Practical Guide of the Risks of CYBERCRIME against

advertisement
CybercriminaliteEngl
1/03/12
14:39
Page 1
Practical Guide of the Risks of
CYBERCRIME
against Children
Dr. Laila KJIRI
Professor at the National Higher School of Computing
and Analysis of Systems - ENSIAS-,
at Mohammed V University, Souissi, Rabat
Publications of the Islamic Educational, Scientific and Cultural Organization
-ISESCO- 1433H/2012A.D.
CybercriminaliteEngl
1/03/12
14:39
Page 2
Legal number: 2012MO0741
ISBN: 978-9981-26-546-2
Photocomposition, Typesetting
and Printing: ISESCO, Rabat Kingdom of Morocco
CybercriminaliteEngl
1/03/12
14:39
Page 3
CybercriminaliteEngl
1/03/12
14:39
Page 4
CybercriminaliteEngl
1/03/12
14:39
Page 5
CONTENT
PREFACE
FOREWORD
DEFINITION OF CYBERCRIME AGAINST
CHILDREN
INTRODUCTION
CHAPITER 1
IDENTIFIED RISKS AND PROPOSED SOLUTIONS
CATEGORY 1
Inappropriate, shocking or traumatizing contents
9
11
13
15
17
a. On-line sexual solicitation and seduction
b. Internet and sex tourism
c. Violent network games
d. Erotic or pornographic contents
e. Child pornography
f. Cyber terrorism
19
20
21
22
23
24
a. Intimidation
b. Threats and insults
c. Identity Theft
d. Harassment
e. Frauds and scams
25
26
27
28
29
a. Incitement to hatred, racism, xenophobia and Islamophobia
b. Incitement to anorexia, mutilation, death and suicide
c. Child trafficking online
30
31
32
a. Open and non-moderate dialog
b. Linguistic deformation and emoticons
c. Use of pseudonyms and avatars
d. Non-respect of intellectual property by downloading
e. Addiction to the Internet
f. Smart telephones
33
34
35
36
37
38
CATEGORY 2
Traditional offenses amplified by cyberspace
CATEGORY 3
“Digital” offenses
CATEGORY 4
New acquired deviant behaviors
5
CybercriminaliteEngl
1/03/12
14:39
Page 6
CATEGORY 5
Technical threats: hackers and spams
a. Hackers
b. Virus
c. Computer worms
d. Trojan horses
e. Spam
f. Fraud by phishinge
g. Cookie files
CHAPTER 2
6
CHALLENGES FOR HEALTH AND PROTECTION:
ROLE OF TECHNOLOGY AND EDUCATORS
1. Children and cybercrime
2. Impacts on youngsters' health
a. Absence of othernes
b. Internet, as an indicator of malaise
c. Modified sense of time
d. Anonymity which promotes running away from home
e. Addictive behaviors
3. Some technical and technological tools for the protection of the
child against cybercrime threats
a. Filtering and parental control software
b. Changing technological environment
4. Role of educators
CHAPTER 3
INTERNATIONAL AND REGIONAL APPROACHES TO
CHILD PROTECTION
1. Approaches to child protection
a. International Telecommunication Union (ITU)
b. Group of Eight (G8)
c. United Nations
d. Council of Europe
e. European Union
f. Organization for Economic Co-operation and Development
(OECD)
g. Asia-Pacific Economic Cooperation (APEC)
h. Commonwealth of Independent States
39
40
41
42
43
44
45
47
49
49
49
50
50
50
50
51
51
52
53
55
57
57
58
59
61
63
64
65
66
CybercriminaliteEngl
1/03/12
14:39
Page 7
i. Arab League and Gulf Cooperation Council (GCC)
j. Organization of American States (OAS)
k. United Nations Educational, Scientific and Cultural
Organization (UNESCO)
l. Islamic Educational, Scientific and Cultural Organization
(ISESCO)
RECOMMENDATIONS
BIBLIOGRAPHY
67
67
68
69
73
75
7
CybercriminaliteEngl
1/03/12
14:39
Page 8
CybercriminaliteEngl
1/03/12
14:39
Page 9
PREFACE
In the era of information society, the Internet has expanded and is
increasingly gaining influence worldwide. Indeed, new information
technologies exert undeniable attraction on people, particularly children,
who increasingly spend time in front of their computers. Recent progress
in such technologies and their user-friendliness encourage everyone to
exploit them on a daily basis. The Internet has become a tool adapted to
various and varied uses such as publishing, education, trade, social
networks, electronic messaging, media, as well as other activities of
individuals and communities.
Tunis Commitment in 2005, resulting from the second phase of the World
Summit on the Information Society (WSIS), recognized the need for
protecting children and ensuring the defense of their rights in the field of
ICT, in conformity with the International Convention on the Rights of the
Child. To do so, International Telecommunications Union (ITU), within
the framework of the Tunis Agenda for the Information Society, was
mandated by WSIS to coordinate the action of the international
community in order to ensure the implementation of action line C5,
namely: “Building confidence and security in the use of ICTs”. Hence in
2008-2009, ITU launched, among other activities, the initiative of Child
Online Protection (COP), inviting all stakeholders to support the
establishment of policies and strategies to ensure the protection of children
in cyberspace. In addition, the Third World Congress against Sexual
Exploitation of Children and Teenagers (Brazil, 2008) recommended
developing guides for the benefit of children, educators, parents and the
family to deal with the risks and threats of the Internet used for the wrong
purposes.
Having actively participated in the WSIS process (2003-2005), ISESCO
developed the “Strategy for the Development of Information and
Communication Technologies in the Islamic World”, adopted by the 5th
Islamic Conference of the Ministers of Culture in 2007. For its
implementation, ISESCO attached paramount interest to the issues of e-
9
CybercriminaliteEngl
1/03/12
14:39
Page 10
learning, cyber science, cultural and linguistic diversity etc, within its scope
of competence, as well as the capacity building of Member States.
Moreover, while recognizing the media-related, scientific and economic
utility of ICTs, ISESCO reaffirms the need for preventing the missteps
related to certain illegal criminal uses of ICT. On this basis, within the
framework of its Action Plan 2010-2012, the Organization granted priority
interest to the programs and activities aiming at highlighting the ethical
and cultural dimensions of ICT in the Islamic world, particularly through
sensitizing the officers in charge, content providers, professionals and users,
including therein the technical difficulties which prevent setting up an
effective and efficient control in the area of cybercrime.
Within this framework, ISESCO supported the efforts made by Member
States in order to control the ethical and cultural dimensions of ICT
contents and to sensitize parents, educators and decision makers to the
repressive measures and criminal sanctions resulting from their illegal uses.
Given the increasingly growing number of children using the Internet in
Member States, there is an increasing fear that this social category would
be a victim of cybercrime as well as various forms of moral and behavioral
deviation. Likewise, children can be victims of pernicious ideas and
campaigns of indoctrination conducted by extremist bodies, which aim at
destabilizing societies and hinder their development.
In view of the responsibility which it assumes in the coordination of the
common Islamic action in several fields, including that of ICT, and
convinced of the need for preparing a reference document likely to help
to sensitize children to the ethical, cultural and criminal issues inherent in
the use of the Internet, ISESCO has developed this guide as a contribution
to COP initiative.
ISESCO praises the remarkable work accomplished by the author of this
guide, Dr. Laila Kjiri, Professor at the National Higher School of
Computing and Analysis of Systems - ENSIAS-, at Mohammed V
University, Souissi, Rabat. We wish that this guide will be useful for
children, parents and educators of the world.
May Allah crown our efforts with success for the benefit of the Islamic
Ummah and humanity at large.
.
Dr Abdulaziz Othman Altwaijri
Director General of ISESCO
CybercriminaliteEngl
1/03/12
14:39
Page 11
FOREWORD
In the virtual world of the Internet, children are particularly vulnerable
and can relate to adults who seek to establish friendly relations with them,
by getting in touch on platforms, forums, social networks or online games,
sometimes with a view to perpetrating sexual abuses, frauds, scams, etc.
This guide purports to help the educators interested in understanding the
aspects of using the net by children and contributing to the awarenessraising and protection of the latter. Hence, the guide aims to assist
educators to better understand the effects of the significant increase of
cyber-threats, at the national and international levels.
The major goal of this guide is to sensitize educators and children to the
risks and threats of the uncontrolled use of the Internet.
This guide would not replace the services of the communication specialists
of the country concerned. Moreover, habits and local culture have a major
impact on the style of drafting and promoting awareness-raising messages
in various countries. Consequently, this guide has been limited to the basic
components which would apply to the entire world in general and to the
Islamic world in particular.
The denominations used in this guide do not imply the expression of any
opinion concerning the legal status of any individual country.
11
CybercriminaliteEngl
1/03/12
14:39
Page 12
CybercriminaliteEngl
1/03/12
14:39
Page 13
DEFINITION OF CYBERCRIME
AGAINST CHILDREN
Criminality is defined by the entire set of the infringements of the law. Such
infringements can be against people (homicide, criminal negligence, etc),
against property (theft, arson, etc) or others (hit-and-run offense, possession
of weapons, prostitution, etc). The prevention of these violations is
conducted by the police services as well as the judicial and penitentiary
systems.
Cybercrime is often defined as the crime having the computer as the major
object or instrument of perpetration [2]. There are two main categories of
cyber-crimes::
• The first category is where the computer is the object of the crime.
This cyber crime consists of specific crimes, targeting computers
and networks. These are new criminal acts expressly dependant on
computing technology and the Internet, such as hacking or the illicit
use of computing systems, the disfiguration of web sites or the
creation and malicious dissemination of computer viruses..
• The second is where the computer is the instrument of perpetration.
It includes the crimes that law enforcing agencies have fought in the
real world, but should increasingly fight in the virtual world of the
Internet, such as child pornography, criminal harassment, fraud,
violation of intellectual property as well as the sale of illegal
substances and products. .
The anonymity of cyberspace and ease of contact, allowed by the Internet,
offer youngsters a disinhibiting feeling of freedom which can put them in
danger. 12 - 18 year-olds constitute the most vulnerable age group.
The phenomenon of group discussions or chats, now quite widespread,
whose dialogs are generally not moderated by access suppliers, also involves
13
CybercriminaliteEngl
1/03/12
14:39
Page 14
serious risks with regard to children. The exchange of content or files,
without any control, can be an easy way to establish contact for the
continuation of dialog, on line and outside the group. These practices are
gaining ground among children and teenagers.
The exposure of children to pornographic or child-pornographic contents,
images, photographs and videos, constitutes a new form of sexual violence.
All risks should be recognized, understood and fought.
The terms “cybercrime”, “computer crimes”, “computer-based crimes”,
“technological crimes”, and “Internet criminality” are often interchangeable..
14
CybercriminaliteEngl
1/03/12
14:39
Page 15
INTRODUCTION
The Internet has become an invaluable tool for governments, companies
and private individuals. Public authorities and associations, in different
countries, have developed various programs and tools to sensitize the
public to the dangers of the Internet.
Families increasingly have access to the Internet. Used with caution,
cyberspace is a fantastic tool of communication and information. However,
surfing in cyberspace also involves risks. At primary school, children are
familiarized with the Internet without being aware of the risks to which
they are exposed. Digital events are constantly and increasingly reported in
all media worldwide.
It is also important to understand that nowadays practically all the crimes
known as “traditional” can be committed using technology. The victims
of these cybercrimes should understand that they have the same legal
remedies as if the misdemeanor took place without technology, provided
that their country is endowed with an appropriate legal arsenal.
While surfing on the Internet by younger children poses a number of issues
as to their support, even their protection, teenagers' surfing can also depend
on youngsters' relationship with their families and educators, so as to deliver
a solution to the desire for emancipation characterizing this period of life.
Protecting the child increasingly requires a good knowledge of the potential
of the highly interconnected tools to understand not only the possible uses
and nature of authorized contacts, but also potential intrusions. In addition,
it is now a question of integrating, in child protection on the Internet, a
necessary media education, not only for children themselves, but parents
and educators as well. This would be conducted by describing the relevant
risks, particularly those facing children, teenagers and even adults, especially
within the framework of their educational responsibility and parental
authority.
15
CybercriminaliteEngl
1/03/12
14:39
Page 16
Why a guide?
Parents, legal guardians and educators should be involved in children's
online world. Children need adults' support and assistance, for them to
develop a sense of judgment and critical thinking so as to deal with various
situations, information and people that they may encounter on the Internet.
These are the reasons behind the choice of the development of this
“Practical Guide of the Risks of Cybercrime against Children”.
Who is it for?
This guide is intended for educators in general, and more particularly the
educators of secondary and high school, both public and private, who wish
to obtain concrete and accessible answers to the questions that they can
have while observing the use of the Internet by teenagers. This guide offers
a summary and classification of digital risks and makes it possible for
educators to better understand the crucial role which they can play in the
prevention of such risks.
It is also intended for teenagers, who often master the Internet tool, but are
not usually sensitized to the risks to which they are exposed in its
uncontrolled use. Teenagers should be made aware of their civic
responsibility and the ethical dimension which they should consider while
surfing and publishing information on the Web.
16
How is it structured?
This document is divided into three chapters.
The first chapter, presented in the form of cards, is devoted to both
identified risks and suggested solutions. It distinguishes five categories of
risk involved in cyber-crime. For each risk a card is presented including a
definition of recognized use, a brief description of the process leading to
the risk, background information, some proposed solutions, moral, physical
or other consequences on the teenager, some good practices to face the risk
and, finally, a key point to keep in mind.
The second chapter outlines some impacts of the uncontrolled use of the
Internet on children's health as well as some technical and technological
tools for their protection against the threats of cyber-crime.
The third chapter summarizes, based on some bibliographical references,
the approaches of some international and regional organizations as regards
the fight against cybercrime.
CybercriminaliteEngl
1/03/12
14:39
Page 17
CHAPTER 1
IDENTIFIED RISKS AND
PROPOSED SOLUTIONS
CybercriminaliteEngl
1/03/12
14:39
Page 18
CybercriminaliteEngl
1/03/12
14:39
Page 19
a. On-line sexual solicitation and seduction
Definition:
CATEGORY 1
Inappropriate, shocking or traumatizing contents
Teenagers may receive a sex-related invitation on the web with the risk of
meeting a pedophile. The 15-18 year olds constitute a particularly
vulnerable age group because teenagers are sensitive to the way they are
treated by others; they are easily involved in seduction relationships and
they easily take outdoors dates, without their parents.
Brief description:
Sexual predators have highly refined their tactics in order to obtain what
they want from their victims. To this end, they first develop a relationship
of trust with youngsters. The teens seek to know more about sex, looking
for romance and love; and this is often what these people promise them to
provide. Then, predators use sex-related images or information to force
teenagers to have sexual relationships by threatening to inform their parents.
Background information:
• To be asked to pose in front of a camera;
• To be asked to provide photographs where one is naked or simulating
sex acts;
• Two groups of youngsters are particularly vulnerable to the requests of
sexual predators: those who have already been sexually assaulted or those
who are in conflict with their parents.
Consequences when the teenager is victim:
• Frustration and incapacity to overcome such feeling;
• Emotional manipulation for solicitation to have sexual relationships.
What should be done?
• To tackle the questions of personal security and sexual exploitation with the
child;
• To inform the child that these videos and photographs can remain online
for life, potentially involving personal consequences immediately and
professional ones later;
• To teach children to develop and preserve their intimacy.
Key points to bear in mind:
• A situation which starts online continues offline.
• A situation which starts offline continues online.
19
CybercriminaliteEngl
1/03/12
14:39
Page 20
b. Internet and sex tourism
20
CATEGORY 1
Inappropriate, shocking or traumatizing contents
Definition:
Sex tourism involving children is the commercial sexual exploitation of
children by one or more people travelling outside their province, region or
country. Sex tourists can be nationals of the same country or a foreign
country. Sex tourism constitutes an interaction between the tourist sector
and sex industry. The latter directly promotes the sale of children, child
prostitution and child pornography. This hidden and informal form of
promotion of tourism is more difficult to eradicate.
Brief description:
They are “simple” tourists, seeking adventure, with strong feelings, who
go abroad to satisfy their desires, their sexual fantasies, taking up practices
that are new or not tolerated in their country of origin (voyeurism,
exhibitionism). Distinction should be made between the occasional tourists
benefiting from being alone, unknown or simply having an opportunity to
establish this kind of relations, and the assiduous tourists who travel with
the sole purpose of having sex with locals.
Background information:
• Predators sometimes seek not only sex but also power and domination;
• Tour operators specialized in the promotion and sale of holidays
indirectly praise the promises and potential of certain tourist destinations
as regards sex;
• Girls are particularly vulnerable;
• The population is poor (sex is often a source of income);
• Invitations to serve as a tourist guide, or to work in a restaurant.
Consequences when the teenager is victim:
• Hypersexuality maintained by media obsessed by sexual violence;
• Suffering conducive to serious emotional, psychological and physical
repercussions;
• Treatment of the teenager as a sex object and as a commercial object.
What should be done?
• To establish information and prevention measures (sexually transmitted
diseases, AIDS, sexual deviance, etc);
• To raise awareness that sex tourism extends at the rate of the increase in
mobility.
Key points to bear in mind:
• The amateurs of sex tourism are not only people having “deviant” sexual
practices under normal conditions.
• They cross the borders; they cross the limits…
CybercriminaliteEngl
1/03/12
14:39
Page 21
c. Violent network games
Definition :
CATEGORY 1
Inappropriate, shocking or traumatizing contents
Unlike video games, whose space is limited to a specific time, the world of
network games is infinite in terms of time. The players live permanently
with one another within the game and, somehow, even when they are
disconnected, since their characters and installations continue to operate
and can be attacked while they are not there.
Brief description:
Youngsters can be trapped in the cycle of cyber-dependence by means of
network games. Hence, unlike console games, the player no longer controls
time because the game is endless, no longer related to the “on-off ” button
of the game console, but indefinitely prolonged thanks to the players who
get connected worldwide, according to their own time zone. The players,
after their exposure to violent games, often become more aggressive and
excited. They perceive the world in a more alarming fashion. They are
desensitized to violence and develop aggressive physical as well as verbal
behaviors.
Background information:
Game which allows the following:
• destruction of virtual humans by a click of the mouse;
• simulation of suicide bombing;
• progress towards an increasingly violent state, by shooting more
quickly and increasing the number of “victims”; the player is often
rewarded by scores and bonuses.
Consequences when the teenager is victim:
• Modification of the player's behavior;
• Non distinction between game and reality and instigation of interdependence;
• Promoting the social acceptance of dangerous behavior.
What should be done?
•
•
•
•
To ensure the implementation of age verification systems;
To provide teenagers with physical leisure;
To inculcate and insist on value judgments;
To more closely supervise the individuals at risk, who already show
addictive behavior and psychiatric pathologies..
Key point to bear in mind:
• The user acts. He is not passive as it is the case when watching a
film.
21
CybercriminaliteEngl
1/03/12
14:39
Page 22
d. Erotic or pornographic contents
22
CATEGORY 1
Inappropriate, shocking or traumatizing contents
Definition :
Most of sex-related content, encountered on the Internet, is misleading
and upsetting. It sometimes presents scenes of violence and dehumanizes
individuals in sexual scenes. Sometimes these images trigger strong but
false ideas about the characteristics of healthy sexuality. They often
undermine the concepts of intimacy or depth in personal relations and
rather promote sexuality stripped of any emotional dimension.
Brief description:
These images, with erotic content, can be the cause of stress in certain
children, whereas others never think twice about them. They sometimes
expose children to novel ideas which could influence their values and their
concept of healthy sexuality.
Background information:
• To come across erotic images;
• To communicate and exchange pornographic contents.
Consequences when the teenager is victim:
• Increasingly seeking erotic material to satisfy their curiosity;
• Access to pornographic contents which can have undesirable effects on
their development;
• Change of their expectations with respect to the intimacy of appearance
and behavior;
• Trivialization of dangerous sexual behaviors.
What should be done?
• To activate content filtering on the available search engines;
• To sensitize children to the threats to their health (sexually transmitted
diseases, exploitation);
• To explain that the media project a false image of intimacy.
Key point to bear in mind:
• If children are sometimes unable to interpret information, they may
preserve it in memory, and it comes back to their minds throughout their
growth.
CybercriminaliteEngl
1/03/12
14:39
Page 23
e. Child pornography
Definition :
CATEGORY 1
Inappropriate, shocking or traumatizing contents
Child pornography is any representation, by whatever means, of a child
engaged in explicit, real or simulated sexual activities, or any representation
of the sexual organs of a child, for mainly sexual purposes.
Brief description:
The pornography, putting in scene children, is unanimously condemned and
much consider that the infringements which are related to it are criminal acts.
The child pornography encourages the sexual assault against a child and is
often used to force children to have a sexual activity.
Background information:
• Dissemination of inappropriate issues or observations on sexuality;
• Production of child pornography for publication purposes;
• Use of special effects provided by some software programs to transform
adult images so that they seem to represent children, or even create
“virtual” children.
Consequences when the teenager is victim:
• Incitement to erotic behaviors;
• Accelerating “sexualization” of children;
• Influence on the values of children, their concept and behaviors with
regard to sexuality.
What should be done?
• To sensitize teenagers to the risk of harmful effect on their normal sexual
development.
Key point to bear in mind:
• Child pornography is never accidental. It results from a deliberate and
intentional criminal act.
23
CybercriminaliteEngl
1/03/12
14:39
Page 24
f. Cyber-terrorism
24
CATEGORY 1
Inappropriate, shocking or traumatizing contents
Definition :
Cyber-terrorism is generally defined as the premeditated use of disturbing
activities or threats against computers and/or networks, with the intention
to cause social, ideological, religious and political harm or other objectives.
Individuals or groups can use the anonymity offered by cyberspace to
threaten citizens, specific groups (i.e. with a specific ethnic or religious
background), communities and entire countries.
Brief description:
Cyber-terrorists are in general sub-groups of traditional terrorist groups.
These sub-groups may be unstructured and made up of few individuals,
working without particular organization, with few resources, little
preparation, competence and strategy; or quite to the contrary may be
perfectly organized, with significant resources and a precise definition of
their targets and tactic. Cyber-terrorism is a condemnable gratuitous act
which harms others and can victimize the perpetrator himself.
Background information:
• Use of a radical discourse;
• Use of extremist ideologies;
• Transmission of an email disseminating video clips and instructions on
how to manufacture bombs;
• Proliferation of images of hostage execution.
Consequences when the teenager is victim:
• Negative influence;
• Indoctrination;
• Training future terrorists or cyber-terrorists.
What should be done?
• To maintain a high level of vigilance;
• To explain what terrorism is and condemn it;
• To disseminate the culture of peace.
Key point to bear in mind:
• Cyber-terrorism was sometimes described as terrorism without death;
however, this could escalate by taking action.
CybercriminaliteEngl
1/03/12
14:39
Page 25
a. Intimidation
Definition :
CATEGORY 2
Traditional offenses amplified by cyberspace
Intimidation is an intentional aggressive behavior, repeated in time and
involving an imbalance of power or force which can cause psychologically
continuous fear. It is intimidation when somebody does not stop doing or
saying things to gain advantage over another person or using their capacity
and authority to influence others in a prejudicial fashion.
Synonyms: Blackmail, pressure.
Brief description:
Cyber-intimidation occurs when children or teenagers intimidate each other
using the Internet, mobile phones or other cyber-technologies.
Background information:
• Sending malicious SMS, e-mails or instant messaging;
• Publishing indecent images or messages about other people in blogs or
websites;
• The use of quiet calls, coarse messages spoken or threats about
blackmail.
Consequences when the teenager is victim:
• To feel humiliated and depressed;
• To be afraid, feeling insecure;
• To have difficulty concentrating on school work.
What should be done?
• To convince the teenager to ask for assistance from his/her friends;
• To convince the teenager to ask for the assistance from his/her parents
or an adult whom they trust;
• To encourage teenagers to have self-confidence and to remember their
strengths.
Key point to bear in mind:
• Intimidation: Let's talk about it; it is a question of security.
25
CybercriminaliteEngl
1/03/12
14:39
Page 26
b. Threats and Insults
CATEGORY 2
Traditional offenses amplified by cyberspace
Definition :
26
Threats and insults can be initiated through psychological means, by an
adult or peer, known or unknown to the targeted child. This can take
various forms: threats or insults sent via e-mails or instant messaging. This
interaction can lead, and has in fact led, to threats or real violence in
physical premises.
Synonyms: Dirty word, swearword
Brief description:
In cases of traditional intimidation, the echoed rumors do not go beyond
the relatively restricted circle of the pupils of an institution, whereas on the
Internet, the potential audience of such acts is almost unlimited. Moreover,
it is much more difficult to write off defamatory information, which will
remain on line for an indefinite duration. Personal pages and blogs are
vehicles of rumors sometimes targeting classmates and teachers. Certain
young internet users take action and create situations which they would
not have considered in other community settings or write online things
that they would never have stated in face-to-face situations.
Background information:
• Propagation of false rumors (sexual connections or orientations);
• Posting on YouTube a video recording, conducted without the knowledge
of the teenager;
• Threats, insults, depredations, serious contempt of gender;
• Publication of photographs of pupils with insulting or defamatory captions;
• Claiming the death of a youngster.
Consequences when the teenager is victim:
•
•
•
•
Depression, anger or low self-esteem;
Mental damage;
School failure;
Committing suicide because of the incapacity to bear propagated awful
comments.
What should be done?
• Not to answer emails of threats, not to open the files attached to such
emails;
• To preserve the emails as evidence: soft or hard copies;
• To leave the Internet environment when the situation gets problematic;
• To seek help from the police force, or a lawyer to file a complaint.
Key point to bear in mind:
• Teenage girls are the first instigators and victims of threats, often
following problems among classmates.
CybercriminaliteEngl
1/03/12
14:39
Page 27
c. Identity theft
Definition :
CATEGORY 2
Traditional offenses amplified by cyberspace
Identity theft corresponds to the temporary or permanent stealing of the
identity of an existing person, through the ownership of the identifiers of
the latter, which may constitute an offense. Identity theft means taking the
identity of a person in order to use their rights. The usurper can, for
example, pirate bank accounts, negotiate a loan, breach traffic regulations,
have access to social security benefits, marry or sign a work contract.
Synonyms: Identity usurpation
Brief description:
Identity theft is deliberately taking the identity of another person, without
their consent, often with the intention of conducting a fraudulent action.
The victims are often surprised, when they go to meet them in person, to
realize that somebody lied to them presenting himself on the Internet
under a false identity.
With the advent of New Information and Communication Technologies,
it is increasingly easy to have access to personal information on the
Internet. Several search tools have been developed over time, which helps
an ill-intentioned individual to find other information on the Internet users.
Background information:
• Timid or unpopular children at school are often tempted to invent a new
identity in virtual communities
Consequences when the teenager is victim:
• Violation of their private life.
What should be done?
• To teach the child the importance of respecting personal information
of his/her friends and upholding trustworthiness;
• To convince the child to protect and safeguard his/her personal
information, refusing to share them with just anyone.
Key point to bear in mind:
• The most vulnerable teens are those who give too many pieces of
personal information on their social network account, for example.
27
CybercriminaliteEngl
1/03/12
14:39
Page 28
d. Harassment
CATEGORY 2
Traditional offenses amplified by cyberspace
Definition :
28
Harassment is any abusive conduct shown through behaviors, words, acts,
gestures, or writings that may harm the personality, dignity or physical or
psychological integrity of a person.
Synonyms: Bullying
Brief description:
Digital harassment relates to the harassment which takes place on electronic
platforms. The harassment and behaviors of similar nature are associated
with the behaviors of predators on line and pedophiles, and can be
associated with criminal harassment. This interaction can lead, as it does in
practice, to threats or real violence in physical premises. By means of cyberharassment, young stalkers can continue their misdeeds outside the school,
either anonymously or not.
Background information:
• Intimidation which drives the child to develop a feeling of insecurity;
• Repeated use of electronic messages to make children feel that they
themselves or a member of their families are threatened;
• Persistence with irritating, threatening and intimidating behavior.
Consequences when the teenager is victim:
• Feeling of discomfort and irritation that may develop into depression;
• Destabilizing anxiety.
What should be done?
• To build self-confidence in the child.
Key point to bear in mind:
• The fact that the teen does not see or know the one who bullies him/her
does not make the experience less traumatizing for the teenager.
CybercriminaliteEngl
1/03/12
14:39
Page 29
e. Frauds and scams
Definition :
CATEGORY 2
Traditional offenses amplified by cyberspace
Fraud is misleading a natural or legal person, either by the use of a false
name or false capacity, by the abuse a bona fide capacity, or by the use of
fraudulent acts.
Brief description:
Fraud of all kinds, based on hoaxes, regularly circulate on the net. Some are
really unacceptable such as those which ask for donating blood or body
organs in emergency.
Background information:
• Fraud of classified ads;
• Announcement of winning a large amount of money;
• Fraud as to heritage;
• Scam particularly with respect to young girls who wish to go abroad or to
get married to foreigners.
Consequences when the teenager is victim:
• Loss of self-confidence;
What should be done?
• Never trust messages announcing you as winner;
• Never send money to an unknown person via a money transfer operator.
Key point to bear in mind:
• I have no chance of winning; and even when I play, I have little chance
of winning.
29
CybercriminaliteEngl
1/03/12
14:39
Page 30
CATEGORY 3
«Digital» offenses»
a. Incitement to hatred, racism, xenophobia and
Islamophobia
Definition :
The incitement to hatred is a threat to commit, by means of a computing
system, a serious offense against a person because of their membership to a
group based on race, color, ancestry, national or ethnic origin, or religion.
The racist or xenophobic texts witness various degrees of complexity, ranging
from explicit insult to the most subtle rhetoric.
Brief description:
Teenagers can be exposed to requests such as the incitement to hatred,
racism, xenophobia, anti-Semitism or Islamophobia. The instrumentalization
of youngsters and sectarian mental manipulation also constitute Internetborne risks. One of the aspects of xenophobia is the rise of Islamophobia
and the worsening situation of Arab and Muslim minorities in the world.
Background information:
30
• Propaganda of radical groups;
• Dissemination of racist on xenophobic comments;
• Derogatory comments on the Prophet Mohammad (PBUH) by means
of verbal or written words, visible representation or insinuation, direct
or indirect;
• Profanation and intentional desacralization of the Holy Quran;
• Attitude considered as discriminatory against Muslims.
Consequences when the teenager is victim:
• No distinction between the factors of race, culture and religion;
• Propagation of racist and xenophobic ideas.
What should be done?
• To promote democratic, egalitarian and interactive multiculturalism;
• To raise awareness to the promotion of legislation on ethics.
Key point to bear in mind:
• To promote inter-religious and inter-cultural dialog and respect for
others.
CybercriminaliteEngl
1/03/12
14:39
Page 31
b. Incitement to anorexia, mutilation, death and suicide
Definition :
CATEGORY 3
«Digital» offenses
Anorexia is manifested via a desire to lose weight and a rather strong
cognitive distortion of the appearance of the subject's body. The anorexic
subject usually starts with a slimming diet which is transformed into
pathological obsession. Mutilation, death and suicide constitute black
thoughts which appear in the form of suffering or impulses, making the
victim inapt for understanding.
Brief description:
Suicide is a decision seldom taken on the spur of the moment. During the
days and hours preceding someone's suicide, precursory indices and signs
can generally be detected. Mutilation is an external sign of true suffering.
Background information:
• Use of disconcerting verbal signs such as “I cannot continue like this”,
“Nothing matters any more” or even “I have thought of putting an end to
this”;
• Showing a marked change of behavior, attitudes or appearance;
• School failure, proximity of examination, examination result;
• Existence of family precedents including suicide or violence.
Consequences when the teenager is victim:
• Deterioration of the structuring pillars of the personal and social life;
• Deterioration or decrease in the victim's judgment capacity.
What should be done?
• To inform children about the seriousness of consequences;
• Not to make judgments.
Key point to bear in mind:
• To feel rejected can lead to very serious situations.
31
CybercriminaliteEngl
1/03/12
14:39
Page 32
c. Child trafficking online
CATEGORY 3
«Digital» offenses»
Definition :
Child trafficking is any act or transaction whereby a child is handed by a
person or group of people to another person or group in return for
remuneration or any other advantages.
Synonyms: Sale of children
Brief description:
Child trafficking concerns children of the entire world, both industrialized
and developing countries. Children victims of such trafficking are subjected
to prostitution, forced into marriage or adopted illegally. They constitute
unpaid or cheap labor, work as servants or beggars, are recruited by armed
groups or are exploited in sports activities.
Background information:
• Request of transporting, transferring, accommodating or receiving
children inside or outside a country;
• Request of international adoption;
32
• Recruitment of old victims to take part in the exploitation of other
children.
Consequences when the teenager is victim:
• Physical and/or sexual maltreatment;
• Flashbacks, nightmares, panic fits, irritability and other symptoms of
stress;
What should be done?
• To sensitize teenagers to the fact that certain people they know and trust
can lure and trap them;
• To make teenagers understand that they should be wary of strangers.
Key point to bear in mind:
• All exploited teenagers will suffer physical and/or psychological damage.
CybercriminaliteEngl
1/03/12
14:39
Page 33
a. Open and non-moderate dialogs
Definition :
CATEGORY 4
New acquired deviant behaviors
An exploration on the net, through online communities, forums and chat
rooms would show that technology offers new online experiences, which
seems to reorganize the practices and behaviors of individuals.
Brief description:
Teenagers have a passion which initially corresponds to a rationale of
exhibition and exposure of intimacy in public space. Adolescent bloggers
may enjoy their few moments of glory because they are visited and
commented on by their peers. This appropriation can involve the deficiency
of regulations, as this feeling is too often evoked to be in a virtual world.
It can, indeed, be tempting for teenagers to have a large number of contacts
and communicate with strangers.
Background information:
• Establishing contact is simple and hardly binding;
• Creating pages available on the Internet free of charge;
• Creating a browser, adding photographs, videos.
Consequences when the teenager is victim:
• Abolition or diminution of the approach common practice;
• Non-regulated management of contacts and dialogs;
• Addiction.
What should be done?
• To direct the teenager towards the use of forums supervised by a
regulator.
Key point to bear in mind:
• Forums and chat rooms controlled by a regulator are less likely to involve
missteps.
33
CybercriminaliteEngl
1/03/12
14:39
Page 34
b. Linguistic deformation and emoticons
CATEGORY 4
New acquired deviant behaviors
Definition :
The exchanges on the Web are characterized by the fact that they result
from SMS culture (Shorts Message Service), a messaging service which can
transmit short text messages. The orthographic or even grammatical
characteristics of the language are modified in order to reduce its length,
so as not to exceed a certain number of characters or to accelerate typing.
In addition, emoticons, resulting from the combination of typographical
characters and/or small images, are used in the messages written using a
keyboard. They make it possible to briefly represent, in writing, information
comparable to a facial expression, tone of voice or oral gesture.
Brief description:
Most parent control software programs are established on the key words
that parents enter in the base. The orthography of the words is essential.
A misspelt word, an unknown abbreviation of parents or a non-indexed
emoticon will pass through the net meshes without leaving of any trace.
Background information:
34
• Use of a particular language during exchanges on Internet by instant
messaging or email, forums and blogs, or network games;
• Combination of several typographical elements and still or moving images
- such as smiley «
»..
Consequences when the teenager is victim:
• Problem of orthography of language and difficulties in clearly expressing
their ideas through words.
What should be done?
• To make teenagers understand that emoticons certainly convey
information on their emotions, but they should always place them in the
context of sentences;
• To convince teenagers that they should make sure, in any exchange, they
are well understood;
• To convince the child to write correctly in order not to lose the mastery
of language orthography.
Key point to bear in mind:
• Conveying a significant part of a message by a few characters or the
expression of an emotion can lead to misinterpretation.
CybercriminaliteEngl
1/03/12
14:39
Page 35
c. Use of pseudonyms and avatars
Definition :
CATEGORY 4
New acquired deviant behaviors
A pseudonym (or pseudo) is a loan name whose user employs for an
activity under a name other than his official identity. It is distinguished from
a nickname in that it is chosen by the person who uses it instead of being
assigned by others.
An avatar is the computing representation of an Internet user, both in the
second dimension 2D form, (forums and messaging software) or in the
third dimension 3D form (video games, for example). The term “avatar”
originates in the Hindu tradition, indicating the incarnation of divinity on
earth.
Brief description:
Pseudonyms and avatars of the universe of chat rooms and discussion
forums are used by the chatters and allow them to be conspicuous by
creating a character, but also to eventually resort to organized anonymity.
The avatar carries a physical, graphic and visual dimension which escapes
pseudonyms.
Background information:
• Several games make it possible to simulate real-world using characters
(avatars) acting in a virtual world;
• It is often a black silhouette or another kind of impersonal anonymous
representation showing that users did not wish “to describe themselves”.
Consequences when the teenager is victim:
• Projection of oneself or simple transformation of oneself fantasized,
improved, exacerbated or deteriorated.
What should be done?
• To raise awareness to the promotion of legislation on ethics.
Key point to bear in mind:
• To know that legally speaking, the use of a pseudonym is usually allowed.
However, the teenager should be wary of those who use pseudonyms or
avatars.
35
CybercriminaliteEngl
1/03/12
14:39
Page 36
CATEGORY 4
New acquired deviant behaviors
d. Non-respect of intellectual property by
downloading
Definition :
Downloading is the operation of information transmission - programs,
data, images, sounds, videos - from one computer to another via a
transmission channel, in general the Internet. Downloading amounts to
receiving a file that has been requested.
Synonyms: Repatriation; remote data collection
Brief description:
Downloading hides the location of files and the transmission routes used
at the remote data collection. Downloading can relate to very different files
(software, music, documents, videos…). It can be free of charge, subjected
to constraints or paid. It can be legal or illegal, according to the downloaded
contents and the countries of origin and destination of information. The
use of downloaded file is controlled by a digital management of copyright
and makes it possible to define and fix a period of legal use, the number
of copies of the file and the storage and reading media authorized.
Background information:
36
• Illegal downloading and without authorization of music, videos or
commercial software;
• Marketing of downloaded files.
Consequences when the teenager is victim:
• Teenagers breach the copyright law, perhaps unaware of what they are
doing;
• They make themselves guilty of counterfeit or even concealment.
What should be done?
• To raise awareness to copyright laws and provide information about the
serious consequences of such acts.
Key point to bear in mind:
• Only music files or videos legally distributed on the Internet can be
downloaded. The other files constitute illicit reproductions.
CybercriminaliteEngl
1/03/12
14:39
Page 37
e. Addiction to the Internet
Definition :
CATEGORY 4
New acquired deviant behaviors
Addiction to a product is an inappropriate mode of using such product,
involving a physical and psychic dependence. It is manifested by the appearance
of the incapacity to manage one's own consumption (the user consumes
longer or more than they wanted to) and a continuation of consumption in
spite of, sometimes, the awareness of the problems it generates.
Synonyms: Addict, Dependence, Intoxication to the Web
Brief description:
Cyber-addiction, or addiction to network games or the Internet, shows the
extent to which forgetting reference to the elapsing time can be serious.
Teenagers may lose the concept of duration, the desire of sleep or appetite.
Young Internet users spend more time on the Net than they would think,
particularly if they surf the net in the absence of their parents.
Background information:
• Constantly seeking to connect to the Web in order to establish
communication therein;
• Marked progressive increase in time spent on the net, in order to obtain
satisfaction;
• Appearance of withdrawal syndrome (psychomotor agitation, fantasies
about the Internet).
Consequences when the teenager is victim:
• Forgetting reference to time;
• Loss of the concept of duration, the desire of sleep or appetite;
• Ocular dryness or ophthalmic migraine;
• Psychic and physical imbalance.
What should be done?
• To explain to the teenager what addiction can do to the body and mind;
• To encourage other physical leisure activities, other essential activities
rather than those involving the Internet.
Key point to bear in mind:
• Moving from abuse to dependence is moving from the desire to the need.
37
CybercriminaliteEngl
1/03/12
14:39
Page 38
f. Smart telephones
CATEGORY 4
New acquired deviant behaviors
Definition :
38
Smart phones, such as iPhone or Blackberry, is a cell phone which also
integrates the functions of a palm computer, offering functionalities of
diary/calendar, Web surfing, consultation of mail, instant messaging, GPS,
etc. Smartphone is hence a cell phone which also integrates the functions
of a palmtop computer.
Brief description:
Smart cell phones are a gold mine of information standing by to be
exploited by the cybercriminals. Based on a photo taken by a smart
telephone and posted on a social network, it is possible, thanks to certain
software, to obtain metadata such as the date, time and place. This strategy
is called geo-localization. This does not constitute an infringement in itself,
but can be used for illegal purposes, such as harassment. This phone allows
the user to be not only reachable but also connected everywhere constantly.
Background information:
• Sending and receiving emails instantly, consulting a page of a social
network constantly;
• Playing poker on line on the bus;
• Downloading an application, music;
• Establishing direct connections with marketing or advertizing service
providers while answering SMS;
• Answering a maniac who can be devoted at any time to his favorite role
play.
Consequences when the teenager is victim:
• Filmed without him/her knowing;
• Harassed;
• Cyber-dependant.
What should be done?
• To establish standards concerning the use of smart telephones and
supervise cell phones as well.
• To raise awareness to the need for limiting the use of these technological
gadgets by inculcating the rules of decency to respect.
Key point to bear in mind:
• With smart telephones, the door towards the cyber-dependence becomes
suddenly wide open.
CybercriminaliteEngl
1/03/12
14:39
Page 39
a. Hackers
Definition :
CATEGORY 5
Technical threats: hackers and spam
Hacking consists in obtaining unauthorized access to a computing system.
Synonyms: Spy software, Spyware
Brief description:
Spyware, or spy software, is harmful software which transmits to third parties
information contained in your computer. Spyware is often present in
freeware, or shareware. By illicit access to computing systems, hackers make
an improper use of the data which such systems contain.
Background information:
• Exploitation of security protocols badly ensured to reach a system;
• Exploitation of a software or hardware fault to illegally obtain a
password allowing access to a computing system;
• Creation of “espionage” Internet sites designed to study the behavior
of users in order to know their weaknesses.
Consequences when the teenager is victim:
• Loss of their data;
• Impossibility of doing school work of research.
What should be done?
• To protect one's computer against illicit accesses by anti-viruses or
firewall.
Key point to bear in mind:
• Security devices, though they can reduce the risks, are not infallible and
should regularly be updated.
39
CybercriminaliteEngl
1/03/12
14:39
Page 40
b. Virus
CATEGORY 5
Technical threats: hackers and spam
Definition :
40
A computer virus consists of an undesirable program installed in users'
computer without their knowledge. Its lines of instructions show it how to act,
multiply and contaminate other programs and computers. It is a program that
can spread to other computers, forming part of legitimate programs called
“host”. It is characterized by the presence of mechanisms of propagation,
release, and action. In general, it is developed with the intention to harm.
Synonyms: Malicious software
Brief description:
Each time the program is activated, the virus follow suit and it can damage
the system. Viruses can also reproduce when the program is executed. In
addition to reproducing, a virus can carry out other actions which can be
harmful to the user of the infected computer or other users connected by
network to the infected computer. Certain viruses (malware) are not
detected by anti-virus programs.
Background information:
• The viruses of boot hides in the starter sector of the disc which is read
at the start of the computer;
• Application viruses infect executable files (.exe, .com, .sys, .inf, .dll, .vbs,
etc);
• Macro viruses are accommodated in the macros of office automation
software such as Word or Excel;
• Email viruses disrupt emails;
• Viruses contaminate the hard drive of the computer as well as the other
data carriers such as USB key-drive or external hard drives.
Consequences when the teenager is victim:
• Having their site paralyzed;
• Destruction of their hard drive, loss of their data.
What should be done?
• To make sure of the installation of an antivirus program, before
installing downloaded software;
• To be wary of the executable files if their origin is unknown (for example
.exe);
• To regularly safeguard one's data on a USB key drive or any other storage
device.
Key points to bear in mind:
• Never click on a link inserted in an email or an executable file.
• It is better to turn to a search engine to find the official site required.
CybercriminaliteEngl
1/03/12
14:39
Page 41
c. Computer worms
Definition :
CATEGORY 5
Technical threats: hackers and spam
A computing worm is an auto-reproducer program, placed in the random
access memory of the computer, which, in the majority of the cases, does
not modify the repertories of the hard drive. It is propagated while being
forwarded to other computers of the network..
Brief description:
Unlike viruses, the worms are autonomous entities. They do not stick to
files or programs and are able to propagate and duplicate on their own
without contaminating the host program. One of the ways they propagate
consists in dispatching to all the correspondents registered in an address
book. Such worms can cause major damage, absorbing the resources of
various systems and submerging the Internet..
Background information:
• The worm is a program which is spread by email, benefitting from the
faults of messaging software;
• As soon as a worm infects a computer, it tries to infect other computers
by sending itself to addresses contained in the address book of the
infected computer. Generally, the recipient is not wary of the message,
because it comes from a known person.
Consequences when the teenager is victim:
• Deceleration of its infected machine;
• PComputer crash of services or operating system of the machine;
• Impossibility of using their computer properly.
What should be done?
• To use an antivirus, a software program that detects viruses, destroy,
quarantine and sometimes repair the files infected without damaging
them.
Key point to bear in mind:
• The very light weight of worms enables them to be propagated at such
an impressive speed over a network that they can overload it.
41
CybercriminaliteEngl
1/03/12
14:39
Page 42
d. Trojan horses
CATEGORY 5
Technical threats: hackers and spam
Definition :
42
A Trojan horse is a harmful computer program, though it looks legitimate.
It presents itself in a benign form, but it comprises a harmful routine
executed without the authorization of the user. A Trojan horse is not a
virus, because it cannot reproduce.
Synonyms: Trojan, malicious program
Brief description:
Trojan horses can appear as a game or any program which can be joined
to an email. Trojan horse is an executable program; that is, if it is doubleclicked, for example, the program is launched. When it is executed, a Trojan
horse can erase directories or open a “backdoor” to the computer, hence
making it possible for some actors to be introduced therein and take the
control of the system. These intruders can then copy and erase files, use
the computer as a starting point to pirate others.
Background information:
• Often, it is a little game or a utility program;
• It is often available on the links of a pirated page or on a banner devoted
to this activity;
• Downloading free programs and the division of programs or other files
are the major sources of spreading Trojan horses;
• It is also very frequent in certain types of emails;
• It is generally installed when one reaches a contentious site
(pornographic, peer-to-peer, etc).
Consequences when the teenager is victim:
• To suffer aggravating and undesirable effects;
• To suffer hacking of their personal data.
What should be done?
• It is possible to manually remove the malicious program. One can conduct
a search for all the files with the extension .tmp.
Key point to bear in mind:
• It is necessary to always think twice before clicking on an unknown link.
CybercriminaliteEngl
1/03/12
14:39
Page 43
e. Spam
Definition :
CATEGORY 5
Technical threats: hackers and spam
Spam represents any sending of messages in mailing-lists, newsgroup or
personal electronic mailboxes, in order to “perform advertizing”, without
any prior request.
Synonyms: un-solicited junk emails, junk email, junk-mail
Brief description:
The word “junk email” is of common use, while “junk-mail” is more rarely
used (rather reserved to the context of the discussion forums and groups
of the new Usenet). It became a vehicle to commit offenses such as the
propagation of viruses, fraud or the identity theft.
Background information:
• To write to an unknown person to ask him to go and visit a Web site;
• To conduct advertizing (commercial or not) on forums.
Consequences when the teenager is victim:
• Overloading of their e-mail boxes;
• Pollution of their e-mail boxes and/or computers;
• Fraud and scam.
What should be done?
• Not to give your address email without knowing how it will be used;
• To read the conditions of use and notes on the respect of private life on
the Web sites before giving them your address.
Key point to bear in mind:
• Spammers do not observe any ethics and breach our right to private life.
43
CybercriminaliteEngl
1/03/12
14:39
Page 44
f. Fraud by phishing
CATEGORY 5
Technical threats: hackers and spam
Definition :
44
The fraud by phishing indicates the attempt to fraudulently possess
sensitive data (passwords, for example). It has recourse to manipulating
users in order to lead them to reveal the required data or the codes which
will then make it possible for pirates to reach such data.
Synonyms: Phishing scam, Phishing
Brief description:
Phishing has recently become a major infringement in cyberspace. It hinges
on a technique which consists in not exploiting the computing fault but
the “human fault” by deceiving Internet users by means of an email
seeming to come from a trustworthy company, typically a bank or a
business site.
The email sent by these pirates steals the identity of a company (banks, ebusiness site, etc) and tries to update information in a form of a fake Web
page, a true copy of the original site, under the pretext, for example, of an
update of the service, an intervention of customer support, etc
Background information:
• Invitation to be connected on line by means of a hypertext link;
• Email seeming to come from a trustworthy company;
• Mail asking you to update, validate or confirm the information of your
account, otherwise, the consequences could be annoying;
• Mail which announces upsetting or exciting news and requires an
immediate answer under a false pretext.
Consequences when the teenager is victim:
• Swindled because they provided, by the trick, personal sensitive
information.
What should be done?
• Not to click directly on a link contained in an email, but open a navigator
and type oneself the email address to access the relevant service;
• To be wary of the emails or text messages in which you are asked to at once
provide personal or financial information.
Key point to bear in mind:
• Thanks to your personal information, swindlers can access your personal
email account, and dissimulate criminal activities.
CybercriminaliteEngl
1/03/12
14:39
Page 45
g. Cookie files
Definition :
CATEGORY 5
Technical threats: hackers and spam
A cookie file is a tiny text file saved on the hard drive by a Web page server
which is used as an identity card and cannot be executed as a code, nor can
it be carrying viruses. It belongs to you exclusively and can be read only by
the server which initially gave it to you.
Synonyms: Web cookie, Cookies
Brief description:
It allows the user to be monitored when he has visited several sites. It is
neither spy software nor a virus, although a cookie coming from certain
sites is detected by several antivirus software programs.
Background information:
• A cookie can be used for authentication, a session (maintenance), or to
store specific information on the user, such as the preferences of a site
or the contents of an electronic purchase basket;
• Purchase baskets of stores or sites which require connection using
identifiers (user and password).
Consequences when the teenager is victim:
• Thanks to cookie files, Web sites can preserve the information relating
to the user.
What should be done?
• To adjust the parameters of your navigator so that it accepts all cookie
files, or it notifies you whenever a cookie file is offered to you;
• To make sure that your navigator allows the possibility of accepting or
rejecting cookies.
Key point to bear in mind:
• Beware; total rejection of cookies makes certain sites unusable.
45
CybercriminaliteEngl
1/03/12
14:39
Page 46
CybercriminaliteEngl
1/03/12
14:39
Page 47
CHAPTER 2
CHALLENGES FOR HEALTH AND PROTECTION:
ROLE OF TECHNOLOGY AND EDUCATORS
CybercriminaliteEngl
1/03/12
14:39
Page 48
CybercriminaliteEngl
1/03/12
14:39
Page 49
1. Teenagers and cybercrime
Generally, cybercrime is defined as the entire set of infringements made via
computing networks or communication networks.
The development of manners and techniques generates new forms of
delinquency. The latter can have consequences on a larger scale than in the
past, insofar as it is no longer confined to specific geographical space, crisscrossing national borders.
Blackmails, threats and the will to use the means offered by technology to
appease one's desires has become possible, where the usual rules of social
relations no longer seem to be sufficient to ensure respect for others.
Certain young Internet users take action and create situations which they
would not have considered in other living environments.
Traditional intimidation would cease once the teenager is at home, while
cyber intimidation extends his ordeal, infiltrating in his private life as well.
The fundamental distinction is the permanence of victimization and the
disproportionate impact on those who are subjected to it.
2. Impacts on youngsters' health
Several impacts on the health of cybercrime victims are identified [7]:
a. Absence of otherness
The desire of teenagers to be “with their kin” is built on the recognition
of the same pleasure of sharing identical values and tastes. This
phenomenon supposes the capacity to establish social links with his fellows,
while admitting a more or less marked otherness with social environment
in its diversity and difference, particularly for a teenager in the eyes of the
world and adults' point of view.
The absence of otherness from the Net is expressed in two ways: first by
a technology that allows simple and fairly easy contact; then by the priority
given to the desire to exchange information on the identity of the Internet
user. Wishing to join the community of a forum or a chat room is more
crucial than giving one's real name, age or gender.
Hiding or changing one's identity is often part of the game, before being
truly a strategy of approaching the other or getting round a relational
difficulty. The reciprocity of the dissimulation act itself is not always
perceived by youngsters.
49
CybercriminaliteEngl
1/03/12
14:39
Page 50
b. Internet, indicator of malaise
Adolescence is a period of life during which youngsters often seek to free
themselves from their parents, and move away from the images that the
latter convey. Hence, when reality is perceived as disappointing, youngsters
can seek stimulation via the Internet and become cyber-dependant. Lonely
children, who are bored or live in families where nobody takes care of them
after school, are certainly the most vulnerable.
In addition, a compulsive use of the Internet can be symptomatic of other
problems, depression, anger or low self-esteem. Hence, timid or unpopular
children at school are often tempted to invent a new identity in virtual
communities. Teenagers assiduously attend chat rooms, forums, blogs, not
hesitating to entrust interlocutors hidden behind pseudonyms with what
they do not dare to reveal to their parents.
c. Modified sense of time
Carried away by the continuous slide of surfing, the Internet user can forget
the traditional time reference marks. The loss of the concept of duration,
the desire of sleep and appetite are the most visible symptoms of this new
sense of time shown by teenagers.
d.Anonymity conducive to running away
50
Simple in its implementation and protective in its procedure, online
communication makes it possible to break free from the usual codes and
rules of any exchange with others. Anonymity, pseudonyms, impersonal
addresses, absence of reproach and sanction in the event of language abuse
are the characteristics of this new mode of communication. Anonymity
as well as the ease of contact, authorized by the Internet, present the risk,
now proven, for a child to be approached by an adult for a physical meeting.
Moving from one extreme to another, such anonymity, instead of helping
them, insolates them even further. Dialog with the family can then be
completely broken.
e. Addictive behaviors
Spending too much time surfing the Net is not in itself a problem. It is
possible, initially, to consider that such excessive aspect is the simple
expression of a passion, as it is the case for leisure, a hobby, or media, as
long as this does not deteriorate the structuring pillars of the player's
personal and social life.
CybercriminaliteEngl
1/03/12
14:39
Page 51
However, the number of people showing addictive behaviors seems to
increase. It is advisable to take account of the conditions involving psychic
and physical imbalance of players towards cyber-dependence and of the
conditions jeopardizing their social situation.
The criteria of Internet dependence can be summarized as follows:
• progressive increase of time spent online in order to obtain
satisfaction;
• access to the Internet conducted longer and more often than desired
initially;
• the desire or efforts to control connection time are in vain;
• devotion of most activities to what involves the Internet, to the
detriment of other leisure or even essential activities;
• negligence of time for sleeping, eating, social life, work for the
benefit of the time spent on the Internet;
• appearance of withdrawal syndrome.
3. Some technical and technological tools for the
protection of the child against cybercrime threatsé
The use of the services of access supplier and a software program of parental
control is a useful protection measure for the child to surf the Net [7].
a. Filtering and parental control software
These software programs make it possible to prevent access to contents
unsuited to children on the Web. They serve as a “filter” by authorizing
access to the pages considered as inoffensive, but block the sites which
may shock the child.
Black lists
To block access to inappropriate contents, parental control software uses
two major methods: filtering by URL list (Uniform Resource Locator) and
filtering by key word. The most popular method, filtering by list, operates
with a database of un-recommended sites. Also called “black lists”, these
bases contain addresses of sites classified according to various topics.
Hence, when the child wishes to visit a Web page, the site URL is initially
compared with the prohibited URLs entered in the black list of the
software. If the relevant address belongs to the un-recommended sites, the
child cannot reach it.
51
CybercriminaliteEngl
1/03/12
14:39
Page 52
The disadvantage of this type of system lies in the need for conducting
very regular updates. Moreover, the language used is an important criterion
in the choice of software because, if this one blocks a word in French, it
may not block it if it is entered in English; hence protection can be easily
by-passed.
White lists
It is also possible for parents to use the navigator, the filtering tool
suggested by Internet Explorer. This is a system entitled “access control”
filtering inappropriate contents: parents create lists of authorized sites and
the sites to be blocked.
The use of Internet navigator as a filtering tool can be only a partial
solution, since it only takes into account the contents of Internet sites and
not the other channels such as instant messaging and peer-to-peer software.
b. Changing technological environment
52
In view of the multitude of software programs offered on the market, it
is very difficult for parents to choose one. During the discussions
conducted by the child on forums, chat rooms or instant messaging, there
exist software programs which prohibit the child from conveying words
or personal information prohibited by the parents, which deliver warning
messages reminding the child, restrictions programmed by parents to
ensure protection while surfing. Moreover, parents can consult, as it is the
case for many other tools of parental control, the child's browsing history.
Certain software programs are not reliable enough, either because they
identify only a restricted number of sites, conversely retain too much
thereof, or because they are tiresome for parents to install or too easy to
deactivate by the child. In fact, there is no perfect software in spite of
technological advances. As regards filtering, it is impossible for a mailing
list to be at the same time relevant and exhaustive in a perennial fashion.
Moreover, apparently inoffensive sites can be blocked by excessively strict
filtering.
Certain software of parental control is decontaminated very easily while
using, for example, the function of removal “Add/Remove program” or by
a simple keyboard shortcut, even a box to be unchecked. Result, an alert
children would quickly understand how to bypass this control tool, without
their parents knowing.
Some simple ways also make it possible for youngsters to easily bypass
certain filtering software programs. Hence, “anonymity servers” or
“anonymizers” are used as a shield between the computer of the Internet
user and the visited site. The latter cannot determine who you are, as no
CybercriminaliteEngl
1/03/12
14:39
Page 53
address or personal data may appear. In fact, the desired page is posted in
that of the anonymizer and can be consulted by the child beyond control.
No technical solution could replace parental presence and communication
between educators and children, regardless of their age. Further, it can be
reassuring, for certain parents, to be equipped with control tools, though
they remain imperfect, supplementing dialog with the child. It is hence
necessary that the various actors continue to help parents to select the best
tools, paid or free, that they can use.
Generally, access rules to the Internet should be sufficiently flexible to be
revalued if need be, and result from a mutual trust between teenagers and
adults without generating any confusion of roles: neither excessive control,
nor carelessness on part of adults, and sense of responsibility on the part
of the teenager, including the control of costs and browsing time.
4. Role of educators
Parents have a right and a duty of authority with regard to their children,
and they are entrusted with a common educational mission. Education
consists more largely of the transmission of knowledge and values and the
implementation of the pedagogical means suitable to train and develop the
future citizen and the future parent, namely the child. It aims at equipping
the child with the knowledge and practice of the customs of society.
Traditionally shared by parents and school, educational responsibility visà-vis children, now involves a growing number of social and cultural
authorities. The media also play an important educational role. These
authorities all interact more or less deeply and more or less sustainably in
the education of children and youngsters.
Technically speaking, youngsters have a better knowledge of the Internet
than adults and often use it in a different way. Parents and educators often
feel overtaken and always do not seek, consequently, to understand what
their children do on the Web. Beyond the technological aspect, parents know
little about the daily uses of youngsters, particularly as to the interactive
aspect (use of chat rooms, discussion forums, instant messaging, etc).
Parents and educators should be introduced to the Internet, through
training sessions, to remedy the feeling of incompetence generated by the
difficulty of using such media properly. They should be convinced that
though they not make use of the Internet as well as children, they still can
give pertinent advice to the latter. They are responsible for not only
supervising and managing their children's activities on line, but also
teaching them how to become confirmed, informed and responsible
Internet users.
53
CybercriminaliteEngl
1/03/12
14:39
Page 54
There is a need to involve educational adults, specifying at an early stage the
importance of establishing a good discipline as to the durations devoted to
multi-media. These durations can certainly increase as the child grows, but
parents should keep a true control, as long as they are not sure that the
youngster can manage alone.
The absence of parents while the child is discovering the Internet can also
have consequences on understanding reality and its differentiation with the
virtual world. As part of guiding the child by his parents right from the
early stages of life, it is essential to teach the child the difference between
reality and fantasy even if it is important to preserve his capacities of
imagination. Parents and educators have a role to play via enacting rules
and limits as to surfing the Net.
.
54
CybercriminaliteEngl
1/03/12
14:39
Page 55
CHAPTER 3
INTERNATIONAL AND REGIONAL
APPROACHES TO CHILD
PROTECTION
CybercriminaliteEngl
1/03/12
14:39
Page 56
CybercriminaliteEngl
1/03/12
14:39
Page 57
1. Approaches of child protection
The Convention on cybercrime is the major international framework
available, which covers all relevant aspects of cybercrime. In addition to the
international organizations that work at the global level, several regional
organizations promote the issue of cybercrime by setting up work groups
in charge of working out plans for the fight against cyber-offenses. An
overview of the major international and regional approaches is outlined
below [8].
a. International Telecommunications Union (ITU)
World Summit on the Information Society (WSIS) (Geneva 2003 - Tunis
2005) [1], [5], [6] recognizes the real and significant risks posed by an
insufficient cyber-security and a proliferation of cybercrime. At the
Summit, leaders and governments of the world appointed ITU as
coordinator of the implementation of the major action line C5 of WSIS,
“Building confidence and security in the use of ICTs”.
At the second co-ordination meeting, concerned with the major action line
C5 of WSIS, in 2007, ITU Secretary General underlined the importance of
international cooperation in the fight against cybercrime and announced
the launching of ITU Global Cyber-security Agenda.
This Program comprises seven strategic goals and hinges on five strategic
pillars, relating particularly to the development of strategies for the
development of a standard legislation on cybercrime. The seven goals are
the following [5]:
• Elaboration of strategies for the development of a model
cybercrime legislation that is globally applicable and interoperable
with existing national and regional legislative measures.
• Elaboration of global strategies for the creation of appropriate
national and regional organizational structures and policies on
cybercrime.
• Development of a strategy for the establishment of globally
accepted minimum security criteria and accreditation schemes for
hardware and software applications and systems.
• Development of strategies for the creation of a global framework
for watch, warning and incident response to ensure cross-border
coordination between new and existing initiatives.
• Development of global strategies for the creation and endorsement
of a generic and universal digital identity system and the necessary
organizational structures to ensure the recognition of digital
credentials [for people] across geographical boundaries.
57
CybercriminaliteEngl
58
1/03/12
14:39
Page 58
• Development of a global strategy to facilitate human and
institutional capacity building to enhance knowledge and know-how
across sectors and in all the above-mentioned areas.
• Proposals on a framework for a global multi-stakeholder strategy
for international cooperation, dialogue and coordination in all the
above-mentioned areas.
These seven objectives hinge on five pillars 1) Legal framework, 2)
Technical and procedural measures, 3) Organizational structures, 4)
Capacity building and 5) International cooperation.
The pillar of “Legal framework” of the Global Cyber-security Agenda
concentrates on how to face, in a compatible way at the international scale,
the legal problems posed by the criminal activities committed on TIC
networks. The pillar “Technical and procedural measures” is interested in
the key measures aiming to promote the adoption of improved approaches,
particularly the mechanisms, protocols and accreditation standards, to
reinforce risk and security management in cyberspace. The pillar
“Organizational structures” relates primarily to the prevention of cyberattacks, their detection, the interventions to be carried out against such
attacks and the management of crises which they trigger, including the
protection of the essential information infrastructures. The pillar “Capacity
building” is devoted to the development of strategies aimed at developing
capacity building mechanisms in order to sensitize stakeholders, transfer
know-how and encourage the taking account of cyber-security in the
national political programs. Finally, the pillar “International cooperation”
concentrates on co-operation, dialog and coordination at the international
scale in the fight against cyber-threats.
Action line C10 of WSIS “Ethical dimensions of the Information Society”
[5] stipulates that the Information Society should be subject to universally
held values and promote the common good and to prevent abusive uses of
ICTs. These recommendations are as follows:
• Take steps to promote respect for peace and to uphold the
fundamental values of freedom, equality, solidarity, tolerance, shared
responsibility, and respect for nature.
• All stakeholders should increase their awareness of the ethical
dimension of their use of ICTs.
b. Group of eight (G8)
In 1997, G8 created the “Subcommittee on High-tech Crimes”, responsible
for the issues of the fight against cybercrime. At their meeting of
Washington D.C., the United States, Ministers of Justice and Ministers of
Interior of G8 adopted ten principles and a ten-point action plan to fight
high-tech crime. These principles stipulate in particular that there should
CybercriminaliteEngl
1/03/12
14:39
Page 59
be no safe haven for those who exploit information technologies for
criminal purposes. The investigations into high-tech offenses at the
international level and the prosecution of the perpetrators should be
coordinated by all the States concerned, regardless of place of the damage.
The law enforcement staff should be trained and equipped to face cyberoffenses.
In 1999, at a ministerial conference on the fight against transnational
organized crime, held in Moscow, Federation of Russia, the heads of G8
specified their plans concerning the fight against cyber-offenses. They
expressed their concern about crimes (particularly child pornography) and
the traceability of transactions. At the practical level, the work of expert
groups led to the establishment of a global contact network. The countries
taking part in this network were committed to providing, for transnational
investigations, accessible contact points permanently.
In 2000, at their conference held in Paris, France, G8 concentrated on the
problem of cybercrime and called for the prevention of digital safe havens.
In 2001, at the workshop organized in Tokyo, G8 examined procedural
instruments for the fight against cybercrime. The issue was whether it was
necessary to impose obligations of data conservation or data filing was
another possible solution.
In 2004, G8 Justice and Interior Ministers published an official statement
announcing the need for developing the means, at the global level, to
combat the exploitation of the Internet for criminal purposes. G8 once
again noted the Convention of the Council of Europe on cybercrime.
At the Moscow meeting in 2006, G8 Justice and Interior Ministers
examined several points on the fight against cybercrime and cyberspace,
particularly the need for improving countermeasures. The issue of cyberterrorism was also tackled at the G8 Summit of Moscow.
In 2007, at the meeting of G8 Justice and Interior Ministers in Munich,
Germany, the question of the exploitation of Internet for terrorist
purposes was examined. The participants agreed to declare a criminal
offense the exploitation of the Internet by terrorist groups.
In 2011, the E-forum in Paris focused on the issue of protecting
copyrighted material on the Internet, involving governments which have a
role to play in the protection of copyright and intellectual property.
c. United Nations
At the Eighth United Nations Congress on the Prevention of Crime and
Treatment of Offenders (held in Havana, Cuba, 27 August to 7 September
59
CybercriminaliteEngl
1/03/12
14:39
Page 60
1990), the General Assembly of the United Nations adopted a resolution
on the legislation on cybercrime. In 1994, on the basis of Resolution
45/121 (1990), the United Nations published a manual on the prevention
and control of cybercrime.
In 2000, the General Assembly adopted a resolution on the fight against the
exploitation of information technologies for criminal purposes, similar in
certain aspects to the ten-point action plan adopted by G8 in 1997. In this
resolution, the General Assembly counts several measures aiming to
prevent the abusive exploitation of information technologies.
In 2002, the General Assembly adopted another resolution on the fight
against the exploitation of information technologies for criminal purposes.
This resolution outlines the various approaches existing at the international
level to combat cybercrime and proposes several solutions.
In 2004, the United Nations created an anti-phishing working group,
concerned with cybercrime and other issues relating to the Internet,
underlining thereby their will to take part in the international debates
underway on cyber-threats. Moreover, in 2004, the United Nations
Economic and Social Council adopted a resolution on international
cooperation as regards prevention, investigation, prosecution and sanctions
against fraud, abuse and identity falsification for criminal purposes as well
as related infringements.
60
At the 11th United Nations Congress on crime prevention and criminal
justice, held in Bangkok, Thailand, in 2005, a statement was adopted, which
underlines the need for harmonization as regards the fight against
cybercrime.
In 2007, the Council adopted a resolution on international cooperation as
regards prevention, investigation, prosecution and sanctions against
economic fraud and identity-related crime. These two resolutions do not
explicitly deal with infringements related to the Internet, but they also apply
to such infringement.
In 2011, cybercrime was part of the agenda of a UN meeting on the
prevention of crime [9]. According to United Nations Office on Drugs
and Crime (UNODC), cybercrime is today in full expansion, but the
volume of traffic on the Internet and the sophistication of methods used
by cybercriminals make it impossible to precisely evaluate the benefit
generated by these organizations and the losses caused to private
companies. More alarming, however, for the Director of the U.N agency
are the sex-related crimes committed against children. “Serious offenses
are committed - often in front of a parent; the Web literally opens a door
in your house and your children can let criminals get in”, he explains. “In
the virtual world of the Internet, youngsters are particularly vulnerable,
CybercriminaliteEngl
1/03/12
14:39
Page 61
and can get in contact with adults who seek to establish friendly relations
with them by participating in platforms, forums, social networks or online
games, with a view to committing sexual abuses. The ill-treatment of
children constitutes a serious international crime and requires intensive and
concerted co-operation; that is the development of cyber-ethics and cybersecurity”.
Currently, a project of ESCWA (United Nations Social and Economic
Commission for Western Asia) is interested in a regional strategy as regards
legislations in cyber space. One of the main objectives of the project is to
produce models for cyber-legislation in ESCWA member countries,
encouraging the regulation of cyberspace structures in the Arab area.
d. Council of Europe
The Council of Europe, created in 1949, gathers 46 countries, primarily
on the issues of human rights and democracy.
In 1976, the Council of Europe underlined the international character of
cyber-offenses and examined this issue at a conference relating to the
various aspects of economic criminality. In 1985, the Council of Europe
appointed a committee of experts in charge of examining the legal aspects
of cybercrime. In 1989, the European Committee on criminal problems
adopted the “report on computer-related crime”, which analyzes the basic
legal provisions in criminal law necessary to set up to combat new forms
of electronic infringement, including electronic fraud and falsification.
In 1995, the Committee of Ministers adopted a recommendation dealing
with the consequences of transnational cybercrime. Appended to this
recommendation is a summary of the guiding principles on the
development of adapted legislative measures.
In 1996, the European Committee on Crime Problems decided to create a
committee of experts in charge of cybercrime. Between 1997 and 2000, the
Committee held ten plenary sessions and fifteen meetings of its drafting
group with unlimited participation. The assembly adopted the draft
convention at the second part of its plenary session of April 2001. At the
signing ceremony held in Budapest on November 23rd, 2001 [1], thirty
countries signed the convention, particularly four non-member States of
the Council of Europe, which took part in the negotiations: Canada, the
United States, Japan and South Africa.
In 2007, within the framework of its approach aiming to improve the
protection of minors against sexual exploitation, the Council of Europe
introduced a new convention. On the first day of opening for signature,
twenty-three States signed the Convention for the protection of children.
61
CybercriminaliteEngl
1/03/12
14:39
Page 62
One of the key objectives of this convention is the harmonization of
criminal provisions aimed at protecting children against sexual exploitation
[3]. For this purpose, the Convention integrates a set of criminal provisions.
In addition to the criminalization of sexual abuses against children
(Article18), it contains a provision on the exchange of child pornographic
contents (Article 20) as well as a provision on the solicitation of children
for sexual purposes (Article 23).
The Convention on cybercrime was followed of a first additional protocol.
During the negotiations on the text of the convention, it appeared that the
criminalization of racism and the dissemination of xenophobic contents
were particularly polemical issues. Certain States, equipped with a strong
legislation in favor of the protection of freedom of expression, expressed
their concern and indicated that they could not sign convention if the latter
included provisions running counter to this principle. These questions
hence were the object of a separate protocol. By October 2008, twenty
States had signed the additional protocol and thirteen had ratified it.
62
By April 2009, forty six States had signed the Convention on Cybercrime
and twenty-five had ratified it. Certain countries, particularly Argentina,
Pakistan, Philippines, Egypt, Botswana and Nigeria, already worked out
certain parts of their legislation in conformity with the Convention. Hence,
although these countries have not signed the Convention yet, they support
the process of harmonization and standardization wanted by its drafters.
This Convention is recognized today like an important international
instrument of the fight against cybercrime. Several international
organizations support it.
Convention on Cybercrime of the Council of Europe is the only
international instrument concerning the issue of cybercrime. It is used as
guidelines for any country developing an exhaustive legislation on cybercrime,
as well as a framework for international cooperation against cybercrime
among States. The Convention is supplemented by the Additional Protocol
on the incrimination of acts of racist and xenophobic nature made by means
of computing systems. The United Kingdom transmitted the instrument of
the ratification of the Convention on Cybercrime on May 25th, 2011. The
Convention came into force in the United Kingdom on September 1st, 2011.
31 States are now parties to the Convention. Finland ratified the Additional
Protocol relating to the incrimination of acts of racist and xenophobic
character (20 May 2011, Strasbourg).
The Council of Europe supports the European countries in the
implementation of the European and international standards in the area of
the fight against organized crime through technical cooperative projects.
They are financed by the ordinary budget of the Council of Europe, as
well as external contributions by other international organizations.
CybercriminaliteEngl
1/03/12
14:39
Page 63
e. European Union
The European Union, created in 1957, gathers 27 countries, primarily on
economic and political issues.
As regards penal legislation, the scope of competence of the European
Union is limited. It can harmonize the criminal national legislations only in
specific cases, particularly the protection of financial interests of the Union
and cybercrime.
In 1999, by adopting the Communication of the European Commission
entitled “eEurope 2005 - an information society for all”, the European
Union launched the “eEurope” initiative. In 2000, the European Council
adopted a global “eEurope action plan” and expressed its intention to
implement it before the end of the year 2002.
In 2001, the European Commission published a communication entitled
“Creating a Safer Information Society by Improving the Security of
Information Infrastructures and Combating Computer-related Crime”. In
this communication, the Commission analyzes and endeavors to solve the
problem of cybercrime, by particularly underlining the need for an effective
action to fight the threats which weigh on the integrity, availability and
operational security of information systems and networks. Moreover, in
2001 the Commission published a communication on the “Security of
networks and information”, which analyzes security issues in networks and
proposes strategic guidelines for action in this field.
As regards the fight against cybercrime, it is agreed that the harmonization
of legislations is a key component of all the projects undertaken within
the Union. In line with such strategy, in 2002 the Commission presented a
proposal for “Decision-framework on the attacks targeting information
systems”. The Decision- framework, noting the Convention of the Council
of Europe on cybercrime, concentrates on the harmonization of the basic
provisions in criminal law aiming to protect the infrastructure elements
(illicit access to information systems, prejudice to system integrity, prejudice
to data integrity, obligation of data conservation).
In 2007, the Commission published a communication entitled “Towards a
general policy on the fight against cybercrime”. This communication
reviews the progress achieved and stressed the importance of the
Convention of the Council of Europe on cybercrime as a major
international instrument of the fight against cybercrime.
In 2008, the European Union started discussions on a draft amendment of
decision-framework on the fight against terrorism. In the introduction of
the draft amendment, the European Union states that the existing legal
framework applies criminal penalty against assistance or complicity and
63
CybercriminaliteEngl
1/03/12
14:39
Page 64
incitement, but not the dissemination of terrorist know-how on the
Internet. Through this project, the European Union aimed at bridging the
gap and bringing national legislations closer to the Convention of the
Council of Europe for the prevention of terrorism. The Member States
were held to criminalize the publication of instructions on the use of
explosives when this information was intended to be used for terrorist
purposes.
The digital strategy for Europe, adopted in 2010, stressed the importance
of confidence and security and insisted on the need, for all Member States,
to pool their efforts to establish effective and coordinated mechanisms
conducive to meeting new increasingly sophisticated threats to computer
security. On September 30th, 2010, the Commission presented a proposal
on a new mandate aiming to reinforce and modernize the European agency
in charge of the security of networks and information.
f. Organization for Economic Co-operation and Development
(OECD)
In 1983, OECD launched a study on the possibility of international
harmonization of criminal law in order to face the problem of cybercrime.
64
In 1985, a report was published containing an analysis of the legislation in
force at the time as well as proposals to combat cybercrime. It
recommended to the States considering the criminalization of a minimal
list of infringements, particularly computing fraud, computing falsification,
modification of programs and computer data and interception of
communications.
In 1990, the Committee for Information, Computer and Communications
Policy (ICCP) set up a group of expert in charge of develop a set of
guidelines governing information security, which were adopted by OECD
Council in 1992. To combat such threats, the States decided to describe
these malicious acts and take action against such acts in various ways. With
the international level, there was definition of the minimal core of the
computing infringements having to enter the pillar of the national criminal
legislations. In OECD Member States, in the last twenty years, there has
been an evolution of the legislation on computing infringements and data
protection.
The guidelines on the fight against cybercrime were reviewed in 1997,
subsequently updated by a second group of expert set up by ICCP in 2001.
In 2002, a new version entitled “OECD guidelines governing the security
of systems and information networks: towards a culture of security” was
adopted as recommendation of OECD Council. These guidelines contain
nine complementary principles (Awareness, Responsibility, Response,
CybercriminaliteEngl
1/03/12
14:39
Page 65
Ethics, Democracy, Risk Assessment, Security Design and Implementation,
Security management, Reassessment).
In 2005, OECD published a report in which it analyzes the effects of phishing
on developing countries. This report shows that spamming is a problem much
more serious in developing countries than in Western countries, because the
resources are limited and more expensive in the former.
As a follow-up to the request for the Group of strategic planning of the
Executive Office of the Secretary General of the United Nations
concerning the development of a comparative statement of internal
legislative solutions as regards the use of the Internet for terrorist purposes,
in 2007, OECD published a report on the legislative treatment of “cyberterrorism” in States' national legislation.
On January 17th, 2011 OECD published an analysis on the risks and
impact of cyber-attacks. The published report presents a history of the
phenomenon, a statement of risks and a set of recommendations to the
States. It particularly advises States to improve their own security system in
a field which concerns civil security as well as military defense. It also
suggests establishing public-private partnerships and the development of
international cooperation in this field. The major recommendation was
considering that the fight against cybercrime was not limited to the
implementation of technical resources, as well as research work and
education as to such risks.
g. Asia-Pacific Economic Cooperation (APEC)
In 2002, APEC leaders published the Statement on Fighting Terrorism and
Promoting Growth with a view to adopting global legislations on
cybercrime and capacity building as to the investigation on cybercrime.
They are committed to do the following:
• strive to adopt a complete set of laws on cyber-security and
cybercrime, in conformity with the provisions of international
legislative instruments, particularly Resolution 55/63 (2000) of the
General Assembly of the United Nations and the Convention of
the Council of Europe on Cybercrime (2001);
• identify national units of the fight against cybercrime and the
international contact points likely to offer assistance in the area of
high technology, and to establish these resources, insofar as they do
not already exist, before October 2003;
• set up bodies which assess the threat and vulnerability, and exchange
their information (response teams in the event of computing
emergency) before October 2003. APEC leaders supported closer
co-operation of the agents involved in the fight against cybercrime.
65
CybercriminaliteEngl
1/03/12
14:39
Page 66
In 2005, APEC organized a conference on the legislation on cybercrime,
whose main objectives were to promote the development of full legal
frameworks to combat cybercrime, help law enforcement bodies to face
the problems arising from state-of-the-art technologies and technological
advances and promote co-operation between the services of investigation
on cyber-offenses in the entire area.
APEC Telecommunications and Information Working Group played an
active role aimed at upgrading cyber-security. The working group expressed
its position as to legislation on cybercrime, with reference to international
approaches of the United Nations and the Council of Europe. The
statement published by APEC-TEL Ministers meeting held in 2008 in
Bangkok, Thailand, stresses the importance of sustaining collaboration
against cybercrime.
h. Commonwealth of Independent States
66
The Commonwealth of Nations (name given since 1947), was created in
1835 at the beginning in the United Kingdom, from the association of
former colonies. At the end of November 2009, the Commonwealth
counts fifty four Member States, three of which were never under the
British crown (Mozambique, Namibia and Rwanda) and another only by
mandate in the United Kingdom and UN on a small portion of its territory
(Cameroon). The originality of the Commonwealth lies in its organization:
Member States are united by their shared interests, but are autonomous.
They are bound by no treaty and can remain neutral when any of them is
involved in a conflict.
Aware of the increase in cybercrime, Commonwealth Ministers of Justice
decided to mandate a group of experts to develop a legal framework for
the fight against this plague based on the Council of Europe Convention
on cybercrime. This will of harmonizing legislations within the
Commonwealth of independent States is explained inter alia by the fact
that in the absence of such approach, it would have been necessary to
conclude at least 1.272 bilateral treaties to govern international cooperation
in this regard. The group of experts presented its report and
recommendations in March 2002. The Draft Model Law on Computer and
Computer Related Crime was presented the same year. The standard law
is in conformity with the standards defined by the Convention on
cybercrime, because it contains specific instructions and hinges on the
recognition of the Convention as an international standard by the group
of experts.
CybercriminaliteEngl
1/03/12
14:39
Page 67
i. Arab League and Gulf Cooperation Council (GCC)
At present, GCC gathers six states of the Gulf: United Arab Emirates,
Bahrain, Saudi Arabia, Oman, Qatar and Kuwait.
Several States of the Arab area have already taken national measures and
adopted a plan for the fight against cybercrime, or currently strive to
develop legislation on such matter. It is particularly the case of Jordan,
United Arab Emirates, Tunisia, Egypt and Morocco. At a conference in
2007, the Gulf Cooperation Council recommended to its Member States
the adoption of a joint approach taking account of international standards.
The 27th Session of the Council of Arab Ministers of Interior took place
on March 16th and 17th 2010 in Tunis, in the presence of the Ministers of
Interior of Arab States, high level security delegations and representatives
of the United Nations, Arab League, Gulf Cooperation Council, Arab
Maghreb Union, Arab Labor Organization, Nayef University of Security
Science and Arab Police Sports Union. The issues tackled included the
fight against illicit use of narcotics and psychotropic substances, terrorism,
corruption, money laundering, cybercrime and the fight against
transnational organized crime, as well as a second draft of step-by-step
plan for the implementation of the Arab strategy of civil protection and
civil defense.
j. Organization of American States (OAS)
Since 1999, OAS has actively strived to solve the question of cybercrime
in the area. The Organization held several meetings within the framework
of the mandate of Ministers of Justice or Other Ministers or Attorneys
General of the Americas (REMJA).
In 2000, the Ministers of Justice or Ministers or public prosecutors of
Americas addressed the issue of cybercrime and adopted several
recommendations. Reiterated at the meeting of 2003, these
recommendations require Member States to support the development of
the inter-American strategy for the fight against the threats which weigh on
cyber-security, assess the opportunity of implementing the principles
contained in the Convention of the Council of Europe on cybercrime
(2001) and consider the possibility of joining such convention.
At their fourth meeting, the Ministers of Justice or Other Ministers or
Public Prosecutors of Americas recommended to the States, within the
framework of the activities of OAS working group, as a follow-up to
REMJA recommendations, mandating again the governmental group of
expert on cybercrime to ensure the follow-up of the implementation of
the recommendations developed by this group and adopted by REMJA-III.
67
CybercriminaliteEngl
1/03/12
14:39
Page 68
The Ministers of Justice or Other Ministers or Public Prosecutors of
Americas held meetings in April 2006 and April 2008. The
recommendations were to continue strengthening co-operation with the
Council of Europe so that OAS Member States can consider applying the
principles of the Convention of the Council of Europe on cybercrime, to
join this Convention and adopt the legal and other measures necessary to
its implementation. In the same way, it was agreed to continue the efforts
aiming at reinforcing the mechanisms of information exchange and cooperation with other organizations and international institutions in the area
of cybercrime, particularly the United Nations, the European Union, AsiaPacific Economic Cooperation Forum, OECD, G8, Commonwealth and
Interpol, so that OAS Member States can benefit from the advances
achieved in these forums.
k. United Nations Educational, Scientific and Cultural
Organization (UNESCO)
Information and Communication Technologies (ICT) constitute an
increasingly important tool of learning and teaching. UNESCO recognizes
that ICT can contribute to a multitude of questions related to education:
universal access, equity, practice of quality learning and a teaching,
professional development of educators and the implementation of more
effective management, governorship and administration of education.
68
As a leading institution of distance learning, UNESCO [10] was committed
to helping its Member States to exploit the potential of ICT to achieve the
goal of quality education for all. The Web site on ICT in education was
created in order to provide countries with resources and advice, for them
to develop policies, strategies and activities relating to ICT in education.
The new Web site on ICT in education gathers and identifies resources
and toolboxes on policies, teacher training, access to life-long learning
opportunities, distance learning, free educational resources and the use of
ICT for educational administration and management, all developed by
UNESCO and its partners. The Web site also provides an inventory of
projects in progress on ICT in education as well as a number of contacts
which can provide further information.
The world network of UNESCO offices, institutes and partners provides
resources to Member States for them to develop their policies, strategies
and activities relating to ICT in education. Particularly, the Institute of
Information Technologies in Education (IITE), established in Moscow, is
specialized in information exchange, research and training relating to the
integration of ICT in education, whereas UNESCO Office in Bangkok is
strongly involved in the use of ICT in education in Asia and the Pacific.
CybercriminaliteEngl
1/03/12
14:39
Page 69
l. Islamic Educational, Scientific and Cultural Organization
(ISESCO)
Within the framework of the implementation of its “Strategy for the
Development of Communication and Information Technologies in the
Islamic World”, adopted by the 5th Islamic conference of the Ministers of
Culture, [12] ISESCO has implemented several programs to activate four
spheres of activities of the aforesaid strategy, namely capacity building of
the human resources operating in the field of ICT in Member States,
reinforcement of the role of these technologies in national development,
production of better digital contents reflecting the cultural diversity of
Member States and the promotion of the ethical and cultural aspects of
ICT.
Within the framework of sensitizing Member States to the need for
developing educational information through the traditional and electronic
communication tools, ISESCO took part in the organization of the “First
International Forum on Media and Information Literacy”, held at the
School of Humanities at University Sidi Mohammed Ben Abdallah, Fès, on
15-17 June 2011, with the participation of the Research team on popular
communication tools, affiliated to this University and with the co-operation
of UNESCO, Arab Bureau of Education for Gulf States and the
delegation of the Alliance of Civilizations. The works of this forum
focused on the adequate legal, organizational and pedagogical means to
integrate specific courses on the techniques of information and
communication in pre-university curricula. Parallel to these activities,
ISESCO and UNESCO held an advisory meeting of experts to study the
methodology project for the benefit of teacher-trainees as to the use of
ICT for educational purposes.
Within the framework of its Three-year Action Plan (2010-2012) [12] and
its Medium-term Plan (2010-2018), [13] in co-operation with ''
Munaddamat Al-Da'wa Al Islamiya '', ISESCO held in Niamey, in January
2010, a regional conference on “the promotion of co-operation among
African States to establish a society of information and communication”.
This conference underlined the need for establishing, under the supervision
of ISESCO, an institutional mechanism targeted at sharing expertise
among African States as regards studies, national strategies and plans for
financing ICT projects.
In February 2010, ISESCO took part in an international symposium in
Tunis on “Youth in cyberspace: legal protection and ethical limits”. The
participants examined the legal and cultural problems relating to the use of
the Internet in general and cybercrime in particular. The latter suffers a
deficit at the level of the legislations governing it. Following this meeting,
69
CybercriminaliteEngl
1/03/12
14:39
Page 70
“Tunis Call for action 2010 for the protection of youngsters in cyberspace”
was launched, hinging on several principles:
• Intensification of campaigns through which the civil society and all
stakeholders target sensitizing youngsters ;
• Establishing mechanisms of technology watch likely to ensure the
follow-up of all forms of ethical transgressions;
• The fight against cybercrime, cyber-terrorism, radical movements
via the Internet and all forms of moral and sexual abuse affecting
youngsters of the world;
• Prosecuting whoever commits any abuse against young people of
the world through the Internet, whatever the form of such abuse.
70
In September 2011, in Marrakech, in co-operation with the ministries of
Justice and Youth and sports of Morocco, ISESCO held a national
conference on “The protection of young Moroccans against cybercrime”.
The conference examined the major criminal and legal risks to which
youngsters can be exposed during the daily and illegal use of the Internet.
The recommendations of this meeting particularly insisted on the
importance of the introduction of a world operational system in the area
of cybercrime in order to attenuate such risks, within a framework of
international cooperation. This conference also recommended the
implementation of lawful measures sanctioning the various acts contained
in international convention on electronic communication (Budapest
Convention 2001).
In October 2011, in Amman, upon the invitation of the School of Law at
the University of Jordan and the Observatory for Cyberspace Security,
ISESCO took part in the Second Regional Arab Congress on the security
and protection of cybernetic space. This meeting particularly examined the
issues below:
• challenges of cyber-security and protection of cyberspace;
• economic and social repercussions;
• electronic governance and the need for the protection of
information and systems;
• the roles of global and sectoral public policies, private sector,
international and regional organizations as well as civil society in
raising awareness to the importance of security and protection of
cyberspace;
• the risks to which children and teenagers are exposed on the Internet;
• the adoption of an Arab platform reporting the ethical criteria on
the use of the Internet.
CybercriminaliteEngl
1/03/12
14:39
Page 71
This conference was attended by experts and research professors in the
field of computing, representatives of national and regional organizations,
representatives of private companies specialized in NICT in the Arab
world. ISESCO representatives presented a contribution relative to their
efforts as to the implementation of the strategy for the development of
ICT in the Muslim world.
In November 2011, in Nouakchott, ISESCO, in co-operation with
UNESCO Rabat-Office, held a meeting of experts on “Ethical and cultural
dimensions of the information society between the freedom of expression
and the respect of human rights”. The participants stressed the importance
of the ethical and cultural dimension and the need for respecting the legal
limits of freedom of expression in close relationship with human rights
and the ethics of the information profession, recognized in international
charters and declarations.
In the last five to six years, some Arab countries obtained satisfactory
results in the area of ICT. Most Arab States show an increasingly significant
interest in the various initiatives of technology and increase the creation of
opportunities for research and development, benefiting their social and
economic environment by creating new employment opportunities.
A regional initiative relates to the creation of a “Computer Emergency
Response Team” at the level of OIC for its 57 Member States (OIC-CERT:
Computer Emergency Response Team: institution affiliated to OIC), to
face the risks against the computer security.
Countries such as Tunisia, Saudi Arabia and Oman have already
implemented national CERTs. Qatar, Egypt and Morocco planned the
establishment of CERTs as a priority in their agenda. For other countries,
the creation of a legislative structure of regulation in the area is a
prerequisite for the creation of CERTs. The countries which established
national CERTs decided to coordinate with regional CERTs with a view to
sharing points of view and good practices.
At the regional Workshop on “Policy Advocacy and Capacity Building in
Child Online Protection for the Arab region” in Muscat, Oman, 30-31
October 2011, recommendations were made and approved by ITU.
71
CybercriminaliteEngl
1/03/12
14:39
Page 72
CybercriminaliteEngl
1/03/12
14:39
Page 73
RECOMMENDATIONS
Individual:
• Interest that parents could assign to the games of their children and
encourage the latter to take up activities other than the Internet,
particularly sports;
• Moderation of dialog more systematically by people accustomed to being
in contact with youngsters;
• Non replacement of listening to a close relative, a friend, a parent or a
professional by the Internet;
Institutional:
• Installation of software filtering or blocking of illegal contents by
Internet access providers;
• Making available to minors, by the managers of cybercafés, reserved
stations equipped with filters;
• Implementation of awareness campaigns for users, including parents and
teachers;
• Integration in constitutions the prevention, identification, prosecution
and repression of the persons charged with acts related to child
trafficking, child prostitution, pornography and pedophile tourism;
• Development and implementation of a special criminal law in order to
protect children against all cybercrimes;
• Involvement of telecommunication operators in an efficient and effective
way in the fight against cybercrime, by providing technical and financial
resources to ensure the secure use of their products;
• Development and implementation of codes of ethics by ICT companies
73
CybercriminaliteEngl
1/03/12
14:39
Page 74
within their internal structure and in the operations of their companies,
based on the recognition of the rights of children;
• Fight against illegal contents by establishing hot lines allowing the public
to notify illegal contents and transmit the relevant information to the
organization that can take action.
74
CybercriminaliteEngl
1/03/12
14:39
Page 75
BIBLIOGRAPHY
[1] «Convention sur la Cybercriminalité», Conseil de l'Europe, Budapest,
23 novembre 2001.
[2] «Cybercriminalité: enjeux, sources de données et faisabilité de recueillir
des données auprès de la police», Centre canadien de la statistique
juridique, No 85-558-XIF au catalogue, 2002.
[3] «La Convention Internationale du Conseil de L'Europe sur la
Cybercriminalité avant son Entrée en Vigueur», Développements
Juridiques, e.Bulletin du droit d'auteur janvier - mars 2003.
[4] «L'internet et les drogues: risques et enjeux de la cybercriminalité à
l'éducation préventive», Lutte contre le dopage, Vers un instrument
juridique international, Mise en réseau de l'information dans le domaine
de l'éducation préventive contre l'abus de drogues, Revue Peddro n°7,
éditée conjointement par l'UNESCO et la Commission Européenne Juin 2003.
[5] «Déclaration de principes Construire la société de l'information: un
défi mondial pour le nouveau millénaire», Sommet Mondial sur la
société de l'information, Genève 2003-Tunis 2005, Document WSIS03/GENEVA/DOC/4-F, 12 mai 2004.
[6] «Agenda de Tunis pour la Société de l'information», Sommet Mondial sur
la société de l'information, Genève 2003-Tunis 2005, Document WSIS05/TUNIS/DOC/6-F, 18 novembre 2005.
[7] «Protection de l'Enfant et usages de l'Internet», Ministère des Solidarités,
de la Santé et de la Famille, Délégation interministérielle à la famille,
Conférence de la famille, France, 2005.
[8] «Comprendre La Cybercriminalité: Guide pour les Pays en
Développement», Division applications TIC et cyber-sécurité,
Département des politiques et stratégies, Secteur du développement des
télécommunications de l'UIT Projet de document - avril 2009.
75
CybercriminaliteEngl
1/03/12
14:39
Page 76
[9] «La cybercriminalité au centre d'une réunion de l'ONU sur la prévention
du crime», Centre d'Actualités de l'ONU, dépêches du service
d'information des Nations Unies, avril 2011.
[10] «L'UNESCO lance un nouveau site Web sur les TIC dans l'éducation»,
Le magazine en ligne des TICs en Afrique et dans le monde, 3 juin
2011 (http://pcafrique.wordpress.com).
[11] “La Stratégie de développement des TIC dans le monde islamique”,
adoptée par la 5ème Conférence islamique des Ministres de la Culture,
Tripoli, 2007.
[12] “Plan d'Action triennal (2010-2012)”, Rapport ISESCO, 2010.
[13] “Plan à Moyen Terme (2010-2018), Rapport ISESCO, 2010.
76
Download