he lack of an international agreement on cybercrime
and terrorism is thwarting efforts to bring terrorists to justice, said
a report released this week by the United Nations Office on Drugs and
Crime (UNODC).
Nations should consider a
universal agreement requiring countries to cooperate with each other
during cybercrime and cyberterrorism investigations, the report said.
The absence of such an agreement "is an impediment to effective
international cooperation in some terrorism-related investigations and
prosecutions," the report said. An agreement should impose "specific obligations" on nations, the report said.
[ Get the latest IT news on the Australian government and businesses in Computerworld's Business & Government newsletter ]
The report, focused on cyberterrorism, said
terrorist groups are using the Internet to distribute propaganda to
recruit members and to incite violence, the report said. The Internet
"makes it easy for an individual to communicate with relative anonymity,
quickly and effectively across borders, to an almost limitless
audience," the report said.
The report is
designed to provide practical guidance for the investigation and
prosecution of Internet terrorism cases, said NODC Executive Director
Yury Fedotov.
"Just as Internet use among
regular, lawful citizens has increased in the past few years, terrorist
organizations also make extensive use of this indispensable global
network for many different purposes," he said in a statement.
Several cybersecurity groups and experts contacted about the report said they either weren't aware of it or hadn't reviewed it.
But Jim Dempsey, vice president for public policy at the Center for Democracy and Technology, called the report "one-sided."
The report "gives very little attention to the negative impact on
privacy, free speech and other rights that can arise from the misuse of
cybercrime and cyberterrorism powers," he said in an email. "The report
selectively surveys the world's laws, tending to pick the more draconian
and intrusive provisions from any given country, without providing any
context, either as to how the more democratic countries limit these laws
with judicial controls and oversight or how these laws are misused to
limit dissent in less democratic countries."
Dempsey called the report disappointing in "how little attention it
gives to human rights." Government officials should not use the report
as a "reliable guide" on efforts to fight cyberterrorism, he added.
Much of the 158-page report describes established practices for
fighting cyberterrorism in the U.S., U.K. and other countries that have
successfully prosecuted such cases. But the report includes several
recommendations.
Law enforcement agencies
should work with Internet service providers to collect "key evidence" in
cyberterrorism cases, the report recommended. "While some countries,
such as Egypt, have implemented legislation requiring ISPs [Internet
service providers] to identify users before allowing them Internet
access, similar measures may be undertaken by ISPs on a voluntary
basis," the report said.
Operators of Wi-Fi
networks and cybercafés should consider requiring users to register and
identify themselves, the report recommended.
The U.N. report also recommends governments put policies in place,
including outlawing terrorist activity online and regulating ISPs. The
report didn't recommend specific policies in some areas, although it
noted that efforts to impose monitoring requirements on Internet cafés
in some countries may not be useful if terrorists continue to have
access to other forms of public Internet access, including airport and
library Wi-Fi hotspots.
In addition,
governments should maintain human rights protections, the report said.
"The issue of the extent to which governments should regulate
terrorism-related content on the Internet is problematic, requiring the
balancing of law enforcement and human rights considerations," the
report said.