The fight against organized cybercrime groups is not easy due to complex procedures and challenges such as lack of evidence, international cooperation, difficulties with jurisdiction, and difficulties with identifying and extraditing suspects.
Cyber authorities often confront several procedural issues relating to investigating, prosecuting, and adjudicating cybercrime cases.
Some of the relevant procedural issues include jurisdictional issues; identification, tracing, freezing and seizure of assets and confiscation of proceeds of crime, the collection and use of electronic evidence (i.e., expedited preservation of data, production orders, real-time collection of communication traffic data and interception of content data); and various forms of international cooperation (i.e., extradition, mutual legal assistance, law enforcement cooperation and joint investigations).
1. Jurisdiction
The jurisdiction provides countries with the power to define and preserve the duties and rights of people within their territory, enforce laws and punish law violations. Countries also claim jurisdiction over crimes committed within their territory when the crimes impact the interests and security of the country. Laws are implemented to establish mechanisms to resolve jurisdictional issues when multiple jurisdictional claims are made over cybercrimes.
For instance, article 15 of Organized Crime Convention establishes clear guidance on exercising jurisdiction under several conditions. Similar conditions are included in other international laws, such as the United Nations Convention against Corruption and the United Nations Convention against Illicit Traffic in Narcotic Drugs and Psychotropic Substances of 1988.
Countries also establish jurisdiction over cybercrimes in national law. For example, Botswana can assert jurisdiction over a cybercrime committed in its territory or part of its territory; when the cybercrime involves one of its nationals outside of its territory if the national’s conduct would constitute an offense under the law of the country where the offense was committed and if the person has not been prosecuted for the offense in that country; when the offense was committed on a ship or aircraft registered in Botswana; and if the offense was committed outside of its territory but had an impact on Botswana. In short, the laws and conditions regarding the jurisdiction pose challenges while investigating organized cybercrimes involving different nationals.
2. Identification, tracing, freezing, or seizure of assets and confiscation of proceeds
To prevent offenders from profiting from transnational organized crime, the freezing or seizure of assets (e.g., cash, movables such as automobiles, boats, aircraft, businesses, and shares) and confiscating the proceeds of the crime are essential.
In the Phantom Secure case, the company’s founder and CEO was sentenced to nine years in prison and supervised release for his crimes, as well as being ordered to forfeit US$ 80 million in proceeds of crime and other identified assets (funds held in international bank accounts, a luxury automobile, real estate, virtual currencies, including cryptocurrencies and gold coins). Domain names, technological devices (such as cellphones, computers, and SIM cards), firearms, and other property have all been forfeited. The confiscation of criminal proceeds is intended to deter transnational organized crime by removing the motivation to commit it.
Article 12 of the Organized Crime Convention requires States parties to the Convention to establish measures to enable the confiscation of criminal proceeds and any “property, equipment or other instrumentalities used in or destined for use in offenses.”
The recommendations of the Financial Action Task Force serve as a framework of measures that facilitate international cooperation on matters relating to criminal assets and proceeds, which authorities can implement in their own countries according to their national laws.
The Stolen Asset Recovery Initiative, developed by the World Bank and the United Nations Office on Drugs and Crime, also guides dealing with criminal proceeds. The recommendations, guidance, and initiative lay out the steps that must be taken to investigate and prosecute transnational organized crime and identify and seize the proceeds of such crime.
The Organized Crime Convention requires States to take the steps necessary to empower competent authorities to order the release or seizure of bank, financial, or commercial records to identify, freeze, and eventually confiscate the proceeds of organized crime. States are also required to respond to requests for the identification, tracing, freezing, or seizure of such proceeds under the Convention. Furthermore, the Convention lays out the steps that must be taken to confiscate such proceeds. Mutual legal assistance may be sought to obtain evidence and information relating to the identification, tracing, freezing, seizure, and confiscation of proceeds of crime.
The freezing or seizure of value- or property-based assets that have been identified as being directly or indirectly derived from transnational organized crime and the confiscation of such crime’s proceeds is a difficult process. The variation in national laws, methods, and approaches used by countries to identify, trace, freeze, or seize assets and the conditions for confiscating the proceeds of crime contribute to the complexity.
The authorities that can issue freezing or seizure orders and the criteria and conditions that must be met for those orders to be issued differ from country to country. There are also differences between countries regarding data protection and controls over the disclosure of personal and financial information related to criminal identification, assets, and proceeds of crime.