2009.
• A Cybercrime Bill is being prepared in Algeria and may be submitted to the Parliamanet by the end of 2008.

April

• Russia has refused to sign the European Convention on Cyber Crime
• United Kingdom: Cybercrime legsilation approved by the Police and Justice Act, Section 35-38, has not yet been implemented.
• An Overview of the US Federal Computer Fraud and Abuse Statute and Related Federal Criminal Laws (PDF) is updated from The Congressional Research Service, a congressional support agency.

March

• The Senate (pdf) of the Italian Parliament has on February 27 approved and ratified the Convention on Cybercrime.

February

• The Ministry of Communications and Information Technology in Azerbaijan debates an initiative on acceding to the Convention on Cybercrime.
• A proposal in 2004 on amending the Penal Code in Japan, in order to ratify the Convention on Cybercrime, is still stalled in the Diet (Parliament).

January

• A statement on combating computer crime and identity theft (pdf) concerning the Privacy and Cybercrime Enforcement Act of 2007, has been presented before the US Congress.
• The President of Pakistan has promulgated the Electronic Crime Ordinance 2007.

2007

December

• In Botswana a Bill on Cybercrime and Computer Related Crimes has been presented to the National Assembly. The Bill will go for third reading in the near future before it is signed into a law.

November

• A new Bill S.2168, The Identity Theft Enforcement and Restitution Act of 2007 (pdf), has passed the U.S. Senate and been referred to the House of Representatives. Damage affecting ten or more protected computers, creating and operating a bot-network would now become a federal crime.

October

• The Secretary General of the International Telecommunication Union (ITU) in Geneva has launched an initiative on Global Cybersecurity and appointed a High-Level Experts Group in order to deliver strategic reports on five work areas, including legal measures such as the development of a model cybercrime legislation. A model cybercrime legislation that is globally applicable and interoperable with existing national and regional legislative measures.

September

• Estonia lawmakers are considering amendments to the penal code on cybercrime, including making cyber attacks an act of terrorism when committed with the same intent. In addition, adding to the penal code an article covering the preparation to commit cybercrime.

August

• Botswana will in shortly present a cybercrime bill to the Parliament.

July

• The Council of Europe Cybercrime Convention Committee (T-CY) has at a meeting on June 13-14 agreed that pin codes for electronic use were computer data when input into a computer device, and so covered by the definition of computer data under paragraph b of Article 1.

• US Department of Justice has submitted a Bill to Congress - the Identity Theft Enforcement and Restitution Act of 2007 - amending 18 U.S.C. § 1028 (a)(7) on Identity Theft
• The government of Uganda has prepared a proposal for new laws on cybercrime

June

• The Gulf Cooperation Council (GCC) has recommended that the members adopt a treaty on cybercrimes among the Gulf States.

May

• A new cybercrime law has been enacted in Thailand
• Germany has adopted new penal laws on cybercrime in Section 202a, 303a and 303b.
• European Union (EU) Commission will concider an initiative regarding legislation against identity theft in 2007: towards a general policy on the fight against cybercrime.
• Sri Lanka has enacted the Computer Crimes Bill

April

• A proposal in Indonesia suggests that the country should join the Council of Europe Convention on Cybercrime.

March

• In Thailand, a new draft of the Cybercrime Bill will be presented to the National Legislative Assembly.

February

• According to a draft amendment to the Penal Code in Sweden, denial of service attacks (DoS) will be made a criminal offence.
• Iceland has on January 29 ratified the Council of Europe Convention on Cybercrime.

January

• In Pakistan A Cybercrime Bill titled the Prevention of Electronic Crimes Bill 2006 has been adopted by the Federal Cabinet.

2006

December

• In India, a new Bill has been introduced to the Parliament, Lok Sabha, to amend the Information Technology Act of 2000. The Bill amends provisions on cybercrime in the Penal Code, the Evidence Act and the Criminal Procedure Code.

November

• United Kingdom: The Police and Justice Act 2006 Chapter 48 amend the Computer Misuse act, see Part 5 sections 35-38.

October

• Saudi Arabia has passed laws covering cybercrime. The Shoura Council has in October enacted provisions on illegal access, data interference, etc.
• On October 12 Armenia ratified the European Convention on Cybercrime and the Additional Protocol to the Convention on Cybercrime concerning the criminalisation of acts of a racist and xenophobic nature committed through computer system

September

• The government of Germany has on September 20 proposed a new draft law on cybercrime aiming to close any remaining loopholes.

August

• On August 3, the United States Senate ratified the Council of Europe Convention on Cybercrime. It will come into force on January 1 2007.

July

• United Kingdom: New amendments in the Police and Justice Bill

June

The Dutch Parliament enacted on May 31 new legislation on Cybercrime
In Bangladesh, a draft Bill on Information and Communication Technology has been introduced in the Parliament

May

• International Telecommunication Union (ITU) launched at a conference on Partnerships for Global Cybersecurity in Geneva May 15-16, the global portal Cybersecurity Gateway.

• East African countries coordinates cybercrimelaws and are planning on harmonizing legislation by the end of 2007.

April

• The Council of Europe Cybercrime Convention Committee (T-CY) has at a meeting on March 20-21, agreed that the definition of "computer systems" in Article 1.a. of the Convention includes:
  modern mobile telephones which are multifunctional and have among their functions the capacity to produce, process and transmit data, such as accessing the Internet, sending e-mail, transmitting attachments such as photographs, and downloading documents.
  Similarly it was recognized that personal digital assistants, with or without wireless functionality, also produce, process and transmit data.

March

• A joint legal initiative on cybercrime was held in Brunei, March 23, 2006, between Singapore, Malaysia and Brunei. New laws dealing with cybercrime are under serious consideration in Brunei
• Kuwait is ready to fight all kinds of cybercrime. A draft law is planned to incriminate all computer-related crimes.

February

• United Arabic Emirates (UAE) - Cyber-Crime Law No 2 has been issued by the President. (february 13, 2006)
  

January

• United Kingdom - Police and Justice Bill (119), Sections 33-36, introdused in the House of Commons. (january 25. 2006)
• France - Ratification of the Council of Europe Convention on Cybercrime. (january 10)

2005

• The Netherlands - A committee proposal for legislation on Computercriminaliteit introdused to First Chamber (Senate) (December 20)

• Norway - Ratification of the Council of Europe Convention on Cybercrime (November 4)

• Nigeria: - Computer security& critical information infrastructure protection bill 2005 (Sb254) has been introdused to the National Assembly

• Indonesia - The Electronic Transaction and Information Law was submitted to the House (July)

NEW!

Expert Papers on Cybercrime

• THE CHAIRMAN´S MODEL LAW FOR CYBERCRIME LEGISLATION, A Global Protocol on Cybersecurity and Cybercrime (pdf), Third Edition, Stein Schjolberg (June 2009)
• ITU Publication on Understanding Cybercrime: A Guide for Developing Countries (pdf) prepared by Dr. Marco Gercke;
  International Telecommunication Union (ITU), Geneva (May 2009)
• A Geneva Protocol on Cybersecurity and Cybercrime (pdf)- Second Edition
  Stein Schjolberg (March 2009)
• The History of Global Harmonization on Cybercrime Legislation - The Road to Geneva (pdf)
  Stein Schjolberg (December 2008)
• The Geneva Protocol (pdf)
  First Edition
  Stein Schjolberg (November 2008)
• The Global Strategic Report
  High Level Expert Group (HLEG) - ITU (November 2008)

Chairmans Report (pdf)
High Level Expert Group (HLEG) - ITU (September 2008)

• No.1/2007
  Terrorism in Cyberspace - Myth or reality?
  Stein Schjolberg (June 2007)

Supreme Court decisions around the world

Global Cyber-security Agenda (GCA)

ITU

Cybersecurity Gateway from ITU

The Donn B. Parker Papers

The archives of the pioneer in the field of computer crime

© 2003 - 2009.
All rights reserved